Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/CF819336E6C611EA81DD955EC4F9AE02.roa
File: CF819336E6C611EA81DD955EC4F9AE02.roa (raw, json)
Hash identifier: 9iw/LdcoPRFIMNku6aspAB7WoFynlO8l869twji8tNQ=
Subject key identifier: D6:BC:D9:48:03:17:59:76:6F:7F:83:D0:2F:2D:92:DF:1E:57:AA:57
Certificate issuer: /CN=A917EB0C/serialNumber=506D780ED1797480F15251347FC28443D72E9507
Certificate serial: 0A3C
Authority key identifier: 50:6D:78:0E:D1:79:74:80:F1:52:51:34:7F:C2:84:43:D7:2E:95:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UG14DtF5dIDxUlE0f8KEQ9culQc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/CF819336E6C611EA81DD955EC4F9AE02.roa
Signing time: Fri 24 Mar 2023 20:47:41 +0000
ROA not before: Fri 24 Mar 2023 20:47:41 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 139901
IP address blocks: 103.85.236.0/22 maxlen: 22
103.85.236.0/23 maxlen: 23
103.85.236.0/24 maxlen: 24
103.85.237.0/24 maxlen: 24
103.85.238.0/23 maxlen: 23
103.85.238.0/24 maxlen: 24
103.85.239.0/24 maxlen: 24
2400:b340::/32 maxlen: 32
2400:b340::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2620 (0xa3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917EB0C/serialNumber=506D780ED1797480F15251347FC28443D72E9507
Validity
Not Before: Mar 24 20:47:41 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=641e0c6d-e3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b3:13:54:f4:e5:9a:3e:7e:15:9b:e2:f4:2c:
17:12:90:3e:fa:38:7c:0a:c4:13:5f:54:4a:f8:83:
66:ff:3f:00:6b:8d:7b:b2:9f:5b:9f:c8:6e:84:b8:
84:86:00:b4:c2:24:cc:8a:24:16:00:e9:41:1a:da:
fa:31:1d:77:02:30:33:08:f9:37:0d:c4:b0:69:79:
1b:86:c7:1f:fc:54:bd:5d:2d:38:fa:ba:08:ff:2f:
bb:c3:43:bc:82:95:55:b5:e0:9c:51:5b:25:86:2d:
24:e3:d4:e0:f9:82:24:49:93:76:74:28:bc:e3:db:
f0:9d:9f:46:94:b0:d9:4e:6f:76:23:88:00:ea:a8:
03:89:80:48:5b:bc:1c:16:8b:7a:a2:c5:c0:7d:ab:
2f:42:09:0f:7c:c6:30:74:56:5e:97:9b:34:e2:63:
c8:b6:bf:9e:74:ff:fa:8f:dd:d3:5e:f9:a6:96:ad:
23:5b:cf:fc:29:7f:1e:0d:a3:92:f8:fa:47:c3:4f:
05:49:96:7d:8f:57:bc:64:40:ed:6c:7c:b8:7b:ac:
08:3b:3e:fc:e1:a3:c0:04:5c:49:1f:df:67:b3:c7:
bf:6f:33:aa:fb:18:14:b7:6e:ce:7e:42:0e:f9:5b:
32:3e:14:75:a5:c3:df:89:ed:13:91:4b:0b:70:4c:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BC:D9:48:03:17:59:76:6F:7F:83:D0:2F:2D:92:DF:1E:57:AA:57
X509v3 Authority Key Identifier:
keyid:50:6D:78:0E:D1:79:74:80:F1:52:51:34:7F:C2:84:43:D7:2E:95:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/UG14DtF5dIDxUlE0f8KEQ9culQc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UG14DtF5dIDxUlE0f8KEQ9culQc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917EB0C/61375B6A222A11EA9A826D45C4F9AE02/CF819336E6C611EA81DD955EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.85.236.0/22
