Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/AF09CF72914311ED87449317C4F9AE02.roa
File: AF09CF72914311ED87449317C4F9AE02.roa (raw, json)
Hash identifier: g/qGFGOKTBE/JGnBDqxTEI+jm+vUbli4uo2lIUyxY0s=
Subject key identifier: B6:5C:45:5F:03:69:5A:D0:93:7E:A8:CC:7F:96:69:DF:1E:84:BC:E2
Certificate issuer: /CN=A91D6444/serialNumber=8D7D43B6FCB966E8E1A6583BDA07250157AC310F
Certificate serial: 05
Authority key identifier: 8D:7D:43:B6:FC:B9:66:E8:E1:A6:58:3B:DA:07:25:01:57:AC:31:0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jX1Dtvy5Zujhplg72gclAVesMQ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/AF09CF72914311ED87449317C4F9AE02.roa
Signing time: Wed 11 Jan 2023 00:05:41 +0000
ROA not before: Wed 11 Jan 2023 00:05:41 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 17906
IP address blocks: 203.11.224.0/21 maxlen: 24
203.11.232.0/21 maxlen: 24
203.11.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D6444/serialNumber=8D7D43B6FCB966E8E1A6583BDA07250157AC310F
Validity
Not Before: Jan 11 00:05:41 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63bdfd54-4975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:26:f0:4f:d8:c0:2e:9b:ac:a0:7c:e1:db:4d:
d9:68:75:1c:a0:35:1b:a3:c8:74:0d:98:f2:5f:9b:
50:28:99:6a:cb:77:14:70:e1:49:87:30:0c:15:43:
b1:1a:a0:80:c3:5f:1a:12:60:6e:1f:26:f2:1e:9d:
21:0e:c2:de:69:01:df:87:ec:41:d1:10:90:9b:6e:
70:9a:99:60:8a:f2:90:b5:2f:6f:31:e6:0c:50:87:
0f:50:7a:0b:fb:34:ee:99:79:b3:11:b7:43:d5:a8:
87:ce:33:28:73:3e:24:33:cc:53:9e:e2:40:c1:a4:
d2:0d:67:ef:f0:05:dc:f9:64:51:f9:21:39:63:76:
43:35:58:8c:4d:cc:5f:09:a6:da:75:cc:82:f0:58:
68:94:d1:b3:8d:36:ae:49:70:f6:d4:0e:fa:f2:3b:
5c:7d:fb:65:df:b5:1f:90:e7:df:5f:21:4a:5e:71:
82:1e:49:98:fa:16:71:a1:6b:a9:ba:fb:f9:2d:c4:
ff:5f:30:a5:b6:9c:a1:7d:4b:a9:c0:76:51:a3:81:
a6:59:3c:91:73:d8:a9:61:a0:f0:f1:ea:3e:f2:11:
89:21:5e:a1:98:59:b1:30:af:8b:78:80:58:55:2e:
42:43:32:d1:87:de:3c:43:00:b3:7a:a8:d3:24:16:
9b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5C:45:5F:03:69:5A:D0:93:7E:A8:CC:7F:96:69:DF:1E:84:BC:E2
X509v3 Authority Key Identifier:
keyid:8D:7D:43:B6:FC:B9:66:E8:E1:A6:58:3B:DA:07:25:01:57:AC:31:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/jX1Dtvy5Zujhplg72gclAVesMQ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jX1Dtvy5Zujhplg72gclAVesMQ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6444/DCC76F7490BB11EDB5B5FF57C4F9AE02/AF09CF72914311ED87449317C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.11.224.0-203.11.247.255
