Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/289D05F2314511EDBBE60349C4F9AE02.roa
File: 289D05F2314511EDBBE60349C4F9AE02.roa (raw, json)
Hash identifier: bCA51MFH+umsSL4sFoeIGnVsgBlBvtZZQLRGVrcNlwk=
Subject key identifier: 41:D3:F9:E5:52:0C:17:0B:7A:CB:50:F2:5B:CE:F4:98:F4:B1:57:25
Certificate issuer: /CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Certificate serial: 1385
Authority key identifier: 12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/289D05F2314511EDBBE60349C4F9AE02.roa
Signing time: Thu 30 Mar 2023 22:04:45 +0000
ROA not before: Thu 30 Mar 2023 22:04:45 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 397702
IP address blocks: 103.114.190.0/24 maxlen: 24
103.114.191.0/24 maxlen: 24
2402:d240:1776::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4997 (0x1385)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Validity
Not Before: Mar 30 22:04:45 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6426077d-44e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9b:bc:aa:af:bb:ee:a3:c8:7b:f3:f1:7d:34:
30:17:da:85:dc:05:bc:93:cd:d6:46:84:2d:9c:b0:
b5:4c:ab:14:e8:29:5a:1b:92:19:27:25:38:a2:9d:
e7:9a:d4:18:93:2e:6f:66:d7:be:8e:38:2c:f2:18:
53:0b:13:3c:57:47:fe:e7:2d:b4:f9:b8:12:cd:f2:
ef:67:7f:7f:af:e4:fc:05:e7:a5:c9:19:32:bc:ec:
2b:b7:ab:fc:9e:94:12:9a:24:76:e8:18:40:7d:9d:
83:8d:79:cf:dc:ac:c1:e8:00:74:5f:f4:f0:c0:92:
cc:b2:ff:2f:40:a3:32:5a:3f:41:c7:00:e0:7b:fe:
85:03:5b:df:7e:66:08:e8:04:d2:20:ff:f7:d3:9c:
48:da:6d:5f:7e:04:0e:2c:16:ad:b0:3e:91:d9:89:
bc:40:3a:39:45:80:65:53:6c:40:44:19:af:cf:fb:
ea:a1:6b:14:90:26:a1:e4:c4:53:47:56:68:0f:e6:
b9:dc:59:6a:a9:8e:ab:6f:b9:0e:fb:1a:af:02:a7:
2d:52:a0:0d:df:31:08:ca:16:42:14:34:3b:ff:a2:
b3:e1:c0:f9:3e:56:ea:a2:48:05:aa:32:25:c0:52:
04:ea:3a:a8:e5:e9:0b:2e:b9:0b:7d:43:b7:41:57:
c4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D3:F9:E5:52:0C:17:0B:7A:CB:50:F2:5B:CE:F4:98:F4:B1:57:25
X509v3 Authority Key Identifier:
keyid:12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/EuqCrgqUMQmx9PNJhOnDbUxtVx8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/289D05F2314511EDBBE60349C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.190.0/23
IPv6:
2402:d240:1776::/48
Signature Algorithm: sha256WithRSAEncryption
67:32:a8:15:c9:dd:b4:7a:7f:ed:32:00:3a:99:78:b2:bf:90:
22:d2:98:e6:31:46:3b:c1:7e:33:65:df:5a:29:4e:95:f0:1d:
e5:f8:bc:67:c2:df:19:1f:42:e6:e4:f7:97:0b:5f:d3:38:57:
3b:46:fb:c4:e2:5e:f7:95:a8:85:83:cd:33:f3:90:cf:a7:ca:
6f:68:67:18:70:68:76:f7:cf:f1:30:5c:2f:b2:7c:7d:1d:10:
f2:61:79:cc:3c:74:1a:c4:a5:d6:04:82:70:7b:32:f8:e2:74:
cc:4a:a6:84:b9:02:37:95:bf:f8:93:88:ee:36:fe:02:17:c4:
86:57:ff:d5:03:e2:7d:fb:6d:da:a0:3c:f4:c7:4f:76:e7:e9:
e6:18:0f:73:7f:5b:46:3b:9e:da:be:27:14:ce:4e:b3:23:f6:
ea:0a:82:c2:38:8b:79:05:27:42:78:04:99:84:29:8c:07:e2:
b0:6f:13:27:e0:c6:21:49:29:2b:76:f2:f3:b2:cd:18:f7:b6:
a4:83:05:20:ac:ed:a7:57:91:28:b2:6e:20:ca:de:96:ac:f1:
f6:67:ae:ac:d5:e7:ff:ec:6f:62:86:e9:66:60:be:72:e1:1e:
35:65:1e:94:7a:b2:72:fa:ac:99:d7:18:5f:40:a0:66:f6:dd:
a9:10:b1:c1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICE4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjU5RkMxMTAvBgNVBAUTKDEyRUE4MkFFMEE5NDMxMDlCMUY0RjM0OTg0RTlDMzZE
NEM2RDU3MUYwHhcNMjMwMzMwMjIwNDQ1WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI2MDc3ZC00NGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqZu8qq+77qPIe/PxfTQwF9qF3AW8k83WRoQtnLC1TKsU6ClaG5IZJyU4op3n
mtQYky5vZte+jjgs8hhTCxM8V0f+5y20+bgSzfLvZ39/r+T8BeelyRkyvOwrt6v8
npQSmiR26BhAfZ2DjXnP3KzB6AB0X/TwwJLMsv8vQKMyWj9BxwDge/6FA1vffmYI
6ATSIP/305xI2m1ffgQOLBatsD6R2Ym8QDo5RYBlU2xARBmvz/vqoWsUkCah5MRT
R1ZoD+a53FlqqY6rb7kO+xqvAqctUqAN3zEIyhZCFDQ7/6Kz4cD5PlbqokgFqjIl
wFIE6jqo5ekLLrkLfUO3QVfEcwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEHT+eVS
DBcLestQ8lvO9Jj0sVclMB8GA1UdIwQYMBaAFBLqgq4KlDEJsfTzSYTpw21MbVcf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTlGQy84MTA0NUUzQTU2
NjAxMUU4QkYzRkQ1MjdDNEY5QUUwMi9FdXFDcmdxVU1RbXg5UE5KaE9uRGJVeHRW
eDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0V1cUNyZ3FVTVFteDlQTkpoT25EYlV4dFZ4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjU5RkMvODEwNDVFM0E1NjYwMTFFOEJGM0ZENTI3QzRGOUFFMDIvMjg5RDA1RjIz
MTQ1MTFFREJCRTYwMzQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFncr4wDwQCAAIwCQMHACQC0kAXdjANBgkqhkiG9w0BAQsF
AAOCAQEAZzKoFcndtHp/7TIAOpl4sr+QItKY5jFGO8F+M2XfWilOlfAd5fi8Z8Lf
GR9C5uT3lwtf0zhXO0b7xOJe95WohYPNM/OQz6fKb2hnGHBodvfP8TBcL7J8fR0Q
8mF5zDx0GsSl1gSCcHsy+OJ0zEqmhLkCN5W/+JOI7jb+AhfEhlf/1QPifftt2qA8
9MdPdufp5hgPc39bRjue2r4nFM5OsyP26gqCwjiLeQUnQngEmYQpjAfisG8TJ+DG
IUkpK3by87LNGPe2pIMFIKztp1eRKLJuIMrelqzx9meurNXn/+xvYobpZmC+cuEe
NWUelHqycvqsmdcYX0CgZvbdqRCxwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org