Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/D4347A1E612A11EAAD1AFA31C4F9AE02.roa
File: D4347A1E612A11EAAD1AFA31C4F9AE02.roa (raw, json)
Hash identifier: JZJuWe6qyqRDXitL7/HCx+KmeVNO4TC2QbaE5wSifQM=
Subject key identifier: 2F:3E:67:D2:62:32:EF:68:A1:CB:58:3E:93:40:85:E0:6C:03:67:DF
Certificate issuer: /CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6
Certificate serial: 1779
Authority key identifier: 41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/D4347A1E612A11EAAD1AFA31C4F9AE02.roa
Signing time: Sun 06 Aug 2023 09:15:25 +0000
ROA not before: Sun 06 Aug 2023 09:15:25 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 136435
IP address blocks: 103.87.248.0/22 maxlen: 22
103.87.248.0/23 maxlen: 23
103.87.248.0/24 maxlen: 24
103.87.249.0/24 maxlen: 24
103.87.250.0/23 maxlen: 23
103.87.250.0/24 maxlen: 24
103.87.251.0/24 maxlen: 24
203.96.224.0/22 maxlen: 22
203.96.224.0/23 maxlen: 23
203.96.224.0/24 maxlen: 24
203.96.225.0/24 maxlen: 24
203.96.226.0/23 maxlen: 23
203.96.226.0/24 maxlen: 24
203.96.227.0/24 maxlen: 24
2400:dac0::/48 maxlen: 48
2400:dac0:1::/48 maxlen: 48
2400:dac0:2::/48 maxlen: 48
2400:dac0:3::/48 maxlen: 48
2400:dac0:4::/48 maxlen: 48
2400:dac0:5::/48 maxlen: 48
2400:dac0:6::/48 maxlen: 48
2400:dac0:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6009 (0x1779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EFBA1/serialNumber=415406ED80B4D927A479A8BA042116AE2D11A1A6
Validity
Not Before: Aug 6 09:15:25 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64cf64ac-e08c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6e:4f:7c:9b:47:61:47:b8:08:60:44:95:8b:
c4:04:3a:03:fd:de:3f:2a:0d:fb:be:d6:e9:50:48:
32:a7:5d:bd:7b:7c:9d:1c:06:5c:e7:5f:78:6e:fa:
4e:7a:e4:67:6a:9e:63:3b:1f:7e:3e:6c:62:b0:33:
97:85:e3:e8:cd:27:81:72:79:89:81:4f:6c:d7:bb:
14:e7:12:f4:96:3c:cd:ef:55:76:bb:9c:ac:a3:71:
b9:3c:d5:7a:ea:67:c2:6a:ba:f5:66:37:87:51:ca:
3e:d9:58:47:5c:7b:ce:18:e6:72:b8:c8:7a:d4:cf:
c8:13:74:82:6e:0b:ea:3a:7d:99:66:a5:6c:63:c8:
f9:56:2e:e9:65:53:1e:fa:9d:43:e2:b1:29:51:ef:
80:69:45:fc:b5:97:03:ab:4a:b6:bd:c6:85:b8:33:
80:40:fa:b0:35:bc:6b:18:e5:94:00:29:a8:61:0a:
d4:60:45:f5:40:12:28:cf:76:9a:ec:fc:93:57:ae:
4d:d8:52:36:36:74:50:fe:fd:df:c7:ca:25:5e:af:
47:9c:f3:f4:dc:58:7f:e1:5c:2c:91:16:86:50:f0:
dd:93:4a:f0:77:cc:88:48:52:68:ce:83:ff:63:9c:
09:42:60:b6:a7:ba:58:3d:7c:65:bf:4a:9e:3e:63:
80:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3E:67:D2:62:32:EF:68:A1:CB:58:3E:93:40:85:E0:6C:03:67:DF
X509v3 Authority Key Identifier:
keyid:41:54:06:ED:80:B4:D9:27:A4:79:A8:BA:04:21:16:AE:2D:11:A1:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/QVQG7YC02Sekeai6BCEWri0RoaY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVQG7YC02Sekeai6BCEWri0RoaY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFBA1/2AD51F4C990311E7A5E95C6FC4F9AE02/D4347A1E612A11EAAD1AFA31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.248.0/22
