Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/AF394770778C11EB9D1D830EC4F9AE02.roa
File: AF394770778C11EB9D1D830EC4F9AE02.roa (raw, json)
Hash identifier: ASBUlBOcFEzsiC+g8Sb2Q7ZFBE23EbJduESTWMkKQ5s=
Subject key identifier: 40:6E:5E:56:3B:3A:F9:24:37:83:97:0C:3B:1E:03:83:7A:89:B8:D7
Certificate issuer: /CN=A91142EA/serialNumber=732254DBD618F1886D4DF9201393BFDF8B9E020E
Certificate serial: 0335
Authority key identifier: 73:22:54:DB:D6:18:F1:88:6D:4D:F9:20:13:93:BF:DF:8B:9E:02:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cyJU29YY8YhtTfkgE5O_34ueAg4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/AF394770778C11EB9D1D830EC4F9AE02.roa
Signing time: Sun 03 Apr 2022 17:03:12 +0000
ROA not before: Sun 03 Apr 2022 17:03:12 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 133866
IP address blocks: 103.76.44.0/22 maxlen: 22
103.76.44.0/24 maxlen: 24
103.76.45.0/24 maxlen: 24
103.76.46.0/24 maxlen: 24
103.76.47.0/24 maxlen: 24
116.206.88.0/22 maxlen: 22
116.206.88.0/24 maxlen: 24
116.206.89.0/24 maxlen: 24
116.206.90.0/24 maxlen: 24
116.206.91.0/24 maxlen: 24
2407:6280::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 821 (0x335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91142EA/serialNumber=732254DBD618F1886D4DF9201393BFDF8B9E020E
Validity
Not Before: Apr 3 17:03:12 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=6249d350-aac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:01:3e:26:12:6b:f4:47:ff:b5:77:89:04:69:
ce:09:98:50:dd:26:80:5b:92:81:21:ca:5b:26:ca:
52:6d:bc:22:19:3f:56:6c:b3:d7:d3:68:57:af:2b:
e1:65:d2:fd:0b:89:99:a3:ec:d1:cc:ec:ed:a8:6c:
fa:ff:24:01:27:7a:ab:b4:20:8f:e4:3c:d0:aa:7c:
ec:05:f8:0a:42:42:ea:b9:f6:e1:8e:b5:f1:29:5e:
ed:a0:72:3b:f4:d7:08:bc:28:1c:69:7e:74:4c:d3:
7f:4e:ee:92:64:fc:b3:79:5d:50:39:6b:5a:7d:9e:
2a:ce:d9:c3:ea:d8:e0:4e:a3:58:e4:d7:df:ca:56:
37:f0:11:1a:80:14:1c:c8:23:2c:34:4c:9a:8b:34:
1b:66:ec:7e:bc:00:63:db:76:ee:47:e9:cc:d2:f6:
a4:7b:ae:1f:39:23:ee:8e:18:64:2e:47:90:d5:b0:
b5:bb:f5:b7:a2:c7:37:65:03:1d:11:08:41:96:c7:
71:e6:b7:ba:17:a8:28:7c:a5:4e:8f:58:c6:a1:09:
ad:e7:54:90:68:99:b7:49:33:c5:99:c4:c8:63:b6:
5f:6d:32:4b:71:ad:39:47:71:e4:cb:98:d3:a4:59:
c4:71:a9:a3:5d:6d:88:4f:3c:cd:9b:17:27:92:f9:
f3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6E:5E:56:3B:3A:F9:24:37:83:97:0C:3B:1E:03:83:7A:89:B8:D7
X509v3 Authority Key Identifier:
keyid:73:22:54:DB:D6:18:F1:88:6D:4D:F9:20:13:93:BF:DF:8B:9E:02:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/cyJU29YY8YhtTfkgE5O_34ueAg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cyJU29YY8YhtTfkgE5O_34ueAg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91142EA/F5332D7E84C311E6B9821A81C4F9AE02/AF394770778C11EB9D1D830EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.76.44.0/22
