Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/D2B9678E405011EB9025E52FC4F9AE02.roa
File: D2B9678E405011EB9025E52FC4F9AE02.roa (raw, json)
Hash identifier: Zkba12Jc0Jsq3BKQvg2lTfjsf0iOkgx52SBLQnnP6jA=
Subject key identifier: 03:1C:48:6C:1A:92:7A:FD:98:AA:AA:C1:FF:8F:57:60:E7:42:A5:AF
Certificate issuer: /CN=A91F6BFA/serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188
Certificate serial: 044C
Authority key identifier: AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/D2B9678E405011EB9025E52FC4F9AE02.roa
Signing time: Tue 20 Apr 2021 21:35:15 +0000
ROA not before: Tue 20 Apr 2021 21:35:15 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 139088
IP address blocks: 103.149.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1100 (0x44c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6BFA/serialNumber=AA62C79FE18439412C5B02CF4BEB54AB2EBBE188
Validity
Not Before: Apr 20 21:35:15 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=607f4913-0037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:1a:50:87:fe:35:57:b3:1f:54:4a:a8:30:5c:
e4:01:8c:26:ca:d2:00:7f:03:ce:40:f0:1f:1d:71:
94:61:73:7b:dd:0d:8b:3f:f8:a3:8c:ae:d0:d8:c9:
ca:73:29:ae:d7:83:a3:c8:21:86:dc:b1:ae:bd:f4:
c7:3b:7c:4a:47:f9:4d:45:37:f0:b5:0f:da:56:eb:
cc:78:3c:e2:95:f2:6a:6f:01:6a:10:4d:52:14:88:
c7:ee:45:80:13:24:d7:15:dd:56:39:d3:e5:72:84:
7d:a6:52:a7:b9:06:9c:6b:94:a3:9f:35:5d:1b:19:
41:32:e8:9a:d2:0d:53:9e:e4:ba:ad:04:23:b2:16:
d0:da:2b:cc:a5:b6:d7:92:55:ae:2e:07:ea:df:c7:
f0:6a:c7:a8:7a:22:47:87:16:5f:f6:d5:74:39:7f:
c8:27:da:5a:49:fe:4d:b2:ba:40:5e:79:50:03:d7:
93:86:49:08:33:63:4d:ad:24:ef:bf:8a:e6:c6:d7:
26:53:88:a9:cd:cf:31:d4:2d:f8:cf:d0:c8:78:78:
9b:8a:3e:06:64:a8:e6:c2:86:56:dc:c4:3b:70:b4:
13:bd:dd:c5:f3:38:7c:09:c3:b3:26:92:d3:c0:8b:
f9:77:0b:5a:a2:bc:dc:50:c6:7c:30:bf:85:51:e1:
4d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1C:48:6C:1A:92:7A:FD:98:AA:AA:C1:FF:8F:57:60:E7:42:A5:AF
X509v3 Authority Key Identifier:
keyid:AA:62:C7:9F:E1:84:39:41:2C:5B:02:CF:4B:EB:54:AB:2E:BB:E1:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/qmLHn-GEOUEsWwLPS-tUqy674Yg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmLHn-GEOUEsWwLPS-tUqy674Yg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6BFA/40D4B7EC660311EA99AD4F46C4F9AE02/D2B9678E405011EB9025E52FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.32.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:66:67:74:1d:f7:8a:51:c0:07:14:c3:d0:9f:3d:83:55:5d:
