Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913F927/AF5211FE00A211EA9A4E8A87C4F9AE02/AFE38DB800A311EA975BA60AC4F9AE02.roa
File: AFE38DB800A311EA975BA60AC4F9AE02.roa (raw, json)
Hash identifier: Sm1qFZNI71nMTQ14IvLlJ5+2r68B3v0P5BNAYexzllU=
Subject key identifier: 87:A1:31:7F:85:2D:8D:A7:30:3D:8B:E5:34:F9:FC:F1:83:DD:BD:97
Certificate issuer: /CN=A913F927/serialNumber=C5CB5779F836071C528084869167CBC1AE08B917
Certificate serial: 0A99
Authority key identifier: C5:CB:57:79:F8:36:07:1C:52:80:84:86:91:67:CB:C1:AE:08:B9:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xctXefg2BxxSgISGkWfLwa4IuRc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913F927/AF5211FE00A211EA9A4E8A87C4F9AE02/AFE38DB800A311EA975BA60AC4F9AE02.roa
Signing time: Fri 06 Jan 2023 19:56:30 +0000
ROA not before: Fri 06 Jan 2023 19:56:30 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 133868
IP address blocks: 103.132.84.0/23 maxlen: 23
103.132.84.0/24 maxlen: 24
103.132.85.0/24 maxlen: 24
103.132.86.0/24 maxlen: 24
103.132.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2713 (0xa99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913F927/serialNumber=C5CB5779F836071C528084869167CBC1AE08B917
Validity
Not Before: Jan 6 19:56:30 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63b87cee-5435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:65:79:f5:b7:01:69:ae:09:fd:68:3f:4f:1f:
0f:bc:75:68:c8:98:17:8f:15:ec:0e:1c:21:de:84:
a0:63:e1:af:13:1f:9a:36:a5:3c:5a:ba:5f:3d:2e:
40:f8:11:8d:a9:b4:58:2f:4c:f7:ec:32:a2:cc:8f:
4f:93:cc:64:49:64:42:f5:ac:85:62:bb:fb:7e:7e:
dd:54:3d:b0:43:e6:67:b0:88:60:a7:f4:aa:e3:65:
ce:d3:d7:8e:d6:a2:ef:3e:13:d5:ef:ad:a0:a3:b7:
e2:9a:2d:ca:6a:67:be:83:b8:ea:7b:21:ed:8d:81:
14:85:a5:45:a0:d4:94:a0:0d:36:7a:09:f8:21:54:
a9:e2:ff:86:98:33:36:f9:95:a3:e4:50:d7:23:92:
13:6b:da:06:6e:06:79:8f:d4:14:50:52:6a:5a:0a:
f3:fa:4d:f3:d7:a7:50:56:01:a2:21:b0:6b:78:a2:
16:1f:66:51:ad:f0:c3:af:e8:67:b2:5b:c8:03:58:
9a:b4:5e:87:24:d2:1a:c5:b0:09:d3:35:fc:9c:d7:
98:58:79:37:63:d6:3e:c4:35:66:72:99:37:43:f1:
63:f2:49:29:c6:eb:89:cb:3e:eb:58:0f:76:05:10:
3d:4e:c8:4c:17:62:1f:7a:0b:22:44:0a:5e:ec:55:
c7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A1:31:7F:85:2D:8D:A7:30:3D:8B:E5:34:F9:FC:F1:83:DD:BD:97
X509v3 Authority Key Identifier:
keyid:C5:CB:57:79:F8:36:07:1C:52:80:84:86:91:67:CB:C1:AE:08:B9:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913F927/AF5211FE00A211EA9A4E8A87C4F9AE02/xctXefg2BxxSgISGkWfLwa4IuRc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xctXefg2BxxSgISGkWfLwa4IuRc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F927/AF5211FE00A211EA9A4E8A87C4F9AE02/AFE38DB800A311EA975BA60AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.84.0/22
