Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913AE13/8936357826FB11ECA7135D73C4F9AE02/5B34AAD4CE1A11ED894FB91BC4F9AE02.roa
File: 5B34AAD4CE1A11ED894FB91BC4F9AE02.roa (raw, json)
Hash identifier: DkbzVXRV3/6xaXONth0PykDB1CPSgrm0V4cQANskeaU=
Subject key identifier: 2D:EB:26:19:CA:94:34:7A:5B:B1:40:59:2F:FF:26:22:95:06:B0:A6
Certificate issuer: /CN=A913AE13/serialNumber=87D3BD7D0ADE06509EB85AC6BA59489D95401F7F
Certificate serial: 0348
Authority key identifier: 87:D3:BD:7D:0A:DE:06:50:9E:B8:5A:C6:BA:59:48:9D:95:40:1F:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h9O9fQreBlCeuFrGullInZVAH38.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913AE13/8936357826FB11ECA7135D73C4F9AE02/5B34AAD4CE1A11ED894FB91BC4F9AE02.roa
Signing time: Wed 29 Mar 2023 10:13:32 +0000
ROA not before: Wed 29 Mar 2023 10:13:32 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 134711
IP address blocks: 103.12.188.0/22 maxlen: 22
103.46.221.0/24 maxlen: 24
103.46.222.0/24 maxlen: 24
103.197.144.0/22 maxlen: 22
220.158.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 840 (0x348)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913AE13/serialNumber=87D3BD7D0ADE06509EB85AC6BA59489D95401F7F
Validity
Not Before: Mar 29 10:13:32 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64240f4b-0037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f4:c8:61:fa:a1:d4:d6:c5:e1:10:e6:8c:21:
8f:e0:f4:5c:2d:18:88:97:b7:5d:f2:86:b5:a5:aa:
90:be:ad:66:02:5e:50:b1:0b:d3:15:3f:f8:61:1d:
20:10:65:5b:04:69:83:2b:fd:16:36:46:79:4b:0f:
9a:31:9d:6c:86:f2:d5:07:e2:63:68:4c:b3:4a:72:
c5:28:4c:24:e3:11:99:9e:37:3b:b0:ce:a5:0d:22:
a4:f0:6d:88:d7:28:fa:da:9b:f8:c9:b0:35:7c:38:
62:cb:fd:55:ea:3d:20:3b:9f:79:7e:b0:d3:01:22:
95:c1:b8:a2:4e:9b:b2:96:07:30:87:31:0e:10:c0:
f1:bf:ce:76:f5:40:a7:8e:f1:23:86:db:2d:0a:3b:
4e:8e:06:5e:de:7d:72:a6:5f:d3:c2:d6:b8:0e:d1:
2e:f7:b9:43:ba:df:d1:80:2a:49:11:15:c5:be:55:
3c:ff:8a:c0:7a:35:a1:e1:e5:a2:83:dc:25:0c:30:
de:3d:3c:84:76:51:78:3b:db:d1:0e:4b:8c:c2:e1:
af:2d:93:00:24:73:56:c1:db:75:4d:40:ba:35:05:
e6:b8:32:2b:ac:02:04:8e:a2:d0:f1:24:66:09:7a:
7b:75:86:69:23:ac:5b:17:5d:91:ee:48:42:82:dc:
c1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EB:26:19:CA:94:34:7A:5B:B1:40:59:2F:FF:26:22:95:06:B0:A6
X509v3 Authority Key Identifier:
keyid:87:D3:BD:7D:0A:DE:06:50:9E:B8:5A:C6:BA:59:48:9D:95:40:1F:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913AE13/8936357826FB11ECA7135D73C4F9AE02/h9O9fQreBlCeuFrGullInZVAH38.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h9O9fQreBlCeuFrGullInZVAH38.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913AE13/8936357826FB11ECA7135D73C4F9AE02/5B34AAD4CE1A11ED894FB91BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.12.188.0/22
