Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/DD13712CF18911EAA922EB1FC4F9AE02.roa
File: DD13712CF18911EAA922EB1FC4F9AE02.roa (raw, json)
Hash identifier: j+5CEs/2xXwWUG1UU3hSZgheQpo4xhIx6/zEOKhA6Sc=
Subject key identifier: 0D:51:05:C7:1D:A6:06:E8:8A:9E:E8:7F:75:78:3D:A7:2C:CC:0C:76
Certificate issuer: /CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74
Certificate serial: 04D3
Authority key identifier: 49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/DD13712CF18911EAA922EB1FC4F9AE02.roa
Signing time: Wed 11 May 2022 11:51:18 +0000
ROA not before: Wed 11 May 2022 11:51:18 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 18254
IP address blocks: 103.213.244.0/22 maxlen: 22
103.213.244.0/23 maxlen: 23
103.213.245.0/24 maxlen: 24
103.213.246.0/23 maxlen: 23
103.213.246.0/24 maxlen: 24
103.213.247.0/24 maxlen: 24
144.48.4.0/22 maxlen: 22
144.48.4.0/23 maxlen: 24
144.48.6.0/23 maxlen: 23
144.48.6.0/24 maxlen: 24
144.48.7.0/24 maxlen: 24
2401:1640::/32 maxlen: 32
2401:1640:10::/48 maxlen: 48
2401:1640:11::/48 maxlen: 48
2401:1640:12::/48 maxlen: 48
2401:1640:13::/48 maxlen: 48
2401:1640:14::/48 maxlen: 48
2401:1640:15::/48 maxlen: 48
2401:1640:16::/48 maxlen: 48
2401:1640:17::/48 maxlen: 48
2401:1640:18::/48 maxlen: 48
2401:1640:19::/48 maxlen: 48
2401:1640:1a::/48 maxlen: 48
2401:1640:1b::/48 maxlen: 48
2401:1640:1c::/48 maxlen: 48
2401:1640:1d::/48 maxlen: 48
2401:1640:1e::/48 maxlen: 48
2401:1640:1f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1235 (0x4d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA10A/serialNumber=49B5A46463E3A2B70A33446014EBF40E5C9EFE74
Validity
Not Before: May 11 11:51:18 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=627ba335-a472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0f:b0:5b:2e:5a:5b:09:ab:48:55:5f:79:85:
ad:87:f3:7e:82:53:03:b0:c7:e7:2a:ea:ff:d9:52:
90:f2:8a:bb:fe:1c:c8:89:fd:c1:27:55:43:e1:dc:
ea:ac:dd:d1:b8:6f:3f:7e:31:ba:22:2c:9c:4e:44:
a7:af:17:b3:75:f0:10:1d:7e:34:0c:bf:3f:d8:57:
a6:3c:e8:50:48:fc:6c:a0:e2:cc:05:4c:8d:74:77:
2c:f1:88:2c:cb:25:77:9e:34:1a:dc:30:34:9f:2d:
0c:17:ff:79:6c:57:3f:8c:03:8b:2e:df:b3:3f:0f:
af:8d:85:49:f1:d3:15:01:74:a6:1a:d6:81:c4:51:
dc:1d:18:52:51:32:a4:7d:1f:05:d1:32:ef:e6:c2:
58:3a:27:8f:6a:44:6a:5f:97:56:f8:17:e4:ea:9b:
c5:30:79:9e:54:4e:9a:02:a9:24:68:2e:da:21:05:
8e:4e:dc:b4:ec:ab:85:8f:b0:b5:d4:03:e1:a1:d4:
2b:a2:1b:42:44:82:e9:ad:59:d8:be:54:7b:2a:88:
87:af:7d:e1:2b:ec:5d:a4:4b:ab:78:ec:ba:26:88:
b1:1a:12:69:5c:69:73:26:a0:c1:2a:a4:f1:91:c0:
2a:67:02:11:ad:18:e3:8e:61:29:11:47:84:de:b0:
ba:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:51:05:C7:1D:A6:06:E8:8A:9E:E8:7F:75:78:3D:A7:2C:CC:0C:76
X509v3 Authority Key Identifier:
