Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EF5E9886BBB811EA8E78274AC4F9AE02.roa
File: EF5E9886BBB811EA8E78274AC4F9AE02.roa (raw, json)
Hash identifier: xSkHE/ZkNH6xS03bJ5WXBGthwJDgdKaLXYFuFXp3ow0=
Subject key identifier: 3F:5D:D9:F0:B3:49:2B:B4:FB:D9:6C:58:1F:3A:80:DB:75:15:9A:3A
Certificate issuer: /CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20
Certificate serial: 0681
Authority key identifier: 9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EF5E9886BBB811EA8E78274AC4F9AE02.roa
Signing time: Thu 25 Aug 2022 22:38:22 +0000
ROA not before: Thu 25 Aug 2022 22:38:22 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 63930
IP address blocks: 103.253.26.0/24 maxlen: 24
103.253.27.0/24 maxlen: 24
111.221.44.0/24 maxlen: 24
111.221.45.0/24 maxlen: 24
111.221.46.0/24 maxlen: 24
2400:fb80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1665 (0x681)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20
Validity
Not Before: Aug 25 22:38:22 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6307f9dd-b28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c8:62:46:af:d7:ce:ab:05:47:6f:2a:14:66:
82:47:80:12:08:bc:02:1e:82:78:63:9a:53:4d:78:
53:3c:08:e1:eb:61:76:b0:c5:04:4f:69:d1:22:02:
18:32:10:7e:24:77:f0:bf:25:7c:02:c3:da:15:ac:
ca:f4:40:2f:40:a5:b2:79:82:85:94:c1:3d:0b:90:
5b:f3:85:a6:ab:de:b9:4a:1c:2c:9b:53:44:d6:a1:
78:5e:92:7c:50:11:e0:d6:13:c0:98:dd:a7:6d:9e:
3f:55:5e:c8:95:e6:09:2e:33:4c:82:9c:ab:58:df:
a3:6e:26:4e:2e:1f:74:d5:73:d7:2a:4c:88:f3:5b:
38:fe:5e:33:2a:6e:b6:2e:2e:2f:64:58:2a:82:82:
38:32:62:05:25:92:c6:18:4f:ee:d4:35:4e:ce:53:
5b:9a:67:bd:45:08:0a:09:e2:20:cc:29:93:70:e8:
af:c4:e6:3c:9e:3f:84:41:52:3a:63:e7:0d:54:bc:
5f:22:77:77:47:fb:09:8e:fb:fa:d4:aa:82:84:56:
fc:4e:b0:39:79:8f:2a:63:1c:77:4b:d5:1f:52:b7:
f5:93:91:ae:bb:51:b2:ce:58:4f:d8:47:92:d4:60:
de:7e:18:e4:ce:58:32:33:f1:cf:a7:c9:55:ce:d0:
fb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:5D:D9:F0:B3:49:2B:B4:FB:D9:6C:58:1F:3A:80:DB:75:15:9A:3A
X509v3 Authority Key Identifier:
keyid:9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EF5E9886BBB811EA8E78274AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.253.26.0/23
111.221.44.0-111.221.46.255
IPv6:
2400:fb80::/32
Signature Algorithm: sha256WithRSAEncryption
32:ba:65:3d:e6:9a:34:93:dd:49:f5:56:44:91:31:9b:04:77:
cb:71:ab:9a:46:98:75:73:84:bd:84:af:2c:de:48:d3:1d:e3:
0a:a8:14:6e:ca:18:47:f5:81:7a:45:8e:4b:7d:52:39:70:7c:
e4:1e:34:b3:67:fe:32:58:c8:19:d3:dd:e4:bb:35:98:d1:33:
11:34:f8:74:9e:a2:de:48:f6:6b:8c:cf:c0:08:25:2f:51:7d:
64:ff:17:b2:ee:8a:ad:35:2a:1f:c6:1b:23:fb:b7:01:f1:8e:
75:76:66:cc:cf:16:94:a4:dd:51:54:62:a9:9f:cf:c4:ab:60:
46:89:70:6f:10:62:6a:b8:e9:7f:28:ad:88:5d:ee:a9:08:da:
43:1c:a4:b2:67:68:ec:7d:4d:e3:71:d0:30:ed:58:f5:10:d3:
b4:de:f9:e9:1c:ff:67:71:b4:2e:4b:2d:87:6d:69:60:01:19:
7b:3e:5f:8c:59:61:28:14:9d:94:52:cc:15:0e:04:5c:ea:aa:
b2:e3:f1:03:f2:34:94:88:c9:3a:6d:11:4f:5b:cb:55:22:6a:
1b:50:de:e1:00:a0:e5:1e:c1:e1:91:80:89:d1:1e:88:9a:83:
fa:41:36:41:76:29:33:98:28:25:08:01:1d:c0:b0:e0:6e:ed:
6a:76:a9:2d
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICBoEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODEzRjExMTAvBgNVBAUTKDlFRkVBQTcyNEQ3MDhDRkU4MkM2QjZCRjI3MENCQjVE
RDQzMDZGMjAwHhcNMjIwODI1MjIzODIyWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA3ZjlkZC1iMjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxchiRq/XzqsFR28qFGaCR4ASCLwCHoJ4Y5pTTXhTPAjh62F2sMUET2nRIgIY
MhB+JHfwvyV8AsPaFazK9EAvQKWyeYKFlME9C5Bb84Wmq965Shwsm1NE1qF4XpJ8
UBHg1hPAmN2nbZ4/VV7IleYJLjNMgpyrWN+jbiZOLh901XPXKkyI81s4/l4zKm62
Li4vZFgqgoI4MmIFJZLGGE/u1DVOzlNbmme9RQgKCeIgzCmTcOivxOY8nj+EQVI6
Y+cNVLxfInd3R/sJjvv61KqChFb8TrA5eY8qYxx3S9UfUrf1k5Guu1GyzlhP2EeS
1GDefhjkzlgyM/HPp8lVztD71wIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFD9d2fCz
SSu0+9lsWB86gNt1FZo6MB8GA1UdIwQYMBaAFJ7+qnJNcIz+gsa2vycMu13UMG8g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTNGMS9EMENBRjM4NEJB
NTkxMUVBOTA0RkY5MURDNEY5QUUwMi9udjZxY2sxd2pQNkN4cmFfSnd5N1hkUXdi
eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL252NnFjazF3alA2Q3hyYV9Kd3k3WGRRd2J5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODEzRjEvRDBDQUYzODRCQTU5MTFFQTkwNEZGOTFEQzRGOUFFMDIvRUY1RTk4ODZC
QkI4MTFFQThFNzgyNzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBoEAgABMBQDBAFn/RowDAMEAm/dLAMEAG/dLjANBAIAAjAHAwUAJAD7gDAN
BgkqhkiG9w0BAQsFAAOCAQEAMrplPeaaNJPdSfVWRJExmwR3y3GrmkaYdXOEvYSv
LN5I0x3jCqgUbsoYR/WBekWOS31SOXB85B40s2f+MljIGdPd5Ls1mNEzETT4dJ6i
3kj2a4zPwAglL1F9ZP8Xsu6KrTUqH8YbI/u3AfGOdXZmzM8WlKTdUVRiqZ/PxKtg
RolwbxBiarjpfyitiF3uqQjaQxyksmdo7H1N43HQMO1Y9RDTtN756Rz/Z3G0Lkst
h21pYAEZez5fjFlhKBSdlFLMFQ4EXOqqsuPxA/I0lIjJOm0RT1vLVSJqG1De4QCg
5R7B4ZGAidEeiJqD+kE2QXYpM5goJQgBHcCw4G7tanapLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org