Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/E8839122068F11EEAD4E4711C4F9AE02.roa
File: E8839122068F11EEAD4E4711C4F9AE02.roa (raw, json)
Hash identifier: 3UXqGBmUZJQdEqJ4yQ15Azhwb7nmnimglsF5Ly2NhTw=
Subject key identifier: 94:41:08:CA:02:75:7E:6F:BC:1F:95:BC:1A:2B:63:F8:64:F2:69:47
Certificate issuer: /CN=A91AF2CD/serialNumber=5874520DA781F780DBD710D42C841C13A7AD1757
Certificate serial: 33
Authority key identifier: 58:74:52:0D:A7:81:F7:80:DB:D7:10:D4:2C:84:1C:13:A7:AD:17:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/E8839122068F11EEAD4E4711C4F9AE02.roa
Signing time: Fri 16 Jun 2023 01:25:23 +0000
ROA not before: Fri 16 Jun 2023 01:25:23 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 398478
IP address blocks: 103.88.188.0/22 maxlen: 22
103.116.20.0/22 maxlen: 22
116.204.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51 (0x33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AF2CD/serialNumber=5874520DA781F780DBD710D42C841C13A7AD1757
Validity
Not Before: Jun 16 01:25:23 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=648bba02-1f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3b:54:b7:d1:66:56:a8:27:f2:31:67:29:85:
72:e4:fb:ee:87:09:3d:c7:7c:c1:de:10:ab:d2:b3:
f0:c3:d2:ca:6c:01:08:8d:e4:e5:78:46:9d:1c:2c:
db:9f:50:76:bb:4f:de:a6:08:bb:92:b2:d4:fd:17:
28:af:91:b1:71:6b:20:4f:1b:67:d3:23:1f:7f:2c:
d0:43:a9:34:ca:09:4e:11:5a:4b:de:10:57:aa:a9:
1d:f5:4b:2c:82:bb:0e:ea:63:d0:ab:b6:43:3e:76:
75:a1:27:d5:2d:09:64:e0:87:87:18:85:03:16:74:
16:64:a4:47:81:bf:c0:29:5c:82:cf:78:0b:73:0a:
54:ae:d3:03:91:dc:b8:6c:52:a7:0e:75:a1:60:3c:
5d:ce:e5:c3:cb:c9:7b:7e:62:50:8a:1d:fb:57:3f:
46:56:04:ef:fd:19:db:fe:70:55:3a:d5:9c:2b:33:
3a:5c:eb:4c:1b:4e:2b:78:f4:7a:36:3e:7f:2c:71:
20:50:25:f0:1d:a2:51:ce:39:71:ea:ac:98:ce:1d:
f0:a0:2e:c6:f5:00:71:e7:52:3f:ac:13:f7:3e:76:
3a:b3:7d:1d:7b:1b:fa:cf:d6:3d:9e:3c:50:3e:f8:
d8:3c:ae:32:f5:23:4d:99:c5:e2:28:f4:b6:d4:36:
2f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:41:08:CA:02:75:7E:6F:BC:1F:95:BC:1A:2B:63:F8:64:F2:69:47
X509v3 Authority Key Identifier:
keyid:58:74:52:0D:A7:81:F7:80:DB:D7:10:D4:2C:84:1C:13:A7:AD:17:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/WHRSDaeB94Db1xDULIQcE6etF1c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WHRSDaeB94Db1xDULIQcE6etF1c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF2CD/4FCBAC00D44C11ED86271582C4F9AE02/E8839122068F11EEAD4E4711C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.188.0/22
103.116.20.0/22
