Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/D5D7EC4A36AA11ED870D5934C4F9AE02.roa
File: D5D7EC4A36AA11ED870D5934C4F9AE02.roa (raw, json)
Hash identifier: 7kvP0CW0jC3lviMeUhG43KpwXyILU9ksJk9l3CUaUFg=
Subject key identifier: A3:CE:31:5E:9E:A2:76:36:DF:39:81:C6:50:F7:C2:05:EB:6D:B8:ED
Certificate issuer: /CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Certificate serial: 29
Authority key identifier: 74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/D5D7EC4A36AA11ED870D5934C4F9AE02.roa
Signing time: Mon 03 Oct 2022 15:45:20 +0000
ROA not before: Mon 03 Oct 2022 15:45:20 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138998
IP address blocks: 103.7.4.0/24 maxlen: 24
2400:ac20::/32 maxlen: 32
2400:ac20:1000::/36 maxlen: 36
2400:ac20:2000::/36 maxlen: 36
2400:ac20:3000::/36 maxlen: 36
2400:ac20:4000::/36 maxlen: 36
2400:ac20:8000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41 (0x29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914661C/serialNumber=74AEB63F2F1DA957D65820964FF79DF0F593800C
Validity
Not Before: Oct 3 15:45:20 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=633b0390-1ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:05:db:a7:b1:60:d2:43:12:33:7e:4c:e9:fc:
79:cb:04:60:89:e9:0e:85:80:9e:09:4d:b7:32:b4:
01:96:e1:c2:f2:e6:e9:1c:9a:e9:37:c8:45:bb:38:
93:24:ca:b3:06:01:73:6d:33:8f:59:eb:17:e7:71:
65:f9:74:5c:4e:b8:7e:e7:80:3e:12:92:16:a1:78:
be:f6:db:26:df:fe:f5:52:fc:04:51:c4:c4:f2:ac:
86:40:94:8f:22:a8:10:96:d3:44:d2:30:00:f3:38:
03:85:36:bb:98:e6:29:0a:49:88:50:6c:bf:e9:70:
56:93:88:3c:59:c6:fd:4f:80:18:4d:92:ee:48:d6:
c8:7e:f2:e3:be:10:34:9e:3d:89:8e:04:b5:56:9a:
30:fe:f9:3d:0d:c1:13:ae:f1:6e:45:f5:c7:6f:e9:
5e:4c:1d:2d:c4:54:73:04:a5:de:f2:fe:89:be:45:
e3:dc:a6:bd:bb:85:89:82:e0:21:d3:71:2a:45:f3:
18:40:f1:76:fb:18:c2:02:94:c1:e1:bc:5a:e4:9e:
f8:3e:2a:62:1e:85:21:68:b6:ca:dd:cb:1e:09:39:
bd:1a:6e:1c:b4:0b:b2:9f:cd:be:1f:c1:9e:e9:f5:
17:5d:44:be:fe:41:10:08:b7:ae:11:88:b6:89:70:
1d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CE:31:5E:9E:A2:76:36:DF:39:81:C6:50:F7:C2:05:EB:6D:B8:ED
X509v3 Authority Key Identifier:
keyid:74:AE:B6:3F:2F:1D:A9:57:D6:58:20:96:4F:F7:9D:F0:F5:93:80:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/dK62Py8dqVfWWCCWT_ed8PWTgAw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dK62Py8dqVfWWCCWT_ed8PWTgAw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914661C/770CBE2436A611ED8FC1702CC4F9AE02/D5D7EC4A36AA11ED870D5934C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.4.0/24
