Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/11E8C1F60B6611EEB716101CC4F9AE02.roa
File: 11E8C1F60B6611EEB716101CC4F9AE02.roa (raw, json)
Hash identifier: LJ7PW1UK0hpN3KNR4ZA3zHFFG5FX8RylywYICqmrs+M=
Subject key identifier: 88:BB:83:47:D6:86:29:2E:98:D8:3F:79:25:8C:80:41:C7:FD:28:77
Certificate issuer: /CN=A91AF2CD/serialNumber=5874520DA781F780DBD710D42C841C13A7AD1757
Certificate serial: 31
Authority key identifier: 58:74:52:0D:A7:81:F7:80:DB:D7:10:D4:2C:84:1C:13:A7:AD:17:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/11E8C1F60B6611EEB716101CC4F9AE02.roa
Signing time: Thu 15 Jun 2023 10:19:11 +0000
ROA not before: Thu 15 Jun 2023 10:19:11 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 54600
IP address blocks: 103.88.188.0/22 maxlen: 22
116.204.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49 (0x31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AF2CD/serialNumber=5874520DA781F780DBD710D42C841C13A7AD1757
Validity
Not Before: Jun 15 10:19:11 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=648ae59f-1d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a1:64:39:cd:13:b0:ec:25:15:75:22:46:72:
50:fd:ea:a1:7c:c7:6d:06:ef:64:6b:09:2b:2b:c8:
3c:a9:94:0e:4a:7d:69:e3:da:b9:36:96:14:b4:f0:
80:0c:05:2e:46:d2:97:19:e6:18:34:fb:6f:04:96:
15:2f:99:2c:f5:12:67:95:47:bc:5b:cb:38:56:81:
3f:9a:83:c4:74:e4:b5:5c:fc:46:a2:63:75:be:10:
3f:bf:17:08:70:cd:8a:50:b4:66:6d:54:e5:09:7b:
94:c7:79:27:1a:fd:8d:f9:bf:07:b1:68:84:96:dc:
dc:1d:c6:34:a2:60:f3:70:9c:4d:48:1d:c8:ad:8b:
f6:81:c4:c2:2e:84:0a:e6:e6:91:b6:e2:b6:e7:f3:
74:de:6e:af:54:59:0e:8b:99:96:2a:e1:35:21:29:
89:a0:b9:c2:4d:7a:0a:a0:69:40:3a:a2:35:c9:3d:
73:b6:69:40:5f:c0:c7:15:3e:d3:5b:09:22:cf:de:
8e:f4:03:97:09:65:8b:c4:9e:1f:09:90:6f:c7:62:
00:10:98:51:0c:53:46:b6:21:f5:d6:ae:2a:0f:0d:
5c:6d:56:48:92:13:f3:d4:40:c3:a5:19:52:f2:19:
c3:48:a2:df:09:cf:64:29:3f:62:78:0b:ef:f9:73:
83:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:BB:83:47:D6:86:29:2E:98:D8:3F:79:25:8C:80:41:C7:FD:28:77
X509v3 Authority Key Identifier:
keyid:58:74:52:0D:A7:81:F7:80:DB:D7:10:D4:2C:84:1C:13:A7:AD:17:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/WHRSDaeB94Db1xDULIQcE6etF1c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/11E8C1F60B6611EEB716101CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.188.0/22
116.204.236.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:59:ae:3f:40:5b:38:1b:47:79:01:34:ff:3f:45:ee:d1:03:
