Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/9B36C8CCDA5111EDA2D0086CC4F9AE02.roa
File: 9B36C8CCDA5111EDA2D0086CC4F9AE02.roa (raw, json)
Hash identifier: DBgUFy0aEAPWmQcGs0BheMqP2/UTRiWdAWeddLnGS7Q=
Subject key identifier: 45:EF:AA:CC:90:9F:BC:F4:AE:BF:0A:8C:F7:57:2E:26:D9:D5:3B:71
Certificate issuer: /CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Certificate serial: 07FD
Authority key identifier: 59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/9B36C8CCDA5111EDA2D0086CC4F9AE02.roa
Signing time: Thu 13 Apr 2023 23:19:15 +0000
ROA not before: Thu 13 Apr 2023 23:19:15 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 133141
IP address blocks: 103.72.0.0/24 maxlen: 24
103.72.1.0/24 maxlen: 24
103.72.2.0/24 maxlen: 24
103.72.3.0/24 maxlen: 24
103.194.93.0/24 maxlen: 24
103.194.94.0/24 maxlen: 24
103.194.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2045 (0x7fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AFF15/serialNumber=599A78D4BBCE13D4D813DEF9167CD35747EA0260
Validity
Not Before: Apr 13 23:19:15 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64388df3-80cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:43:97:9e:ef:aa:08:7c:4a:51:2e:fb:03:15:
d9:6b:e3:11:49:9c:8b:70:b0:90:dc:c0:3b:00:1d:
4c:c1:29:c3:89:4f:ba:a4:5c:4b:aa:93:a2:b5:2d:
eb:c1:7a:e2:eb:dc:91:b1:b2:51:48:8f:af:f6:26:
5f:1c:d4:f5:4d:f7:2c:7f:91:19:ce:ec:48:8a:ae:
a4:6b:25:59:25:c7:68:46:46:bf:12:88:28:a1:df:
9c:c7:72:ef:59:a5:e7:5f:e6:2c:f9:8f:93:f7:38:
bb:f6:3e:24:f9:b1:da:a3:6e:62:01:70:d1:a9:96:
10:77:10:6e:3f:c9:eb:88:50:46:2f:23:15:75:f7:
1a:70:a8:c8:c2:47:e4:93:ec:9d:a6:2c:96:72:74:
08:0c:f7:8f:8d:d6:74:99:ec:99:67:d5:8c:fc:25:
06:c6:03:6f:dc:fd:89:f7:e9:15:57:11:5a:04:16:
93:5a:98:e9:85:45:7c:56:79:1b:48:3d:9e:57:19:
12:1b:bb:6b:1d:7b:80:63:f3:23:05:12:ee:6e:e8:
43:b1:32:af:c6:3c:d9:8d:88:70:ca:9a:87:ae:bf:
ab:be:51:d1:e1:8a:6b:59:9e:49:7b:d7:f2:61:9d:
51:73:42:32:60:ff:ea:6e:24:a1:25:ef:0f:d6:89:
82:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EF:AA:CC:90:9F:BC:F4:AE:BF:0A:8C:F7:57:2E:26:D9:D5:3B:71
X509v3 Authority Key Identifier:
keyid:59:9A:78:D4:BB:CE:13:D4:D8:13:DE:F9:16:7C:D3:57:47:EA:02:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/WZp41LvOE9TYE975FnzTV0fqAmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WZp41LvOE9TYE975FnzTV0fqAmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFF15/B4785BE88D4C11EABBDD3A74C4F9AE02/9B36C8CCDA5111EDA2D0086CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.0.0/22