IPv6:
2400:ac20::/32
Signature Algorithm: sha256WithRSAEncryption
30:34:52:02:37:96:14:41:02:50:be:ee:75:92:7e:51:25:66:
a1:97:d2:ba:36:82:97:e9:bb:94:13:db:26:52:7d:8e:0e:3f:
58:c4:7e:10:22:c0:bd:06:76:85:b5:c8:b2:30:b9:a0:c0:93:
bf:c8:7b:31:fa:1c:08:53:86:b3:9c:8c:ae:2a:69:82:a7:17:
47:78:40:85:a0:60:00:09:8f:69:3e:1a:52:78:3f:2d:5f:88:
c1:29:09:8c:9b:66:fd:42:20:4c:40:d1:73:96:e5:05:3e:2a:
80:ac:6c:ca:0c:aa:97:36:fa:67:1a:9c:62:ab:fa:78:82:3e:
f0:05:d0:f0:8d:bc:54:5a:61:6e:87:30:73:b6:b2:58:2b:6f:
6a:d8:18:b1:2f:13:59:1a:6c:ab:96:bc:1d:0f:42:06:05:84:
16:c8:3c:de:5b:4a:d0:8c:48:ec:b3:df:70:28:6b:ee:e9:67:
61:24:99:29:85:51:5b:cc:20:0b:ca:36:43:89:48:9f:9a:96:
0f:89:15:91:63:ef:af:b3:b7:c2:ad:f4:47:1d:65:19:a9:52:
5c:b7:0e:ce:c3:89:0b:37:06:db:de:84:0f:3c:bb:b4:ea:33:
9b:7f:38:a1:d8:88:47:f6:3c:71:21:34:ea:f3:c6:01:63:bd:
85:fb:30:16
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NjYxQzExMC8GA1UEBRMoNzRBRUI2M0YyRjFEQTk1N0Q2NTgyMDk2NEZGNzlERjBG
NTkzODAwQzAeFw0yMjEwMDMxNTQ1MjBaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzM2IwMzkwLTFlYzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/BdunsWDSQxIzfkzp/HnLBGCJ6Q6FgJ4JTbcytAGW4cLy5ukcmuk3yEW7OJMk
yrMGAXNtM49Z6xfncWX5dFxOuH7ngD4SkhaheL722ybf/vVS/ARRxMTyrIZAlI8i
qBCW00TSMADzOAOFNruY5ikKSYhQbL/pcFaTiDxZxv1PgBhNku5I1sh+8uO+EDSe
PYmOBLVWmjD++T0NwROu8W5F9cdv6V5MHS3EVHMEpd7y/om+RePcpr27hYmC4CHT
cSpF8xhA8Xb7GMIClMHhvFrknvg+KmIehSFotsrdyx4JOb0abhy0C7Kfzb4fwZ7p
9RddRL7+QRAIt64RiLaJcB2vAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUo84xXp6i
djbfOYHGUPfCBettuO0wHwYDVR0jBBgwFoAUdK62Py8dqVfWWCCWT/ed8PWTgAww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2NjFDLzc3MENCRTI0MzZB
NjExRUQ4RkMxNzAyQ0M0RjlBRTAyL2RLNjJQeThkcVZmV1dDQ1dUX2VkOFBXVGdB
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZEs2MlB5OGRxVmZXV0NDV1RfZWQ4UFdUZ0F3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NjYxQy83NzBDQkUyNDM2QTYxMUVEOEZDMTcwMkNDNEY5QUUwMi9ENUQ3RUM0QTM2
QUExMUVEODcwRDU5MzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAGcHBDANBAIAAjAHAwUAJACsIDANBgkqhkiG9w0BAQsFAAOC
AQEAMDRSAjeWFEECUL7udZJ+USVmoZfSujaCl+m7lBPbJlJ9jg4/WMR+ECLAvQZ2
hbXIsjC5oMCTv8h7MfocCFOGs5yMrippgqcXR3hAhaBgAAmPaT4aUng/LV+IwSkJ
jJtm/UIgTEDRc5blBT4qgKxsygyqlzb6ZxqcYqv6eII+8AXQ8I28VFphbocwc7ay
WCtvatgYsS8TWRpsq5a8HQ9CBgWEFsg83ltK0IxI7LPfcChr7ulnYSSZKYVRW8wg
C8o2Q4lIn5qWD4kVkWPvr7O3wq30Rx1lGalSXLcOzsOJCzcG296EDzy7tOozm384
odiIR/Y8cSE06vPGAWO9hfswFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org