Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D8E2/C092B1061DEF11EB835E157AC4F9AE02/C22F1E5C11FD11EC8CC0C023C4F9AE02.roa
File: C22F1E5C11FD11EC8CC0C023C4F9AE02.roa (raw, json)
Hash identifier: ys1cxuifmZ9yqJPFJT4DEqdrvoocGJRRyXuHiwqpZyM=
Subject key identifier: F8:1A:EA:03:1E:E7:50:4B:D5:ED:08:4D:5D:71:FD:CA:4C:CE:23:EE
Certificate issuer: /CN=A915D8E2/serialNumber=8060505633934E4AC90717B23094DF98456ABE95
Certificate serial: 05F3
Authority key identifier: 80:60:50:56:33:93:4E:4A:C9:07:17:B2:30:94:DF:98:45:6A:BE:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGBQVjOTTkrJBxeyMJTfmEVqvpU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D8E2/C092B1061DEF11EB835E157AC4F9AE02/C22F1E5C11FD11EC8CC0C023C4F9AE02.roa
Signing time: Mon 15 May 2023 00:47:12 +0000
ROA not before: Mon 15 May 2023 00:47:12 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 136257
IP address blocks: 103.85.112.0/23 maxlen: 23
103.85.112.0/24 maxlen: 24
103.85.113.0/24 maxlen: 24
103.85.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1523 (0x5f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D8E2/serialNumber=8060505633934E4AC90717B23094DF98456ABE95
Validity
Not Before: May 15 00:47:12 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6461810f-d754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:01:52:40:73:80:67:c8:b9:a2:92:fb:0d:10:
31:e5:fc:18:57:67:88:62:52:50:29:7a:88:5f:c9:
e4:8d:66:e3:d3:b5:87:13:f2:d1:0d:66:fb:05:82:
94:0a:b6:a4:b1:8e:93:13:c5:d1:95:b0:4e:4e:03:
4b:92:6f:bf:2e:42:03:08:c2:1d:f5:6a:5b:a7:33:
77:88:73:d4:61:11:71:c8:06:86:8a:f5:37:17:25:
90:be:dc:20:1a:8c:5e:b2:7a:fe:8d:d8:ff:d6:22:
80:29:f3:05:b9:58:dc:67:fb:a4:82:02:5e:4b:26:
93:23:b7:b7:42:24:79:60:e3:d5:3a:db:8f:55:44:
d7:7d:e8:d7:5f:e9:2e:e4:67:8f:5e:10:a1:54:e2:
32:c8:20:ca:a6:d3:04:c2:1d:59:7e:5d:78:6f:df:
a3:f9:40:23:37:c6:1f:a3:2b:d1:f2:0b:2a:48:88:
e4:71:cf:f0:e5:e7:1f:ff:1e:eb:9a:87:5f:5e:5e:
ab:59:dc:24:d2:35:5c:15:1f:b9:2e:28:34:b2:a6:
95:1e:22:ed:b4:6f:35:34:62:6c:4e:05:e3:71:0b:
fe:fc:c0:b4:7e:62:8a:18:44:c3:9a:b8:c9:af:6f:
5b:b0:04:84:00:81:a9:68:46:f0:e9:b3:06:82:37:
16:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1A:EA:03:1E:E7:50:4B:D5:ED:08:4D:5D:71:FD:CA:4C:CE:23:EE
X509v3 Authority Key Identifier:
keyid:80:60:50:56:33:93:4E:4A:C9:07:17:B2:30:94:DF:98:45:6A:BE:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D8E2/C092B1061DEF11EB835E157AC4F9AE02/gGBQVjOTTkrJBxeyMJTfmEVqvpU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gGBQVjOTTkrJBxeyMJTfmEVqvpU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D8E2/C092B1061DEF11EB835E157AC4F9AE02/C22F1E5C11FD11EC8CC0C023C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.112.0/23
