Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912AEFA/C4B592661DA911E296BBFEA408B02CD2/72B2B85E071211EAAD4E340AC4F9AE02.roa
File: 72B2B85E071211EAAD4E340AC4F9AE02.roa (raw, json)
Hash identifier: aBY7fmjChipc7D/At7izSlAq9Q1NztMvAbFhKpMR+K8=
Subject key identifier: DD:0B:B8:7C:9C:C9:16:F3:C4:00:27:A9:E2:AA:F8:1A:8A:78:4E:4E
Certificate issuer: /CN=A912AEFA/serialNumber=8D099B16BE9575DCB4BB06858797999F55E6035F
Certificate serial: 337F
Authority key identifier: 8D:09:9B:16:BE:95:75:DC:B4:BB:06:85:87:97:99:9F:55:E6:03:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jQmbFr6Vddy0uwaFh5eZn1XmA18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912AEFA/C4B592661DA911E296BBFEA408B02CD2/72B2B85E071211EAAD4E340AC4F9AE02.roa
Signing time: Wed 04 Oct 2023 12:27:01 +0000
ROA not before: Wed 04 Oct 2023 12:27:01 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 63961
IP address blocks: 103.28.120.0/22 maxlen: 24
163.47.36.0/22 maxlen: 24
203.96.188.0/22 maxlen: 24
2402:f500::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13183 (0x337f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912AEFA/serialNumber=8D099B16BE9575DCB4BB06858797999F55E6035F
Validity
Not Before: Oct 4 12:27:01 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=651d5a15-c44a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:60:c2:3f:02:3e:62:12:07:54:3c:64:78:df:
b6:db:6b:04:b9:59:f8:70:9a:e3:f5:a2:fb:27:d3:
ce:f4:fc:8f:5e:5b:7e:44:76:b2:68:5e:12:fd:ae:
5a:45:7a:41:02:00:5c:26:ae:70:3f:84:23:3b:8a:
54:21:d3:3b:10:2e:cc:65:42:63:91:27:d9:6b:1d:
38:20:5a:26:cf:07:4e:be:42:5b:8e:b6:1d:f0:24:
bd:8f:74:63:af:3e:34:9e:f1:8b:a5:9f:f6:54:83:
87:c0:00:65:9a:02:98:78:ad:09:bb:2d:ab:06:4b:
10:d1:3a:e1:2d:85:d1:d6:af:2e:6d:b3:95:64:99:
90:d1:21:16:a9:b3:68:86:bb:77:ca:25:98:35:56:
90:55:87:ab:4b:33:c7:39:5c:70:b2:f1:df:56:ac:
5b:82:6d:4e:a5:d7:e4:aa:05:cc:3c:01:ae:9c:80:
96:c3:56:53:35:a1:7e:fd:cb:65:64:16:cb:0f:fb:
06:0f:f6:72:f6:b7:a7:58:57:2c:76:46:2b:cf:d9:
22:56:59:23:f8:ae:6a:0d:47:f2:09:9b:44:1e:0c:
73:eb:0f:a0:1c:99:2f:f3:cc:e5:aa:c0:e9:0a:7a:
8f:f8:2f:cc:21:6a:a0:e1:21:4c:15:c9:6b:d1:cf:
4d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0B:B8:7C:9C:C9:16:F3:C4:00:27:A9:E2:AA:F8:1A:8A:78:4E:4E
X509v3 Authority Key Identifier:
keyid:8D:09:9B:16:BE:95:75:DC:B4:BB:06:85:87:97:99:9F:55:E6:03:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912AEFA/C4B592661DA911E296BBFEA408B02CD2/jQmbFr6Vddy0uwaFh5eZn1XmA18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jQmbFr6Vddy0uwaFh5eZn1XmA18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AEFA/C4B592661DA911E296BBFEA408B02CD2/72B2B85E071211EAAD4E340AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.28.120.0/22
