Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/EA4BF27434DF11ED97DB4938C4F9AE02.roa
File: EA4BF27434DF11ED97DB4938C4F9AE02.roa (raw, json)
Hash identifier: o5cWwnvoLA0P4sdYdkx+JBUbI8Jc7+lhetS3bk1nodA=
Subject key identifier: 43:53:FF:6B:B1:7C:1A:92:A5:CB:25:FE:34:BB:75:CA:34:60:B5:6B
Certificate issuer: /CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093
Certificate serial: 0852
Authority key identifier: BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/EA4BF27434DF11ED97DB4938C4F9AE02.roa
Signing time: Thu 15 Sep 2022 10:19:43 +0000
ROA not before: Thu 15 Sep 2022 10:19:43 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 59362
IP address blocks: 103.92.216.0/23 maxlen: 24
103.92.218.0/23 maxlen: 24
123.253.96.0/24 maxlen: 24
123.253.97.0/24 maxlen: 24
123.253.98.0/24 maxlen: 24
123.253.99.0/24 maxlen: 24
2401:21c0::/32 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2130 (0x852)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093
Validity
Not Before: Sep 15 10:19:43 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6322fc3f-70f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:df:a1:d2:48:0f:56:d6:aa:a9:89:46:eb:24:
70:5d:5f:86:03:11:5e:da:b0:f7:92:8d:74:0a:42:
ff:f9:49:e4:0f:e2:fc:30:f4:e2:83:da:d0:55:3d:
1f:01:46:c8:0e:25:9d:f0:7f:ec:1a:06:c5:fc:41:
f9:43:01:69:1c:83:83:3a:3c:63:07:84:28:0c:b9:
4c:fb:64:2f:c8:37:6c:f2:6f:ed:89:15:6c:1f:dd:
8c:7a:d7:89:a9:8f:72:c2:a9:17:2a:39:25:15:ad:
12:02:fe:fc:bc:3e:4b:f0:6f:9c:20:ce:7e:29:ab:
3a:9c:0a:0f:bf:8b:ea:f8:45:c8:2d:1a:bc:af:45:
ca:10:b0:21:69:b6:78:56:a0:db:a4:a5:80:cb:5d:
94:c4:c8:cf:cc:64:55:2e:29:ab:98:a5:78:6c:a0:
80:81:b8:70:0e:8a:80:30:c9:1c:f9:b8:59:07:a5:
43:4f:49:87:af:f6:e2:45:1c:96:f3:f2:81:a1:63:
15:3a:2c:1a:e9:fe:c8:9a:c2:b7:a6:24:3a:93:fb:
eb:53:a2:d1:6d:34:28:5a:f6:c6:03:f4:55:14:05:
e0:19:c2:de:0d:41:87:49:3c:5d:ff:b6:69:5a:e0:
7e:58:fe:23:6a:e4:b0:50:67:2b:ea:80:24:26:18:
19:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:53:FF:6B:B1:7C:1A:92:A5:CB:25:FE:34:BB:75:CA:34:60:B5:6B
X509v3 Authority Key Identifier:
keyid:BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/v1ItmSWlhGKA9gUwrTnXZuSr8JM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/EA4BF27434DF11ED97DB4938C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.92.216.0/22
123.253.96.0/22
IPv6:
2401:21c0::/32
Signature Algorithm: sha256WithRSAEncryption
