Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/37848342C8C611EDA2677B6FC4F9AE02.roa
File: 37848342C8C611EDA2677B6FC4F9AE02.roa (raw, json)
Hash identifier: WJvzbAZHpCQOENVHyAWF873rCfna5TNweDjy/7a14PY=
Subject key identifier: C7:70:07:7A:9C:A0:AA:E9:6E:D8:F8:9B:3D:A5:9E:AA:19:18:27:4C
Certificate issuer: /CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Certificate serial: 07EF
Authority key identifier: 59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/37848342C8C611EDA2677B6FC4F9AE02.roa
Signing time: Wed 22 Mar 2023 15:28:38 +0000
ROA not before: Wed 22 Mar 2023 15:28:38 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 45814
IP address blocks: 103.72.0.0/24 maxlen: 24
103.72.1.0/24 maxlen: 24
103.72.2.0/24 maxlen: 24
103.72.3.0/24 maxlen: 24
103.194.93.0/24 maxlen: 24
103.194.94.0/24 maxlen: 24
103.194.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2031 (0x7ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Validity
Not Before: Mar 22 15:28:38 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=641b1ea6-cf0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d7:bb:c0:39:93:4b:e9:ea:c1:95:de:a5:ab:
7a:a9:73:89:2f:2d:e9:ac:4f:6e:10:ff:e6:f8:8e:
9f:e7:62:06:9a:5b:13:b9:85:0f:68:91:6a:86:6d:
6e:8f:7d:46:83:89:35:3a:32:68:56:75:23:eb:d0:
f3:cc:5a:3e:d1:4a:c1:31:54:c9:30:b7:ed:0f:64:
b2:35:35:41:aa:95:a3:9e:50:28:94:5b:10:47:d7:
ae:ab:53:e6:74:94:9a:99:55:64:ba:a7:10:35:52:
1d:e4:dd:e6:bc:7e:08:67:7c:22:a2:8a:36:0d:f6:
c9:0a:43:9a:36:4d:46:65:1f:f2:67:81:fc:a9:e2:
14:c4:f5:0c:eb:bf:f0:24:31:82:f4:dc:30:d7:12:
a2:88:42:bd:bb:8c:76:46:b1:be:4d:db:c0:4f:4e:
9b:c9:78:34:3f:36:3c:00:56:52:43:3c:38:4d:ec:
98:22:69:26:45:7e:32:d3:de:6e:bc:23:21:e5:f8:
de:2e:36:ea:ce:28:65:ad:a1:7d:7e:94:a0:1e:c0:
21:95:2e:c1:c6:05:26:f1:a9:b7:91:64:4c:38:cb:
1b:d8:95:8e:a4:5e:c5:ca:40:80:be:94:f1:dc:4f:
70:f5:34:3a:32:5c:bb:10:c1:9f:25:f8:52:18:47:
4d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:70:07:7A:9C:A0:AA:E9:6E:D8:F8:9B:3D:A5:9E:AA:19:18:27:4C
X509v3 Authority Key Identifier:
keyid:59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/37848342C8C611EDA2677B6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.0.0/22
103.194.93.0-103.194.95.255
Signature Algorithm: sha256WithRSAEncryption
11:69:b2:64:00:14:06:ac:7a:60:0c:1e:c2:3a:1f:0b:0b:12:
19:2f:08:29:b8:5f:2d:8b:47:65:0d:18:81:ff:bf:3e:40:14:
c3:7f:25:e4:3f:65:fc:df:de:eb:9b:1d:26:44:16:8d:5d:ec:
3b:be:8b:06:66:99:48:39:0d:93:b6:bb:b3:17:d2:b8:98:2f:
82:db:c9:a7:da:0b:9c:5d:10:d8:58:c9:78:d0:3a:c8:44:0c:
0d:12:39:b0:50:72:d7:82:b8:ef:53:56:7f:0e:fb:9b:54:38:
01:63:cc:8f:c0:9f:02:b7:e9:8a:11:ee:48:4e:ac:f7:2f:db:
c1:c4:a6:f3:f2:c7:cd:ad:ed:31:0a:d8:65:d5:44:8e:d7:52:
99:66:a2:01:7f:15:01:58:6e:1b:84:65:bc:ca:db:a3:54:4c:
46:3d:6b:e8:44:04:83:67:08:a4:de:49:17:4a:80:a0:cc:fd:
75:8a:90:e8:80:e8:95:91:fe:dd:a9:a9:43:1b:1e:8e:04:ca:
49:42:d4:27:c0:6e:c8:1e:a7:72:54:7e:ab:5a:25:24:35:e6:
41:68:a0:d8:36:73:e4:88:47:69:8a:0f:65:f9:5f:1c:d2:01:
40:47:91:17:49:6b:f2:40:f9:fa:09:86:9b:1b:7b:2a:be:6d:
23:78:8a:66
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICB+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZGMTUxMTAvBgNVBAUTKDU5OUE3OEQ0QkJDRTEzRDREODEzREVGOTE2N0NEMzU3
NDdFQTAyNjAwHhcNMjMwMzIyMTUyODM4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFiMWVhNi1jZjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqte7wDmTS+nqwZXepat6qXOJLy3prE9uEP/m+I6f52IGmlsTuYUPaJFqhm1u
j31Gg4k1OjJoVnUj69DzzFo+0UrBMVTJMLftD2SyNTVBqpWjnlAolFsQR9euq1Pm
dJSamVVkuqcQNVId5N3mvH4IZ3wiooo2DfbJCkOaNk1GZR/yZ4H8qeIUxPUM67/w
JDGC9Nww1xKiiEK9u4x2RrG+TdvAT06byXg0PzY8AFZSQzw4TeyYImkmRX4y095u
vCMh5fjeLjbqzihlraF9fpSgHsAhlS7BxgUm8am3kWRMOMsb2JWOpF7FykCAvpTx
3E9w9TQ6Mly7EMGfJfhSGEdNDwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFMdwB3qc
oKrpbtj4mz2lnqoZGCdMMB8GA1UdIwQYMBaAFFmaeNS7zhPU2BPe+RZ801dH6gJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkYxNS9CNDc4NUJFODhE
NEMxMUVBQkJERDNBNzRDNEY5QUUwMi9XWnA0MUx2T0U5VFlFOTc1Rm56VFYwZnFB
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dacDQxTHZPRTlUWUU5NzVGbnpUVjBmcUFtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZGMTUvQjQ3ODVCRTg4RDRDMTFFQUJCREQzQTc0QzRGOUFFMDIvMzc4NDgzNDJD
OEM2MTFFREEyNjc3QjZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAJnSAAwDAMEAGfCXQMEBWfCQDANBgkqhkiG9w0BAQsFAAOC
AQEAEWmyZAAUBqx6YAwewjofCwsSGS8IKbhfLYtHZQ0Ygf+/PkAUw38l5D9l/N/e
65sdJkQWjV3sO76LBmaZSDkNk7a7sxfSuJgvgtvJp9oLnF0Q2FjJeNA6yEQMDRI5
sFBy14K471NWfw77m1Q4AWPMj8CfArfpihHuSE6s9y/bwcSm8/LHza3tMQrYZdVE
jtdSmWaiAX8VAVhuG4RlvMrbo1RMRj1r6EQEg2cIpN5JF0qAoMz9dYqQ6IDolZH+
3ampQxsejgTKSULUJ8BuyB6nclR+q1olJDXmQWig2DZz5IhHaYoPZflfHNIBQEeR
F0lr8kD5+gmGmxt7Kr5tI3iKZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org