Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/96018332A3A111EE9B700182C4F9AE02.roa
File: 96018332A3A111EE9B700182C4F9AE02.roa (raw, json)
Hash identifier: wXvn3R66dDlyTH773fz4mODzFknCbE52h74kYBnIWxU=
Subject key identifier: AF:C9:C3:5F:C2:71:FC:86:31:40:B8:2D:76:9D:D4:3F:3C:48:36:6F
Certificate issuer: /CN=A917EB0C/serialNumber=506D780ED1797480F15251347FC28443D72E9507
Certificate serial: 0ACF
Authority key identifier: 50:6D:78:0E:D1:79:74:80:F1:52:51:34:7F:C2:84:43:D7:2E:95:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UG14DtF5dIDxUlE0f8KEQ9culQc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/96018332A3A111EE9B700182C4F9AE02.roa
Signing time: Tue 26 Dec 2023 03:48:10 +0000
ROA not before: Tue 26 Dec 2023 03:48:10 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 139901
IP address blocks: 103.85.236.0/22 maxlen: 22
103.85.236.0/23 maxlen: 23
103.85.236.0/24 maxlen: 24
103.85.237.0/24 maxlen: 24
103.85.238.0/23 maxlen: 23
103.85.238.0/24 maxlen: 24
103.85.239.0/24 maxlen: 24
2400:b340::/32 maxlen: 40
2400:b340::/48 maxlen: 48
2400:b340:237::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2767 (0xacf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917EB0C/serialNumber=506D780ED1797480F15251347FC28443D72E9507
Validity
Not Before: Dec 26 03:48:10 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=658a4cf9-cdd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c1:0c:d7:cd:61:49:70:46:02:6c:2a:72:c3:
29:cb:be:b8:13:23:de:01:e3:84:77:11:a3:92:49:
09:61:c9:d2:0d:69:e8:82:98:11:90:12:d7:62:74:
ee:4f:23:e4:79:79:29:a1:7f:41:20:86:3f:75:49:
1c:ce:71:a6:b7:a6:63:27:46:18:57:d7:6f:cb:e9:
58:99:c3:61:a8:06:f8:f1:90:b2:e4:79:ea:f7:9b:
4a:68:9f:ab:9f:c4:6b:40:54:37:fd:b3:fd:c9:30:
0f:e3:5e:71:f1:a6:4e:33:bb:8e:9a:3a:0d:a2:9d:
35:27:7e:8d:8b:ca:cb:90:27:f3:ed:cb:75:51:cc:
65:63:08:48:47:3e:df:a5:e9:f1:7c:b9:e1:ef:10:
b2:c9:22:68:df:9d:4d:42:99:a6:c9:3e:9c:65:b7:
e2:78:5e:a3:3a:d9:7b:41:34:1d:f1:9e:25:b7:38:
be:4e:08:68:1e:1c:47:ec:dc:41:40:fc:88:77:81:
7b:7b:d3:81:1a:a5:a6:00:6b:12:51:1b:f7:d7:fb:
1f:e9:74:69:9c:4a:95:12:8c:42:3e:5a:88:3d:e7:
90:bd:1d:df:25:22:0a:c9:b0:df:4d:ed:84:0b:3e:
25:a4:b0:f3:14:c0:b1:27:e6:a3:14:f0:ec:9d:2a:
5d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C9:C3:5F:C2:71:FC:86:31:40:B8:2D:76:9D:D4:3F:3C:48:36:6F
X509v3 Authority Key Identifier:
keyid:50:6D:78:0E:D1:79:74:80:F1:52:51:34:7F:C2:84:43:D7:2E:95:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/UG14DtF5dIDxUlE0f8KEQ9culQc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UG14DtF5dIDxUlE0f8KEQ9culQc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/96018332A3A111EE9B700182C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.236.0/22