103.194.93.0-103.194.95.255
Signature Algorithm: sha256WithRSAEncryption
30:b5:e2:58:75:82:ef:08:94:1c:bd:3c:79:b5:f9:e8:a9:3c:
90:76:e8:7b:b3:db:12:bd:d2:fd:0b:cc:03:d9:70:3c:f2:b2:
22:0b:d2:b7:72:45:e1:99:75:3e:88:ee:b5:35:49:99:ff:64:
81:78:b9:1b:61:39:be:41:6a:f2:d2:74:98:13:99:9a:dc:61:
84:55:aa:87:f6:4f:46:5f:ef:8f:3e:13:91:4d:07:39:40:f5:
0a:80:d6:34:dc:2f:3a:c4:7a:7a:10:39:86:a2:17:eb:e9:ba:
d5:5c:fb:fb:74:e8:23:d5:35:e0:94:c3:d2:83:d5:7c:9a:d2:
88:62:c7:2a:c1:a1:05:41:59:05:22:33:90:d1:c1:d4:8a:25:
6b:48:bd:1b:6c:4d:3b:ae:24:34:3b:b2:44:01:0a:06:f2:c9:
6e:51:df:9e:64:22:92:b4:36:e4:17:7e:86:47:fe:61:b6:4c:
e1:a4:69:90:53:3d:93:68:29:22:b2:94:b3:80:94:f7:b2:21:
8d:89:6b:fb:ca:46:6c:12:90:39:68:30:65:08:23:0b:da:c6:
45:4b:b4:00:4d:fd:68:7d:ea:83:fe:58:87:99:da:d0:d8:71:
ed:33:6f:1d:1c:fc:6c:6f:ab:ad:33:aa:12:a2:24:a3:dc:3d:
80:22:37:5e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICB/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZGMTUxMTAvBgNVBAUTKDU5OUE3OEQ0QkJDRTEzRDREODEzREVGOTE2N0NEMzU3
NDdFQTAyNjAwHhcNMjMwNDEzMjMxOTE1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM4OGRmMy04MGNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwUOXnu+qCHxKUS77AxXZa+MRSZyLcLCQ3MA7AB1MwSnDiU+6pFxLqpOitS3r
wXri69yRsbJRSI+v9iZfHNT1Tfcsf5EZzuxIiq6kayVZJcdoRka/Eogood+cx3Lv
WaXnX+Ys+Y+T9zi79j4k+bHao25iAXDRqZYQdxBuP8nriFBGLyMVdfcacKjIwkfk
k+ydpiyWcnQIDPePjdZ0meyZZ9WM/CUGxgNv3P2J9+kVVxFaBBaTWpjphUV8Vnkb
SD2eVxkSG7trHXuAY/MjBRLubuhDsTKvxjzZjYhwypqHrr+rvlHR4YprWZ5Je9fy
YZ1Rc0IyYP/qbiShJe8P1omCAwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFEXvqsyQ
n7z0rr8KjPdXLibZ1TtxMB8GA1UdIwQYMBaAFFmaeNS7zhPU2BPe+RZ801dH6gJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkYxNS9CNDc4NUJFODhE
NEMxMUVBQkJERDNBNzRDNEY5QUUwMi9XWnA0MUx2T0U5VFlFOTc1Rm56VFYwZnFB
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dacDQxTHZPRTlUWUU5NzVGbnpUVjBmcUFtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZGMTUvQjQ3ODVCRTg4RDRDMTFFQUJCREQzQTc0QzRGOUFFMDIvOUIzNkM4Q0NE
QTUxMTFFREEyRDAwODZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAJnSAAwDAMEAGfCXQMEBWfCQDANBgkqhkiG9w0BAQsFAAOC
AQEAMLXiWHWC7wiUHL08ebX56Kk8kHboe7PbEr3S/QvMA9lwPPKyIgvSt3JF4Zl1
PojutTVJmf9kgXi5G2E5vkFq8tJ0mBOZmtxhhFWqh/ZPRl/vjz4TkU0HOUD1CoDW
NNwvOsR6ehA5hqIX6+m61Vz7+3ToI9U14JTD0oPVfJrSiGLHKsGhBUFZBSIzkNHB
1Iola0i9G2xNO64kNDuyRAEKBvLJblHfnmQikrQ25Bd+hkf+YbZM4aRpkFM9k2gp
IrKUs4CU97IhjYlr+8pGbBKQOWgwZQgjC9rGRUu0AE39aH3qg/5Yh5na0Nhx7TNv
HRz8bG+rrTOqEqIko9w9gCI3Xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org