203.96.224.0/22
IPv6:
2400:dac0::/45
Signature Algorithm: sha256WithRSAEncryption
02:dd:8d:80:35:f7:57:2f:9e:cb:11:db:70:1a:cb:ff:28:59:
11:68:8b:08:24:7f:84:8f:92:21:5e:a6:68:bd:82:cd:22:e4:
c0:ac:00:45:73:3a:92:91:32:01:26:29:92:43:9e:fc:03:5a:
88:ca:32:0d:d7:f8:ba:45:d2:9c:81:d7:c8:07:0a:49:8e:ca:
4f:32:7f:7d:76:83:a0:bd:60:bf:d2:8d:78:88:ed:f4:cc:20:
2b:33:2e:da:25:b2:70:d5:a0:be:41:1a:a0:a2:3f:01:f9:85:
58:64:6f:4d:42:93:2d:1b:79:69:e4:a5:c0:46:85:9d:4f:1c:
b6:cb:b7:15:14:01:e6:ba:c7:d1:e7:1d:f4:ea:e9:f5:93:54:
46:4f:f0:35:fd:83:65:53:9e:61:4c:7b:18:11:c0:a2:28:a0:
88:4c:af:a4:5b:69:7f:7c:b9:eb:1f:31:ff:15:81:3c:16:1d:
cb:ae:98:4f:aa:59:00:82:e8:98:9a:4d:18:10:89:0d:90:3f:
8a:4e:00:ed:65:6d:31:66:09:65:63:84:a6:6d:4d:c7:7d:6b:
80:95:9f:77:12:f9:88:53:11:50:b8:15:0d:e1:8f:b2:05:ea:
d0:03:b5:76:36:fb:b3:29:f5:46:db:55:84:a0:a8:88:75:2e:
cf:0c:5d:54
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICF3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUZCQTExMTAvBgNVBAUTKDQxNTQwNkVEODBCNEQ5MjdBNDc5QThCQTA0MjExNkFF
MkQxMUExQTYwHhcNMjMwODA2MDkxNTI1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNmNjRhYy1lMDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw25PfJtHYUe4CGBElYvEBDoD/d4/Kg37vtbpUEgyp129e3ydHAZc5194bvpO
euRnap5jOx9+PmxisDOXhePozSeBcnmJgU9s17sU5xL0ljzN71V2u5yso3G5PNV6
6mfCarr1ZjeHUco+2VhHXHvOGOZyuMh61M/IE3SCbgvqOn2ZZqVsY8j5Vi7pZVMe
+p1D4rEpUe+AaUX8tZcDq0q2vcaFuDOAQPqwNbxrGOWUACmoYQrUYEX1QBIoz3aa
7PyTV65N2FI2NnRQ/v3fx8olXq9HnPP03Fh/4VwskRaGUPDdk0rwd8yISFJozoP/
Y5wJQmC2p7pYPXxlv0qePmOAIQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFC8+Z9Ji
Mu9ooctYPpNAheBsA2ffMB8GA1UdIwQYMBaAFEFUBu2AtNknpHmougQhFq4tEaGm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkJBMS8yQUQ1MUY0Qzk5
MDMxMUU3QTVFOTVDNkZDNEY5QUUwMi9RVlFHN1lDMDJTZWtlYWk2QkNFV3JpMFJv
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FWUUc3WUMwMlNla2VhaTZCQ0VXcmkwUm9hWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUZCQTEvMkFENTFGNEM5OTAzMTFFN0E1RTk1QzZGQzRGOUFFMDIvRDQzNDdBMUU2
MTJBMTFFQUFEMUFGQTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJnV/gDBALLYOAwDwQCAAIwCQMHAyQA2sAAADANBgkqhkiG
9w0BAQsFAAOCAQEAAt2NgDX3Vy+eyxHbcBrL/yhZEWiLCCR/hI+SIV6maL2CzSLk
wKwARXM6kpEyASYpkkOe/ANaiMoyDdf4ukXSnIHXyAcKSY7KTzJ/fXaDoL1gv9KN
eIjt9MwgKzMu2iWycNWgvkEaoKI/AfmFWGRvTUKTLRt5aeSlwEaFnU8ctsu3FRQB
5rrH0ecd9Orp9ZNURk/wNf2DZVOeYUx7GBHAoiigiEyvpFtpf3y56x8x/xWBPBYd
y66YT6pZAILomJpNGBCJDZA/ik4A7WVtMWYJZWOEpm1Nx31rgJWfdxL5iFMRULgV
DeGPsgXq0AO1djb7syn1RttVhKCoiHUuzwxdVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org