Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156021/D98761D4692E11E388C8252E5911EA32/ED1FB4308AF411EC9FF67E23C4F9AE02.roa
File: ED1FB4308AF411EC9FF67E23C4F9AE02.roa (raw, json)
Hash identifier: nGsxxLDD4gy+eIFEJCHt+hR2dZFRVfdYrlqqIxF8yxo=
Subject key identifier: 3A:4C:EA:83:E4:72:32:F9:C3:64:9C:AB:23:78:BA:84:96:7B:C4:E7
Certificate issuer: /CN=A9156021/serialNumber=AA4C9B7FFB7760D134DA34FA31129DE11A1DE2AE
Certificate serial: 2C3B
Authority key identifier: AA:4C:9B:7F:FB:77:60:D1:34:DA:34:FA:31:12:9D:E1:1A:1D:E2:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkybf_t3YNE02jT6MRKd4Rod4q4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156021/D98761D4692E11E388C8252E5911EA32/ED1FB4308AF411EC9FF67E23C4F9AE02.roa
Signing time: Thu 12 Jan 2023 16:11:53 +0000
ROA not before: Thu 12 Jan 2023 16:11:53 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 133201
IP address blocks: 103.255.44.0/22 maxlen: 22
103.255.44.0/24 maxlen: 24
103.255.45.0/24 maxlen: 24
103.255.46.0/24 maxlen: 24
103.255.47.0/24 maxlen: 24
202.61.84.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11323 (0x2c3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156021/serialNumber=AA4C9B7FFB7760D134DA34FA31129DE11A1DE2AE
Validity
Not Before: Jan 12 16:11:53 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63c03149-40fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:c0:1b:da:cd:01:b6:ee:fb:a9:fd:65:dd:
3f:a6:73:0c:19:36:f2:da:dc:19:17:30:cc:7d:02:
50:7c:67:6e:bc:fc:e2:37:da:fa:87:e8:5b:7c:7a:
21:54:49:da:1d:f2:6e:63:1f:0c:d8:2e:1f:ce:1a:
b8:44:bf:d1:17:6e:a0:9e:63:11:55:9a:ff:19:4a:
06:f8:d9:e5:87:da:9e:6c:56:68:25:b6:b2:27:31:
83:bf:3b:d0:1e:93:81:d1:c3:e0:08:08:13:f5:8b:
a7:f3:17:99:4b:66:93:e5:cf:79:d2:04:95:2b:a2:
46:a0:c2:0c:5f:54:8f:93:9d:a1:11:ee:c2:95:e1:
ce:c8:fc:45:3b:3d:c3:dd:40:07:b6:9c:60:9a:af:
67:82:10:38:94:59:51:79:84:94:f1:5e:8a:23:44:
da:4b:cb:a9:10:a3:bf:14:7f:57:94:8a:12:ce:35:
a0:7b:85:03:a0:37:c6:bb:96:bc:bf:77:4b:8e:d8:
5d:cd:49:5a:a6:2a:d6:cb:70:a1:79:c2:7e:54:81:
45:07:ea:70:c9:59:3e:17:f3:54:c3:aa:14:f3:a8:
a5:f6:4c:4a:c0:54:db:1c:39:dd:4e:e1:af:f4:34:
a7:50:c9:5c:6a:e0:16:c1:97:4f:c7:16:12:c9:a6:
44:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4C:EA:83:E4:72:32:F9:C3:64:9C:AB:23:78:BA:84:96:7B:C4:E7
X509v3 Authority Key Identifier:
keyid:AA:4C:9B:7F:FB:77:60:D1:34:DA:34:FA:31:12:9D:E1:1A:1D:E2:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156021/D98761D4692E11E388C8252E5911EA32/qkybf_t3YNE02jT6MRKd4Rod4q4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qkybf_t3YNE02jT6MRKd4Rod4q4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156021/D98761D4692E11E388C8252E5911EA32/ED1FB4308AF411EC9FF67E23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.44.0/22
