Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91652F7/7CC45FAEBAAF11EAA6DD1A3DC4F9AE02/E3198CB0BAB011EA9F412A3FC4F9AE02.roa
File: E3198CB0BAB011EA9F412A3FC4F9AE02.roa (raw, json)
Hash identifier: akgrpOneGZ65JXHOfmJt+brEm7j+0/ErgFICq7N34xU=
Subject key identifier: FB:87:15:9F:3D:2E:B8:1D:E2:6D:0B:FF:98:E2:A5:91:CC:4C:56:AB
Certificate issuer: /CN=A91652F7/serialNumber=E502757C617C21D47B1B3559C09D6EA7C3AFE403
Certificate serial: 040E
Authority key identifier: E5:02:75:7C:61:7C:21:D4:7B:1B:35:59:C0:9D:6E:A7:C3:AF:E4:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QJ1fGF8IdR7GzVZwJ1up8Ov5AM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91652F7/7CC45FAEBAAF11EAA6DD1A3DC4F9AE02/E3198CB0BAB011EA9F412A3FC4F9AE02.roa
Signing time: Mon 01 Nov 2021 11:28:35 +0000
ROA not before: Mon 01 Nov 2021 11:28:35 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 132827
IP address blocks: 43.248.216.0/22 maxlen: 22
103.6.240.0/22 maxlen: 22
103.15.116.0/22 maxlen: 22
103.144.202.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1038 (0x40e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91652F7/serialNumber=E502757C617C21D47B1B3559C09D6EA7C3AFE403
Validity
Not Before: Nov 1 11:28:35 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=617fcf62-e53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ab:9f:62:e1:57:4e:ce:02:e4:96:1e:32:a1:
e6:be:4e:7b:0e:af:b1:21:c6:06:7c:ec:17:8d:66:
51:81:33:19:b7:29:76:26:e0:0e:78:34:0f:e0:39:
1e:d8:07:7d:d4:9e:42:f9:1e:1f:71:8a:00:c6:2c:
c3:37:40:2f:39:ff:e1:97:bb:b0:b7:ca:0b:31:d7:
37:ba:e2:45:78:11:25:18:ba:d6:6c:ee:ea:6a:6a:
47:df:80:1d:d0:f9:6d:2f:d1:65:1c:92:51:6a:75:
f0:34:ae:10:32:1d:4c:f2:a6:6d:2e:c3:ac:ca:7b:
53:17:be:7a:0d:fa:2d:0c:60:f8:a6:15:14:bb:f4:
95:b3:50:a2:8d:54:77:d1:63:96:11:74:28:06:78:
b6:25:f3:49:81:d7:f7:26:4c:1d:72:6f:9a:a7:c1:
9d:70:52:85:03:3b:68:94:3d:03:36:13:dc:0c:e3:
b1:1b:4d:4f:ab:48:9c:78:45:94:88:0e:76:fe:e5:
4b:83:88:48:98:70:f9:e9:1a:b6:aa:3d:5a:94:10:
48:66:b1:18:78:53:18:ce:f2:db:d9:89:bd:4c:93:
20:d1:c2:51:fd:5b:c6:bc:6f:7c:02:0b:52:a4:8c:
2c:8e:d2:36:8b:53:18:04:88:d3:97:1c:ac:e5:44:
dd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:87:15:9F:3D:2E:B8:1D:E2:6D:0B:FF:98:E2:A5:91:CC:4C:56:AB
X509v3 Authority Key Identifier:
keyid:E5:02:75:7C:61:7C:21:D4:7B:1B:35:59:C0:9D:6E:A7:C3:AF:E4:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91652F7/7CC45FAEBAAF11EAA6DD1A3DC4F9AE02/5QJ1fGF8IdR7GzVZwJ1up8Ov5AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QJ1fGF8IdR7GzVZwJ1up8Ov5AM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91652F7/7CC45FAEBAAF11EAA6DD1A3DC4F9AE02/E3198CB0BAB011EA9F412A3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.216.0/22
