Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/AA433E241C6811EDAFB3A950C4F9AE02.roa
File: AA433E241C6811EDAFB3A950C4F9AE02.roa (raw, json)
Hash identifier: +ItO9ZaKEfl0hXctUtLRLTi2vwNYhHItihT/wdciyT8=
Subject key identifier: 02:77:18:B3:EE:79:9E:AC:77:31:9E:83:48:85:02:1A:9D:9E:AF:C2
Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Certificate serial: 0BEA
Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/AA433E241C6811EDAFB3A950C4F9AE02.roa
Signing time: Mon 15 Aug 2022 07:05:38 +0000
ROA not before: Mon 15 Aug 2022 07:05:38 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 138970
IP address blocks: 103.5.0.0/22 maxlen: 22
103.5.0.0/23 maxlen: 23
103.5.0.0/24 maxlen: 24
103.5.1.0/24 maxlen: 24
103.5.2.0/23 maxlen: 23
103.5.2.0/24 maxlen: 24
103.5.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3050 (0xbea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Validity
Not Before: Aug 15 07:05:38 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=62f9f042-7904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:18:da:5c:cf:43:fd:7e:7c:9e:49:a7:48:62:
2a:f3:15:a3:57:20:27:d9:74:64:46:fb:a7:28:ef:
cb:63:fe:ea:86:1c:46:64:96:71:2b:bc:2f:0d:b4:
41:a9:87:6b:34:e6:e1:4d:ba:b5:41:29:e8:3c:61:
b2:2e:53:1a:35:38:ef:33:2c:7c:f9:d9:e6:00:99:
fb:f3:88:0a:52:3e:13:2f:f2:fa:0f:d6:0e:7e:f4:
ef:72:71:9c:b1:ae:36:36:3e:9b:b7:5a:97:33:8c:
82:68:6c:31:46:96:9f:7a:b4:18:28:c8:c9:0b:3e:
6d:63:1c:ec:80:9e:d1:2f:10:16:6e:81:1d:a0:1d:
d2:be:75:e3:45:4e:91:53:d1:b9:51:8c:df:11:77:
87:2d:5b:44:f2:2b:94:62:ed:bb:a8:41:dd:b4:ec:
cc:1d:ca:7b:96:49:db:43:7b:13:17:83:68:22:0f:
6d:0b:f7:ca:e0:9b:8e:d7:9e:8a:99:9b:09:26:3c:
c1:6e:ee:dc:35:bc:36:c7:f9:d9:59:46:cf:91:fd:
4d:b8:1f:00:ad:a5:2f:13:63:ca:d3:6f:76:a6:28:
c6:da:52:c2:52:e9:d1:ff:23:50:57:f4:a1:73:ce:
e2:c1:e3:78:30:f1:7c:06:38:1f:d6:62:3c:4b:33:
45:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:77:18:B3:EE:79:9E:AC:77:31:9E:83:48:85:02:1A:9D:9E:AF:C2
X509v3 Authority Key Identifier:
keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/AA433E241C6811EDAFB3A950C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.0.0/22
Signature Algorithm: sha256WithRSAEncryption
79:1e:64:2e:d5:45:74:a2:5b:7e:6a:19:9e:a1:98:5c:fc:88:
19:db:0e:07:42:8a:e1:11:a3:b1:ee:f3:23:2b:ab:c8:1a:07:
f4:f8:8d:c0:b1:79:61:92:8d:7e:ff:f0:33:74:9e:c5:ce:8b:
64:a4:12:8c:98:51:03:0d:cc:fb:ec:65:34:e5:d1:b8:fe:ed:
67:16:40:31:dd:ad:e8:fb:57:6d:51:c5:fa:3c:2b:32:d8:3b:
e3:94:b5:c1:8f:3f:ce:11:08:f5:a1:11:de:17:0c:da:84:61:
a1:45:fb:08:a1:ac:62:e1:37:2f:8a:cf:a3:51:07:fe:0e:62:
26:25:0a:bb:24:87:b4:0a:97:b8:e4:3f:5c:38:51:5e:a8:52:
b3:41:20:90:9d:d7:4b:d6:5a:bf:0b:cc:02:f0:0b:7e:2b:68:
b0:2a:2b:33:e4:42:2b:a5:02:f4:61:b0:2b:6a:cb:ae:47:a8:
c2:7f:17:de:00:b7:f1:81:ab:1f:23:40:1a:e0:c4:1d:40:30:
93:40:1a:c8:16:ed:cd:13:f6:13:f4:ad:7a:ed:ae:91:67:33:
e9:f0:73:28:3e:08:10:f9:28:8f:e9:29:10:44:45:5b:8f:6b:
58:43:3e:bf:ed:77:cf:0a:9c:b6:bd:f9:3b:b4:98:92:f8:5e:
c4:19:cd:93
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx
REM0NUUyQjIwHhcNMjIwODE1MDcwNTM4WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmY5ZjA0Mi03OTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0BjaXM9D/X58nkmnSGIq8xWjVyAn2XRkRvunKO/LY/7qhhxGZJZxK7wvDbRB
qYdrNObhTbq1QSnoPGGyLlMaNTjvMyx8+dnmAJn784gKUj4TL/L6D9YOfvTvcnGc
sa42Nj6bt1qXM4yCaGwxRpaferQYKMjJCz5tYxzsgJ7RLxAWboEdoB3SvnXjRU6R
U9G5UYzfEXeHLVtE8iuUYu27qEHdtOzMHcp7lknbQ3sTF4NoIg9tC/fK4JuO156K
mZsJJjzBbu7cNbw2x/nZWUbPkf1NuB8AraUvE2PK0292pijG2lLCUunR/yNQV/Sh
c87iweN4MPF8Bjgf1mI8SzNFewIDAQABo4IClTCCApEwHQYDVR0OBBYEFAJ3GLPu
eZ6sdzGeg0iFAhqdnq/CMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5
REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg2OEMvM0ZCOTMzNjhBOURCMTFFOTg0Mjg1Mjg2QzRGOUFFMDIvQUE0MzNFMjQx
QzY4MTFFREFGQjNBOTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnBQAwDQYJKoZIhvcNAQELBQADggEBAHkeZC7VRXSiW35q
GZ6hmFz8iBnbDgdCiuERo7Hu8yMrq8gaB/T4jcCxeWGSjX7/8DN0nsXOi2SkEoyY
UQMNzPvsZTTl0bj+7WcWQDHdrej7V21Rxfo8KzLYO+OUtcGPP84RCPWhEd4XDNqE
YaFF+wihrGLhNy+Kz6NRB/4OYiYlCrskh7QKl7jkP1w4UV6oUrNBIJCd10vWWr8L
zALwC34raLAqKzPkQiulAvRhsCtqy65HqMJ/F94At/GBqx8jQBrgxB1AMJNAGsgW
7c0T9hP0rXrtrpFnM+nwcyg+CBD5KI/pKRBERVuPa1hDPr/td88KnLa9+Tu0mJL4
XsQZzZM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org