keyid:49:B5:A4:64:63:E3:A2:B7:0A:33:44:60:14:EB:F4:0E:5C:9E:FE:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/SbWkZGPjorcKM0RgFOv0Dlye_nQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SbWkZGPjorcKM0RgFOv0Dlye_nQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA10A/E340204CF18711EAB9734B1CC4F9AE02/DD13712CF18911EAA922EB1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.244.0/22
144.48.4.0/22
IPv6:
2401:1640::/32
Signature Algorithm: sha256WithRSAEncryption
09:ad:36:19:55:f2:5c:a2:58:71:88:17:f9:12:10:da:50:ad:
67:96:ba:53:b6:74:02:69:3f:56:ad:cb:1a:f8:2f:0e:27:00:
7d:dd:e0:e7:43:4e:63:8a:ef:cb:b9:25:fa:0e:1f:de:97:d4:
fe:a5:c6:2f:26:be:5c:6a:90:71:8c:a9:d2:7c:d0:da:77:0d:
18:4f:f0:48:27:2b:e3:75:59:dd:af:ed:52:ba:6b:f1:09:00:
17:5c:35:64:32:cf:6b:42:48:d9:3b:4d:4a:08:f0:d6:b4:67:
38:39:ed:74:49:b4:44:05:b2:71:64:f4:8c:cd:06:00:36:64:
a9:e8:42:6c:43:84:5a:e6:a0:ba:18:23:16:f7:c1:92:52:0d:
93:2c:58:b9:55:fd:8d:76:30:df:4a:b9:11:39:ff:5b:3c:01:
be:ea:6f:90:46:2d:87:d9:83:5c:fd:bd:17:4d:a4:ae:e6:86:
86:a2:52:cf:68:b5:d8:5d:0e:f0:e3:b4:e1:b9:45:df:92:36:
1f:48:c1:98:49:6a:8f:98:d9:c0:86:28:fd:7e:63:47:62:24:
1f:5c:43:9a:67:25:4a:7d:40:86:7f:6e:50:0a:2d:d4:91:7f:
28:03:70:91:4a:c2:98:6e:32:f1:d5:8b:19:64:8d:2e:f1:a8:
2b:11:90:c5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBNMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REExMEExMTAvBgNVBAUTKDQ5QjVBNDY0NjNFM0EyQjcwQTMzNDQ2MDE0RUJGNDBF
NUM5RUZFNzQwHhcNMjIwNTExMTE1MTE4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdiYTMzNS1hNDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQ+wWy5aWwmrSFVfeYWth/N+glMDsMfnKur/2VKQ8oq7/hzIif3BJ1VD4dzq
rN3RuG8/fjG6IiycTkSnrxezdfAQHX40DL8/2FemPOhQSPxsoOLMBUyNdHcs8Ygs
yyV3njQa3DA0ny0MF/95bFc/jAOLLt+zPw+vjYVJ8dMVAXSmGtaBxFHcHRhSUTKk
fR8F0TLv5sJYOiePakRqX5dW+Bfk6pvFMHmeVE6aAqkkaC7aIQWOTty07KuFj7C1
1APhodQrohtCRILprVnYvlR7KoiHr33hK+xdpEureOy6JoixGhJpXGlzJqDBKqTx
kcAqZwIRrRjjjmEpEUeE3rC6VQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFA1RBccd
pgboip7of3V4PacszAx2MB8GA1UdIwQYMBaAFEm1pGRj46K3CjNEYBTr9A5cnv50
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTEwQS9FMzQwMjA0Q0Yx
ODcxMUVBQjk3MzRCMUNDNEY5QUUwMi9TYldrWkdQam9yY0tNMFJnRk92MERseWVf
blEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NiV2taR1Bqb3JjS00wUmdGT3YwRGx5ZV9uUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REExMEEvRTM0MDIwNENGMTg3MTFFQUI5NzM0QjFDQzRGOUFFMDIvREQxMzcxMkNG
MTg5MTFFQUE5MjJFQjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJn1fQDBAKQMAQwDQQCAAIwBwMFACQBFkAwDQYJKoZIhvcN
AQELBQADggEBAAmtNhlV8lyiWHGIF/kSENpQrWeWulO2dAJpP1atyxr4Lw4nAH3d
4OdDTmOK78u5JfoOH96X1P6lxi8mvlxqkHGMqdJ80Np3DRhP8EgnK+N1Wd2v7VK6
a/EJABdcNWQyz2tCSNk7TUoI8Na0Zzg57XRJtEQFsnFk9IzNBgA2ZKnoQmxDhFrm
oLoYIxb3wZJSDZMsWLlV/Y12MN9KuRE5/1s8Ab7qb5BGLYfZg1z9vRdNpK7mhoai
Us9otdhdDvDjtOG5Rd+SNh9IwZhJao+Y2cCGKP1+Y0diJB9cQ5pnJUp9QIZ/blAK
LdSRfygDcJFKwphuMvHVixlkjS7xqCsRkMU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org