Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913D65B/CF4CF13AA5E611ED8743A12FC4F9AE02/F65720BEA7AF11ED8A5D0751C4F9AE02.roa
File: F65720BEA7AF11ED8A5D0751C4F9AE02.roa (raw, json)
Hash identifier: M860/0n7pASq7JVIQfzFjEXC9Y+zKYFEnYkwHeiqrZg=
Subject key identifier: 80:A0:25:48:7D:6F:F5:1E:DE:6A:DC:9F:3B:FA:B0:D5:75:F5:20:65
Certificate issuer: /CN=A913D65B/serialNumber=581332F5D3EB882A5C252FDFD980B60A1A378E41
Certificate serial: 0C
Authority key identifier: 58:13:32:F5:D3:EB:88:2A:5C:25:2F:DF:D9:80:B6:0A:1A:37:8E:41
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WBMy9dPriCpcJS_f2YC2Cho3jkE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913D65B/CF4CF13AA5E611ED8743A12FC4F9AE02/F65720BEA7AF11ED8A5D0751C4F9AE02.roa
Signing time: Mon 20 Feb 2023 19:36:01 +0000
ROA not before: Mon 20 Feb 2023 19:36:01 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 136516
IP address blocks: 103.82.94.0/23 maxlen: 23
103.82.94.0/24 maxlen: 24
103.82.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913D65B/serialNumber=581332F5D3EB882A5C252FDFD980B60A1A378E41
Validity
Not Before: Feb 20 19:36:01 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63f3cba1-bba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:43:7d:87:95:79:cc:ce:a9:9e:80:63:69:b1:
f7:aa:6c:03:7e:ef:8d:10:8c:0f:a4:9b:2d:17:5b:
06:91:43:a5:8b:d0:92:8c:bc:44:46:db:c7:69:d7:
9a:44:5a:f1:98:b4:97:5f:7f:ab:c5:65:40:dc:ee:
46:ef:5b:a4:43:28:81:b5:fe:57:3e:b6:10:b2:13:
96:9c:ce:75:02:90:46:7d:31:d7:97:d5:20:09:7d:
7c:76:d9:5f:77:10:ab:ad:b8:ff:ec:a6:d9:da:8f:
33:fc:c0:44:cd:b2:5d:d6:21:65:b4:15:1a:2b:2c:
fd:f2:2f:69:b2:b5:e2:f2:bc:3c:04:8a:b8:c8:f6:
85:69:16:fd:79:6a:44:eb:03:f9:83:97:5b:be:de:
7e:ba:42:d6:a7:d7:74:c6:f6:cb:72:d0:6c:40:95:
84:06:27:a8:1f:53:8c:d1:c6:ab:a0:03:fe:bb:63:
5a:d8:09:95:f4:1c:31:7a:08:d3:58:b6:b3:24:53:
de:63:45:d7:3f:e5:d6:3d:03:81:95:30:d2:82:e4:
b7:bf:55:16:09:81:83:a8:25:0c:e9:12:63:08:a3:
0b:a9:36:bb:01:6f:b3:7b:09:af:31:c9:c8:43:7b:
39:c2:55:c6:f5:5c:be:52:e2:04:5d:9a:7a:7a:31:
64:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A0:25:48:7D:6F:F5:1E:DE:6A:DC:9F:3B:FA:B0:D5:75:F5:20:65
X509v3 Authority Key Identifier:
keyid:58:13:32:F5:D3:EB:88:2A:5C:25:2F:DF:D9:80:B6:0A:1A:37:8E:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913D65B/CF4CF13AA5E611ED8743A12FC4F9AE02/WBMy9dPriCpcJS_f2YC2Cho3jkE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WBMy9dPriCpcJS_f2YC2Cho3jkE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D65B/CF4CF13AA5E611ED8743A12FC4F9AE02/F65720BEA7AF11ED8A5D0751C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.94.0/23
