Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/597130CE9F6811EBB7924841C4F9AE02.roa
File: 597130CE9F6811EBB7924841C4F9AE02.roa (raw, json)
Hash identifier: cdz8qZ94AwDQ9gDu7ZI0mpSwv1htxWtdiPFm06SfG4Q=
Subject key identifier: E5:18:87:7C:D3:90:BB:FF:1B:FC:AF:58:41:E4:3C:F0:C9:7D:80:AE
Certificate issuer: /CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Certificate serial: 0A55
Authority key identifier: 25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/597130CE9F6811EBB7924841C4F9AE02.roa
Signing time: Thu 07 Apr 2022 18:45:10 +0000
ROA not before: Thu 07 Apr 2022 18:45:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137185
IP address blocks: 103.88.92.0/24 maxlen: 24
103.88.93.0/24 maxlen: 24
103.88.94.0/24 maxlen: 24
103.88.95.0/24 maxlen: 24
220.158.192.0/24 maxlen: 24
220.158.193.0/24 maxlen: 24
220.158.194.0/24 maxlen: 24
220.158.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2645 (0xa55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9E19/serialNumber=255290A01AA9B9118B66EEDA0F905F6D40DB05AE
Validity
Not Before: Apr 7 18:45:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=624f3135-1a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f6:27:f9:e4:af:09:eb:1e:93:03:b3:94:5c:
36:d3:b8:b1:f5:0f:45:e1:32:90:58:f2:33:71:31:
05:1e:17:92:47:6b:40:af:ad:5b:9e:b3:4b:bf:9f:
2f:43:75:5e:c9:8f:90:b2:f6:d4:06:17:a6:04:d3:
78:76:42:34:35:0e:0b:d3:59:ba:b3:ba:5f:55:0f:
b4:83:00:16:bc:77:da:a1:74:8d:21:ea:0a:03:d4:
8a:15:8a:62:2a:a2:38:9b:16:6c:1a:65:4d:45:1c:
e5:3c:bb:34:21:40:9a:6e:bc:5b:4d:67:a8:7c:5a:
08:55:2a:a7:3e:07:4a:d1:27:01:bb:de:f0:23:6c:
94:45:52:69:86:83:89:7e:a8:73:01:67:e2:aa:45:
03:78:b0:41:e8:f1:d8:74:50:a8:87:91:33:51:6a:
88:79:8e:55:04:cc:f9:86:96:e9:cf:53:2c:81:c0:
2a:9c:43:c7:60:61:93:50:b3:95:e4:ef:c3:4b:71:
f8:fd:b4:e8:22:6d:3f:4e:29:70:73:f5:0d:23:9e:
56:d0:fa:6f:b1:21:2c:08:ed:00:d0:52:90:89:95:
12:e1:c4:ca:ff:5a:3c:ed:c0:67:31:3c:34:50:e3:
5d:6d:e1:0d:a7:9f:93:b2:f3:74:78:59:59:99:05:
83:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:18:87:7C:D3:90:BB:FF:1B:FC:AF:58:41:E4:3C:F0:C9:7D:80:AE
X509v3 Authority Key Identifier:
keyid:25:52:90:A0:1A:A9:B9:11:8B:66:EE:DA:0F:90:5F:6D:40:DB:05:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/JVKQoBqpuRGLZu7aD5BfbUDbBa4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JVKQoBqpuRGLZu7aD5BfbUDbBa4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9E19/356F2F3EC1A511E9A8B8F336C4F9AE02/597130CE9F6811EBB7924841C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.92.0/22
