Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/596F551AA7B311EDA1D33553C4F9AE02.roa
File: 596F551AA7B311EDA1D33553C4F9AE02.roa (raw, json)
Hash identifier: m63JyI9kI7DCw3iZf+KTAa5ZoGlSvEOLFSInpv2mOFk=
Subject key identifier: 85:66:D1:ED:21:48:07:E5:F8:27:28:2A:C1:8E:43:0F:D7:49:34:1A
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 334E
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/596F551AA7B311EDA1D33553C4F9AE02.roa
Signing time: Wed 08 Feb 2023 13:20:26 +0000
ROA not before: Wed 08 Feb 2023 13:20:26 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 140607
IP address blocks: 103.207.85.0/24 maxlen: 24
116.90.116.0/24 maxlen: 24
116.90.117.0/24 maxlen: 24
116.90.118.0/24 maxlen: 24
116.90.119.0/24 maxlen: 24
116.90.121.0/24 maxlen: 24
116.90.122.0/24 maxlen: 24
202.142.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13134 (0x334e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Feb 8 13:20:26 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63e3a19a-091e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:90:ac:27:7f:40:09:ed:66:f8:d9:64:de:1d:
99:20:02:bc:4c:57:13:8d:40:3f:d2:6b:39:33:6d:
d0:b7:e0:56:52:45:05:16:c3:d0:60:69:90:6a:c1:
6c:c6:25:c8:81:ca:33:3e:fc:f8:e0:55:66:6e:42:
56:59:90:68:84:78:d6:e2:77:8e:3d:c3:07:ff:96:
a1:5d:5f:7f:4c:64:8c:5a:ad:6a:9c:06:00:a1:ec:
d2:67:8a:36:35:3a:57:d1:7b:2a:01:9d:10:c1:c3:
d8:a9:ae:2c:59:48:0d:f9:54:95:b9:e1:37:25:28:
29:30:e1:74:03:2c:40:fb:ba:06:1e:50:bf:10:47:
dd:1a:cb:9a:0e:08:28:15:30:b2:5b:36:86:94:ca:
1b:a8:6a:22:9d:7a:ad:4f:d7:e9:d5:5e:1c:77:61:
d4:93:a7:e5:76:91:67:00:79:ff:83:07:97:6b:7c:
94:14:a2:e7:62:6b:7e:fd:9e:74:c3:d1:fd:7a:11:
78:5f:b1:f2:4f:73:c3:b0:d0:59:e8:22:f4:e2:86:
28:f9:76:5c:80:5e:25:9e:ad:58:ff:6a:7c:d9:46:
75:32:14:c9:e4:9b:e5:0c:fc:e3:14:26:d1:0b:50:
8b:d0:8f:1b:55:d4:1a:34:c6:27:7f:1c:5d:6b:37:
82:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:66:D1:ED:21:48:07:E5:F8:27:28:2A:C1:8E:43:0F:D7:49:34:1A
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/596F551AA7B311EDA1D33553C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.85.0/24
116.90.116.0/22
116.90.121.0-116.90.122.255
202.142.151.0/24
Signature Algorithm: sha256WithRSAEncryption
66:f6:85:29:4b:a9:60:2f:0d:4f:f5:cb:1d:1a:da:60:79:e6:
c6:45:6e:3f:96:53:83:c1:c4:2b:cc:59:e3:22:3e:e6:47:3c:
7f:2f:ae:bf:15:39:9b:f0:1e:2c:5d:6b:7b:d7:7b:35:52:02:
6c:24:d1:0c:98:a8:7f:97:53:65:a1:85:23:ed:bd:15:2f:08:
e9:df:47:26:10:2c:a1:85:7f:ee:29:19:94:63:2b:d2:c1:77:
8d:cd:52:b6:9d:9d:7f:c6:08:53:4e:4b:d0:e8:d1:fa:e3:a0:
db:a7:d5:5f:02:e1:4d:f2:56:35:04:b4:20:69:9c:84:bc:7c:
51:29:f1:94:61:9c:b6:80:23:f5:3b:b7:ae:90:d9:dc:9b:45:
5d:6b:51:96:4a:cf:f6:34:a6:1a:64:ce:fb:a5:ee:7d:37:c5:
dc:07:19:20:81:10:c1:b5:29:59:20:07:8e:b2:ec:96:c5:a1:
76:ba:71:6b:ae:fd:ab:0a:dd:9a:fe:2a:b3:7e:a2:83:c6:ec:
6f:5b:11:d0:b8:49:89:48:43:f6:fc:9b:52:92:93:a5:cf:46:
99:68:16:05:ab:e1:af:1a:34:6f:02:1c:bc:fd:8b:37:b4:ff:
45:64:79:b0:33:af:90:0b:20:a3:e8:71:3d:4f:84:5d:5b:98:
9a:ff:0f:29
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICM04wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMwMjA4MTMyMDI2WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UzYTE5YS0wOTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlJCsJ39ACe1m+Nlk3h2ZIAK8TFcTjUA/0ms5M23Qt+BWUkUFFsPQYGmQasFs
xiXIgcozPvz44FVmbkJWWZBohHjW4neOPcMH/5ahXV9/TGSMWq1qnAYAoezSZ4o2
NTpX0XsqAZ0QwcPYqa4sWUgN+VSVueE3JSgpMOF0AyxA+7oGHlC/EEfdGsuaDggo
FTCyWzaGlMobqGoinXqtT9fp1V4cd2HUk6fldpFnAHn/gweXa3yUFKLnYmt+/Z50
w9H9ehF4X7HyT3PDsNBZ6CL04oYo+XZcgF4lnq1Y/2p82UZ1MhTJ5JvlDPzjFCbR
C1CL0I8bVdQaNMYnfxxdazeCgwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFIVm0e0h
SAfl+CcoKsGOQw/XSTQaMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvNTk2RjU1MUFB
N0IzMTFFREExRDMzNTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBABnz1UDBAJ0WnQwDAMEAHRaeQMEAHRaegMEAMqOlzANBgkq
hkiG9w0BAQsFAAOCAQEAZvaFKUupYC8NT/XLHRraYHnmxkVuP5ZTg8HEK8xZ4yI+
5kc8fy+uvxU5m/AeLF1re9d7NVICbCTRDJiof5dTZaGFI+29FS8I6d9HJhAsoYV/
7ikZlGMr0sF3jc1Stp2df8YIU05L0OjR+uOg26fVXwLhTfJWNQS0IGmchLx8USnx
lGGctoAj9Tu3rpDZ3JtFXWtRlkrP9jSmGmTO+6XufTfF3AcZIIEQwbUpWSAHjrLs
lsWhdrpxa679qwrdmv4qs36ig8bsb1sR0LhJiUhD9vybUpKTpc9GmWgWBavhrxo0
bwIcvP2LN7T/RWR5sDOvkAsgo+hxPU+EXVuYmv8PKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org