Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/3734F220FA6011ED9930941FC4F9AE02.roa
File: 3734F220FA6011ED9930941FC4F9AE02.roa (raw, json)
Hash identifier: KbJsy+ylGGFRMiADgutlIu+zlIQTd3BELOPFVB9L6cI=
Subject key identifier: EF:70:3E:4B:EE:E3:BA:0E:5D:97:B8:CB:5D:49:9E:77:B4:33:4A:8C
Certificate issuer: /CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Certificate serial: 0814
Authority key identifier: 59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/3734F220FA6011ED9930941FC4F9AE02.roa
Signing time: Wed 24 May 2023 18:24:27 +0000
ROA not before: Wed 24 May 2023 18:24:27 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 23750
IP address blocks: 103.72.0.0/24 maxlen: 24
103.72.1.0/24 maxlen: 24
103.72.2.0/24 maxlen: 24
103.72.3.0/24 maxlen: 24
103.194.92.0/24 maxlen: 24
103.194.93.0/24 maxlen: 24
103.194.94.0/24 maxlen: 24
103.194.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2068 (0x814)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Validity
Not Before: May 24 18:24:27 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=646e565b-9940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3f:27:f0:5f:30:ad:bc:94:80:ff:ae:f8:15:
69:3f:75:7d:51:b8:cb:ae:68:7c:e7:34:26:a1:d6:
c6:cd:71:11:54:1d:92:59:58:a0:51:ef:db:6a:d3:
b9:02:bc:6b:36:e8:43:95:13:27:a2:a3:62:54:8a:
7f:4c:7b:e8:c7:7d:b4:35:32:2e:64:d5:2d:15:9a:
07:61:11:84:f9:1d:6c:33:47:72:0b:38:23:ee:65:
cd:c7:51:94:86:38:06:df:92:f0:c9:6c:64:97:c8:
c5:2b:8f:f4:38:cf:36:44:2a:eb:51:3c:ff:3b:8d:
bd:df:ba:b4:db:b0:00:b5:28:50:f9:85:dc:78:a8:
40:1a:81:3d:6e:9c:bf:30:a1:6e:a4:63:63:11:db:
dd:4e:c9:99:c1:e9:ed:c6:07:0f:88:3b:7a:37:43:
f3:52:21:bf:7a:3b:72:3c:d4:4d:88:4c:16:73:b3:
14:94:52:0c:82:c7:7e:de:80:79:ba:9f:7e:36:fb:
b0:55:83:3d:f8:54:93:07:33:c3:df:0d:41:00:1f:
5d:92:cd:c5:51:67:09:b6:5e:15:e6:6a:a0:69:14:
7d:99:bb:15:e5:fd:9f:24:20:2d:cc:96:c3:34:f1:
9b:60:6f:8d:9c:8d:01:d8:47:a1:a4:60:4f:a6:58:
83:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:70:3E:4B:EE:E3:BA:0E:5D:97:B8:CB:5D:49:9E:77:B4:33:4A:8C
X509v3 Authority Key Identifier:
keyid:59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/3734F220FA6011ED9930941FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.0.0/22
103.194.92.0/22
Signature Algorithm: sha256WithRSAEncryption
61:d5:f8:7e:ba:19:91:ae:37:c1:5c:75:ff:9b:88:6b:7b:ec:
1c:7c:87:c4:46:9d:cc:f4:ac:62:c0:5f:0a:af:31:57:49:af:
eb:6b:a1:04:ba:1a:37:e6:cc:d5:4d:c4:17:a7:cf:6d:ba:cd:
ca:0d:fc:7d:15:1c:38:3e:f5:b2:88:65:8e:20:05:4c:5a:76:
34:77:9b:17:4f:49:09:76:32:4c:56:b8:d3:9b:d6:98:5c:4b:
26:97:cd:fa:e5:b5:65:ea:3b:cf:3b:53:14:cd:d1:70:c3:ef:
92:20:5b:f8:6e:41:d1:30:64:75:05:54:7f:ff:e5:1c:07:38:
af:18:4f:29:f5:db:38:dc:89:ce:d9:da:32:20:24:e3:8a:c9:
a5:60:2a:70:cd:9c:d2:ab:43:e0:e4:99:99:73:26:3d:38:c0:
11:8c:e3:fa:d7:08:9f:e1:f9:a0:74:bc:41:12:7a:bf:3b:c7:
dc:22:f1:ff:55:92:67:91:e2:5b:64:08:ee:38:b3:ed:09:b8:
51:f7:ab:a1:d3:45:16:ba:89:fd:39:e1:19:a2:18:fc:f5:b7:
e4:8a:a5:49:b8:35:92:41:91:a3:d4:f6:65:c8:a4:53:31:ea:
62:49:ac:46:c5:2f:f7:58:26:60:54:c5:6e:e7:08:31:1d:f8:
73:e6:e3:11
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCBQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZGMTUxMTAvBgNVBAUTKDU5OUE3OEQ0QkJDRTEzRDREODEzREVGOTE2N0NEMzU3
NDdFQTAyNjAwHhcNMjMwNTI0MTgyNDI3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlNTY1Yi05OTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3D8n8F8wrbyUgP+u+BVpP3V9UbjLrmh85zQmodbGzXERVB2SWVigUe/batO5
ArxrNuhDlRMnoqNiVIp/THvox320NTIuZNUtFZoHYRGE+R1sM0dyCzgj7mXNx1GU
hjgG35LwyWxkl8jFK4/0OM82RCrrUTz/O42937q027AAtShQ+YXceKhAGoE9bpy/
MKFupGNjEdvdTsmZwentxgcPiDt6N0PzUiG/ejtyPNRNiEwWc7MUlFIMgsd+3oB5
up9+NvuwVYM9+FSTBzPD3w1BAB9dks3FUWcJtl4V5mqgaRR9mbsV5f2fJCAtzJbD
NPGbYG+NnI0B2EehpGBPpliDhQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFO9wPkvu
47oOXZe4y11Jnne0M0qMMB8GA1UdIwQYMBaAFFmaeNS7zhPU2BPe+RZ801dH6gJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkYxNS9CNDc4NUJFODhE
NEMxMUVBQkJERDNBNzRDNEY5QUUwMi9XWnA0MUx2T0U5VFlFOTc1Rm56VFYwZnFB
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dacDQxTHZPRTlUWUU5NzVGbnpUVjBmcUFtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZGMTUvQjQ3ODVCRTg4RDRDMTFFQUJCREQzQTc0QzRGOUFFMDIvMzczNEYyMjBG
QTYwMTFFRDk5MzA5NDFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnSAADBAJnwlwwDQYJKoZIhvcNAQELBQADggEBAGHV+H66
GZGuN8Fcdf+biGt77Bx8h8RGncz0rGLAXwqvMVdJr+troQS6GjfmzNVNxBenz226
zcoN/H0VHDg+9bKIZY4gBUxadjR3mxdPSQl2MkxWuNOb1phcSyaXzfrltWXqO887
UxTN0XDD75IgW/huQdEwZHUFVH//5RwHOK8YTyn12zjcic7Z2jIgJOOKyaVgKnDN
nNKrQ+DkmZlzJj04wBGM4/rXCJ/h+aB0vEESer87x9wi8f9VkmeR4ltkCO44s+0J
uFH3q6HTRRa6if054RmiGPz1t+SKpUm4NZJBkaPU9mXIpFMx6mJJrEbFL/dYJmBU
xW7nCDEd+HPm4xE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org