Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6EE624A443B611EB9FB8597CC4F9AE02.roa
File: 6EE624A443B611EB9FB8597CC4F9AE02.roa (raw, json)
Hash identifier: DIipod8N22EN4Zq2tzP9F8Th72GN7Ye6hG1e4K0n+gA=
Subject key identifier: BA:3E:5B:4A:AD:88:DA:7A:01:A2:36:D1:52:3D:70:79:5D:9F:24:E3
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 334B
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6EE624A443B611EB9FB8597CC4F9AE02.roa
Signing time: Wed 08 Feb 2023 12:40:26 +0000
ROA not before: Wed 08 Feb 2023 12:40:26 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 140607
IP address blocks: 103.207.85.0/24 maxlen: 24
116.90.116.0/24 maxlen: 24
116.90.117.0/24 maxlen: 24
116.90.118.0/24 maxlen: 24
116.90.119.0/24 maxlen: 24
116.90.121.0/24 maxlen: 24
116.90.122.0/24 maxlen: 24
202.69.51.0/24 maxlen: 24
202.142.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13131 (0x334b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Feb 8 12:40:26 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63e3983a-a866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:70:22:43:3e:25:0f:95:c5:d2:f8:2f:f8:a6:
4f:7b:e8:5d:c4:79:44:71:0c:0a:b8:69:5d:13:72:
18:a4:3a:05:e1:66:96:82:27:74:f4:0c:08:d3:4e:
b2:03:d4:83:85:34:ef:d0:ca:1f:8c:3c:b2:e7:0f:
a9:62:cc:58:30:67:af:df:7b:b7:79:e6:25:a5:1e:
6e:21:e8:39:58:ae:bc:72:7f:3c:24:cc:cf:82:ef:
e2:ab:8b:7c:6f:47:d5:74:3f:84:53:de:73:a7:bf:
3a:9d:a1:c8:4d:bd:cb:6e:76:5e:ee:cd:de:a8:1d:
b8:b6:cf:df:cd:46:f3:c6:ce:98:c3:f3:c8:90:60:
20:11:32:fa:b0:59:cc:c9:8f:3b:bd:a3:25:87:cd:
90:60:f0:eb:5c:b6:79:97:ae:48:de:79:14:c1:d1:
0f:10:a0:a7:e8:95:70:7e:59:a1:ba:2c:b1:2b:7b:
97:68:24:96:b9:ba:ad:d9:d8:06:39:dd:f3:ca:13:
ff:bb:35:6a:0d:a4:c3:f7:84:56:3e:cf:df:04:b2:
3c:7c:3c:95:bc:b1:48:d8:b9:bc:de:60:c0:c8:e9:
55:c2:5e:6e:4a:e5:07:8b:c1:a0:b1:98:af:f6:2b:
70:15:00:09:fd:e1:93:20:8d:a7:69:0a:cb:03:97:
1f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3E:5B:4A:AD:88:DA:7A:01:A2:36:D1:52:3D:70:79:5D:9F:24:E3
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/6EE624A443B611EB9FB8597CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.85.0/24
116.90.116.0/22
116.90.121.0-116.90.122.255
202.69.51.0/24
202.142.151.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:cc:70:c1:78:dc:de:44:a1:8b:5a:a0:99:77:13:a6:48:72:
eb:c6:e0:16:80:a1:2c:b2:f7:2f:d9:74:bb:23:d9:15:4e:a2:
0d:ac:e0:6b:f2:a1:0e:03:d3:3f:b5:34:92:05:f1:99:1e:4f:
71:12:87:4b:32:8e:be:72:f5:19:95:12:85:c5:10:b1:65:a5:
a0:1f:ad:d7:3c:10:39:7a:62:21:62:58:40:44:98:9b:89:73:
9a:3e:30:b6:4d:47:c9:aa:c6:98:c6:96:f5:ef:67:6b:60:c1:
57:d0:5e:0c:32:29:9f:b6:46:c7:3d:1c:6f:82:86:fb:90:1c:
9a:ca:0b:72:dd:78:fd:57:46:58:ee:01:53:d6:c5:79:8a:17:
11:4b:2c:4a:6a:80:45:46:27:79:9d:ec:38:5f:91:6f:b9:43:
71:16:5e:28:00:3f:e2:46:a9:68:8a:75:5b:15:10:06:c2:8c:
58:bc:7f:20:c9:be:81:27:28:5d:66:0d:20:c7:d8:96:1f:11:
c2:95:33:b1:39:ab:b8:97:fd:2c:7c:9f:df:ff:23:ee:5a:71:
21:06:08:fc:d8:9b:58:c7:40:4d:01:04:ff:00:0f:70:c0:23:
70:cd:06:32:97:42:5c:c2:0e:25:70:75:16:ee:d3:7d:57:ef:
ba:fa:b9:e1
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICM0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMwMjA4MTI0MDI2WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UzOTgzYS1hODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwnAiQz4lD5XF0vgv+KZPe+hdxHlEcQwKuGldE3IYpDoF4WaWgid09AwI006y
A9SDhTTv0MofjDyy5w+pYsxYMGev33u3eeYlpR5uIeg5WK68cn88JMzPgu/iq4t8
b0fVdD+EU95zp786naHITb3LbnZe7s3eqB24ts/fzUbzxs6Yw/PIkGAgETL6sFnM
yY87vaMlh82QYPDrXLZ5l65I3nkUwdEPEKCn6JVwflmhuiyxK3uXaCSWubqt2dgG
Od3zyhP/uzVqDaTD94RWPs/fBLI8fDyVvLFI2Lm83mDAyOlVwl5uSuUHi8GgsZiv
9itwFQAJ/eGTII2naQrLA5cfTQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFLo+W0qt
iNp6AaI20VI9cHldnyTjMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvNkVFNjI0QTQ0
M0I2MTFFQjlGQjg1OTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBABnz1UDBAJ0WnQwDAMEAHRaeQMEAHRaegMEAMpFMwMEAMqO
lzANBgkqhkiG9w0BAQsFAAOCAQEArcxwwXjc3kShi1qgmXcTpkhy68bgFoChLLL3
L9l0uyPZFU6iDazga/KhDgPTP7U0kgXxmR5PcRKHSzKOvnL1GZUShcUQsWWloB+t
1zwQOXpiIWJYQESYm4lzmj4wtk1HyarGmMaW9e9na2DBV9BeDDIpn7ZGxz0cb4KG
+5AcmsoLct14/VdGWO4BU9bFeYoXEUssSmqARUYneZ3sOF+Rb7lDcRZeKAA/4kap
aIp1WxUQBsKMWLx/IMm+gScoXWYNIMfYlh8RwpUzsTmruJf9LHyf3/8j7lpxIQYI
/NibWMdATQEE/wAPcMAjcM0GMpdCXMIOJXB1Fu7TfVfvuvq54Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org