Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913914F/B1AE8434F69311ECBA29042DC4F9AE02/09CB9A52F69A11EC8783563AC4F9AE02.roa
File: 09CB9A52F69A11EC8783563AC4F9AE02.roa (raw, json)
Hash identifier: cxnZIHXmUN3DQS8QzENthHUcxjqaonSu21iHnIHqqlc=
Subject key identifier: 30:24:E5:31:D9:24:68:6E:80:61:F4:91:3B:32:51:E3:0F:48:0F:9E
Certificate issuer: /CN=A913914F/serialNumber=10E14B8CE5296312A8CD118EEAAF6DB7E46EA7DB
Certificate serial: FE
Authority key identifier: 10:E1:4B:8C:E5:29:63:12:A8:CD:11:8E:EA:AF:6D:B7:E4:6E:A7:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EOFLjOUpYxKozRGO6q9tt-Rup9s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913914F/B1AE8434F69311ECBA29042DC4F9AE02/09CB9A52F69A11EC8783563AC4F9AE02.roa
Signing time: Wed 25 Jan 2023 05:34:11 +0000
ROA not before: Wed 25 Jan 2023 05:34:11 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 134736
IP address blocks: 59.153.108.0/22 maxlen: 22
59.153.108.0/24 maxlen: 24
59.153.109.0/24 maxlen: 24
59.153.110.0/24 maxlen: 24
59.153.111.0/24 maxlen: 24
103.198.148.0/22 maxlen: 22
103.198.148.0/24 maxlen: 24
103.198.149.0/24 maxlen: 24
103.198.150.0/24 maxlen: 24
103.198.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254 (0xfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913914F/serialNumber=10E14B8CE5296312A8CD118EEAAF6DB7E46EA7DB
Validity
Not Before: Jan 25 05:34:11 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63d0bf52-c85f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:46:90:ee:b6:eb:45:f5:d5:3c:b5:7d:b1:b8:
ac:bb:8c:16:04:92:f8:27:82:f9:d2:fe:71:98:f6:
08:3a:04:c5:78:b4:3e:2c:02:5e:bb:12:9c:2f:6b:
2e:f3:9e:e6:48:2d:81:3b:dc:2b:0b:81:28:c6:4e:
d6:99:fa:e2:d0:ec:87:18:33:af:01:42:a2:5b:54:
96:f6:7f:aa:61:66:02:bb:99:81:2e:3d:87:88:7d:
7d:9f:38:37:cf:d1:91:74:b6:06:2c:71:5b:b8:1e:
ba:89:f3:25:4a:05:b9:88:c9:ef:bd:e7:1a:a5:fc:
71:f7:63:fd:75:8a:fe:4b:a3:0d:b3:c7:b5:2b:c7:
9b:5d:88:9e:29:06:68:e3:ca:ea:16:77:04:0a:e3:
5f:0c:3a:03:0d:ae:d0:47:54:21:98:74:79:d0:12:
fb:de:29:91:50:61:5d:ff:23:a4:0b:64:83:2a:13:
6f:e6:45:d4:a9:c5:1e:2e:d7:b5:ee:6d:a6:b7:ac:
44:77:98:cd:b1:8d:c7:0c:96:f4:43:c2:a3:d6:44:
19:55:81:e9:1e:3f:34:5f:98:5b:81:e2:1c:ef:08:
e3:76:95:dc:e2:cb:fe:c0:f9:fc:73:2e:ff:05:ca:
ff:df:4a:9c:19:7f:0b:91:65:fd:71:be:9d:21:a2:
e9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:24:E5:31:D9:24:68:6E:80:61:F4:91:3B:32:51:E3:0F:48:0F:9E
X509v3 Authority Key Identifier:
keyid:10:E1:4B:8C:E5:29:63:12:A8:CD:11:8E:EA:AF:6D:B7:E4:6E:A7:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913914F/B1AE8434F69311ECBA29042DC4F9AE02/EOFLjOUpYxKozRGO6q9tt-Rup9s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EOFLjOUpYxKozRGO6q9tt-Rup9s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913914F/B1AE8434F69311ECBA29042DC4F9AE02/09CB9A52F69A11EC8783563AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.108.0/22