ff:1e:39:d0:4f:3c:96:fd:42:22:af:ef:1b:72:17:d0:e9:8f:
5a:d8:0e:de:c9:36:14:e3:2b:e9:d9:8f:5f:49:5f:b5:11:93:
6f:b4:e5:c4:2d:43:87:08:77:df:6f:c7:16:f3:b9:db:4d:e8:
e5:e7:b5:fa:3b:fd:5f:03:b6:38:6d:5a:c3:c3:ea:c1:91:d8:
7f:85:9e:fc:05:e4:5c:6c:ed:41:5c:2f:0b:ef:fe:c3:a4:3c:
a8:26:81:19:88:35:01:72:66:7d:50:b2:75:bd:a6:6b:74:e2:
8b:62:a4:b1:d9:fa:3a:92:80:78:20:df:93:a6:3a:79:d3:b5:
88:fe:5a:94:ba:a9:fb:01:a5:52:2d:bd:45:4e:0c:fe:24:70:
00:11:85:87:cf:c5:e5:f3:61:55:07:34:69:cc:68:4d:44:0f:
f8:7c:79:d7:66:80:18:a2:8f:f5:87:6b:4c:5f:46:d8:4f:d6:
d0:23:36:4b:fd:50:4c:1c:90:94:ab:d3:18:c9:6c:29:a5:b9:
4e:e1:aa:de:d9:6b:a0:6c:af:65:ba:f3:ca:4b:99:0c:5d:99:
85:9a:24:52:a4:67:49:71:ef:b8:bf:68:69:69:57:b8:49:c8:
c0:37:9a:f5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjZCRkExMTAvBgNVBAUTKEFBNjJDNzlGRTE4NDM5NDEyQzVCMDJDRjRCRUI1NEFC
MkVCQkUxODgwHhcNMjEwNDIwMjEzNTE1WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDdmNDkxMy0wMDM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/BpQh/41V7MfVEqoMFzkAYwmytIAfwPOQPAfHXGUYXN73Q2LP/ijjK7Q2MnK
cymu14OjyCGG3LGuvfTHO3xKR/lNRTfwtQ/aVuvMeDzilfJqbwFqEE1SFIjH7kWA
EyTXFd1WOdPlcoR9plKnuQaca5SjnzVdGxlBMuia0g1TnuS6rQQjshbQ2ivMpbbX
klWuLgfq38fwaseoeiJHhxZf9tV0OX/IJ9paSf5NsrpAXnlQA9eThkkIM2NNrSTv
v4rmxtcmU4ipzc8x1C34z9DIeHibij4GZKjmwoZW3MQ7cLQTvd3F8zh8CcOzJpLT
wIv5dwtaorzcUMZ8ML+FUeFN+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFAMcSGwa
knr9mKqqwf+PV2DnQqWvMB8GA1UdIwQYMBaAFKpix5/hhDlBLFsCz0vrVKsuu+GI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkJGQS80MEQ0QjdFQzY2
MDMxMUVBOTlBRDRGNDZDNEY5QUUwMi9xbUxIbi1HRU9VRXNXd0xQUy10VXF5Njc0
WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FtTEhuLUdFT1VFc1d3TFBTLXRVcXk2NzRZZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjZCRkEvNDBENEI3RUM2NjAzMTFFQTk5QUQ0RjQ2QzRGOUFFMDIvRDJCOTY3OEU0
MDUwMTFFQjkwMjVFNTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlSAwDQYJKoZIhvcNAQELBQADggEBABpmZ3Qd94pRwAcU
w9CfPYNVXf8eOdBPPJb9QiKv7xtyF9Dpj1rYDt7JNhTjK+nZj19JX7URk2+05cQt
Q4cId99vxxbzudtN6OXntfo7/V8DtjhtWsPD6sGR2H+FnvwF5Fxs7UFcLwvv/sOk
PKgmgRmINQFyZn1QsnW9pmt04otipLHZ+jqSgHgg35OmOnnTtYj+WpS6qfsBpVIt
vUVODP4kcAARhYfPxeXzYVUHNGnMaE1ED/h8eddmgBiij/WHa0xfRthP1tAjNkv9
UEwckJSr0xjJbCmluU7hqt7Za6Bsr2W688pLmQxdmYWaJFKkZ0lx77i/aGlpV7hJ
yMA3mvU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-fra.rpki-client.org