220.158.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:01:3c:d2:9e:f1:2a:d9:7d:c5:03:ce:4d:1b:13:aa:93:83:
66:74:d8:4f:e5:7c:be:5f:4a:a5:4f:01:df:1a:c5:d6:3b:1e:
21:d1:ad:26:e8:9d:72:fb:c7:f9:f0:e1:25:4e:dc:6f:aa:8c:
b3:00:8a:e0:8c:fb:9e:00:4b:d9:8c:f0:29:6d:c5:92:6c:a6:
3c:46:46:4b:96:52:12:49:0b:35:cf:a7:eb:cc:69:ec:07:5d:
00:e4:7d:5e:00:c3:b6:6e:78:ab:b0:a1:b9:36:84:73:88:9e:
fc:90:94:df:2e:ca:8e:3d:98:be:72:41:1f:33:19:34:92:ca:
86:ab:2b:6a:12:ce:00:bc:90:cd:02:0d:bf:c1:8d:98:e9:f4:
de:c1:fd:ab:7a:14:0b:43:69:44:c6:ac:fd:c6:98:c6:72:88:
21:fd:fc:ff:b9:2d:fe:09:fd:8a:f7:a9:9e:f9:38:b5:2f:dd:
3e:80:6b:11:fc:41:88:01:bb:b9:00:71:3b:a2:36:d3:3d:7e:
6b:26:af:79:d3:95:f7:48:9b:98:e0:13:91:9e:99:9a:99:8e:
86:cb:88:7f:24:a0:29:a3:d8:b2:4b:b1:93:ac:19:25:17:e4:
62:f9:e5:7f:ff:e2:1f:4f:c1:e8:10:9d:3a:01:d2:90:91:46:
ac:63:a5:0c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICClUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlFMTkxMTAvBgNVBAUTKDI1NTI5MEEwMUFBOUI5MTE4QjY2RUVEQTBGOTA1RjZE
NDBEQjA1QUUwHhcNMjIwNDA3MTg0NTEwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRmMzEzNS0xYTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw/Yn+eSvCesekwOzlFw207ix9Q9F4TKQWPIzcTEFHheSR2tAr61bnrNLv58v
Q3VeyY+QsvbUBhemBNN4dkI0NQ4L01m6s7pfVQ+0gwAWvHfaoXSNIeoKA9SKFYpi
KqI4mxZsGmVNRRzlPLs0IUCabrxbTWeofFoIVSqnPgdK0ScBu97wI2yURVJphoOJ
fqhzAWfiqkUDeLBB6PHYdFCoh5EzUWqIeY5VBMz5hpbpz1MsgcAqnEPHYGGTULOV
5O/DS3H4/bToIm0/Tilwc/UNI55W0PpvsSEsCO0A0FKQiZUS4cTK/1o87cBnMTw0
UONdbeENp5+TsvN0eFlZmQWDQwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOUYh3zT
kLv/G/yvWEHkPPDJfYCuMB8GA1UdIwQYMBaAFCVSkKAaqbkRi2bu2g+QX21A2wWu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUUxOS8zNTZGMkYzRUMx
QTUxMUU5QThCOEYzMzZDNEY5QUUwMi9KVktRb0JxcHVSR0xadTdhRDVCZmJVRGJC
YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pWS1FvQnFwdVJHTFp1N2FENUJmYlVEYkJhNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlFMTkvMzU2RjJGM0VDMUE1MTFFOUE4QjhGMzM2QzRGOUFFMDIvNTk3MTMwQ0U5
RjY4MTFFQkI3OTI0ODQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnWFwDBALcnsAwDQYJKoZIhvcNAQELBQADggEBAKcBPNKe
8SrZfcUDzk0bE6qTg2Z02E/lfL5fSqVPAd8axdY7HiHRrSbonXL7x/nw4SVO3G+q
jLMAiuCM+54AS9mM8CltxZJspjxGRkuWUhJJCzXPp+vMaewHXQDkfV4Aw7ZueKuw
obk2hHOInvyQlN8uyo49mL5yQR8zGTSSyoarK2oSzgC8kM0CDb/BjZjp9N7B/at6
FAtDaUTGrP3GmMZyiCH9/P+5Lf4J/Yr3qZ75OLUv3T6AaxH8QYgBu7kAcTuiNtM9
fmsmr3nTlfdIm5jgE5GemZqZjobLiH8koCmj2LJLsZOsGSUX5GL55X//4h9PwegQ
nToB0pCRRqxjpQw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org