Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EEE1C7DEBBB811EA8E78274AC4F9AE02.roa
File: EEE1C7DEBBB811EA8E78274AC4F9AE02.roa (raw, json)
Hash identifier: kK/dVNE3/j9yNRGAoLAlOVoQJPAkKJUxJPZI7TosLTg=
Subject key identifier: 1B:F6:52:FB:C2:89:D8:EF:A9:A5:6F:8A:F6:79:2D:27:6B:CA:5A:A4
Certificate issuer: /CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20
Certificate serial: 0680
Authority key identifier: 9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EEE1C7DEBBB811EA8E78274AC4F9AE02.roa
Signing time: Thu 25 Aug 2022 22:38:21 +0000
ROA not before: Thu 25 Aug 2022 22:38:21 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 38001
IP address blocks: 103.253.24.0/22 maxlen: 22
103.253.25.0/24 maxlen: 24
111.221.44.0/22 maxlen: 22
111.221.44.0/24 maxlen: 24
111.221.45.0/24 maxlen: 24
111.221.46.0/24 maxlen: 24
111.221.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1664 (0x680)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20
Validity
Not Before: Aug 25 22:38:21 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6307f9dd-9562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bb:1c:e7:5c:a7:c7:b7:0a:5d:d1:75:f8:90:
85:f2:95:29:a1:97:a6:35:04:a5:35:4c:d3:db:4d:
6a:25:6b:fb:24:81:c8:73:db:d1:a1:b5:ac:dc:b1:
3c:15:87:49:e6:13:88:0f:b1:ed:cf:c6:f6:06:ae:
41:b4:ac:cc:5d:07:22:85:f7:3a:24:2f:8e:f9:df:
be:98:67:fe:f5:3f:a2:04:72:ea:47:1a:0f:56:54:
03:8c:bd:98:51:67:07:48:fb:79:3b:51:04:0b:ab:
f2:94:33:2d:3c:d2:e2:69:18:b8:70:ff:1e:bf:29:
8c:b9:a1:fe:01:66:d0:e1:e3:5d:09:cf:f0:97:71:
c1:9e:c6:47:f9:83:31:d9:ca:cb:31:d9:86:26:55:
37:37:f6:ef:41:a6:db:0d:ac:7a:01:57:74:8f:7c:
b7:1d:51:8f:23:99:c2:21:69:e7:99:ca:dd:a7:1d:
14:cc:f2:fc:9a:fb:41:cb:de:d3:52:51:a4:b9:db:
d0:5c:95:ba:d9:14:d6:79:13:56:4f:84:81:56:08:
a4:30:fa:d0:4a:6c:59:ac:93:28:3d:7e:60:f2:fe:
8e:77:7d:34:a6:3b:95:bb:9a:27:43:77:0e:9d:d7:
4c:a3:a4:47:d9:7e:ce:b9:a6:c6:e0:42:e2:e0:5f:
7a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F6:52:FB:C2:89:D8:EF:A9:A5:6F:8A:F6:79:2D:27:6B:CA:5A:A4
X509v3 Authority Key Identifier:
keyid:9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EEE1C7DEBBB811EA8E78274AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.253.24.0/22
111.221.44.0/22
Signature Algorithm: sha256WithRSAEncryption
23:a1:95:77:99:23:f3:43:40:94:70:cb:a9:35:7e:5c:42:78:
8e:94:14:77:6e:7a:f9:7a:88:6e:54:16:e4:a3:ed:cc:ba:83:
45:08:1b:e1:bc:bb:2a:df:73:55:60:ca:a4:49:7b:1a:d2:e7:
eb:d9:85:8f:14:bf:47:72:3b:09:fa:98:dc:53:ec:d9:dc:ad:
f0:98:be:07:3e:ba:9b:94:9d:4b:a1:41:66:3f:4e:50:e6:52:
1e:21:ee:f1:51:07:ad:1e:66:e0:10:d9:88:73:00:a5:38:a0:
cf:75:d4:79:10:e8:36:58:84:ad:5b:01:4f:44:9e:90:34:bb:
9f:4c:eb:6f:62:7a:51:f1:46:da:94:ed:97:bd:7a:15:41:14:
05:0a:01:3b:36:16:8b:85:72:95:36:27:71:4a:64:bc:b2:ee:
35:e6:28:59:21:98:03:1b:8b:e2:92:3e:05:dd:d4:fc:39:fd:
15:6f:8b:0e:f0:50:cf:08:65:4c:d9:8f:0d:fe:d5:65:d1:06:
1c:70:ea:79:a4:90:9e:84:61:7a:b4:e7:a8:cd:b7:81:d5:d9:
72:cc:96:7e:b4:e3:18:0a:9c:d3:d0:ed:8b:99:e8:8e:1f:11:
8d:e3:4e:1c:cc:fa:71:e5:48:73:5b:d6:c5:a9:52:43:0f:0b:
f7:e5:db:c9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODEzRjExMTAvBgNVBAUTKDlFRkVBQTcyNEQ3MDhDRkU4MkM2QjZCRjI3MENCQjVE
RDQzMDZGMjAwHhcNMjIwODI1MjIzODIxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA3ZjlkZC05NTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyLsc51ynx7cKXdF1+JCF8pUpoZemNQSlNUzT201qJWv7JIHIc9vRobWs3LE8
FYdJ5hOID7Htz8b2Bq5BtKzMXQcihfc6JC+O+d++mGf+9T+iBHLqRxoPVlQDjL2Y
UWcHSPt5O1EEC6vylDMtPNLiaRi4cP8evymMuaH+AWbQ4eNdCc/wl3HBnsZH+YMx
2crLMdmGJlU3N/bvQabbDax6AVd0j3y3HVGPI5nCIWnnmcrdpx0UzPL8mvtBy97T
UlGkudvQXJW62RTWeRNWT4SBVgikMPrQSmxZrJMoPX5g8v6Od300pjuVu5onQ3cO
nddMo6RH2X7OuabG4ELi4F969wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBv2UvvC
idjvqaVvivZ5LSdrylqkMB8GA1UdIwQYMBaAFJ7+qnJNcIz+gsa2vycMu13UMG8g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTNGMS9EMENBRjM4NEJB
NTkxMUVBOTA0RkY5MURDNEY5QUUwMi9udjZxY2sxd2pQNkN4cmFfSnd5N1hkUXdi
eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL252NnFjazF3alA2Q3hyYV9Kd3k3WGRRd2J5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODEzRjEvRDBDQUYzODRCQTU5MTFFQTkwNEZGOTFEQzRGOUFFMDIvRUVFMUM3REVC
QkI4MTFFQThFNzgyNzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn/RgDBAJv3SwwDQYJKoZIhvcNAQELBQADggEBACOhlXeZ
I/NDQJRwy6k1flxCeI6UFHduevl6iG5UFuSj7cy6g0UIG+G8uyrfc1VgyqRJexrS
5+vZhY8Uv0dyOwn6mNxT7NncrfCYvgc+upuUnUuhQWY/TlDmUh4h7vFRB60eZuAQ
2YhzAKU4oM911HkQ6DZYhK1bAU9EnpA0u59M629ielHxRtqU7Ze9ehVBFAUKATs2
FouFcpU2J3FKZLyy7jXmKFkhmAMbi+KSPgXd1Pw5/RVviw7wUM8IZUzZjw3+1WXR
Bhxw6nmkkJ6EYXq056jNt4HV2XLMln604xgKnNPQ7YuZ6I4fEY3jThzM+nHlSHNb
1sWpUkMPC/fl28k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org