Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EFE3DB86BBB811EA8E78274AC4F9AE02.roa
File: EFE3DB86BBB811EA8E78274AC4F9AE02.roa (raw, json)
Hash identifier: c0VilPc8WBvAFanrd5IJBmihTPTV4FbG6Alz1Q/xg6A=
Subject key identifier: D4:D8:5E:35:02:F0:5F:30:D2:06:66:01:59:54:1B:99:EB:00:3D:21
Certificate issuer: /CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20
Certificate serial: 0683
Authority key identifier: 9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EFE3DB86BBB811EA8E78274AC4F9AE02.roa
Signing time: Thu 25 Aug 2022 22:38:24 +0000
ROA not before: Thu 25 Aug 2022 22:38:24 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 6939
IP address blocks: 103.253.24.0/24 maxlen: 24
103.253.25.0/24 maxlen: 24
103.253.26.0/24 maxlen: 24
103.253.27.0/24 maxlen: 24
111.221.44.0/24 maxlen: 24
111.221.45.0/24 maxlen: 24
111.221.46.0/24 maxlen: 24
111.221.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1667 (0x683)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91813F1/serialNumber=9EFEAA724D708CFE82C6B6BF270CBB5DD4306F20
Validity
Not Before: Aug 25 22:38:24 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6307f9e0-3d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:49:14:95:bb:81:a7:db:2a:70:a8:20:29:74:
96:32:97:6e:d0:f5:98:f9:4a:76:03:a6:63:59:43:
88:05:35:94:20:f0:9c:76:14:70:03:ed:d5:ad:ba:
91:fe:a2:ec:cb:59:6a:2f:6f:07:a6:86:7b:72:72:
9e:f8:fb:4b:b1:7c:e9:57:f5:fd:d2:49:28:78:73:
65:a7:20:b9:bf:9e:32:41:f9:ef:38:6c:a3:b0:8d:
48:b4:7d:9e:6b:4f:75:88:9f:8a:58:0d:1f:f3:08:
ea:63:5a:f5:01:c0:57:ca:0d:71:81:77:50:b2:4e:
82:51:9e:89:e7:0c:46:f5:7d:b5:e8:7b:f3:85:bb:
44:6d:f8:f4:29:dd:10:c4:68:ee:5d:1a:d6:e3:5c:
03:95:b0:37:b2:f6:c6:fe:4a:0e:22:fd:c3:81:42:
ce:ad:b6:e1:10:d2:fc:0f:b5:e7:5b:f5:e1:a8:a3:
fb:86:fa:65:79:7f:5d:27:6d:f1:7d:ad:c1:90:78:
1d:55:0f:aa:71:04:f2:d8:47:60:44:eb:91:07:77:
49:fd:00:74:b1:77:6d:26:4a:d9:e8:52:73:76:12:
23:93:80:04:95:15:7c:ac:2f:43:5d:87:56:25:bd:
01:cf:10:ba:34:f6:ee:f7:3c:de:af:ef:cc:df:f6:
97:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D8:5E:35:02:F0:5F:30:D2:06:66:01:59:54:1B:99:EB:00:3D:21
X509v3 Authority Key Identifier:
keyid:9E:FE:AA:72:4D:70:8C:FE:82:C6:B6:BF:27:0C:BB:5D:D4:30:6F:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/nv6qck1wjP6Cxra_Jwy7XdQwbyA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nv6qck1wjP6Cxra_Jwy7XdQwbyA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91813F1/D0CAF384BA5911EA904FF91DC4F9AE02/EFE3DB86BBB811EA8E78274AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.253.24.0/22