103.6.240.0/22
103.15.116.0/22
103.144.202.0/23
Signature Algorithm: sha256WithRSAEncryption
40:27:07:07:f6:6a:49:59:4f:62:fa:57:6f:4f:ba:00:ec:97:
6f:89:d6:5b:89:b6:2f:70:71:22:27:c3:9f:b3:1d:97:6d:f2:
60:a4:60:69:ed:f4:7a:bd:9f:85:cb:0a:28:f7:92:d1:4c:ff:
81:6f:70:62:83:16:3b:3e:2f:78:8d:d1:52:4d:14:8e:11:bc:
f2:f4:c8:b9:c4:36:ce:d2:a4:9c:4c:51:9e:7a:68:72:9a:dc:
27:a4:14:67:a7:f4:3f:d9:ec:ea:8a:ca:4b:e4:ab:53:5c:84:
9c:40:52:bb:9d:a6:73:7b:fd:74:2e:48:a0:69:17:9a:f3:09:
25:4c:69:21:ba:a7:b7:67:d5:cb:7f:24:52:7c:cf:50:83:67:
f3:1e:21:79:3d:f0:cd:5e:90:f8:17:93:b7:17:ff:40:1f:0f:
c5:49:2a:b3:99:8b:65:fc:26:76:a7:ee:9f:98:b6:3e:94:23:
94:5b:b3:54:55:e5:5d:cc:f0:cb:05:0c:37:45:53:82:6d:c9:
f5:d0:16:01:cc:08:9d:8a:a7:9e:5d:95:0f:a2:9c:03:b6:49:
42:90:dd:21:fb:bf:33:2a:a2:c4:61:f1:53:3d:eb:4b:d7:0e:
e2:55:67:8c:fa:79:3f:99:9c:69:82:33:7a:f9:46:e6:09:60:
ba:cf:fd:5f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBA4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjUyRjcxMTAvBgNVBAUTKEU1MDI3NTdDNjE3QzIxRDQ3QjFCMzU1OUMwOUQ2RUE3
QzNBRkU0MDMwHhcNMjExMTAxMTEyODM1WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTdmY2Y2Mi1lNTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvKufYuFXTs4C5JYeMqHmvk57Dq+xIcYGfOwXjWZRgTMZtyl2JuAOeDQP4Dke
2Ad91J5C+R4fcYoAxizDN0AvOf/hl7uwt8oLMdc3uuJFeBElGLrWbO7qampH34Ad
0PltL9FlHJJRanXwNK4QMh1M8qZtLsOsyntTF756DfotDGD4phUUu/SVs1CijVR3
0WOWEXQoBni2JfNJgdf3Jkwdcm+ap8GdcFKFAztolD0DNhPcDOOxG01Pq0iceEWU
iA52/uVLg4hImHD56Rq2qj1alBBIZrEYeFMYzvLb2Ym9TJMg0cJR/VvGvG98AgtS
pIwsjtI2i1MYBIjTlxys5UTdtQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFPuHFZ89
Lrgd4m0L/5jipZHMTFarMB8GA1UdIwQYMBaAFOUCdXxhfCHUexs1WcCdbqfDr+QD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTJGNy83Q0M0NUZBRUJB
QUYxMUVBQTZERDFBM0RDNEY5QUUwMi81UUoxZkdGOElkUjdHelZad0oxdXA4T3Y1
QU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVRSjFmR0Y4SWRSN0d6Vlp3SjF1cDhPdjVBTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjUyRjcvN0NDNDVGQUVCQUFGMTFFQUE2REQxQTNEQzRGOUFFMDIvRTMxOThDQjBC
QUIwMTFFQTlGNDEyQTNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAIr+NgDBAJnBvADBAJnD3QDBAFnkMowDQYJKoZIhvcNAQEL
BQADggEBAEAnBwf2aklZT2L6V29PugDsl2+J1luJti9wcSInw5+zHZdt8mCkYGnt
9Hq9n4XLCij3ktFM/4FvcGKDFjs+L3iN0VJNFI4RvPL0yLnENs7SpJxMUZ56aHKa
3CekFGen9D/Z7OqKykvkq1NchJxAUrudpnN7/XQuSKBpF5rzCSVMaSG6p7dn1ct/
JFJ8z1CDZ/MeIXk98M1ekPgXk7cX/0AfD8VJKrOZi2X8Jnan7p+Ytj6UI5Rbs1RV
5V3M8MsFDDdFU4JtyfXQFgHMCJ2Kp55dlQ+inAO2SUKQ3SH7vzMqosRh8VM960vX
DuJVZ4z6eT+ZnGmCM3r5RuYJYLrP/V8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-ams.rpki-client.org