116.204.236.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:68:3f:20:1a:e3:fe:20:53:8b:2a:e3:40:0b:ec:9b:29:10:
ea:b5:a8:45:91:85:3a:05:a0:8c:6f:2d:e0:6b:88:c7:93:eb:
a2:e1:67:a7:fb:5f:25:70:44:94:71:45:dc:1c:51:84:d0:83:
b7:42:4e:0a:7f:b6:42:3c:45:47:70:d0:31:cc:94:a0:0c:3d:
01:a3:34:8a:e8:44:70:d0:46:29:6e:ae:a4:8a:9d:d6:ed:6f:
ba:e6:61:24:25:19:b7:43:bc:fa:73:c7:05:3f:54:0c:9c:28:
3f:94:0c:85:14:25:9c:1e:50:ff:e7:e8:64:9c:4f:2b:9f:99:
37:a2:7f:1c:8b:c3:cd:f9:c6:03:11:49:e3:62:80:09:30:de:
de:00:ac:a8:12:59:ec:eb:22:5b:bf:75:40:b0:f1:cc:af:eb:
66:50:fe:b6:ee:92:67:34:38:ef:7d:c7:0b:bc:f5:ca:fd:56:
f8:c2:25:d0:77:f8:c7:8d:c2:00:b6:fd:cd:86:6a:bc:8c:f2:
8e:3d:bd:13:e0:e0:a8:69:94:47:1d:67:f7:59:04:c6:de:53:
d4:63:1c:2b:7c:1d:24:78:c6:d4:60:a4:be:84:1e:4a:51:5e:
40:ce:c0:6a:61:de:54:1d:49:b9:bd:ff:13:86:a1:40:47:58:
1c:49:35:ca
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RjJDRDExMC8GA1UEBRMoNTg3NDUyMERBNzgxRjc4MERCRDcxMEQ0MkM4NDFDMTNB
N0FEMTc1NzAeFw0yMzA2MTYwMTI1MjNaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OGJiYTAyLTFmNGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHO1S30WZWqCfyMWcphXLk++6HCT3HfMHeEKvSs/DD0spsAQiN5OV4Rp0cLNuf
UHa7T96mCLuSstT9FyivkbFxayBPG2fTIx9/LNBDqTTKCU4RWkveEFeqqR31SyyC
uw7qY9CrtkM+dnWhJ9UtCWTgh4cYhQMWdBZkpEeBv8ApXILPeAtzClSu0wOR3Lhs
UqcOdaFgPF3O5cPLyXt+YlCKHftXP0ZWBO/9Gdv+cFU61ZwrMzpc60wbTit49Ho2
Pn8scSBQJfAdolHOOXHqrJjOHfCgLsb1AHHnUj+sE/c+djqzfR17G/rP1j2ePFA+
+Ng8rjL1I02ZxeIo9LbUNi+bAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUlEEIygJ1
fm+8H5W8Gitj+GTyaUcwHwYDVR0jBBgwFoAUWHRSDaeB94Db1xDULIQcE6etF1cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFGMkNELzRGQ0JBQzAwRDQ0
QzExRUQ4NjI3MTU4MkM0RjlBRTAyL1dIUlNEYWVCOTREYjF4RFVMSVFjRTZldEYx
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV0hSU0RhZUI5NERiMXhEVUxJUWNFNmV0RjFjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RjJDRC80RkNCQUMwMEQ0NEMxMUVEODYyNzE1ODJDNEY5QUUwMi9FODgzOTEyMjA2
OEYxMUVFQUQ0RTQ3MTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAmdYvAMEAmd0FAMEAnTM7DANBgkqhkiG9w0BAQsFAAOCAQEA
X2g/IBrj/iBTiyrjQAvsmykQ6rWoRZGFOgWgjG8t4GuIx5ProuFnp/tfJXBElHFF
3BxRhNCDt0JOCn+2QjxFR3DQMcyUoAw9AaM0iuhEcNBGKW6upIqd1u1vuuZhJCUZ
t0O8+nPHBT9UDJwoP5QMhRQlnB5Q/+foZJxPK5+ZN6J/HIvDzfnGAxFJ42KACTDe
3gCsqBJZ7OsiW791QLDxzK/rZlD+tu6SZzQ4733HC7z1yv1W+MIl0Hf4x43CALb9
zYZqvIzyjj29E+DgqGmURx1n91kExt5T1GMcK3wdJHjG1GCkvoQeSlFeQM7AamHe
VB1Jub3/E4ahQEdYHEk1yg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org