Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913F0E3/291576BE6B3411E69184B66CC4F9AE02/00F85CF6938C11ECB0475B4DC4F9AE02.roa
File: 00F85CF6938C11ECB0475B4DC4F9AE02.roa (raw, json)
Hash identifier: Fc4i6jLyWk4AJNiIEczY/akXyCm16Ziyq9QAepsqLbE=
Subject key identifier: 10:89:FF:E9:51:6E:4D:DB:73:5B:D5:DE:AA:AF:FB:D5:EA:13:BD:02
Certificate issuer: /CN=A913F0E3/serialNumber=8E8377810CF9C204BB12584F3E5B5F050368246F
Certificate serial: 1CE3
Authority key identifier: 8E:83:77:81:0C:F9:C2:04:BB:12:58:4F:3E:5B:5F:05:03:68:24:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/joN3gQz5wgS7ElhPPltfBQNoJG8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913F0E3/291576BE6B3411E69184B66CC4F9AE02/00F85CF6938C11ECB0475B4DC4F9AE02.roa
Signing time: Fri 02 Dec 2022 21:22:58 +0000
ROA not before: Fri 02 Dec 2022 21:22:58 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 58631
IP address blocks: 103.5.28.0/24 maxlen: 24
103.192.197.0/24 maxlen: 24
2001:df0:247::/48 maxlen: 48
2400:c760::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7395 (0x1ce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913F0E3/serialNumber=8E8377810CF9C204BB12584F3E5B5F050368246F
Validity
Not Before: Dec 2 21:22:58 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=638a6cb1-d091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b9:87:40:87:39:f3:90:4c:e1:f6:05:e6:75:
13:8a:0d:21:4a:c1:a8:43:18:91:c0:6f:7d:be:a5:
61:6b:e9:e7:c6:80:7c:80:8c:d1:48:10:2a:1e:4f:
6f:82:1c:50:4c:5e:00:4a:e7:e4:2e:e2:fd:d7:e7:
76:6e:85:9f:01:7c:ab:7c:d0:90:de:43:6e:41:62:
dc:36:98:e1:2e:36:d0:f2:d6:fe:4e:ca:b1:1c:e4:
e2:3d:7b:2b:e2:2b:95:d4:7f:51:d6:d4:9c:8f:a4:
ca:2f:9f:61:ae:90:35:13:71:0a:77:55:59:08:f2:
14:7f:c5:57:6f:89:d2:99:32:9f:48:c9:0a:4a:82:
8f:fc:dc:06:b9:5e:5d:fc:e7:76:4d:1e:5b:f5:da:
67:9f:b3:30:75:84:e7:1d:f1:b8:07:a6:49:f3:c7:
79:5b:12:85:c6:e9:b6:c5:ea:c7:71:f5:10:38:13:
4c:5a:9c:31:83:9f:0f:55:98:5b:10:54:a1:0c:ef:
5b:bb:0d:0a:30:67:ea:f4:bb:8c:9c:53:cc:8c:16:
f0:4e:13:f8:98:77:22:e3:73:66:31:11:bc:e4:29:
fc:cf:15:85:24:c2:6a:c5:d9:b7:eb:94:24:eb:b9:
0c:cf:96:b8:b8:22:ba:5b:80:12:91:2a:6d:94:13:
f1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:89:FF:E9:51:6E:4D:DB:73:5B:D5:DE:AA:AF:FB:D5:EA:13:BD:02
X509v3 Authority Key Identifier:
keyid:8E:83:77:81:0C:F9:C2:04:BB:12:58:4F:3E:5B:5F:05:03:68:24:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913F0E3/291576BE6B3411E69184B66CC4F9AE02/joN3gQz5wgS7ElhPPltfBQNoJG8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/joN3gQz5wgS7ElhPPltfBQNoJG8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F0E3/291576BE6B3411E69184B66CC4F9AE02/00F85CF6938C11ECB0475B4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.28.0/24