74:68:75:04:ee:33:f1:c4:53:ad:b1:79:b8:b6:47:01:2e:cc:
15:85:37:19:eb:6e:8f:61:d1:f3:fe:a8:fa:89:b1:8c:3b:97:
84:8e:ff:3c:d8:3a:df:9b:47:4d:a2:f9:f2:48:99:c2:ef:e3:
bf:5a:02:8e:3c:77:3c:29:6a:e8:d9:6b:0d:ed:86:10:8b:dc:
cf:42:b0:5d:32:ca:78:60:41:49:32:25:7b:bc:41:be:92:cc:
74:d6:8b:8f:fb:fc:0c:2c:5a:46:23:55:f9:de:86:ea:fe:20:
d6:47:71:05:ad:3d:e5:d6:7e:c2:12:08:a9:d5:d8:39:05:ab:
bb:4b:e3:fb:21:1d:99:b7:1d:f2:52:1a:8b:6f:8e:17:81:c0:
f3:7c:c7:b0:a0:d2:7e:e4:43:bd:73:cd:05:18:03:b3:94:50:
31:6e:6a:56:f1:7d:1d:6d:22:1c:4e:05:55:16:1a:9e:c8:63:
b2:52:28:f3:52:92:36:24:23:49:14:16:13:d5:4b:05:37:8b:
26:b2:2b:e7:b9:64:15:19:ae:90:8d:10:5d:32:4c:35:95:5e:
08:81:f2:fd:a0:9a:9f:58:fc:61:5c:c5:50:3d:b8:8e:71:75:
a0:29:4c:ba:3d:2b:6d:c9:7d:f6:b6:fc:b2:87:51:11:18:dd:
4d:45:a6:5a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGNUQxMTAvBgNVBAUTKEJGNTIyRDk5MjVBNTg0NjI4MEY2MDUzMEFEMzlENzY2
RTRBQkYwOTMwHhcNMjIwOTE1MTAxOTQzWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIyZmMzZi03MGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv9+h0kgPVtaqqYlG6yRwXV+GAxFe2rD3ko10CkL/+UnkD+L8MPTig9rQVT0f
AUbIDiWd8H/sGgbF/EH5QwFpHIODOjxjB4QoDLlM+2QvyDds8m/tiRVsH92MeteJ
qY9ywqkXKjklFa0SAv78vD5L8G+cIM5+Kas6nAoPv4vq+EXILRq8r0XKELAhabZ4
VqDbpKWAy12UxMjPzGRVLimrmKV4bKCAgbhwDoqAMMkc+bhZB6VDT0mHr/biRRyW
8/KBoWMVOiwa6f7ImsK3piQ6k/vrU6LRbTQoWvbGA/RVFAXgGcLeDUGHSTxd/7Zp
WuB+WP4jauSwUGcr6oAkJhgZJQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFENT/2ux
fBqSpcsl/jS7dco0YLVrMB8GA1UdIwQYMBaAFL9SLZklpYRigPYFMK0512bkq/CT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y1RC83NUY4NzVGMjY2
OTAxMUVBOTY4M0ZCMkZDNEY5QUUwMi92MUl0bVNXbGhHS0E5Z1V3clRuWFp1U3I4
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YxSXRtU1dsaEdLQTlnVXdyVG5YWnVTcjhKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGNUQvNzVGODc1RjI2NjkwMTFFQTk2ODNGQjJGQzRGOUFFMDIvRUE0QkYyNzQz
NERGMTFFRDk3REI0OTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnXNgDBAJ7/WAwDQQCAAIwBwMFACQBIcAwDQYJKoZIhvcN
AQELBQADggEBAHRodQTuM/HEU62xebi2RwEuzBWFNxnrbo9h0fP+qPqJsYw7l4SO
/zzYOt+bR02i+fJImcLv479aAo48dzwpaujZaw3thhCL3M9CsF0yynhgQUkyJXu8
Qb6SzHTWi4/7/AwsWkYjVfnehur+INZHcQWtPeXWfsISCKnV2DkFq7tL4/shHZm3
HfJSGotvjheBwPN8x7Cg0n7kQ71zzQUYA7OUUDFualbxfR1tIhxOBVUWGp7IY7JS
KPNSkjYkI0kUFhPVSwU3iyayK+e5ZBUZrpCNEF0yTDWVXgiB8v2gmp9Y/GFcxVA9
uI5xdaApTLo9K23Jffa2/LKHUREY3U1Fplo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org