Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/D28CD5DCD78611ED995DD621C4F9AE02.roa
File: D28CD5DCD78611ED995DD621C4F9AE02.roa (raw, json)
Hash identifier: Lbo44m4pTw1AbAvy1TJ2Sl62Fbm5N3OfoiRXkfLql4E=
Subject key identifier: B3:19:AA:58:09:57:BD:3B:13:C9:95:54:C0:39:93:2C:63:5B:A7:BB
Certificate issuer: /CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Certificate serial: 0441
Authority key identifier: A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/D28CD5DCD78611ED995DD621C4F9AE02.roa
Signing time: Tue 13 Jun 2023 04:49:28 +0000
ROA not before: Tue 13 Jun 2023 04:49:28 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 139922
IP address blocks: 103.147.62.0/23 maxlen: 24
2405:acc0::/32 maxlen: 32
2405:acc0::/48 maxlen: 48
2405:acc0:1::/48 maxlen: 48
2405:acc0:1000::/48 maxlen: 48
2405:acc0:1100::/48 maxlen: 48
2405:acc0:f020::/48 maxlen: 48
2405:acc0:f021::/48 maxlen: 48
2405:acc0:f022::/48 maxlen: 48
2405:acc0:f023::/48 maxlen: 48
2405:acc0:f111::/48 maxlen: 48
2405:acc0:f222::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1089 (0x441)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Validity
Not Before: Jun 13 04:49:28 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6487f557-34a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bc:11:a6:fe:97:86:bd:06:fe:81:66:f7:2b:
aa:20:5b:5a:ba:04:46:2a:8a:e8:02:0b:af:c2:53:
60:73:2e:d2:71:bb:3e:d9:89:c0:75:1c:5f:16:cc:
94:14:ab:0f:83:37:d4:ab:23:50:71:1b:75:ca:11:
46:6e:66:f8:83:81:cb:29:b5:cb:eb:9b:69:14:e5:
5d:4a:79:df:24:a6:cf:ad:9b:6a:fb:9b:94:58:40:
88:f6:cd:3d:5e:79:46:72:18:7a:8d:19:a9:b6:57:
9c:8c:58:d4:89:81:1b:48:fc:17:f7:78:2e:ac:95:
6c:74:22:08:96:9e:33:cb:d3:15:3c:1b:e9:c2:d8:
70:c2:5f:11:e2:46:42:3b:c5:12:b8:d4:c5:62:d1:
dd:cc:fc:5d:d5:60:78:cd:c2:72:20:18:8c:92:7a:
96:a3:6b:c3:6d:60:b9:45:13:0d:79:d1:03:d3:a1:
51:bf:fa:c0:2e:ab:e2:53:3e:a6:ad:fc:a0:3a:b6:
de:7b:1c:1e:f8:bf:39:d4:9b:b0:8c:bd:04:4b:12:
86:bf:6b:86:2a:eb:78:80:17:15:3c:cf:0b:5b:86:
73:66:08:4c:89:57:46:7e:f7:ca:cd:c8:d0:ba:3b:
3f:26:7f:37:bd:5f:70:fb:0b:79:71:8f:ea:55:53:
2b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:19:AA:58:09:57:BD:3B:13:C9:95:54:C0:39:93:2C:63:5B:A7:BB
X509v3 Authority Key Identifier:
keyid:A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/D28CD5DCD78611ED995DD621C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.147.62.0/23
IPv6:
2405:acc0::/32
Signature Algorithm: sha256WithRSAEncryption