103.192.197.0/24
IPv6:
2001:df0:247::/48
2400:c760::/32
Signature Algorithm: sha256WithRSAEncryption
8e:08:03:08:14:13:70:86:a4:94:bb:30:62:c6:19:0e:f2:8c:
e0:e8:11:00:74:d5:18:ce:18:76:4c:9a:1d:51:98:d1:6c:97:
65:d7:e5:87:7f:9c:fa:f8:42:be:64:c8:d1:ee:b5:57:35:05:
12:5c:ff:aa:ff:43:6e:63:fa:c9:ea:c8:49:f2:00:31:21:e2:
79:ed:1f:76:ec:bf:cb:88:cb:d1:8b:41:9f:c2:ae:4d:19:e4:
a9:e3:8a:d1:cd:1b:ca:d6:9d:55:c9:76:fa:1b:1b:b9:19:4b:
70:92:cc:e5:cf:63:ff:9a:0e:88:b3:ec:9f:ea:fa:a8:37:93:
cc:fa:df:cd:42:fc:1c:1c:9d:c8:86:21:a6:24:54:07:f8:98:
22:8a:85:41:b3:93:85:96:4b:7a:24:cc:17:9e:c3:b7:19:f8:
b9:1f:2e:93:06:13:51:11:0c:e4:7c:e7:b7:ff:3a:da:09:57:
f2:4b:cb:63:14:07:5e:49:c8:6a:3b:1b:7a:75:96:d3:d8:0d:
9a:4e:12:9a:86:cc:45:75:55:d7:b6:3e:5b:a8:c6:06:16:a5:
b7:f8:1f:a3:3a:4f:d2:47:f3:2c:a4:50:c8:70:df:3c:e2:39:
a0:b9:b8:18:1f:4c:e4:01:47:4e:02:34:47:51:b0:9d:6b:cb:
71:49:5c:73
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICHOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0YwRTMxMTAvBgNVBAUTKDhFODM3NzgxMENGOUMyMDRCQjEyNTg0RjNFNUI1RjA1
MDM2ODI0NkYwHhcNMjIxMjAyMjEyMjU4WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhNmNiMS1kMDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5bmHQIc585BM4fYF5nUTig0hSsGoQxiRwG99vqVha+nnxoB8gIzRSBAqHk9v
ghxQTF4ASufkLuL91+d2boWfAXyrfNCQ3kNuQWLcNpjhLjbQ8tb+TsqxHOTiPXsr
4iuV1H9R1tScj6TKL59hrpA1E3EKd1VZCPIUf8VXb4nSmTKfSMkKSoKP/NwGuV5d
/Od2TR5b9dpnn7MwdYTnHfG4B6ZJ88d5WxKFxum2xerHcfUQOBNMWpwxg58PVZhb
EFShDO9buw0KMGfq9LuMnFPMjBbwThP4mHci43NmMRG85Cn8zxWFJMJqxdm365Qk
67kMz5a4uCK6W4ASkSptlBPxkwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBCJ/+lR
bk3bc1vV3qqv+9XqE70CMB8GA1UdIwQYMBaAFI6Dd4EM+cIEuxJYTz5bXwUDaCRv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjBFMy8yOTE1NzZCRTZC
MzQxMUU2OTE4NEI2NkNDNEY5QUUwMi9qb04zZ1F6NXdnUzdFbGhQUGx0ZkJRTm9K
RzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pvTjNnUXo1d2dTN0VsaFBQbHRmQlFOb0pHOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0YwRTMvMjkxNTc2QkU2QjM0MTFFNjkxODRCNjZDQzRGOUFFMDIvMDBGODVDRjY5
MzhDMTFFQ0IwNDc1QjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMBIEAgABMAwDBABnBRwDBABnwMUwFgQCAAIwEAMHACABDfACRwMFACQAx2Aw
DQYJKoZIhvcNAQELBQADggEBAI4IAwgUE3CGpJS7MGLGGQ7yjODoEQB01RjOGHZM
mh1RmNFsl2XX5Yd/nPr4Qr5kyNHutVc1BRJc/6r/Q25j+snqyEnyADEh4nntH3bs
v8uIy9GLQZ/Crk0Z5KnjitHNG8rWnVXJdvobG7kZS3CSzOXPY/+aDoiz7J/q+qg3
k8z6381C/BwcnciGIaYkVAf4mCKKhUGzk4WWS3okzBeew7cZ+LkfLpMGE1ERDOR8
57f/OtoJV/JLy2MUB15JyGo7G3p1ltPYDZpOEpqGzEV1Vde2PluoxgYWpbf4H6M6
T9JH8yykUMhw3zziOaC5uBgfTOQBR04CNEdRsJ1ry3FJXHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org