Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/A80A53CCB19211EC9EAAD44EC4F9AE02.roa
File: A80A53CCB19211EC9EAAD44EC4F9AE02.roa (raw, json)
Hash identifier: N8GIs4VzUvz+ar+iE6a4U/xpUaCiGB+w09C5KG5YgVI=
Subject key identifier: 78:AC:65:37:CA:D9:18:12:21:11:47:96:CE:5C:22:7D:69:3E:50:C9
Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial: 0B33
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/A80A53CCB19211EC9EAAD44EC4F9AE02.roa
Signing time: Sat 31 Dec 2022 11:55:56 +0000
ROA not before: Sat 31 Dec 2022 11:55:56 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 137453
IP address blocks: 103.109.92.0/24 maxlen: 24
103.109.93.0/24 maxlen: 24
103.109.94.0/24 maxlen: 24
103.109.95.0/24 maxlen: 24
103.214.201.0/24 maxlen: 24
103.214.202.0/24 maxlen: 24
144.48.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2867 (0xb33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Validity
Not Before: Dec 31 11:55:56 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=63b0234b-d599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:de:17:13:79:dd:f6:ff:a0:52:95:70:48:
e3:fd:a2:c9:51:a0:7d:f4:6a:05:13:93:2c:55:f5:
4d:39:67:07:35:9b:65:bf:e6:0b:0b:c0:2d:fb:84:
1e:41:c0:7b:86:b7:47:fe:dd:cc:7c:bf:fd:67:af:
75:72:55:ef:11:4c:98:34:35:96:5a:02:f7:02:83:
df:7b:47:80:62:30:3c:f3:2c:13:fa:48:50:7d:67:
ac:99:48:7c:f6:59:65:ec:12:67:aa:78:ba:9e:88:
f1:10:b2:0e:c2:6a:7d:03:4a:1e:04:03:6d:37:9c:
82:c4:82:e2:c3:6a:3d:fc:38:7d:74:01:8a:b1:9a:
00:81:87:90:2f:4a:54:af:9e:c3:dc:6e:93:df:bd:
37:3b:21:7f:db:56:65:6b:de:af:28:f0:6e:c7:3e:
ab:13:e0:be:a5:22:ee:40:6f:bc:0d:4d:ca:22:3c:
03:bf:de:e1:fd:e4:a0:69:f0:94:9b:a8:25:e5:b5:
96:76:80:2a:25:55:a6:4b:a7:82:2d:51:48:58:b2:
1d:47:54:9f:46:19:e3:55:76:8f:0c:bc:c2:5d:2a:
61:3a:a3:fe:f7:a5:5c:5f:e0:89:cb:4c:6e:17:51:
c4:68:0e:14:0f:c3:e6:85:a6:0a:c8:3a:86:53:fa:
5a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AC:65:37:CA:D9:18:12:21:11:47:96:CE:5C:22:7D:69:3E:50:C9
X509v3 Authority Key Identifier:
keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/A80A53CCB19211EC9EAAD44EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.92.0/22
103.214.201.0-103.214.202.255
144.48.151.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:87:84:6f:95:a6:0d:db:22:28:6b:2c:4a:2f:46:47:8d:2e:
a2:b9:01:14:27:55:3a:bb:ee:0a:02:6f:3f:93:f5:41:df:46:
e0:5c:85:6d:30:36:a1:55:9f:78:41:6f:44:6c:b3:b9:10:45:
a9:14:78:33:2f:0f:3b:7d:84:4a:2a:1f:49:2d:90:88:fb:33:
cf:74:8e:ed:59:77:52:36:47:28:22:3f:8e:e4:d6:43:03:85:
9d:c0:9e:d5:7d:c1:4b:f4:80:91:e3:0b:49:c3:dc:5b:95:ad:
ce:2e:40:b8:30:24:7f:87:e6:37:cb:cb:74:82:e4:53:cb:98:
f0:60:3e:c1:a2:2e:36:e6:01:4a:4a:07:a8:04:a7:1e:ea:c1:
3d:48:9e:f2:47:51:3d:7c:8c:14:35:4d:55:fc:6d:68:6d:99:
75:30:df:99:52:d2:c9:44:60:0d:2f:73:e3:ff:05:19:70:0e:
57:78:ad:e3:f9:f7:28:e2:f8:7a:3b:8b:2c:16:e2:0a:fb:ec:
dd:39:46:fa:20:b8:34:a5:f2:f6:0e:72:09:2c:ae:23:ab:e7:
60:9a:5c:ad:4e:87:7c:74:c2:bb:62:fc:8a:06:e4:b6:48:11:
27:af:a0:5d:52:0c:f8:1f:5f:50:85:15:c5:0d:57:e3:ef:9e:
d4:ee:0f:ee
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCzMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjIxMjMxMTE1NTU2WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2IwMjM0Yi1kNTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzIDeFxN53fb/oFKVcEjj/aLJUaB99GoFE5MsVfVNOWcHNZtlv+YLC8At+4Qe
QcB7hrdH/t3MfL/9Z691clXvEUyYNDWWWgL3AoPfe0eAYjA88ywT+khQfWesmUh8
9lll7BJnqni6nojxELIOwmp9A0oeBANtN5yCxILiw2o9/Dh9dAGKsZoAgYeQL0pU
r57D3G6T3703OyF/21Zla96vKPBuxz6rE+C+pSLuQG+8DU3KIjwDv97h/eSgafCU
m6gl5bWWdoAqJVWmS6eCLVFIWLIdR1SfRhnjVXaPDLzCXSphOqP+96VcX+CJy0xu
F1HEaA4UD8PmhaYKyDqGU/paPwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFHisZTfK
2RgSIRFHls5cIn1pPlDJMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvQTgwQTUzQ0NC
MTkyMTFFQzlFQUFENDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAJnbVwwDAMEAGfWyQMEAGfWygMEAJAwlzANBgkqhkiG9w0B
AQsFAAOCAQEAOoeEb5WmDdsiKGssSi9GR40uorkBFCdVOrvuCgJvP5P1Qd9G4FyF
bTA2oVWfeEFvRGyzuRBFqRR4My8PO32ESiofSS2QiPszz3SO7Vl3UjZHKCI/juTW
QwOFncCe1X3BS/SAkeMLScPcW5Wtzi5AuDAkf4fmN8vLdILkU8uY8GA+waIuNuYB
SkoHqASnHurBPUie8kdRPXyMFDVNVfxtaG2ZdTDfmVLSyURgDS9z4/8FGXAOV3it
4/n3KOL4ejuLLBbiCvvs3TlG+iC4NKXy9g5yCSyuI6vnYJpcrU6HfHTCu2L8igbk
tkgRJ6+gXVIM+B9fUIUVxQ1X4++e1O4P7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org