ce:71:ac:0a:61:6c:30:03:b6:d4:5d:e7:e3:09:ff:2c:b0:fb:
47:c7:27:b3:bc:6c:11:6c:c4:24:c8:a9:0a:33:26:72:30:80:
c0:19:88:d1:bb:79:4b:af:9e:bc:b7:a2:39:02:55:0f:89:24:
43:46:92:10:c5:c5:bd:88:21:08:ae:95:54:2c:78:11:68:b6:
a7:01:26:56:c9:68:73:ac:98:12:f4:2f:2d:90:a2:d4:8b:6d:
91:61:5f:18:b2:44:0a:5b:72:5d:47:86:f5:9a:74:b0:46:32:
64:c7:20:d9:c8:11:94:02:63:6c:fd:d6:c0:a0:6e:27:21:73:
39:96:ae:08:5c:81:49:57:81:7c:b8:52:0a:1b:4b:01:c9:5a:
b5:91:49:b4:b6:91:cc:a2:37:a3:53:2a:95:bc:46:4e:78:25:
fc:da:5f:99:5a:32:84:f8:21:9f:af:fc:4b:1d:c6:61:5b:a1:
1b:e1:f3:14:32:98:4e:c9:3d:85:3b:59:f8:e5:40:27:28:01:
61:90:6e:5c:08:5f:fb:a9:f5:1f:ac:2f:62:1f:d1:ae:a8:50:
9c:8c:80:7f:7f:04:06:be:80:44:72:1b:71:c9:5a:4d:09:36:
69:27:e8:39:af:a2:dd:aa:ec:08:a1:2d:c7:d8:16:07:03:a9:
5a:c3:99:10
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENDRDExMTAvBgNVBAUTKEEzRDVDRjQzREU1QjNEOEI5QzM0M0VENDQ5QzE2OTBF
QkUzNDE3MEUwHhcNMjMwNjEzMDQ0OTI4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg3ZjU1Ny0zNGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArLwRpv6Xhr0G/oFm9yuqIFtaugRGKoroAguvwlNgcy7Scbs+2YnAdRxfFsyU
FKsPgzfUqyNQcRt1yhFGbmb4g4HLKbXL65tpFOVdSnnfJKbPrZtq+5uUWECI9s09
XnlGchh6jRmptlecjFjUiYEbSPwX93gurJVsdCIIlp4zy9MVPBvpwthwwl8R4kZC
O8USuNTFYtHdzPxd1WB4zcJyIBiMknqWo2vDbWC5RRMNedED06FRv/rALqviUz6m
rfygOrbeexwe+L851JuwjL0ESxKGv2uGKut4gBcVPM8LW4ZzZghMiVdGfvfKzcjQ
ujs/Jn83vV9w+wt5cY/qVVMr0QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLMZqlgJ
V707E8mVVMA5kyxjW6e7MB8GA1UdIwQYMBaAFKPVz0PeWz2LnDQ+1EnBaQ6+NBcO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0NEMS9BRDdGNDVBNENE
QzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZdWNORDdVU2NGcERyNDBG
dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL285WFBROTViUFl1Y05EN1VTY0ZwRHI0MEZ3NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENDRDEvQUQ3RjQ1QTRDREM0MTFFQkI1RjQ4MzU1QzRGOUFFMDIvRDI4Q0Q1RENE
Nzg2MTFFRDk5NURENjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnkz4wDQQCAAIwBwMFACQFrMAwDQYJKoZIhvcNAQELBQAD
ggEBAM5xrAphbDADttRd5+MJ/yyw+0fHJ7O8bBFsxCTIqQozJnIwgMAZiNG7eUuv
nry3ojkCVQ+JJENGkhDFxb2IIQiulVQseBFotqcBJlbJaHOsmBL0Ly2QotSLbZFh
XxiyRApbcl1HhvWadLBGMmTHINnIEZQCY2z91sCgbichczmWrghcgUlXgXy4Ugob
SwHJWrWRSbS2kcyiN6NTKpW8Rk54JfzaX5laMoT4IZ+v/EsdxmFboRvh8xQymE7J
PYU7WfjlQCcoAWGQblwIX/up9R+sL2If0a6oUJyMgH9/BAa+gERyG3HJWk0JNmkn
6Dmvot2q7AihLcfYFgcDqVrDmRA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org