Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C29E/045122A8011C11EEB2684F4BC4F9AE02/58392DC8014111EE9AECB148C4F9AE02.roa
File: 58392DC8014111EE9AECB148C4F9AE02.roa (raw, json)
Hash identifier: vyEKocCbeSQj9bC6UpoyZ2SyTnoqz9oqYkZ4VwEHNz4=
Subject key identifier: 95:B2:C9:54:B3:19:4F:86:A9:EF:E1:BD:91:A7:42:8F:CA:A9:EB:5A
Certificate issuer: /CN=A917C29E/serialNumber=B293489E3ACF28F0D1571437CDF0BCC2CA54545A
Certificate serial: 04
Authority key identifier: B2:93:48:9E:3A:CF:28:F0:D1:57:14:37:CD:F0:BC:C2:CA:54:54:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/spNInjrPKPDRVxQ3zfC8wspUVFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C29E/045122A8011C11EEB2684F4BC4F9AE02/58392DC8014111EE9AECB148C4F9AE02.roa
Signing time: Fri 02 Jun 2023 12:31:06 +0000
ROA not before: Fri 02 Jun 2023 12:31:06 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 136180
IP address blocks: 103.203.56.0/22 maxlen: 24
116.213.44.0/22 maxlen: 24
2400:87c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C29E/serialNumber=B293489E3ACF28F0D1571437CDF0BCC2CA54545A
Validity
Not Before: Jun 2 12:31:06 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6479e10a-490f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:31:63:eb:e8:94:5b:e9:62:b9:b4:a7:39:12:
3d:43:23:d0:ce:1f:b5:b9:1c:b5:86:76:88:8a:3b:
d7:03:86:2a:8c:1f:f9:4c:8b:9c:c6:31:5f:e9:ef:
23:f6:6d:10:2b:30:4b:b2:99:5f:0d:4d:ef:42:3a:
03:f3:10:31:f5:ca:90:96:11:b9:7b:ea:7c:68:0f:
77:03:40:f3:c6:98:28:59:50:f8:1d:d1:e0:75:65:
9c:13:39:ac:1c:55:34:e3:82:ba:cf:67:6f:da:f0:
71:69:0c:51:8b:b3:17:3f:6b:bb:cd:6a:cf:e2:3c:
50:bf:62:77:37:40:2d:5c:58:41:e4:93:1a:be:b2:
b0:24:8a:f1:91:a9:76:c3:8b:1c:40:24:43:91:c6:
52:b7:a3:cc:68:9e:43:c4:d7:40:0b:78:e6:1f:78:
07:05:5f:4e:65:b4:e5:95:86:6d:1f:1d:5b:1f:87:
91:95:3d:8f:f3:2c:bf:ed:8b:32:61:da:2b:03:24:
c1:8f:bb:3e:e3:d6:75:de:bd:7e:5d:1f:83:17:92:
22:7c:53:ec:b6:85:34:3e:e1:ba:67:53:53:eb:06:
3a:fd:28:18:cc:19:8b:e1:0f:a0:f7:b8:2e:63:24:
33:e6:d2:5a:92:be:95:89:e5:22:cc:ae:f9:07:ec:
ac:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B2:C9:54:B3:19:4F:86:A9:EF:E1:BD:91:A7:42:8F:CA:A9:EB:5A
X509v3 Authority Key Identifier:
keyid:B2:93:48:9E:3A:CF:28:F0:D1:57:14:37:CD:F0:BC:C2:CA:54:54:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C29E/045122A8011C11EEB2684F4BC4F9AE02/spNInjrPKPDRVxQ3zfC8wspUVFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/spNInjrPKPDRVxQ3zfC8wspUVFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C29E/045122A8011C11EEB2684F4BC4F9AE02/58392DC8014111EE9AECB148C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.56.0/22
