Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/737003AE36F211EA9FFD8537C4F9AE02.roa
File: 737003AE36F211EA9FFD8537C4F9AE02.roa (raw, json)
Hash identifier: 8+Ixr62O0nV+3YEfTNuhYUzRjhYvcnoNdyPLCohOkv0=
Subject key identifier: 8E:48:F9:75:54:4F:C3:E1:4E:6B:1F:CD:92:DF:DF:9C:A9:B8:78:0B
Certificate issuer: /CN=A91E66E5/serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995
Certificate serial: 0AB9
Authority key identifier: 5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/737003AE36F211EA9FFD8537C4F9AE02.roa
Signing time: Wed 16 Mar 2022 07:25:40 +0000
ROA not before: Wed 16 Mar 2022 07:25:40 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 35280
IP address blocks: 103.135.56.0/22 maxlen: 24
2404:75c0::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2745 (0xab9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E66E5/serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995
Validity
Not Before: Mar 16 07:25:40 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=623190f4-e70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fa:aa:80:12:bd:b7:f0:be:dd:d9:2f:c7:c9:
6d:30:ca:c0:36:07:35:be:88:1b:0f:06:83:91:ca:
a5:38:1f:86:59:3a:f3:39:64:e7:12:b3:64:53:c4:
f8:8b:fc:42:34:ad:28:21:a1:91:4f:e0:ad:9c:7d:
23:25:2a:86:ac:5c:0a:99:ae:83:ee:04:44:31:c7:
80:db:05:de:59:62:39:cd:fc:70:7b:7a:1c:fe:38:
d0:fc:26:ed:91:45:28:4b:51:72:5a:06:60:c7:45:
3c:73:76:6f:28:48:a5:fe:ac:cc:b0:9d:90:d8:c3:
0f:f2:69:00:d6:64:3b:46:c8:72:f0:a8:67:83:52:
dd:19:dd:58:d4:41:88:6e:8c:94:5e:1d:86:21:d6:
61:21:91:e5:18:1a:34:fd:ae:11:3b:1c:58:02:99:
99:94:cc:2d:3d:80:1f:74:f0:5e:71:e2:99:87:74:
86:52:fd:ce:1d:b0:17:3c:85:a1:af:ad:da:0a:d6:
78:a0:98:c6:7a:c9:39:96:bd:74:6c:79:e3:cd:39:
23:cb:ed:68:03:02:c1:4a:9b:b5:3f:83:83:89:c6:
ab:36:d1:d3:30:2d:91:72:44:c6:e7:23:b2:54:dc:
ce:bd:c5:5d:6b:9a:f9:9a:0b:be:27:61:bc:d8:ae:
18:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:48:F9:75:54:4F:C3:E1:4E:6B:1F:CD:92:DF:DF:9C:A9:B8:78:0B
X509v3 Authority Key Identifier:
keyid:5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/737003AE36F211EA9FFD8537C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.56.0/22
IPv6:
2404:75c0::/32
Signature Algorithm: sha256WithRSAEncryption
06:b8:19:20:56:12:03:da:76:65:5e:a5:f7:db:bc:f9:69:ed:
f5:55:66:72:07:77:8e:1c:ce:e9:0d:16:ec:6b:4c:c5:48:c2:
fc:d5:10:c7:3d:08:fd:e8:9b:79:4c:05:a1:6e:4d:f5:cf:a9:
94:49:58:90:04:90:8c:cc:db:8b:e3:fd:f8:d1:0b:b4:35:65:
53:dc:04:5f:40:53:ca:61:f4:bb:94:b4:ff:58:31:5c:4d:15:
11:23:10:47:f2:44:66:15:c6:30:f6:32:38:a2:dc:57:64:f0:
e5:8e:00:7a:58:19:34:6b:e0:a2:74:dd:d3:6f:1d:d1:fd:c8:
32:69:8d:63:87:5f:7d:f7:a7:63:1e:86:00:d2:9f:01:75:49:
c1:e1:18:78:b0:a4:e9:8f:ab:01:85:2d:40:73:09:8c:f8:aa:
d5:1e:d6:20:a3:c7:88:44:f5:29:38:2c:6b:e1:fd:13:e6:34:
c0:04:e0:fd:70:f2:24:ac:eb:c2:07:58:c6:37:3b:81:6c:7f:
45:52:c9:6f:cc:64:56:43:55:34:fa:02:ba:55:99:aa:2f:31:
2e:f8:62:37:3c:9b:44:af:9f:f2:f7:1c:b3:a1:73:5c:96:5a:
4d:e7:95:7c:93:6f:18:8d:5f:6e:60:b4:f4:8e:48:44:6e:4d:
8e:c2:bc:31
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCrkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTY2RTUxMTAvBgNVBAUTKDVDMzk1QkEyQ0EwQUJGNjU4ODg3MjY4NzRDNzgyNEI2
OUI3ODk5OTUwHhcNMjIwMzE2MDcyNTQwWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMxOTBmNC1lNzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArPqqgBK9t/C+3dkvx8ltMMrANgc1vogbDwaDkcqlOB+GWTrzOWTnErNkU8T4
i/xCNK0oIaGRT+CtnH0jJSqGrFwKma6D7gREMceA2wXeWWI5zfxwe3oc/jjQ/Cbt
kUUoS1FyWgZgx0U8c3ZvKEil/qzMsJ2Q2MMP8mkA1mQ7Rshy8Khng1LdGd1Y1EGI
boyUXh2GIdZhIZHlGBo0/a4ROxxYApmZlMwtPYAfdPBeceKZh3SGUv3OHbAXPIWh
r63aCtZ4oJjGesk5lr10bHnjzTkjy+1oAwLBSpu1P4ODicarNtHTMC2RckTG5yOy
VNzOvcVda5r5mgu+J2G82K4YgwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFI5I+XVU
T8PhTmsfzZLf35ypuHgLMB8GA1UdIwQYMBaAFFw5W6LKCr9liIcmh0x4JLabeJmV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjZFNS81NjQzMDU4NkEy
NzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3YyV0loeWFIVEhna3RwdDRt
WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hEbGJvc29LdjJXSWh5YUhUSGdrdHB0NG1aVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTY2RTUvNTY0MzA1ODZBMjc1MTFFOUE3NEQ0RTgyQzRGOUFFMDIvNzM3MDAzQUUz
NkYyMTFFQTlGRkQ4NTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhzgwDQQCAAIwBwMFACQEdcAwDQYJKoZIhvcNAQELBQAD
ggEBAAa4GSBWEgPadmVepffbvPlp7fVVZnIHd44czukNFuxrTMVIwvzVEMc9CP3o
m3lMBaFuTfXPqZRJWJAEkIzM24vj/fjRC7Q1ZVPcBF9AU8ph9LuUtP9YMVxNFREj
EEfyRGYVxjD2Mjii3Fdk8OWOAHpYGTRr4KJ03dNvHdH9yDJpjWOHX333p2MehgDS
nwF1ScHhGHiwpOmPqwGFLUBzCYz4qtUe1iCjx4hE9Sk4LGvh/RPmNMAE4P1w8iSs
68IHWMY3O4Fsf0VSyW/MZFZDVTT6ArpVmaovMS74Yjc8m0Svn/L3HLOhc1yWWk3n
lXyTbxiNX25gtPSOSERuTY7CvDE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org