Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/98648F74565111ECBAB44217C4F9AE02.roa
File: 98648F74565111ECBAB44217C4F9AE02.roa (raw, json)
Hash identifier: d1IP3EhBcpmZ1Lbd+5Qt7m7w62WHvW2VzFfPMNoIl58=
Subject key identifier: 3C:92:F0:A4:EE:F9:0A:4C:D8:D6:00:B0:04:72:9C:C6:73:0E:17:80
Certificate issuer: /CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Certificate serial: 09
Authority key identifier: E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/98648F74565111ECBAB44217C4F9AE02.roa
Signing time: Mon 06 Dec 2021 09:02:51 +0000
ROA not before: Mon 06 Dec 2021 09:02:51 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 63969
IP address blocks: 103.172.138.0/24 maxlen: 24
103.172.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Validity
Not Before: Dec 6 09:02:51 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61add1bb-e3e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:74:3f:50:52:1c:de:23:e6:cb:94:fc:b5:77:
23:17:23:47:1d:26:f4:19:12:5c:43:d7:6f:09:f2:
91:a8:98:66:48:53:5d:36:4f:93:97:ee:7f:cf:96:
5d:00:d4:09:7c:41:30:f1:92:74:4e:a5:91:d4:62:
3f:30:f5:9b:83:b6:15:e4:36:6d:c2:2e:76:be:23:
5e:fe:e5:3c:86:01:2a:6d:bc:7b:53:ea:ac:57:df:
89:ba:4e:ee:2a:e1:01:51:16:07:72:3c:0b:54:bf:
65:39:9d:74:46:94:95:da:a9:df:d7:a5:c2:50:95:
0e:e0:27:3d:61:79:1e:da:8d:0f:91:bd:65:90:3f:
48:17:9f:58:92:b5:c0:19:8a:bf:bc:ab:68:62:a0:
74:cc:06:ec:1e:06:0c:db:6d:1b:36:ac:5c:72:83:
79:ce:29:c2:e0:38:ba:8b:5f:51:50:4e:4c:fb:b9:
cd:97:af:d0:d0:b1:52:24:d0:8b:7a:2f:e9:5a:ad:
37:e2:f2:30:8b:63:85:fc:2c:33:a0:ec:b4:4c:15:
e0:b4:c0:ad:cb:60:ee:be:47:9f:73:00:d0:f2:46:
f2:d5:08:55:35:f3:b5:4d:a2:87:ea:8e:30:bc:a7:
fb:07:f2:9c:60:e9:52:f0:6a:82:8e:ad:e2:b9:c6:
91:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:92:F0:A4:EE:F9:0A:4C:D8:D6:00:B0:04:72:9C:C6:73:0E:17:80
X509v3 Authority Key Identifier:
keyid:E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/5Acguik7ryW8Chd4xlzw0uDzUWA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/98648F74565111ECBAB44217C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.138.0/23
Signature Algorithm: sha256WithRSAEncryption
11:35:c1:be:c8:e1:94:0a:07:85:06:a0:6f:36:54:96:d8:dc:
d4:fd:b6:98:e9:a0:8e:ee:54:f2:10:b0:d8:03:77:a2:4c:22:
a3:dc:76:ee:85:e4:40:63:aa:6b:68:3a:5a:ff:f6:b2:e7:a2:
b4:79:1b:33:e5:61:2b:e3:ec:7e:3c:c2:08:08:8a:d3:64:a7:
fe:ea:5a:77:d1:02:e5:02:02:75:6c:4e:5b:35:d3:51:5e:3b:
0f:8a:ae:e8:05:fa:b2:50:75:1c:67:4a:02:05:5a:49:42:f8:
3c:09:63:84:f4:65:6e:a2:b6:ed:1e:19:6b:35:c6:7c:ea:a3:
23:e7:22:c9:62:b6:38:78:29:19:4d:f5:4e:75:7b:52:9c:2b:
20:45:08:61:a3:4e:0b:f4:98:b2:31:b7:c8:8c:ba:ca:c6:d6:
da:6f:17:ed:7c:66:cd:67:cc:f0:9d:6f:b0:45:8d:96:9b:81:
a7:94:0e:d9:33:6f:a1:80:eb:86:35:7a:0f:79:b1:5a:cb:7f:
50:9b:19:5e:cc:d7:28:be:ea:de:a0:d1:a0:69:5b:b3:78:02:
96:a9:8c:36:45:a4:ae:cb:88:02:72:ca:38:91:b0:d1:f0:31:
8b:12:72:43:0d:fc:58:e4:6a:ea:80:f6:7c:e3:2f:78:d2:e8:
49:b8:ce:dd
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RjM1QjExMC8GA1UEBRMoRTQwNzIwQkEyOTNCQUYyNUJDMEExNzc4QzY1Q0YwRDJF
MEYzNTE2MDAeFw0yMTEyMDYwOTAyNTFaFw0yMjEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYWRkMWJiLWUzZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwdD9QUhzeI+bLlPy1dyMXI0cdJvQZElxD128J8pGomGZIU102T5OX7n/Pll0A
1Al8QTDxknROpZHUYj8w9ZuDthXkNm3CLna+I17+5TyGASptvHtT6qxX34m6Tu4q
4QFRFgdyPAtUv2U5nXRGlJXaqd/XpcJQlQ7gJz1heR7ajQ+RvWWQP0gXn1iStcAZ
ir+8q2hioHTMBuweBgzbbRs2rFxyg3nOKcLgOLqLX1FQTkz7uc2Xr9DQsVIk0It6
L+larTfi8jCLY4X8LDOg7LRMFeC0wK3LYO6+R59zANDyRvLVCFU187VNoofqjjC8
p/sH8pxg6VLwaoKOreK5xpEfAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUPJLwpO75
CkzY1gCwBHKcxnMOF4AwHwYDVR0jBBgwFoAU5Acguik7ryW8Chd4xlzw0uDzUWAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVGMzVCL0UwMTAxNThBNTY0
RTExRUM4NTg4NTkxNEM0RjlBRTAyLzVBY2d1aWs3cnlXOENoZDR4bHp3MHVEelVX
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNUFjZ3VpazdyeVc4Q2hkNHhsencwdUR6VVdBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RjM1Qi9FMDEwMTU4QTU2NEUxMUVDODU4ODU5MTRDNEY5QUUwMi85ODY0OEY3NDU2
NTExMUVDQkFCNDQyMTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWesijANBgkqhkiG9w0BAQsFAAOCAQEAETXBvsjhlAoHhQag
bzZUltjc1P22mOmgju5U8hCw2AN3okwio9x27oXkQGOqa2g6Wv/2sueitHkbM+Vh
K+PsfjzCCAiK02Sn/upad9EC5QICdWxOWzXTUV47D4qu6AX6slB1HGdKAgVaSUL4
PAljhPRlbqK27R4ZazXGfOqjI+ciyWK2OHgpGU31TnV7UpwrIEUIYaNOC/SYsjG3
yIy6ysbW2m8X7XxmzWfM8J1vsEWNlpuBp5QO2TNvoYDrhjV6D3mxWst/UJsZXszX
KL7q3qDRoGlbs3gClqmMNkWkrsuIAnLKOJGw0fAxixJyQw38WORq6oD2fOMveNLo
SbjO3Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org