Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91655EF/607729D0FAC111E8BC76D671C4F9AE02/5C1858CCC29E11EAA842FB0BC4F9AE02.roa
File: 5C1858CCC29E11EAA842FB0BC4F9AE02.roa (raw, json)
Hash identifier: o6g8A7ARhxpyCGdZkLsB8U59RndvQUBAzK6s7UtkJxY=
Subject key identifier: 3A:1C:79:55:CC:46:CD:53:63:B7:F4:5E:BB:CC:E0:E9:20:4D:5A:EA
Certificate issuer: /CN=A91655EF/serialNumber=074E16CCA080D545FEF4F2D8ADCB909F0ECB20A2
Certificate serial: 0FF0
Authority key identifier: 07:4E:16:CC:A0:80:D5:45:FE:F4:F2:D8:AD:CB:90:9F:0E:CB:20:A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B04WzKCA1UX-9PLYrcuQnw7LIKI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91655EF/607729D0FAC111E8BC76D671C4F9AE02/5C1858CCC29E11EAA842FB0BC4F9AE02.roa
Signing time: Fri 20 Jan 2023 18:25:00 +0000
ROA not before: Fri 20 Jan 2023 18:25:00 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 138474
IP address blocks: 103.126.148.0/22 maxlen: 22
103.126.148.0/23 maxlen: 23
103.126.148.0/24 maxlen: 24
103.126.149.0/24 maxlen: 24
103.126.150.0/23 maxlen: 23
103.126.150.0/24 maxlen: 24
103.126.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4080 (0xff0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91655EF/serialNumber=074E16CCA080D545FEF4F2D8ADCB909F0ECB20A2
Validity
Not Before: Jan 20 18:25:00 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63cadc7b-a3d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e5:cf:28:79:53:64:5b:5e:fe:62:fd:e1:30:
cd:11:2c:ac:b8:95:99:de:56:7e:a0:4d:fb:8e:7e:
8e:0f:58:db:b8:1c:cb:41:fa:5c:4f:55:15:b3:22:
35:3a:8c:1f:e6:98:cb:72:70:e1:87:92:ba:07:78:
46:64:88:47:1b:6c:35:18:49:a2:8a:e7:6a:73:bd:
12:f0:1f:a6:43:8b:87:97:41:2a:ae:09:1d:6c:78:
4e:3f:4d:d5:f1:03:37:2a:d5:1a:ea:93:f0:b3:d4:
f0:d2:63:c4:00:10:58:53:90:9c:39:ca:60:62:69:
2f:93:34:7b:53:55:ae:cb:10:9e:b6:3a:8f:61:1d:
08:75:dd:45:c2:73:c6:aa:6c:72:5b:72:cd:17:fe:
b2:8c:9b:51:6d:37:a8:1f:03:77:2e:bd:cc:74:15:
d3:f9:5f:e8:11:30:21:87:2d:19:c0:10:63:da:da:
0b:b7:79:87:f8:e5:43:40:20:68:8e:b7:95:2f:a3:
8d:80:12:ec:b1:e9:fe:7f:49:39:a0:6f:37:f6:8b:
1c:22:5d:d8:ec:39:d8:b7:d1:cd:81:1d:de:f7:fa:
2e:57:29:fe:92:62:f1:da:52:29:2c:c9:af:9b:c0:
b7:81:84:28:92:ca:a2:17:1d:09:7c:38:19:a5:e1:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1C:79:55:CC:46:CD:53:63:B7:F4:5E:BB:CC:E0:E9:20:4D:5A:EA
X509v3 Authority Key Identifier:
keyid:07:4E:16:CC:A0:80:D5:45:FE:F4:F2:D8:AD:CB:90:9F:0E:CB:20:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91655EF/607729D0FAC111E8BC76D671C4F9AE02/B04WzKCA1UX-9PLYrcuQnw7LIKI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B04WzKCA1UX-9PLYrcuQnw7LIKI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91655EF/607729D0FAC111E8BC76D671C4F9AE02/5C1858CCC29E11EAA842FB0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.148.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:f3:8c:6d:ae:57:40:8d:39:7e:3d:ac:68:80:75:83:a0:f9:
80:a3:b4:2b:5a:6f:93:8c:a2:54:13:93:53:4f:b2:41:71:5c:
7a:4e:d2:5e:7b:84:a3:70:28:68:aa:9c:05:6b:a3:84:37:33:
f0:8e:22:53:fb:5f:48:d0:d1:de:b0:13:83:0a:72:22:91:92:
e2:0d:81:fd:3e:90:23:d1:06:dc:aa:5c:d2:44:30:6a:bc:ff:
5b:bb:55:a4:86:cb:16:79:9f:da:8e:1b:39:08:b9:5f:a1:c3:
9a:9c:31:cb:23:98:84:d2:cc:1f:15:57:72:6e:bb:08:c1:14:
5e:bb:af:9e:ee:1c:51:f7:68:71:e8:31:68:bf:5b:42:7a:2a:
b6:d2:da:7b:8a:94:a9:bd:f2:54:6d:c9:76:a4:28:c5:fd:f0:
85:db:96:90:e1:1b:85:fe:76:c6:30:cd:e6:63:ab:bf:25:9f:
d3:82:5c:80:79:2a:ad:d9:9f:d0:78:c0:13:48:1f:49:7c:87:
36:62:56:c9:44:66:b3:4e:85:c5:8a:ca:79:c7:88:49:08:23:
89:b9:eb:5e:a9:dc:78:0c:5a:f1:a1:75:eb:dd:15:a1:7c:12:
f1:a1:40:3b:10:a9:cc:92:40:85:c7:df:27:8b:65:c7:94:15:
6a:be:d4:5f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICD/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1RUYxMTAvBgNVBAUTKDA3NEUxNkNDQTA4MEQ1NDVGRUY0RjJEOEFEQ0I5MDlG
MEVDQjIwQTIwHhcNMjMwMTIwMTgyNTAwWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NhZGM3Yi1hM2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqeXPKHlTZFte/mL94TDNESysuJWZ3lZ+oE37jn6OD1jbuBzLQfpcT1UVsyI1
Oowf5pjLcnDhh5K6B3hGZIhHG2w1GEmiiudqc70S8B+mQ4uHl0EqrgkdbHhOP03V
8QM3KtUa6pPws9Tw0mPEABBYU5CcOcpgYmkvkzR7U1WuyxCetjqPYR0Idd1FwnPG
qmxyW3LNF/6yjJtRbTeoHwN3Lr3MdBXT+V/oETAhhy0ZwBBj2toLt3mH+OVDQCBo
jreVL6ONgBLssen+f0k5oG839oscIl3Y7DnYt9HNgR3e9/ouVyn+kmLx2lIpLMmv
m8C3gYQoksqiFx0JfDgZpeGFrwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDoceVXM
Rs1TY7f0XrvM4OkgTVrqMB8GA1UdIwQYMBaAFAdOFsyggNVF/vTy2K3LkJ8OyyCi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTVFRi82MDc3MjlEMEZB
QzExMUU4QkM3NkQ2NzFDNEY5QUUwMi9CMDRXektDQTFVWC05UExZcmN1UW53N0xJ
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0IwNFd6S0NBMVVYLTlQTFlyY3VRbnc3TElLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1RUYvNjA3NzI5RDBGQUMxMTFFOEJDNzZENjcxQzRGOUFFMDIvNUMxODU4Q0ND
MjlFMTFFQUE4NDJGQjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnfpQwDQYJKoZIhvcNAQELBQADggEBALfzjG2uV0CNOX49
rGiAdYOg+YCjtCtab5OMolQTk1NPskFxXHpO0l57hKNwKGiqnAVro4Q3M/COIlP7
X0jQ0d6wE4MKciKRkuINgf0+kCPRBtyqXNJEMGq8/1u7VaSGyxZ5n9qOGzkIuV+h
w5qcMcsjmITSzB8VV3JuuwjBFF67r57uHFH3aHHoMWi/W0J6KrbS2nuKlKm98lRt
yXakKMX98IXblpDhG4X+dsYwzeZjq78ln9OCXIB5Kq3Zn9B4wBNIH0l8hzZiVslE
ZrNOhcWKynnHiEkII4m5616p3HgMWvGhdevdFaF8EvGhQDsQqcySQIXH3yeLZceU
FWq+1F8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org