103.198.148.0/22
Signature Algorithm: sha256WithRSAEncryption
79:15:23:ed:42:a6:e2:3a:92:76:6d:d3:7c:4b:62:2d:55:55:
5f:c6:92:d1:aa:de:90:4c:eb:48:a3:cc:e5:07:83:19:58:06:
cd:a4:d1:61:f6:c8:2c:b0:1f:94:e1:94:2d:b3:9d:b8:35:fc:
da:fa:48:b6:f0:e8:14:14:15:33:0c:07:e5:4c:40:2b:56:b0:
5f:4c:f5:37:63:c4:c4:40:75:69:fd:5b:79:48:cd:57:f6:6c:
7f:fe:55:c2:1a:96:f8:c2:25:b7:f4:6c:20:44:46:e7:43:1d:
97:c4:e3:32:b3:f0:fa:1d:b3:e1:be:a3:ff:12:4d:94:cd:d2:
49:7a:44:65:b1:31:1e:e2:33:87:2f:02:19:a7:22:d5:fe:49:
2e:37:c6:af:be:49:c4:32:e3:47:05:a2:d9:bf:f9:0c:06:1e:
7f:19:39:73:c5:86:40:31:2f:7e:e6:cb:61:7a:9e:ab:7a:ac:
d1:08:b8:54:31:a8:b1:c8:3f:33:11:75:6b:12:d3:db:81:b7:
da:ea:ea:90:b2:b9:c8:73:fd:23:b7:77:0c:a6:99:e1:10:0e:
e3:c9:ca:4f:58:a0:f5:c3:f6:f5:9d:01:57:50:bb:d7:0f:83:
9e:c0:6d:3a:4d:a7:a0:49:e8:e8:d3:e7:c9:d5:ea:22:e7:d9:
14:9e:63:0d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkxNEYxMTAvBgNVBAUTKDEwRTE0QjhDRTUyOTYzMTJBOENEMTE4RUVBQUY2REI3
RTQ2RUE3REIwHhcNMjMwMTI1MDUzNDExWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QwYmY1Mi1jODVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6kaQ7rbrRfXVPLV9sbisu4wWBJL4J4L50v5xmPYIOgTFeLQ+LAJeuxKcL2su
857mSC2BO9wrC4Eoxk7Wmfri0OyHGDOvAUKiW1SW9n+qYWYCu5mBLj2HiH19nzg3
z9GRdLYGLHFbuB66ifMlSgW5iMnvvecapfxx92P9dYr+S6MNs8e1K8ebXYieKQZo
48rqFncECuNfDDoDDa7QR1QhmHR50BL73imRUGFd/yOkC2SDKhNv5kXUqcUeLte1
7m2mt6xEd5jNsY3HDJb0Q8Kj1kQZVYHpHj80X5hbgeIc7wjjdpXc4sv+wPn8cy7/
Bcr/30qcGX8LkWX9cb6dIaLp5QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDAk5THZ
JGhugGH0kTsyUeMPSA+eMB8GA1UdIwQYMBaAFBDhS4zlKWMSqM0Rjuqvbbfkbqfb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTE0Ri9CMUFFODQzNEY2
OTMxMUVDQkEyOTA0MkRDNEY5QUUwMi9FT0ZMak9VcFl4S296UkdPNnE5dHQtUnVw
OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VPRkxqT1VwWXhLb3pSR082cTl0dC1SdXA5cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkxNEYvQjFBRTg0MzRGNjkzMTFFQ0JBMjkwNDJEQzRGOUFFMDIvMDlDQjlBNTJG
NjlBMTFFQzg3ODM1NjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI7mWwDBAJnxpQwDQYJKoZIhvcNAQELBQADggEBAHkVI+1C
puI6knZt03xLYi1VVV/GktGq3pBM60ijzOUHgxlYBs2k0WH2yCywH5ThlC2znbg1
/Nr6SLbw6BQUFTMMB+VMQCtWsF9M9TdjxMRAdWn9W3lIzVf2bH/+VcIalvjCJbf0
bCBERudDHZfE4zKz8Pods+G+o/8STZTN0kl6RGWxMR7iM4cvAhmnItX+SS43xq++
ScQy40cFotm/+QwGHn8ZOXPFhkAxL37my2F6nqt6rNEIuFQxqLHIPzMRdWsS09uB
t9rq6pCyuchz/SO3dwymmeEQDuPJyk9YoPXD9vWdAVdQu9cPg57AbTpNp6BJ6OjT
58nV6iLn2RSeYw0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org