Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/5EA0F74ABA9611EE9B19712EC4F9AE02.roa
File: 5EA0F74ABA9611EE9B19712EC4F9AE02.roa (raw, json)
Hash identifier: mdEsHGa+hOfAxnWAMJ3U04F4qiVwfx3M2PPHJ04yzIU=
Subject key identifier: FA:06:9F:CF:92:ED:8B:13:EA:5A:43:1D:54:B3:7C:0D:AE:94:3A:2B
Certificate issuer: /CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417
Certificate serial: 44
Authority key identifier: 00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/5EA0F74ABA9611EE9B19712EC4F9AE02.roa
Signing time: Wed 24 Jan 2024 08:55:49 +0000
ROA not before: Wed 24 Jan 2024 08:55:49 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 141432
IP address blocks: 103.99.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68 (0x44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912C8FA/serialNumber=00EFB3AFFF74FD621F4B8D91169B7A1C43B39417
Validity
Not Before: Jan 24 08:55:49 2024 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=65b0d095-1b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:55:ef:c7:01:0e:13:3c:f0:dc:f5:18:17:aa:
15:e8:72:c4:d1:68:7f:3f:e9:44:7f:f9:6d:40:d7:
ef:87:53:23:63:5f:40:78:23:70:c5:34:0f:3a:59:
7e:d4:5b:93:67:9c:81:53:5c:6c:1e:dc:50:af:66:
3b:98:a4:7b:48:61:90:11:24:48:ee:8d:de:9c:66:
3f:75:3a:13:b0:0c:bf:d6:27:fa:30:db:0c:b2:95:
46:81:18:1f:6e:eb:f0:31:01:96:9e:1c:03:ee:96:
fe:de:50:a9:cb:dd:b5:1e:91:8e:a8:c0:88:13:1d:
fc:5c:d1:98:a8:69:6a:66:63:24:08:d7:48:9a:2b:
a9:a3:d3:30:1b:dd:db:eb:2b:62:fa:19:5e:19:fe:
86:42:d3:5f:9a:a6:0d:cb:64:90:82:ab:a8:03:8f:
7a:f5:e6:46:eb:31:11:82:a3:9a:46:2e:4e:aa:48:
60:da:e4:7d:82:1d:7d:1b:a1:65:17:14:c3:a7:50:
54:15:d8:06:32:54:7a:d2:8f:4c:16:c5:8a:b9:a6:
6d:4b:f0:18:9f:b8:8a:55:07:96:5d:12:e7:c4:03:
46:b2:ba:41:74:ae:dc:99:5e:0d:02:49:92:81:85:
79:4f:6b:80:18:c6:24:dc:e1:b0:ea:ab:3e:27:93:
0a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:06:9F:CF:92:ED:8B:13:EA:5A:43:1D:54:B3:7C:0D:AE:94:3A:2B
X509v3 Authority Key Identifier:
keyid:00:EF:B3:AF:FF:74:FD:62:1F:4B:8D:91:16:9B:7A:1C:43:B3:94:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/AO-zr_90_WIfS42RFpt6HEOzlBc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AO-zr_90_WIfS42RFpt6HEOzlBc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8FA/4003F93054A311EEB75F4686C4F9AE02/5EA0F74ABA9611EE9B19712EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.135.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:48:f6:42:14:29:e4:04:29:f7:4a:92:70:d5:44:cc:cf:97:
b2:54:3c:23:9d:17:d0:cf:03:6d:53:d8:06:e4:57:36:72:ce:
ec:bc:0f:f2:e4:66:b1:45:14:9f:60:9f:1f:7e:76:db:32:3a:
1f:ad:e1:94:22:44:40:8d:06:22:8c:fe:80:12:a6:eb:fb:ce:
06:bf:3d:80:f8:38:48:f1:6b:8c:40:24:bd:60:62:a6:7e:50:
cd:56:81:5c:75:dc:0b:16:a0:2e:02:e4:97:27:55:26:72:4e:
9f:bc:89:d6:e8:8b:63:00:13:1f:4e:ca:c6:b1:d1:26:f3:ff:
30:5f:61:1d:c7:42:da:9c:ec:0d:50:72:dc:07:ad:97:d3:53:
e0:cd:4d:47:33:07:87:3f:d3:95:67:92:e9:13:2f:8d:ec:a6:
db:5d:61:67:f1:23:92:f2:da:51:d8:d6:6a:d1:02:2a:e8:cb:
38:69:9c:e7:1b:1e:bd:24:40:a5:c7:6c:09:ab:64:21:ea:b0:
97:38:c1:fe:aa:de:3f:a7:be:50:83:a5:48:e1:2e:c0:d1:7f:
94:9c:57:93:de:93:34:d0:05:32:01:43:90:d8:06:a0:66:19:
c0:34:08:52:12:1f:9c:c5:2c:81:ce:47:7c:bf:6a:b1:c8:b6:
f2:5e:39:c5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBRDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
QzhGQTExMC8GA1UEBRMoMDBFRkIzQUZGRjc0RkQ2MjFGNEI4RDkxMTY5QjdBMUM0
M0IzOTQxNzAeFw0yNDAxMjQwODU1NDlaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YjBkMDk1LTFiNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrVe/HAQ4TPPDc9RgXqhXocsTRaH8/6UR/+W1A1++HUyNjX0B4I3DFNA86WX7U
W5NnnIFTXGwe3FCvZjuYpHtIYZARJEjujd6cZj91OhOwDL/WJ/ow2wyylUaBGB9u
6/AxAZaeHAPulv7eUKnL3bUekY6owIgTHfxc0ZioaWpmYyQI10iaK6mj0zAb3dvr
K2L6GV4Z/oZC01+apg3LZJCCq6gDj3r15kbrMRGCo5pGLk6qSGDa5H2CHX0boWUX
FMOnUFQV2AYyVHrSj0wWxYq5pm1L8BifuIpVB5ZdEufEA0ayukF0rtyZXg0CSZKB
hXlPa4AYxiTc4bDqqz4nkwpvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+gafz5Lt
ixPqWkMdVLN8Da6UOiswHwYDVR0jBBgwFoAUAO+zr/90/WIfS42RFpt6HEOzlBcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJDOEZBLzQwMDNGOTMwNTRB
MzExRUVCNzVGNDY4NkM0RjlBRTAyL0FPLXpyXzkwX1dJZlM0MlJGcHQ2SEVPemxC
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQU8tenJfOTBfV0lmUzQyUkZwdDZIRU96bEJjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
QzhGQS80MDAzRjkzMDU0QTMxMUVFQjc1RjQ2ODZDNEY5QUUwMi81RUEwRjc0QUJB
OTYxMUVFOUIxOTcxMkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdjhzANBgkqhkiG9w0BAQsFAAOCAQEApUj2QhQp5AQp90qS
cNVEzM+XslQ8I50X0M8DbVPYBuRXNnLO7LwP8uRmsUUUn2CfH3522zI6H63hlCJE
QI0GIoz+gBKm6/vOBr89gPg4SPFrjEAkvWBipn5QzVaBXHXcCxagLgLklydVJnJO
n7yJ1uiLYwATH07KxrHRJvP/MF9hHcdC2pzsDVBy3Aetl9NT4M1NRzMHhz/TlWeS
6RMvjeym211hZ/EjkvLaUdjWatECKujLOGmc5xsevSRApcdsCatkIeqwlzjB/qre
P6e+UIOlSOEuwNF/lJxXk96TNNAFMgFDkNgGoGYZwDQIUhIfnMUsgc5HfL9qsci2
8l45xQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org