Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/9F589B447D7511EDB9B8444AC4F9AE02.roa
File: 9F589B447D7511EDB9B8444AC4F9AE02.roa (raw, json)
Hash identifier: w5VRDXRCVYBjyEXDdH1J9IMHvJLC3PdE0kiPkuE+54g=
Subject key identifier: 73:71:FA:D7:5B:5E:7A:FC:4D:B8:FA:A9:EC:E6:70:8A:77:35:F7:D6
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 2037
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/9F589B447D7511EDB9B8444AC4F9AE02.roa
Signing time: Fri 16 Dec 2022 19:32:52 +0000
ROA not before: Fri 16 Dec 2022 19:32:52 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 63980
IP address blocks: 103.57.20.0/22 maxlen: 22
103.57.20.0/23 maxlen: 23
103.57.20.0/24 maxlen: 24
103.57.21.0/24 maxlen: 24
103.57.22.0/23 maxlen: 23
103.57.22.0/24 maxlen: 24
103.57.23.0/24 maxlen: 24
2402:5380::/31 maxlen: 39
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8247 (0x2037)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Dec 16 19:32:52 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=639cc7e4-8090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b9:1e:6b:1c:b5:cc:21:a4:ee:04:7b:34:59:
b3:1c:2c:c4:da:53:de:46:c1:c5:88:35:e8:71:2e:
f3:f1:3e:c2:a1:73:23:eb:60:f5:af:80:0e:c3:76:
b1:cc:5c:63:33:0d:b8:6f:4f:fa:36:d4:e4:0d:61:
a9:80:0c:b0:f3:21:ec:15:b1:ba:fe:d2:26:b4:04:
64:89:bf:68:5f:1a:b0:e5:aa:80:0a:df:90:45:51:
58:a0:a2:a2:08:54:4d:b8:9d:f1:04:4a:3b:2e:30:
50:c1:35:23:6d:a9:03:bf:26:fc:1f:36:8d:3b:28:
e2:58:1b:ea:a8:2b:0e:c4:59:15:cc:fd:12:06:12:
10:a0:de:ca:5b:2b:3c:db:9c:2a:17:83:56:66:d3:
77:d1:d1:66:45:fa:21:7f:26:97:93:52:2f:28:e3:
b7:0f:72:f8:c2:18:88:36:12:a9:f0:82:17:1e:0a:
ec:97:d5:3d:c6:7c:52:38:79:e7:a4:09:dd:c0:93:
b9:a3:77:0b:e8:f5:c5:d5:89:8b:d8:39:eb:a7:fe:
63:14:1a:3c:4e:da:13:fe:7d:2c:77:65:0b:0c:1f:
a0:9c:f1:f4:a4:17:eb:3b:19:cf:fc:e3:27:67:e8:
91:1a:91:9b:a9:ae:d8:b8:36:52:2d:7b:26:bd:18:
3b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:71:FA:D7:5B:5E:7A:FC:4D:B8:FA:A9:EC:E6:70:8A:77:35:F7:D6
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/9F589B447D7511EDB9B8444AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.57.20.0/22
IPv6:
2402:5380::/31
Signature Algorithm: sha256WithRSAEncryption
63:87:29:30:ee:0a:f5:48:21:6b:e6:50:30:cd:98:5b:a6:bf:
93:f4:00:5b:03:22:15:44:27:56:5e:50:16:45:8a:01:e2:c2:
64:1d:d7:d4:83:d8:46:ab:23:17:75:47:dd:49:1d:4e:e8:a3:
bc:11:0e:02:e0:06:e3:b9:3f:e2:95:11:ac:32:92:e3:28:ba:
70:e6:e8:d6:01:a7:fd:07:cf:02:30:05:ba:9e:56:8a:2f:cd:
df:13:a4:47:8e:a9:e5:68:fb:8b:95:f2:b2:be:1c:72:40:3d:
db:17:52:c4:07:ae:68:fe:ee:fe:64:5c:f6:7e:bd:b1:08:eb:
6f:d6:52:0e:99:d0:eb:ed:d9:e5:0f:40:c3:01:8c:da:1f:89:
4d:9b:7e:d6:a7:93:04:ec:3d:08:28:40:19:2e:10:c0:fd:a3:
2c:eb:1b:c8:6e:50:0c:2e:86:a4:e4:b2:6a:21:c7:9b:a9:ee:
ce:17:37:68:35:0e:e9:71:af:cb:3f:35:c5:2f:25:15:5b:67:
7b:8a:98:db:d4:0c:5f:75:0a:4b:b6:1c:c5:4e:8d:ca:97:f8:
d9:98:aa:34:05:b7:ce:ab:34:30:1d:1b:e9:6d:c0:c7:f8:0c:
11:c3:7c:c9:9a:10:f5:5e:ad:1a:7f:72:ab:9a:07:58:f0:1e:
a4:af:79:14
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICIDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjIxMjE2MTkzMjUyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzljYzdlNC04MDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvrkeaxy1zCGk7gR7NFmzHCzE2lPeRsHFiDXocS7z8T7CoXMj62D1r4AOw3ax
zFxjMw24b0/6NtTkDWGpgAyw8yHsFbG6/tImtARkib9oXxqw5aqACt+QRVFYoKKi
CFRNuJ3xBEo7LjBQwTUjbakDvyb8HzaNOyjiWBvqqCsOxFkVzP0SBhIQoN7KWys8
25wqF4NWZtN30dFmRfohfyaXk1IvKOO3D3L4whiINhKp8IIXHgrsl9U9xnxSOHnn
pAndwJO5o3cL6PXF1YmL2Dnrp/5jFBo8TtoT/n0sd2ULDB+gnPH0pBfrOxnP/OMn
Z+iRGpGbqa7YuDZSLXsmvRg7mwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHNx+tdb
Xnr8Tbj6qezmcIp3NffWMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvOUY1ODlCNDQ3
RDc1MTFFREI5Qjg0NDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnORQwDQQCAAIwBwMFASQCU4AwDQYJKoZIhvcNAQELBQAD
ggEBAGOHKTDuCvVIIWvmUDDNmFumv5P0AFsDIhVEJ1ZeUBZFigHiwmQd19SD2Ear
Ixd1R91JHU7oo7wRDgLgBuO5P+KVEawykuMounDm6NYBp/0HzwIwBbqeVoovzd8T
pEeOqeVo+4uV8rK+HHJAPdsXUsQHrmj+7v5kXPZ+vbEI62/WUg6Z0Ovt2eUPQMMB
jNofiU2bftankwTsPQgoQBkuEMD9oyzrG8huUAwuhqTksmohx5up7s4XN2g1Dulx
r8s/NcUvJRVbZ3uKmNvUDF91Cku2HMVOjcqX+NmYqjQFt86rNDAdG+ltwMf4DBHD
fMmaEPVerRp/cquaB1jwHqSveRQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org