111.221.44.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:61:d6:32:e5:ec:53:6d:34:4f:06:09:be:24:d6:75:b0:3b:
1e:c5:fa:f9:89:9a:a5:26:b8:25:7b:49:1a:b4:4e:00:ed:16:
e5:0c:34:35:45:2c:90:96:87:5a:db:63:d9:15:1c:20:b5:57:
6d:b2:36:28:67:5f:0c:6c:80:8f:a5:f1:86:84:01:48:e0:bb:
a0:cf:bc:4d:4f:80:7e:09:b6:77:56:02:18:96:88:10:fe:2e:
f4:eb:2b:15:40:18:66:53:4b:f7:9c:6c:cf:17:48:b3:b5:e4:
e8:bf:f5:03:ec:34:c8:1c:3f:3e:bb:1f:4c:59:e1:9d:f1:cc:
28:a0:1d:cf:61:b3:53:f3:0a:a8:22:28:30:5f:8f:12:72:ad:
36:f3:9a:0d:e3:0b:f2:b3:9a:37:bd:43:b5:9c:cf:20:af:e7:
2c:ce:66:75:50:04:6b:6c:2d:4a:2b:21:a1:6d:26:fc:44:ef:
84:be:05:24:19:a4:dd:cb:ae:20:9c:91:fa:e0:8f:32:81:ea:
de:67:fc:31:d3:17:64:ec:67:f9:74:4f:2f:fc:42:74:e5:18:
66:79:2e:83:e8:d2:c4:36:9c:2d:e0:ee:5c:2a:71:5b:c9:99:
b2:ed:95:9f:85:19:e5:4e:4b:74:3c:73:93:ce:b0:bb:8f:c6:
52:35:5b:aa
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODEzRjExMTAvBgNVBAUTKDlFRkVBQTcyNEQ3MDhDRkU4MkM2QjZCRjI3MENCQjVE
RDQzMDZGMjAwHhcNMjIwODI1MjIzODI0WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA3ZjllMC0zZDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2UkUlbuBp9sqcKggKXSWMpdu0PWY+Up2A6ZjWUOIBTWUIPCcdhRwA+3VrbqR
/qLsy1lqL28HpoZ7cnKe+PtLsXzpV/X90kkoeHNlpyC5v54yQfnvOGyjsI1ItH2e
a091iJ+KWA0f8wjqY1r1AcBXyg1xgXdQsk6CUZ6J5wxG9X216HvzhbtEbfj0Kd0Q
xGjuXRrW41wDlbA3svbG/koOIv3DgULOrbbhENL8D7XnW/XhqKP7hvpleX9dJ23x
fa3BkHgdVQ+qcQTy2EdgROuRB3dJ/QB0sXdtJkrZ6FJzdhIjk4AElRV8rC9DXYdW
Jb0BzxC6NPbu9zzer+/M3/aXJQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNTYXjUC
8F8w0gZmAVlUG5nrAD0hMB8GA1UdIwQYMBaAFJ7+qnJNcIz+gsa2vycMu13UMG8g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTNGMS9EMENBRjM4NEJB
NTkxMUVBOTA0RkY5MURDNEY5QUUwMi9udjZxY2sxd2pQNkN4cmFfSnd5N1hkUXdi
eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL252NnFjazF3alA2Q3hyYV9Kd3k3WGRRd2J5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODEzRjEvRDBDQUYzODRCQTU5MTFFQTkwNEZGOTFEQzRGOUFFMDIvRUZFM0RCODZC
QkI4MTFFQThFNzgyNzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn/RgDBAJv3SwwDQYJKoZIhvcNAQELBQADggEBALVh1jLl
7FNtNE8GCb4k1nWwOx7F+vmJmqUmuCV7SRq0TgDtFuUMNDVFLJCWh1rbY9kVHCC1
V22yNihnXwxsgI+l8YaEAUjgu6DPvE1PgH4JtndWAhiWiBD+LvTrKxVAGGZTS/ec
bM8XSLO15Oi/9QPsNMgcPz67H0xZ4Z3xzCigHc9hs1PzCqgiKDBfjxJyrTbzmg3j
C/Kzmje9Q7WczyCv5yzOZnVQBGtsLUorIaFtJvxE74S+BSQZpN3LriCckfrgjzKB
6t5n/DHTF2TsZ/l0Ty/8QnTlGGZ5LoPo0sQ2nC3g7lwqcVvJmbLtlZ+FGeVOS3Q8
c5POsLuPxlI1W6o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org