Signature Algorithm: sha256WithRSAEncryption
08:ba:cf:e3:06:9c:a8:06:d2:fc:d8:a2:87:77:4c:74:52:09:
e1:a8:62:46:9b:8f:28:ac:1c:7f:a8:9e:50:8f:ae:4c:87:89:
16:c7:68:53:d7:7d:a1:76:da:ce:77:be:1e:d3:29:4d:ef:8c:
55:06:2c:5b:6a:ac:c7:6f:d5:7e:d0:12:59:47:67:15:87:f5:
ce:08:98:f1:1e:fe:6e:1f:11:82:b3:8b:0b:9e:1e:bf:b2:50:
24:15:ce:7c:69:02:d6:77:ab:6f:bf:5b:51:ea:df:bc:6a:2e:
3d:3b:d1:a8:31:88:c5:1a:cd:82:f2:a5:07:a9:7e:52:95:f6:
34:cb:79:44:43:a2:16:d8:03:3b:dc:76:47:81:78:48:58:d7:
dc:0f:ef:f9:3b:0c:66:fa:11:84:bb:4d:88:44:59:ac:e5:38:
d5:39:51:59:e1:51:3b:1a:62:65:e4:05:d4:03:6d:0e:51:c7:
ed:0c:28:0c:5e:67:39:d4:c6:79:9d:f8:c5:76:b2:ba:39:b8:
c2:cc:3c:54:a1:9b:20:b0:d4:06:29:8a:76:d3:8a:49:c8:0b:
54:90:35:3f:99:75:fb:f0:85:7f:27:9a:48:89:fc:c1:b6:53:
7f:8c:b2:61:75:51:da:e2:ae:fb:62:b5:b2:41:d7:b3:45:3d:
c1:b8:a5:28
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NjQ0NDExMC8GA1UEBRMoOEQ3RDQzQjZGQ0I5NjZFOEUxQTY1ODNCREEwNzI1MDE1
N0FDMzEwRjAeFw0yMzAxMTEwMDA1NDFaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYmRmZDU0LTQ5NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdJvBP2MAum6ygfOHbTdlodRygNRujyHQNmPJfm1AomWrLdxRw4UmHMAwVQ7Ea
oIDDXxoSYG4fJvIenSEOwt5pAd+H7EHREJCbbnCamWCK8pC1L28x5gxQhw9Qegv7
NO6ZebMRt0PVqIfOMyhzPiQzzFOe4kDBpNINZ+/wBdz5ZFH5ITljdkM1WIxNzF8J
ptp1zILwWGiU0bONNq5JcPbUDvryO1x9+2XftR+Q599fIUpecYIeSZj6FnGha6m6
+/ktxP9fMKW2nKF9S6nAdlGjgaZZPJFz2KlhoPDx6j7yEYkhXqGYWbEwr4t4gFhV
LkJDMtGH3jxDALN6qNMkFpuhAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUtlxFXwNp
WtCTfqjMf5Zp3x6EvOIwHwYDVR0jBBgwFoAUjX1Dtvy5Zujhplg72gclAVesMQ8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ2NDQ0L0RDQzc2Rjc0OTBC
QjExRURCNUI1RkY1N0M0RjlBRTAyL2pYMUR0dnk1WnVqaHBsZzcyZ2NsQVZlc01R
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvalgxRHR2eTVadWpocGxnNzJnY2xBVmVzTVE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NjQ0NC9EQ0M3NkY3NDkwQkIxMUVEQjVCNUZGNTdDNEY5QUUwMi9BRjA5Q0Y3Mjkx
NDMxMUVEODc0NDkzMTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQFywvgAwQDywvwMA0GCSqGSIb3DQEBCwUAA4IBAQAIus/j
BpyoBtL82KKHd0x0UgnhqGJGm48orBx/qJ5Qj65Mh4kWx2hT132hdtrOd74e0ylN
74xVBixbaqzHb9V+0BJZR2cVh/XOCJjxHv5uHxGCs4sLnh6/slAkFc58aQLWd6tv
v1tR6t+8ai49O9GoMYjFGs2C8qUHqX5SlfY0y3lEQ6IW2AM73HZHgXhIWNfcD+/5
Owxm+hGEu02IRFms5TjVOVFZ4VE7GmJl5AXUA20OUcftDCgMXmc51MZ5nfjFdrK6
ObjCzDxUoZsgsNQGKYp204pJyAtUkDU/mXX78IV/J5pIifzBtlN/jLJhdVHa4q77
YrWyQdezRT3BuKUo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org