IPv6:
2400:b340::/32
Signature Algorithm: sha256WithRSAEncryption
48:57:7b:89:dd:82:87:3a:8c:48:92:6b:f9:68:00:fa:4d:10:
1b:cd:f5:a0:ba:24:69:88:ce:88:0e:f9:f5:fc:58:1f:9d:80:
99:d4:47:f8:c7:6f:aa:84:24:c1:d2:c0:f5:f7:c7:2b:65:57:
a2:bb:bb:9a:a8:50:01:c7:9e:8b:3a:49:8d:77:eb:3b:ed:fa:
fb:34:b0:72:e8:a7:8e:c2:fa:27:a8:84:bb:0a:b9:44:bd:92:
c7:d7:15:b4:92:aa:6a:38:2d:90:57:f5:4a:a0:18:b2:9b:17:
9f:83:07:a9:f9:8a:89:f1:24:e6:5c:53:87:5b:c8:0e:9e:cc:
08:a2:23:06:41:38:8a:17:89:b0:16:c4:48:ea:c8:ff:e6:64:
04:ee:a7:55:e8:67:9f:3a:3e:6c:83:25:db:45:14:87:41:26:
11:61:43:73:f9:5a:49:35:03:5e:ae:5b:af:00:b1:1c:d8:ec:
83:66:47:1a:eb:2a:ae:6b:7d:96:11:29:be:9f:5e:5c:76:23:
6e:a1:1d:aa:b8:08:e4:1d:d3:6c:8f:ad:42:a0:05:cb:b0:33:
46:79:f4:c9:b4:e8:75:eb:51:7d:23:61:0a:f6:ff:95:c7:3d:
4d:6a:09:9a:1c:9c:2f:73:fc:19:a1:51:0b:f0:ca:d9:6d:d9:
ce:5a:50:3f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VCMEMxMTAvBgNVBAUTKDUwNkQ3ODBFRDE3OTc0ODBGMTUyNTEzNDdGQzI4NDQz
RDcyRTk1MDcwHhcNMjMwMzI0MjA0NzQxWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFlMGM2ZC1lM2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmrMTVPTlmj5+FZvi9CwXEpA++jh8CsQTX1RK+INm/z8Aa417sp9bn8huhLiE
hgC0wiTMiiQWAOlBGtr6MR13AjAzCPk3DcSwaXkbhscf/FS9XS04+roI/y+7w0O8
gpVVteCcUVslhi0k49Tg+YIkSZN2dCi849vwnZ9GlLDZTm92I4gA6qgDiYBIW7wc
Fot6osXAfasvQgkPfMYwdFZel5s04mPItr+edP/6j93TXvmmlq0jW8/8KX8eDaOS
+PpHw08FSZZ9j1e8ZEDtbHy4e6wIOz784aPABFxJH99ns8e/bzOq+xgUt27OfkIO
+VsyPhR1pcPfie0TkUsLcExR+QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNa82UgD
F1l2b3+D0C8tkt8eV6pXMB8GA1UdIwQYMBaAFFBteA7ReXSA8VJRNH/ChEPXLpUH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUIwQy82MTM3NUI2QTIy
MkExMUVBOUE4MjZENDVDNEY5QUUwMi9VRzE0RHRGNWRJRHhVbEUwZjhLRVE5Y3Vs
UWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VHMTREdEY1ZElEeFVsRTBmOEtFUTljdWxRYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VCMEMvNjEzNzVCNkEyMjJBMTFFQTlBODI2RDQ1QzRGOUFFMDIvQ0Y4MTkzMzZF
NkM2MTFFQTgxREQ5NTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnVewwDQQCAAIwBwMFACQAs0AwDQYJKoZIhvcNAQELBQAD
ggEBAEhXe4ndgoc6jEiSa/loAPpNEBvN9aC6JGmIzogO+fX8WB+dgJnUR/jHb6qE
JMHSwPX3xytlV6K7u5qoUAHHnos6SY136zvt+vs0sHLop47C+ieohLsKuUS9ksfX
FbSSqmo4LZBX9UqgGLKbF5+DB6n5ionxJOZcU4dbyA6ezAiiIwZBOIoXibAWxEjq
yP/mZATup1XoZ586PmyDJdtFFIdBJhFhQ3P5Wkk1A16uW68AsRzY7INmRxrrKq5r
fZYRKb6fXlx2I26hHaq4COQd02yPrUKgBcuwM0Z59Mm06HXrUX0jYQr2/5XHPU1q
CZocnC9z/BmhUQvwytlt2c5aUD8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org