163.47.36.0/22
203.96.188.0/22
IPv6:
2402:f500::/32
Signature Algorithm: sha256WithRSAEncryption
9c:d6:5b:72:2d:59:58:cc:6f:9e:1d:3f:5f:b0:5f:fd:5e:94:
2d:9e:25:c3:38:e7:ef:49:2e:c7:10:18:7e:52:61:2d:0b:b4:
a2:5a:c5:0f:33:34:79:77:6f:32:69:51:ac:7c:92:13:44:b9:
01:8d:a0:40:3a:21:80:5e:ef:79:cf:d6:ee:5c:1a:59:84:f5:
72:02:1a:95:5c:90:90:cf:7a:bf:1b:1e:5c:d9:08:62:26:40:
b2:82:d2:1f:3f:c4:7d:50:16:5f:80:b2:17:09:35:5f:6a:5e:
74:34:d5:6d:5b:1c:93:cc:24:ee:fc:52:88:c7:b4:79:82:53:
9c:b0:4a:4f:81:bc:62:f8:a8:d6:74:e6:75:94:a0:f9:fd:4e:
94:02:c8:1e:fb:25:2f:10:a8:1c:15:1d:5c:fd:8e:4d:7d:60:
fa:12:01:72:d0:b4:57:0c:06:e5:6b:88:bc:0a:a7:dd:48:05:
6c:d2:86:03:58:e8:93:23:66:e5:2f:86:3f:95:55:96:cd:0d:
d3:68:bb:66:53:d1:58:13:0a:e9:cd:16:c6:ad:36:58:70:de:
9e:47:03:d9:4d:e3:e3:88:d2:e7:6e:8f:0b:06:86:b6:25:c5:
9e:7f:bb:12:81:26:cf:59:76:ff:4c:e4:b8:27:63:5d:f1:54:
7f:c5:41:e9
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICM38wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkFFRkExMTAvBgNVBAUTKDhEMDk5QjE2QkU5NTc1RENCNEJCMDY4NTg3OTc5OTlG
NTVFNjAzNUYwHhcNMjMxMDA0MTIyNzAxWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkNWExNS1jNDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArmDCPwI+YhIHVDxkeN+222sEuVn4cJrj9aL7J9PO9PyPXlt+RHayaF4S/a5a
RXpBAgBcJq5wP4QjO4pUIdM7EC7MZUJjkSfZax04IFomzwdOvkJbjrYd8CS9j3Rj
rz40nvGLpZ/2VIOHwABlmgKYeK0Juy2rBksQ0TrhLYXR1q8ubbOVZJmQ0SEWqbNo
hrt3yiWYNVaQVYerSzPHOVxwsvHfVqxbgm1OpdfkqgXMPAGunICWw1ZTNaF+/ctl
ZBbLD/sGD/Zy9renWFcsdkYrz9kiVlkj+K5qDUfyCZtEHgxz6w+gHJkv88zlqsDp
CnqP+C/MIWqg4SFMFclr0c9NXwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFN0LuHyc
yRbzxAAnqeKq+BqKeE5OMB8GA1UdIwQYMBaAFI0Jmxa+lXXctLsGhYeXmZ9V5gNf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQUVGQS9DNEI1OTI2NjFE
QTkxMUUyOTZCQkZFQTQwOEIwMkNEMi9qUW1iRnI2VmRkeTB1d2FGaDVlWm4xWG1B
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pRbWJGcjZWZGR5MHV3YUZoNWVabjFYbUExOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkFFRkEvQzRCNTkyNjYxREE5MTFFMjk2QkJGRUE0MDhCMDJDRDIvNzJCMkI4NUUw
NzEyMTFFQUFENEUzNDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnHHgDBAKjLyQDBALLYLwwDQQCAAIwBwMFACQC9QAwDQYJ
KoZIhvcNAQELBQADggEBAJzWW3ItWVjMb54dP1+wX/1elC2eJcM45+9JLscQGH5S
YS0LtKJaxQ8zNHl3bzJpUax8khNEuQGNoEA6IYBe73nP1u5cGlmE9XICGpVckJDP
er8bHlzZCGImQLKC0h8/xH1QFl+AshcJNV9qXnQ01W1bHJPMJO78UojHtHmCU5yw
Sk+BvGL4qNZ05nWUoPn9TpQCyB77JS8QqBwVHVz9jk19YPoSAXLQtFcMBuVriLwK
p91IBWzShgNY6JMjZuUvhj+VVZbNDdNou2ZT0VgTCunNFsatNlhw3p5HA9lN4+OI
0udujwsGhrYlxZ5/uxKBJs9Zdv9M5LgnY13xVH/FQek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org