116.206.88.0/22
IPv6:
2407:6280::/32
Signature Algorithm: sha256WithRSAEncryption
79:72:e5:c5:24:ef:3e:6b:77:13:e9:67:fc:5c:d7:69:09:b0:
2f:03:87:47:5e:9e:75:e9:23:9f:5c:3a:59:cb:54:ad:19:9b:
7d:f7:d6:dd:d2:9a:00:0c:d6:3a:8f:25:e1:f0:f3:8c:6e:4f:
7e:89:a7:5e:52:d3:03:0e:71:96:c0:1f:7c:62:46:a5:5e:af:
76:87:68:eb:ff:b8:45:67:6a:d2:da:dc:22:29:53:6e:81:e4:
d9:d1:6e:0a:ed:6d:b6:88:53:37:f7:df:0e:68:59:c9:0a:f3:
d8:0e:57:0f:c5:dc:82:66:43:6b:89:89:9d:2d:8a:1b:94:1b:
0e:d2:9b:23:71:c8:86:cc:97:b3:75:70:86:e1:ca:69:e5:7c:
e1:44:86:7e:b3:71:26:4e:0d:d2:38:a5:02:e4:65:ec:fd:ab:
e2:f8:8a:f3:54:b9:d8:2c:27:21:70:44:85:7b:1f:f0:1b:4e:
fe:7c:c6:fb:c5:e2:d0:40:26:7e:85:fd:fc:f4:78:8d:ee:a3:
7f:9f:3a:c7:70:41:ef:b6:39:d2:b2:d7:96:4d:ca:bd:18:54:
8d:61:3c:e4:e0:e2:91:8c:73:18:94:44:e8:a0:9e:b7:75:20:
b3:72:1d:87:2b:a4:24:66:11:25:e4:81:5a:1b:d0:c7:69:67:
a5:45:d0:25
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTQyRUExMTAvBgNVBAUTKDczMjI1NERCRDYxOEYxODg2RDRERjkyMDEzOTNCRkRG
OEI5RTAyMEUwHhcNMjIwNDAzMTcwMzEyWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQ5ZDM1MC1hYWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1QE+JhJr9Ef/tXeJBGnOCZhQ3SaAW5KBIcpbJspSbbwiGT9WbLPX02hXryvh
ZdL9C4mZo+zRzOztqGz6/yQBJ3qrtCCP5DzQqnzsBfgKQkLqufbhjrXxKV7toHI7
9NcIvCgcaX50TNN/Tu6SZPyzeV1QOWtafZ4qztnD6tjgTqNY5NffylY38BEagBQc
yCMsNEyaizQbZux+vABj23buR+nM0vake64fOSPujhhkLkeQ1bC1u/W3osc3ZQMd
EQhBlsdx5re6F6gofKVOj1jGoQmt51SQaJm3STPFmcTIY7ZfbTJLca05R3Hky5jT
pFnEcamjXW2ITzzNmxcnkvnzhwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEBuXlY7
OvkkN4OXDDseA4N6ibjXMB8GA1UdIwQYMBaAFHMiVNvWGPGIbU35IBOTv9+LngIO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNDJFQS9GNTMzMkQ3RTg0
QzMxMUU2Qjk4MjFBODFDNEY5QUUwMi9jeUpVMjlZWThZaHRUZmtnRTVPXzM0dWVB
ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2N5SlUyOVlZOFlodFRma2dFNU9fMzR1ZUFnNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTQyRUEvRjUzMzJEN0U4NEMzMTFFNkI5ODIxQTgxQzRGOUFFMDIvQUYzOTQ3NzA3
NzhDMTFFQjlEMUQ4MzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnTCwDBAJ0zlgwDQQCAAIwBwMFACQHYoAwDQYJKoZIhvcN
AQELBQADggEBAHly5cUk7z5rdxPpZ/xc12kJsC8Dh0dennXpI59cOlnLVK0Zm333
1t3SmgAM1jqPJeHw84xuT36Jp15S0wMOcZbAH3xiRqVer3aHaOv/uEVnatLa3CIp
U26B5NnRbgrtbbaIUzf33w5oWckK89gOVw/F3IJmQ2uJiZ0tihuUGw7SmyNxyIbM
l7N1cIbhymnlfOFEhn6zcSZODdI4pQLkZez9q+L4ivNUudgsJyFwRIV7H/AbTv58
xvvF4tBAJn6F/fz0eI3uo3+fOsdwQe+2OdKy15ZNyr0YVI1hPOTg4pGMcxiUROig
nrd1ILNyHYcrpCRmESXkgVob0MdpZ6VF0CU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org