202.61.84.0/22
Signature Algorithm: sha256WithRSAEncryption
23:94:08:f7:8c:04:74:56:36:1a:98:e5:38:98:b4:8c:00:8d:
25:d2:ca:68:71:ec:2c:10:07:31:03:69:4d:b4:14:e0:d5:0b:
46:81:4a:f4:2f:40:2f:9d:8a:4b:4a:f0:93:17:fd:80:da:41:
d8:a8:78:ef:ab:93:c0:d4:be:f0:2a:ec:39:26:04:cd:82:17:
6a:03:65:91:59:29:f8:e0:cf:09:57:14:df:34:59:b1:14:40:
08:e6:82:8c:a9:59:ee:46:df:ef:d1:26:b5:b7:ad:c4:51:d9:
29:dc:7c:04:e5:20:fc:0e:7e:24:cd:e2:eb:12:bf:37:9b:30:
eb:84:ab:92:13:4e:85:ac:39:1d:85:81:c3:e6:7c:8d:c3:e0:
a5:8d:45:00:f0:30:79:cf:cb:1f:ab:f1:c7:86:d5:47:fa:72:
d1:9e:ee:92:bc:00:2b:16:1d:66:70:20:cd:d3:ce:6a:e1:63:
bd:c2:f3:c7:a6:18:28:28:5f:92:93:71:ca:22:aa:9b:17:8c:
14:1d:96:57:ff:42:a6:4e:aa:42:ea:7f:5b:e0:c2:ab:10:be:
07:d2:ac:86:9d:52:6b:90:c8:91:62:77:fb:70:86:3f:18:fc:
1a:ef:19:ba:98:2e:29:9a:03:ca:26:87:54:81:ab:4a:84:e1:
ae:c4:61:1b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICLDswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTYwMjExMTAvBgNVBAUTKEFBNEM5QjdGRkI3NzYwRDEzNERBMzRGQTMxMTI5REUx
MUExREUyQUUwHhcNMjMwMTEyMTYxMTUzWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2MwMzE0OS00MGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxY7AG9rNAbbu+6n9Zd0/pnMMGTby2twZFzDMfQJQfGduvPziN9r6h+hbfHoh
VEnaHfJuYx8M2C4fzhq4RL/RF26gnmMRVZr/GUoG+Nnlh9qebFZoJbayJzGDvzvQ
HpOB0cPgCAgT9Yun8xeZS2aT5c950gSVK6JGoMIMX1SPk52hEe7CleHOyPxFOz3D
3UAHtpxgmq9nghA4lFlReYSU8V6KI0TaS8upEKO/FH9XlIoSzjWge4UDoDfGu5a8
v3dLjthdzUlapirWy3ChecJ+VIFFB+pwyVk+F/NUw6oU86il9kxKwFTbHDndTuGv
9DSnUMlcauAWwZdPxxYSyaZE+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDpM6oPk
cjL5w2ScqyN4uoSWe8TnMB8GA1UdIwQYMBaAFKpMm3/7d2DRNNo0+jESneEaHeKu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjAyMS9EOTg3NjFENDY5
MkUxMUUzODhDODI1MkU1OTExRUEzMi9xa3liZl90M1lORTAyalQ2TVJLZDRSb2Q0
cTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FreWJmX3QzWU5FMDJqVDZNUktkNFJvZDRxNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTYwMjEvRDk4NzYxRDQ2OTJFMTFFMzg4QzgyNTJFNTkxMUVBMzIvRUQxRkI0MzA4
QUY0MTFFQzlGRjY3RTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn/ywDBALKPVQwDQYJKoZIhvcNAQELBQADggEBACOUCPeM
BHRWNhqY5TiYtIwAjSXSymhx7CwQBzEDaU20FODVC0aBSvQvQC+diktK8JMX/YDa
QdioeO+rk8DUvvAq7DkmBM2CF2oDZZFZKfjgzwlXFN80WbEUQAjmgoypWe5G3+/R
JrW3rcRR2SncfATlIPwOfiTN4usSvzebMOuEq5ITToWsOR2FgcPmfI3D4KWNRQDw
MHnPyx+r8ceG1Uf6ctGe7pK8ACsWHWZwIM3TzmrhY73C88emGCgoX5KTccoiqpsX
jBQdllf/QqZOqkLqf1vgwqsQvgfSrIadUmuQyJFid/twhj8Y/BrvGbqYLimaA8om
h1SBq0qE4a7EYRs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org