103.46.221.0-103.46.222.255
103.197.144.0/22
220.158.188.0/22
Signature Algorithm: sha256WithRSAEncryption
15:ab:3f:42:94:4d:18:dc:f0:d5:6d:e9:8c:54:ba:34:d9:ab:
07:41:d2:a2:8d:02:6b:cb:c4:c5:3e:16:78:be:0f:f1:37:6b:
70:25:08:18:46:04:63:f9:78:2f:dc:1d:d7:1b:d3:d6:de:61:
be:33:22:94:ac:be:1e:c8:ae:a2:33:05:6e:77:06:b8:bb:90:
2a:3c:5e:61:ac:7e:7a:63:6d:bb:f6:fd:52:e4:14:ca:88:78:
46:fc:67:cb:a4:19:7b:aa:96:5d:ba:36:e3:ad:d3:d3:7f:ea:
03:89:4c:b8:b4:bd:c9:b1:c9:b6:55:d9:66:29:7c:0b:02:90:
e5:2d:de:ad:b5:97:c8:5f:d1:39:70:d0:88:9b:7d:99:4b:cb:
0c:a2:f7:e1:41:3d:93:97:9e:76:46:fb:20:06:db:e7:6c:da:
05:99:50:0a:0e:4c:eb:c2:f7:6f:2c:4a:ad:ce:9f:bf:00:4f:
1f:d9:83:eb:d9:c1:6b:20:99:2d:40:04:21:c4:41:cf:a9:49:
e6:d0:34:8c:de:6e:17:6f:ab:4e:30:a4:b6:d2:7b:b0:63:b9:
88:e8:0c:43:c1:20:67:0a:83:bf:20:51:75:fa:48:33:99:03:
e2:55:f8:f1:63:b2:af:a5:eb:4b:96:ab:37:f9:e5:7c:e7:18:
0f:29:4e:4c
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICA0gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0FFMTMxMTAvBgNVBAUTKDg3RDNCRDdEMEFERTA2NTA5RUI4NUFDNkJBNTk0ODlE
OTU0MDFGN0YwHhcNMjMwMzI5MTAxMzMyWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI0MGY0Yi0wMDM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsPTIYfqh1NbF4RDmjCGP4PRcLRiIl7dd8oa1paqQvq1mAl5QsQvTFT/4YR0g
EGVbBGmDK/0WNkZ5Sw+aMZ1shvLVB+JjaEyzSnLFKEwk4xGZnjc7sM6lDSKk8G2I
1yj62pv4ybA1fDhiy/1V6j0gO595frDTASKVwbiiTpuylgcwhzEOEMDxv8529UCn
jvEjhtstCjtOjgZe3n1ypl/Twta4DtEu97lDut/RgCpJERXFvlU8/4rAejWh4eWi
g9wlDDDePTyEdlF4O9vRDkuMwuGvLZMAJHNWwdt1TUC6NQXmuDIrrAIEjqLQ8SRm
CXp7dYZpI6xbF12R7khCgtzBLwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFC3rJhnK
lDR6W7FAWS//JiKVBrCmMB8GA1UdIwQYMBaAFIfTvX0K3gZQnrhaxrpZSJ2VQB9/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUUxMy84OTM2MzU3ODI2
RkIxMUVDQTcxMzVENzNDNEY5QUUwMi9oOU85ZlFyZUJsQ2V1RnJHdWxsSW5aVkFI
MzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g5TzlmUXJlQmxDZXVGckd1bGxJblpWQUgzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0FFMTMvODkzNjM1NzgyNkZCMTFFQ0E3MTM1RDczQzRGOUFFMDIvNUIzNEFBRDRD
RTFBMTFFRDg5NEZCOTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAJnDLwwDAMEAGcu3QMEAGcu3gMEAmfFkAMEAtyevDANBgkq
hkiG9w0BAQsFAAOCAQEAFas/QpRNGNzw1W3pjFS6NNmrB0HSoo0Ca8vExT4WeL4P
8TdrcCUIGEYEY/l4L9wd1xvT1t5hvjMilKy+HsiuojMFbncGuLuQKjxeYax+emNt
u/b9UuQUyoh4Rvxny6QZe6qWXbo2463T03/qA4lMuLS9ybHJtlXZZil8CwKQ5S3e
rbWXyF/ROXDQiJt9mUvLDKL34UE9k5eedkb7IAbb52zaBZlQCg5M68L3byxKrc6f
vwBPH9mD69nBayCZLUAEIcRBz6lJ5tA0jN5uF2+rTjCkttJ7sGO5iOgMQ8EgZwqD
vyBRdfpIM5kD4lX48WOyr6XrS5arN/nlfOcYDylOTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org