IPv6:
2400:b340::/32
Signature Algorithm: sha256WithRSAEncryption
b3:24:57:cb:4b:13:86:f8:13:48:85:63:34:94:53:7c:78:f0:
de:8b:5c:85:6b:e4:c2:54:e7:03:c0:a0:6a:a9:aa:3e:83:4d:
85:ed:86:2c:9d:e5:61:a8:8b:8e:de:54:ab:88:88:f1:17:3a:
73:5a:c2:44:4f:dc:22:95:94:d6:7f:b7:f2:07:f6:38:fe:ab:
e4:ad:64:82:3e:2b:4d:2c:58:87:91:17:9c:43:33:b3:be:8d:
00:82:a0:21:cc:94:8f:5b:80:f0:da:a3:ae:f1:58:1a:4d:95:
fe:58:97:56:e5:e8:ec:24:e5:23:31:dc:59:1b:ef:db:1d:81:
d8:be:54:60:1e:de:3a:54:e8:14:2c:24:bd:31:3f:62:52:1c:
aa:b9:3b:e7:5f:de:0b:6e:ae:5d:fd:48:4d:ae:44:fb:1a:de:
d1:a7:c5:8e:1f:d2:ef:43:26:ee:a2:0e:fe:7a:b9:7f:38:91:
c9:c2:43:f7:41:79:5f:3d:c2:5d:c3:ef:dd:62:ca:8e:95:f9:
89:df:69:32:8a:a3:b3:86:be:e5:b9:4f:24:90:31:13:5b:3e:
66:e8:10:26:b9:63:37:16:1e:bd:6a:1f:5c:be:c2:c5:5e:15:
17:d5:84:d3:ea:16:04:fb:97:ef:99:67:41:f6:30:6f:a9:a8:
be:e5:54:be
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCs8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VCMEMxMTAvBgNVBAUTKDUwNkQ3ODBFRDE3OTc0ODBGMTUyNTEzNDdGQzI4NDQz
RDcyRTk1MDcwHhcNMjMxMjI2MDM0ODEwWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NThhNGNmOS1jZGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr8EM181hSXBGAmwqcsMpy764EyPeAeOEdxGjkkkJYcnSDWnogpgRkBLXYnTu
TyPkeXkpoX9BIIY/dUkcznGmt6ZjJ0YYV9dvy+lYmcNhqAb48ZCy5Hnq95tKaJ+r
n8RrQFQ3/bP9yTAP415x8aZOM7uOmjoNop01J36Ni8rLkCfz7ct1UcxlYwhIRz7f
penxfLnh7xCyySJo351NQpmmyT6cZbfieF6jOtl7QTQd8Z4ltzi+TghoHhxH7NxB
QPyId4F7e9OBGqWmAGsSURv31/sf6XRpnEqVEoxCPlqIPeeQvR3fJSIKybDfTe2E
Cz4lpLDzFMCxJ+ajFPDsnSpdFQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFK/Jw1/C
cfyGMUC4LXad1D88SDZvMB8GA1UdIwQYMBaAFFBteA7ReXSA8VJRNH/ChEPXLpUH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUIwQy82MTM3NUI2QTIy
MkExMUVBOUE4MjZENDVDNEY5QUUwMi9VRzE0RHRGNWRJRHhVbEUwZjhLRVE5Y3Vs
UWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VHMTREdEY1ZElEeFVsRTBmOEtFUTljdWxRYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VCMEMvNjEzNzVCNkEyMjJBMTFFQTlBODI2RDQ1QzRGOUFFMDIvOTYwMTgzMzJB
M0ExMTFFRTlCNzAwMTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnVewwDQQCAAIwBwMFACQAs0AwDQYJKoZIhvcNAQELBQAD
ggEBALMkV8tLE4b4E0iFYzSUU3x48N6LXIVr5MJU5wPAoGqpqj6DTYXthiyd5WGo
i47eVKuIiPEXOnNawkRP3CKVlNZ/t/IH9jj+q+StZII+K00sWIeRF5xDM7O+jQCC
oCHMlI9bgPDao67xWBpNlf5Yl1bl6Owk5SMx3Fkb79sdgdi+VGAe3jpU6BQsJL0x
P2JSHKq5O+df3gturl39SE2uRPsa3tGnxY4f0u9DJu6iDv56uX84kcnCQ/dBeV89
wl3D791iyo6V+YnfaTKKo7OGvuW5TySQMRNbPmboECa5YzcWHr1qH1y+wsVeFRfV
hNPqFgT7l++ZZ0H2MG+pqL7lVL4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org