f0:8c:fc:bf:71:1e:9e:8a:f6:51:c3:e7:17:64:88:1f:84:d2:
43:4d:9e:0b:a6:98:86:2d:79:08:3e:47:fc:fc:50:d0:99:ff:
d1:55:8b:04:c2:e4:c2:e3:14:b4:a4:11:f7:8c:75:21:df:ba:
da:be:48:28:13:de:0e:41:56:08:2b:fb:ac:ac:86:d9:9d:ad:
57:ba:34:f3:0d:3b:27:77:aa:b5:04:2f:7c:86:34:b1:25:af:
c8:2c:35:7b:4d:8a:49:81:01:67:1f:89:6d:2b:93:65:7c:4f:
f1:3b:5f:74:1f:62:c4:1a:55:2d:ef:3c:03:a9:2e:14:49:57:
4b:3e:0e:85:df:ba:31:aa:cc:fc:cb:31:c0:3f:29:77:88:ca:
41:bc:b4:3e:a1:ae:22:1d:b4:ea:76:06:11:07:e2:a1:59:d5:
c5:24:ef:75:4b:da:d2:77:94:25:dd:c0:d9:ac:b0:2c:a4:82:
34:b5:cf:cd:9d:61:2a:70:4a:b9:1a:1e:4f:e9:4e:ef:b5:28:
f7:b2:9c:d6:89:e8:44:1b:ff:54:3e:ca:40:c9:95:05:1e:61:
43:1b:c2:66:b2:5e:9c:ba:f1:d3:0b:88:6b:17:72:af:0a:e7:
ac:7b:bf:49
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBMTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RjJDRDExMC8GA1UEBRMoNTg3NDUyMERBNzgxRjc4MERCRDcxMEQ0MkM4NDFDMTNB
N0FEMTc1NzAeFw0yMzA2MTUxMDE5MTFaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OGFlNTlmLTFkMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBoWQ5zROw7CUVdSJGclD96qF8x20G72RrCSsryDyplA5KfWnj2rk2lhS08IAM
BS5G0pcZ5hg0+28ElhUvmSz1EmeVR7xbyzhWgT+ag8R05LVc/EaiY3W+ED+/Fwhw
zYpQtGZtVOUJe5THeSca/Y35vwexaISW3NwdxjSiYPNwnE1IHciti/aBxMIuhArm
5pG24rbn83Tebq9UWQ6LmZYq4TUhKYmgucJNegqgaUA6ojXJPXO2aUBfwMcVPtNb
CSLP3o70A5cJZYvEnh8JkG/HYgAQmFEMU0a2IfXWrioPDVxtVkiSE/PUQMOlGVLy
GcNIot8Jz2QpP2J4C+/5c4PrAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUiLuDR9aG
KS6Y2D95JYyAQcf9KHcwHwYDVR0jBBgwFoAUWHRSDaeB94Db1xDULIQcE6etF1cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGMkNELzRGQ0JBQzAwRDQ0
QzExRUQ4NjI3MTU4MkM0RjlBRTAyL1dIUlNEYWVCOTREYjF4RFVMSVFjRTZldEYx
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV0hSU0RhZUI5NERiMXhEVUxJUWNFNmV0RjFjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RjJDRC80RkNCQUMwMEQ0NEMxMUVEODYyNzE1ODJDNEY5QUUwMi8xMUU4QzFGNjBC
NjYxMUVFQjcxNjEwMUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmdYvAMEAnTM7DANBgkqhkiG9w0BAQsFAAOCAQEAC1muP0Bb
OBtHeQE0/z9F7tED8Iz8v3Eenor2UcPnF2SIH4TSQ02eC6aYhi15CD5H/PxQ0Jn/
0VWLBMLkwuMUtKQR94x1Id+62r5IKBPeDkFWCCv7rKyG2Z2tV7o08w07J3eqtQQv
fIY0sSWvyCw1e02KSYEBZx+JbSuTZXxP8TtfdB9ixBpVLe88A6kuFElXSz4Ohd+6
MarM/MsxwD8pd4jKQby0PqGuIh206nYGEQfioVnVxSTvdUva0neUJd3A2aywLKSC
NLXPzZ1hKnBKuRoeT+lO77Uo97Kc1onoRBv/VD7KQMmVBR5hQxvCZrJenLrx0wuI
axdyrwrnrHu/SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org