116.213.44.0/22
IPv6:
2400:87c0::/32
Signature Algorithm: sha256WithRSAEncryption
17:d2:e9:ff:6b:3d:9c:ab:65:2a:59:56:47:ec:63:82:63:60:
ff:c4:64:a7:a3:ab:d3:b9:96:d8:1d:e6:88:f4:9d:2d:f1:3f:
51:38:a7:7d:09:ba:40:8e:98:dd:83:9d:f9:af:ef:99:8f:6d:
57:0f:d6:91:b8:bc:48:68:26:f1:e0:cd:f9:ae:ff:85:61:db:
7b:ad:6c:85:8f:e5:7a:9f:04:f2:9b:fe:0b:8c:49:5b:c4:d4:
11:8f:de:6a:ad:7c:d5:70:8a:7e:f1:7b:80:44:5b:4d:dd:50:
b4:41:43:de:53:cc:7d:4c:48:9b:e7:fc:1b:2f:6f:55:b7:22:
eb:4f:2e:d0:be:37:84:d6:89:a7:0e:94:82:8b:ae:72:96:34:
68:f4:53:07:10:3c:ad:46:a5:49:b8:3d:94:7c:b8:87:ea:69:
a1:19:7a:dd:73:5c:ff:4f:53:32:1b:9f:96:a0:25:48:58:be:
30:d0:f7:4a:11:46:9e:fa:be:dd:83:76:3c:27:d0:59:ee:dc:
93:7f:24:7d:0b:c8:95:59:e5:f9:9d:16:c6:1c:a6:bb:57:64:
ad:7b:19:5e:5b:ac:2c:0b:69:0d:5b:62:2a:93:8b:8a:4d:21:
27:9c:b7:58:94:e9:c5:ae:6b:bd:de:92:f1:8a:5f:dc:94:36:
1b:47:51:95
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QzI5RTExMC8GA1UEBRMoQjI5MzQ4OUUzQUNGMjhGMEQxNTcxNDM3Q0RGMEJDQzJD
QTU0NTQ1QTAeFw0yMzA2MDIxMjMxMDZaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NzllMTBhLTQ5MGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDwMWPr6JRb6WK5tKc5Ej1DI9DOH7W5HLWGdoiKO9cDhiqMH/lMi5zGMV/p7yP2
bRArMEuymV8NTe9COgPzEDH1ypCWEbl76nxoD3cDQPPGmChZUPgd0eB1ZZwTOawc
VTTjgrrPZ2/a8HFpDFGLsxc/a7vNas/iPFC/Ync3QC1cWEHkkxq+srAkivGRqXbD
ixxAJEORxlK3o8xonkPE10ALeOYfeAcFX05ltOWVhm0fHVsfh5GVPY/zLL/tizJh
2isDJMGPuz7j1nXevX5dH4MXkiJ8U+y2hTQ+4bpnU1PrBjr9KBjMGYvhD6D3uC5j
JDPm0lqSvpWJ5SLMrvkH7KzFAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUlbLJVLMZ
T4ap7+G9kadCj8qp61owHwYDVR0jBBgwFoAUspNInjrPKPDRVxQ3zfC8wspUVFow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDMjlFLzA0NTEyMkE4MDEx
QzExRUVCMjY4NEY0QkM0RjlBRTAyL3NwTkluanJQS1BEUlZ4UTN6ZkM4d3NwVVZG
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvc3BOSW5qclBLUERSVnhRM3pmQzh3c3BVVkZvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QzI5RS8wNDUxMjJBODAxMUMxMUVFQjI2ODRGNEJDNEY5QUUwMi81ODM5MkRDODAx
NDExMUVFOUFFQ0IxNDhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAmfLOAMEAnTVLDANBAIAAjAHAwUAJACHwDANBgkqhkiG9w0B
AQsFAAOCAQEAF9Lp/2s9nKtlKllWR+xjgmNg/8Rkp6Or07mW2B3miPSdLfE/UTin
fQm6QI6Y3YOd+a/vmY9tVw/Wkbi8SGgm8eDN+a7/hWHbe61shY/lep8E8pv+C4xJ
W8TUEY/eaq181XCKfvF7gERbTd1QtEFD3lPMfUxIm+f8Gy9vVbci608u0L43hNaJ
pw6UgouucpY0aPRTBxA8rUalSbg9lHy4h+ppoRl63XNc/09TMhuflqAlSFi+MND3
ShFGnvq+3YN2PCfQWe7ck38kfQvIlVnl+Z0Wxhymu1dkrXsZXlusLAtpDVtiKpOL
ik0hJ5y3WJTpxa5rvd6S8Ypf3JQ2G0dRlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org