Signature Algorithm: sha256WithRSAEncryption
81:dc:4e:ec:9b:94:92:a0:22:18:ae:ce:1a:c6:84:49:77:d9:
4e:a1:5e:b2:b6:4b:76:f7:23:74:54:2d:6f:ec:a7:58:b7:1c:
0e:38:0b:1d:e5:57:39:de:cf:18:36:4d:03:63:4a:77:e2:8d:
f4:79:eb:73:e5:8a:39:41:f4:57:77:4e:06:2d:19:cf:f1:71:
ad:37:c6:94:e5:e2:29:67:9b:7f:09:a4:56:05:f4:fe:55:44:
d9:36:29:61:75:68:63:bf:38:c3:b7:69:05:a3:15:4f:fe:be:
13:76:e0:81:b0:c0:c7:e3:2b:28:a7:a9:47:4a:f9:3d:3b:59:
96:6c:25:68:86:5e:a5:0e:17:4b:61:64:a1:48:b1:63:69:4a:
e1:1b:06:86:d4:23:7c:5e:97:18:5d:ac:70:26:e4:b4:ac:2d:
b8:e1:bc:78:86:ce:1d:94:e8:22:81:25:4c:32:e2:1f:3a:b8:
df:33:83:45:4c:20:d7:2b:4e:5b:23:08:7b:ad:64:e4:c6:69:
39:8e:db:0d:67:7c:04:a2:16:54:c3:49:40:0d:9f:48:d3:00:
83:b3:0c:e1:f1:70:c2:26:ea:24:b5:be:68:39:24:47:90:27:
84:11:f6:d7:ce:fb:c4:4c:cd:88:a0:64:a8:33:99:d2:2e:9a:
6e:3a:44:82
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
RDY1QjExMC8GA1UEBRMoNTgxMzMyRjVEM0VCODgyQTVDMjUyRkRGRDk4MEI2MEEx
QTM3OEU0MTAeFw0yMzAyMjAxOTM2MDFaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZjNjYmExLWJiYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCiQ32HlXnMzqmegGNpsfeqbAN+740QjA+kmy0XWwaRQ6WL0JKMvERG28dp15pE
WvGYtJdff6vFZUDc7kbvW6RDKIG1/lc+thCyE5acznUCkEZ9MdeX1SAJfXx22V93
EKutuP/sptnajzP8wETNsl3WIWW0FRorLP3yL2myteLyvDwEirjI9oVpFv15akTr
A/mDl1u+3n66Qtan13TG9sty0GxAlYQGJ6gfU4zRxqugA/67Y1rYCZX0HDF6CNNY
trMkU95jRdc/5dY9A4GVMNKC5Le/VRYJgYOoJQzpEmMIowupNrsBb7N7Ca8xychD
eznCVcb1XL5S4gRdmnp6MWQLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgKAlSH1v
9R7eatyfO/qw1XX1IGUwHwYDVR0jBBgwFoAUWBMy9dPriCpcJS/f2YC2Cho3jkEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNENjVCL0NGNENGMTNBQTVF
NjExRUQ4NzQzQTEyRkM0RjlBRTAyL1dCTXk5ZFByaUNwY0pTX2YyWUMyQ2hvM2pr
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV0JNeTlkUHJpQ3BjSlNfZjJZQzJDaG8zamtFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
RDY1Qi9DRjRDRjEzQUE1RTYxMUVEODc0M0ExMkZDNEY5QUUwMi9GNjU3MjBCRUE3
QUYxMUVEOEE1RDA3NTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdSXjANBgkqhkiG9w0BAQsFAAOCAQEAgdxO7JuUkqAiGK7O
GsaESXfZTqFesrZLdvcjdFQtb+ynWLccDjgLHeVXOd7PGDZNA2NKd+KN9Hnrc+WK
OUH0V3dOBi0Zz/FxrTfGlOXiKWebfwmkVgX0/lVE2TYpYXVoY784w7dpBaMVT/6+
E3bggbDAx+MrKKepR0r5PTtZlmwlaIZepQ4XS2FkoUixY2lK4RsGhtQjfF6XGF2s
cCbktKwtuOG8eIbOHZToIoElTDLiHzq43zODRUwg1ytOWyMIe61k5MZpOY7bDWd8
BKIWVMNJQA2fSNMAg7MM4fFwwibqJLW+aDkkR5AnhBH21877xEzNiKBkqDOZ0i6a
bjpEgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org