Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/0C74798E2DBE11EEADF77264C4F9AE02.roa
File: 0C74798E2DBE11EEADF77264C4F9AE02.roa (raw, json)
Hash identifier: KLlfdW1ro5moRMPg5WoS/l8kdrkUt3p5M3O99DVq4u4=
Subject key identifier: E3:16:06:99:A9:6E:73:B2:F2:AA:07:A6:4B:34:DE:AD:78:BC:BF:B3
Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Certificate serial: 0CFA
Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/0C74798E2DBE11EEADF77264C4F9AE02.roa
Signing time: Sat 29 Jul 2023 03:18:42 +0000
ROA not before: Sat 29 Jul 2023 03:18:42 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 137818
IP address blocks: 103.5.0.0/22 maxlen: 22
103.5.0.0/23 maxlen: 23
103.5.0.0/24 maxlen: 24
103.5.1.0/24 maxlen: 24
103.5.2.0/23 maxlen: 23
103.5.2.0/24 maxlen: 24
103.5.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3322 (0xcfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Validity
Not Before: Jul 29 03:18:42 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=64c48512-d9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:c1:a3:f1:94:1c:3d:ea:a2:42:10:8a:46:d3:
78:ad:b7:aa:a6:61:a0:cc:c7:07:47:5a:34:29:ed:
b3:c8:cb:e6:2c:86:b3:2d:cc:a7:f7:16:4c:45:ac:
74:be:bc:19:d4:a1:41:83:41:d9:33:0b:6e:b9:69:
de:f3:46:21:d2:d6:01:09:f1:11:79:c8:3d:22:a8:
59:5e:1d:1e:b0:ec:ef:55:b7:89:b0:b0:3d:ef:e1:
dc:28:79:8c:9e:1f:91:6f:89:1d:98:44:41:e6:05:
ba:91:95:68:8d:f4:32:7e:3a:69:99:91:fa:e8:34:
51:28:bb:02:05:42:80:39:3c:4e:6b:25:22:1d:03:
57:89:d9:56:e3:ea:15:5b:6a:fd:71:1b:96:6a:63:
fe:6b:40:18:71:85:dd:89:fe:b9:83:2b:b8:97:99:
ea:63:a4:b8:c8:25:6e:3a:89:65:e8:1b:5c:d2:76:
24:b4:2a:f6:59:15:18:6b:af:02:69:d3:59:31:5e:
31:a9:ac:b4:2f:4d:c0:15:ec:e1:97:94:0b:55:b1:
93:3a:08:39:1e:d8:c0:95:9d:de:09:c5:ec:2f:98:
57:f1:99:2e:ba:06:2e:6a:8d:f5:fc:c2:b1:3e:ec:
75:ed:8a:a1:40:a9:61:5a:7b:2f:f0:cd:45:50:c5:
6e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:16:06:99:A9:6E:73:B2:F2:AA:07:A6:4B:34:DE:AD:78:BC:BF:B3
X509v3 Authority Key Identifier:
keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/0C74798E2DBE11EEADF77264C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.0.0/22
Signature Algorithm: sha256WithRSAEncryption
69:bc:9e:ec:92:6f:a6:e5:9f:89:aa:fa:41:39:f5:01:39:0f:
da:50:ab:d4:45:fe:df:14:d4:29:b8:b3:cd:3c:39:d7:15:76:
39:23:f6:36:70:d5:73:c8:ea:ef:b9:20:9f:22:db:df:9d:34:
f3:97:38:62:5e:d0:b2:fe:9f:94:f8:88:f6:b9:20:d4:2d:06:
04:0d:d7:a5:a2:7b:a3:12:62:55:f7:89:0f:23:a5:d3:0e:eb:
45:2a:d4:e6:1a:bf:5b:1e:5a:1f:60:c4:4d:a8:1b:5f:a3:68:
c9:9f:a3:b1:5d:62:35:f1:7a:2d:5e:8e:84:98:5b:6e:0a:0d:
7f:2d:3d:99:4d:2c:63:2a:0a:ef:33:e5:2e:4a:11:f7:c1:04:
f0:9c:44:91:62:46:0a:8e:42:c2:6f:d8:9d:94:8a:7b:11:db:
a8:e1:75:5b:18:36:a9:0a:f7:8b:2c:72:0d:b5:8d:63:44:4b:
b4:39:5c:96:b6:5d:e4:7d:82:3f:e1:d1:e6:cf:2b:90:78:91:
c1:c3:0b:47:67:98:0e:68:00:59:a5:33:60:49:5e:f9:18:2d:
f9:07:f8:7c:4a:82:d3:59:c5:93:f3:5f:df:04:b6:07:b9:a6:
50:5c:80:0a:94:88:36:3a:05:1f:1c:cd:09:aa:cd:6e:c5:f2:
af:89:88:51
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx
REM0NUUyQjIwHhcNMjMwNzI5MDMxODQyWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM0ODUxMi1kOWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+MGj8ZQcPeqiQhCKRtN4rbeqpmGgzMcHR1o0Ke2zyMvmLIazLcyn9xZMRax0
vrwZ1KFBg0HZMwtuuWne80Yh0tYBCfERecg9IqhZXh0esOzvVbeJsLA97+HcKHmM
nh+Rb4kdmERB5gW6kZVojfQyfjppmZH66DRRKLsCBUKAOTxOayUiHQNXidlW4+oV
W2r9cRuWamP+a0AYcYXdif65gyu4l5nqY6S4yCVuOoll6Btc0nYktCr2WRUYa68C
adNZMV4xqay0L03AFezhl5QLVbGTOgg5HtjAlZ3eCcXsL5hX8ZkuugYuao31/MKx
Pux17YqhQKlhWnsv8M1FUMVuWwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOMWBpmp
bnOy8qoHpks03q14vL+zMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5
REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg2OEMvM0ZCOTMzNjhBOURCMTFFOTg0Mjg1Mjg2QzRGOUFFMDIvMEM3NDc5OEUy
REJFMTFFRUFERjc3MjY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnBQAwDQYJKoZIhvcNAQELBQADggEBAGm8nuySb6bln4mq
+kE59QE5D9pQq9RF/t8U1Cm4s808OdcVdjkj9jZw1XPI6u+5IJ8i29+dNPOXOGJe
0LL+n5T4iPa5INQtBgQN16Wie6MSYlX3iQ8jpdMO60Uq1OYav1seWh9gxE2oG1+j
aMmfo7FdYjXxei1ejoSYW24KDX8tPZlNLGMqCu8z5S5KEffBBPCcRJFiRgqOQsJv
2J2UinsR26jhdVsYNqkK94sscg21jWNES7Q5XJa2XeR9gj/h0ebPK5B4kcHDC0dn
mA5oAFmlM2BJXvkYLfkH+HxKgtNZxZPzX98Etge5plBcgAqUiDY6BR8czQmqzW7F
8q+JiFE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org