Signature Algorithm: sha256WithRSAEncryption
56:c7:df:6b:f5:27:b8:a2:f7:02:e4:ce:67:c3:9d:f1:4d:cd:
01:30:c7:8e:01:89:f9:e9:87:46:98:6c:de:26:e2:ac:39:24:
65:07:79:7a:82:ba:cc:6f:81:1b:08:f8:c0:00:43:ea:89:dd:
0c:19:5b:fc:7d:9c:75:b1:24:0c:0a:5c:49:b2:4f:7a:d1:a5:
b1:d3:64:d6:7a:6e:e1:47:b7:e0:6c:0f:63:1f:a6:96:5f:a6:
5e:51:ff:98:f0:d3:8c:ed:a0:e3:7d:10:63:04:30:1d:65:13:
d5:00:7d:1b:b6:37:00:fa:31:98:96:e1:b3:c2:ed:4e:86:35:
d6:3c:07:fc:61:fd:c4:2d:bf:20:13:9c:a9:f7:67:94:a8:b7:
af:e9:fd:a9:b7:21:fe:0d:0c:98:e2:40:c7:b6:2e:14:4e:66:
6b:e1:ff:16:84:cd:44:f2:91:45:89:5a:3f:7d:73:b9:d4:a5:
5c:c2:4f:66:e7:f5:97:fe:88:fb:d2:e2:9d:f8:42:db:5b:96:
48:f7:31:82:d8:12:b8:39:6e:f0:8e:31:c2:aa:3c:41:9f:71:
9e:84:00:11:89:c9:a7:0d:41:18:d3:2f:ab:55:41:75:a6:23:
28:82:b1:a3:96:2d:f5:b1:39:d1:04:68:79:de:9a:a7:be:50:
62:d7:47:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Y5MjcxMTAvBgNVBAUTKEM1Q0I1Nzc5RjgzNjA3MUM1MjgwODQ4NjkxNjdDQkMx
QUUwOEI5MTcwHhcNMjMwMTA2MTk1NjMwWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I4N2NlZS01NDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7WV59bcBaa4J/Wg/Tx8PvHVoyJgXjxXsDhwh3oSgY+GvEx+aNqU8WrpfPS5A
+BGNqbRYL0z37DKizI9Pk8xkSWRC9ayFYrv7fn7dVD2wQ+ZnsIhgp/Sq42XO09eO
1qLvPhPV762go7fimi3Kame+g7jqeyHtjYEUhaVFoNSUoA02egn4IVSp4v+GmDM2
+ZWj5FDXI5ITa9oGbgZ5j9QUUFJqWgrz+k3z16dQVgGiIbBreKIWH2ZRrfDDr+hn
slvIA1iatF6HJNIaxbAJ0zX8nNeYWHk3Y9Y+xDVmcpk3Q/Fj8kkpxuuJyz7rWA92
BRA9TshMF2IfegsiRApe7FXHCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIehMX+F
LY2nMD2L5TT5/PGD3b2XMB8GA1UdIwQYMBaAFMXLV3n4NgccUoCEhpFny8GuCLkX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjkyNy9BRjUyMTFGRTAw
QTIxMUVBOUE0RThBODdDNEY5QUUwMi94Y3RYZWZnMkJ4eFNnSVNHa1dmTHdhNEl1
UmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hjdFhlZmcyQnh4U2dJU0drV2ZMd2E0SXVSYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Y5MjcvQUY1MjExRkUwMEEyMTFFQTlBNEU4QTg3QzRGOUFFMDIvQUZFMzhEQjgw
MEEzMTFFQTk3NUJBNjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhFQwDQYJKoZIhvcNAQELBQADggEBAFbH32v1J7ii9wLk
zmfDnfFNzQEwx44Bifnph0aYbN4m4qw5JGUHeXqCusxvgRsI+MAAQ+qJ3QwZW/x9
nHWxJAwKXEmyT3rRpbHTZNZ6buFHt+BsD2MfppZfpl5R/5jw04ztoON9EGMEMB1l
E9UAfRu2NwD6MZiW4bPC7U6GNdY8B/xh/cQtvyATnKn3Z5Sot6/p/am3If4NDJji
QMe2LhROZmvh/xaEzUTykUWJWj99c7nUpVzCT2bn9Zf+iPvS4p34Qttblkj3MYLY
Erg5bvCOMcKqPEGfcZ6EABGJyacNQRjTL6tVQXWmIyiCsaOWLfWxOdEEaHnemqe+
UGLXR5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org