103.85.115.0/24
Signature Algorithm: sha256WithRSAEncryption
03:72:2c:32:4f:87:0e:5b:f3:02:22:a2:5e:a9:51:ee:5c:42:
31:67:d4:f3:e9:54:27:0c:41:1c:17:bb:e4:aa:6e:f7:21:62:
c8:89:60:a8:e4:23:cc:a7:2d:e9:86:f7:53:eb:65:c4:44:ea:
96:bb:ae:c3:8e:bb:88:a5:c3:88:18:97:f4:a2:8d:8c:0c:13:
ec:80:be:38:51:3a:dd:63:d9:1e:98:c3:96:33:06:74:df:f8:
be:4e:11:55:df:44:a2:92:6b:f0:08:18:ff:86:84:5a:69:b9:
5b:13:14:0a:cd:84:6d:38:51:cd:fd:96:8a:62:1d:57:9d:c9:
c6:d0:b5:d4:d7:f3:eb:fe:15:a7:b0:c5:df:5d:8e:03:b7:21:
de:19:76:eb:01:48:74:a9:40:bb:73:1e:40:d5:8e:17:b4:0f:
b3:f8:86:d2:2f:43:04:ab:d1:46:d2:e8:12:0d:bf:45:61:ab:
d2:39:17:f3:6c:56:5d:30:49:b8:7d:06:46:d0:54:cb:e3:98:
e9:ee:9b:07:e3:dd:e9:ed:db:52:ab:33:f9:c2:68:b3:50:f6:
82:b8:2a:3d:29:0b:8f:02:97:76:c5:b3:0a:69:da:96:de:b0:
8d:53:5d:56:58:6e:98:a0:74:46:3e:eb:a1:89:82:3a:a9:9d:
6e:b6:76:38
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ4RTIxMTAvBgNVBAUTKDgwNjA1MDU2MzM5MzRFNEFDOTA3MTdCMjMwOTRERjk4
NDU2QUJFOTUwHhcNMjMwNTE1MDA0NzEyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYxODEwZi1kNzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0gFSQHOAZ8i5opL7DRAx5fwYV2eIYlJQKXqIX8nkjWbj07WHE/LRDWb7BYKU
CraksY6TE8XRlbBOTgNLkm+/LkIDCMId9WpbpzN3iHPUYRFxyAaGivU3FyWQvtwg
Goxesnr+jdj/1iKAKfMFuVjcZ/ukggJeSyaTI7e3QiR5YOPVOtuPVUTXfejXX+ku
5GePXhChVOIyyCDKptMEwh1Zfl14b9+j+UAjN8YfoyvR8gsqSIjkcc/w5ecf/x7r
modfXl6rWdwk0jVcFR+5Lig0sqaVHiLttG81NGJsTgXjcQv+/MC0fmKKGETDmrjJ
r29bsASEAIGpaEbw6bMGgjcWbQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPga6gMe
51BL1e0ITV1x/cpMziPuMB8GA1UdIwQYMBaAFIBgUFYzk05KyQcXsjCU35hFar6V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDhFMi9DMDkyQjEwNjFE
RUYxMUVCODM1RTE1N0FDNEY5QUUwMi9nR0JRVmpPVFRrckpCeGV5TUpUZm1FVnF2
cFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dHQlFWak9UVGtySkJ4ZXlNSlRmbUVWcXZwVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ4RTIvQzA5MkIxMDYxREVGMTFFQjgzNUUxNTdBQzRGOUFFMDIvQzIyRjFFNUMx
MUZEMTFFQzhDQzBDMDIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnVXADBABnVXMwDQYJKoZIhvcNAQELBQADggEBAANyLDJP
hw5b8wIiol6pUe5cQjFn1PPpVCcMQRwXu+SqbvchYsiJYKjkI8ynLemG91PrZcRE
6pa7rsOOu4ilw4gYl/SijYwME+yAvjhROt1j2R6Yw5YzBnTf+L5OEVXfRKKSa/AI
GP+GhFppuVsTFArNhG04Uc39lopiHVedycbQtdTX8+v+Faewxd9djgO3Id4ZdusB
SHSpQLtzHkDVjhe0D7P4htIvQwSr0UbS6BINv0Vhq9I5F/NsVl0wSbh9BkbQVMvj
mOnumwfj3ent21KrM/nCaLNQ9oK4Kj0pC48Cl3bFswpp2pbesI1TXVZYbpigdEY+
66GJgjqpnW62djg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org