Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/D56188BE1A4011EE83C49C1CC4F9AE02.roa
File: D56188BE1A4011EE83C49C1CC4F9AE02.roa (raw, json)
Hash identifier: s9AjlpPXOD0IYtXFK2a1vflDCfEnGe+BdfjIyWw01ho=
Subject key identifier: 6D:27:84:91:57:C3:B0:61:85:5C:27:5E:56:C1:4F:C7:79:7A:7F:7D
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 33AC
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/D56188BE1A4011EE83C49C1CC4F9AE02.roa
Signing time: Tue 04 Jul 2023 08:00:25 +0000
ROA not before: Tue 04 Jul 2023 08:00:25 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 140607
IP address blocks: 103.207.85.0/24 maxlen: 24
116.90.116.0/24 maxlen: 24
116.90.118.0/24 maxlen: 24
116.90.119.0/24 maxlen: 24
116.90.121.0/24 maxlen: 24
116.90.122.0/24 maxlen: 24
202.142.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13228 (0x33ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Jul 4 08:00:25 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64a3d199-e191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cb:16:5d:fd:07:6b:cc:58:f5:18:ae:34:ec:
60:ac:98:e1:74:be:7b:82:d4:3c:a9:79:e0:15:cb:
3b:94:c5:b0:74:39:43:c7:be:1b:fd:70:00:c9:5c:
52:92:88:34:14:9a:ae:b3:5d:77:c6:49:b8:bd:7d:
81:8f:8a:e2:aa:8c:ee:04:1e:6c:5e:e2:07:59:25:
cd:ee:37:3e:cf:45:a7:31:10:b5:de:f2:26:3e:be:
de:5e:d6:1c:fd:11:f7:ac:68:6f:e4:19:cf:84:34:
65:21:5d:80:65:14:83:61:05:00:df:94:65:2d:5d:
98:cc:23:c4:09:74:d0:4a:51:14:b2:3d:8b:8f:a1:
2d:60:68:c2:92:48:66:90:81:9f:53:c3:1f:1e:b8:
0a:4d:d1:ed:fe:28:ee:d5:4e:95:bd:e5:92:3d:a1:
93:d3:ac:c1:89:df:48:69:9d:dd:34:b0:04:7f:3d:
be:bd:5f:f0:cf:dd:0e:40:95:1a:1b:ae:39:e6:26:
c6:da:da:de:92:bd:c1:48:2c:ae:e9:a8:fd:d7:54:
a4:a5:79:1e:73:b7:b0:d4:cf:65:10:b4:a7:7f:1f:
d1:b2:7e:e8:58:69:bb:af:df:8c:8b:a3:b4:8d:e3:
cf:c3:f6:77:e8:0f:86:44:ad:16:b9:7a:af:8a:aa:
d0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:27:84:91:57:C3:B0:61:85:5C:27:5E:56:C1:4F:C7:79:7A:7F:7D
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/D56188BE1A4011EE83C49C1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.85.0/24
116.90.116.0/24
116.90.118.0/23
116.90.121.0-116.90.122.255
202.142.151.0/24
Signature Algorithm: sha256WithRSAEncryption
73:1e:d4:a2:a8:e2:8f:5e:96:84:41:3d:91:f8:cf:81:c2:a7:
4c:ff:35:3a:a8:bb:81:e1:f8:9f:da:c7:49:c3:2d:0d:c5:2b:
bf:22:56:63:ee:ef:92:22:44:2d:d5:c2:6d:f0:61:ff:9d:4a:
a9:c9:16:78:80:1f:2f:34:35:e7:55:69:a4:37:70:4c:46:b4:
e6:23:68:bf:35:d1:bb:b8:ab:f0:64:b5:4e:54:16:35:15:89:
44:3f:64:85:c8:47:d9:86:8f:5a:17:3e:1b:82:8f:93:87:76:
58:4e:2e:b4:33:f8:95:09:71:8b:a9:75:3d:53:d5:b5:7e:bb:
5c:55:9b:60:58:d6:09:c7:52:bb:31:76:8a:5a:14:82:b7:d3:
89:66:4b:8a:b1:d5:c3:7d:fa:e5:2d:49:fa:2b:21:6a:f9:32:
86:76:d9:49:04:f6:a3:91:03:03:03:ac:16:a3:c8:cc:b4:0e:
ec:0f:73:34:56:36:f2:48:f5:e1:16:c8:d9:69:56:a1:ac:0e:
54:3a:57:91:88:44:e7:de:5c:70:f4:56:21:08:3c:c2:7f:5e:
34:9d:8a:ab:c2:57:84:85:63:db:17:38:a6:ea:fc:1d:64:7f:
b9:8a:5e:dd:6c:a3:3f:ef:74:5e:23:06:e2:3c:5b:db:2d:aa:
1b:5a:a2:25
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICM6wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMwNzA0MDgwMDI1WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGEzZDE5OS1lMTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucsWXf0Ha8xY9RiuNOxgrJjhdL57gtQ8qXngFcs7lMWwdDlDx74b/XAAyVxS
kog0FJqus113xkm4vX2Bj4riqozuBB5sXuIHWSXN7jc+z0WnMRC13vImPr7eXtYc
/RH3rGhv5BnPhDRlIV2AZRSDYQUA35RlLV2YzCPECXTQSlEUsj2Lj6EtYGjCkkhm
kIGfU8MfHrgKTdHt/iju1U6VveWSPaGT06zBid9IaZ3dNLAEfz2+vV/wz90OQJUa
G6455ibG2trekr3BSCyu6aj911SkpXkec7ew1M9lELSnfx/Rsn7oWGm7r9+Mi6O0
jePPw/Z36A+GRK0WuXqviqrQ5QIDAQABo4ICtTCCArEwHQYDVR0OBBYEFG0nhJFX
w7BhhVwnXlbBT8d5en99MB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRDU2MTg4QkUx
QTQwMTFFRTgzQzQ5QzFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBABnz1UDBAB0WnQDBAF0WnYwDAMEAHRaeQMEAHRaegMEAMqO
lzANBgkqhkiG9w0BAQsFAAOCAQEAcx7Uoqjij16WhEE9kfjPgcKnTP81Oqi7geH4
n9rHScMtDcUrvyJWY+7vkiJELdXCbfBh/51KqckWeIAfLzQ151VppDdwTEa05iNo
vzXRu7ir8GS1TlQWNRWJRD9khchH2YaPWhc+G4KPk4d2WE4utDP4lQlxi6l1PVPV
tX67XFWbYFjWCcdSuzF2iloUgrfTiWZLirHVw3365S1J+ishavkyhnbZSQT2o5ED
AwOsFqPIzLQO7A9zNFY28kj14RbI2WlWoawOVDpXkYhE595ccPRWIQg8wn9eNJ2K
q8JXhIVj2xc4pur8HWR/uYpe3WyjP+90XiMG4jxb2y2qG1qiJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org