Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/A80A53CCB19211EC9EAAD44EC4F9AE02.roa
File: A80A53CCB19211EC9EAAD44EC4F9AE02.roa (raw, json)
Hash identifier: acLd1kX/UfUVJUXqM07coQAZAODamAKpdevhTrRYdLY=
Subject key identifier: 97:A5:AA:E7:32:85:FC:42:C0:32:59:A1:68:62:9B:2C:37:83:36:52
Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial: 0B6A
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/A80A53CCB19211EC9EAAD44EC4F9AE02.roa
Signing time: Fri 31 Mar 2023 20:06:54 +0000
ROA not before: Fri 31 Mar 2023 20:06:54 +0000
ROA not after: Tue 01 Aug 2023 00:00:00 +0000
asID: 137453
IP address blocks: 103.109.92.0/24 maxlen: 24
103.109.93.0/24 maxlen: 24
103.109.94.0/24 maxlen: 24
103.109.95.0/24 maxlen: 24
103.214.201.0/24 maxlen: 24
103.214.202.0/24 maxlen: 24
144.48.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2922 (0xb6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Validity
Not Before: Mar 31 20:06:54 2023 GMT
Not After : Aug 1 00:00:00 2023 GMT
Subject: CN=64273d5d-9d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:87:5e:e2:31:97:92:25:39:d0:04:95:96:de:
1f:c4:a5:b8:42:55:f4:a4:7d:1d:e5:d9:1b:ed:c8:
5a:c8:fa:0f:12:59:19:3c:4f:66:dc:18:de:53:79:
f9:3b:01:c2:a0:30:57:c5:c4:e2:8e:4e:13:16:84:
95:31:a9:93:ce:0a:9d:44:66:54:a4:a2:10:e8:6c:
57:a1:d1:cf:ce:2b:f2:2f:28:f9:54:7b:c5:5e:d1:
53:35:f5:91:ef:67:45:cb:67:2b:9b:aa:61:e4:76:
4b:60:05:4c:12:37:74:13:18:06:35:2b:24:11:5a:
41:75:f4:5b:ec:83:2b:68:1b:33:63:e8:d2:7e:4a:
e1:99:5f:38:6d:39:a0:3c:00:37:7e:0b:6d:db:69:
70:ca:f3:c9:cd:2c:35:7f:de:5d:49:6d:37:e1:7c:
6f:55:c0:af:d6:0d:70:e2:fe:7f:be:9b:4d:e9:82:
d1:fd:eb:f7:d2:75:28:47:63:ea:03:a7:15:c9:98:
78:76:b2:57:17:db:eb:ca:24:f6:78:c6:8d:b8:e4:
15:04:93:32:e2:af:a8:fe:ce:f8:d3:d2:3c:05:6d:
da:93:37:f8:83:11:94:55:4d:65:3d:e7:0b:f1:60:
f8:6b:95:d8:52:1e:95:71:4c:be:63:b0:0d:22:ac:
d4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A5:AA:E7:32:85:FC:42:C0:32:59:A1:68:62:9B:2C:37:83:36:52
X509v3 Authority Key Identifier:
keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/A80A53CCB19211EC9EAAD44EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.92.0/22
103.214.201.0-103.214.202.255
144.48.151.0/24
Signature Algorithm: sha256WithRSAEncryption
15:09:75:05:23:aa:db:63:4c:19:e0:cb:8d:09:8b:a8:cb:c6:
ab:04:98:f6:56:2f:3b:12:df:f1:8f:38:00:89:02:08:9a:de:
eb:b3:84:0d:f1:07:22:8b:d6:c0:86:2a:0f:20:ad:c0:96:69:
65:36:c4:9b:db:d4:38:62:63:c5:1a:62:97:8d:f6:69:7d:5a:
c4:1d:1e:dc:9a:6a:23:1c:0d:0d:2c:df:7f:ff:52:6d:0b:a0:
11:7e:a8:0a:e6:1a:19:2f:be:94:c9:73:c4:bc:51:b5:38:1e:
20:72:c9:87:fb:c3:59:61:ec:eb:8c:f3:6b:f5:f6:34:e8:e8:
56:93:aa:ec:0a:2d:79:cd:d1:83:ab:ea:e0:66:6e:45:9a:d0:
c5:52:4a:99:ec:aa:59:b0:2c:e6:c3:89:ae:04:a7:dd:25:74:
df:52:60:bb:e6:50:44:37:a2:2c:d4:6b:a2:6d:3b:cd:2f:76:
f8:2f:47:a1:74:87:72:ed:45:93:57:2f:36:81:02:3f:d5:6e:
fc:02:9f:56:b7:41:30:40:cf:a6:d4:6b:8d:5e:44:dd:ef:17:
f9:c4:b4:d3:92:cf:40:30:c6:29:2d:59:3f:18:38:33:ca:8b:
45:34:47:af:8d:28:f0:6b:c2:0e:3b:8c:73:e1:8c:4a:d6:58:
bd:38:f0:7a
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICC2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjMwMzMxMjAwNjU0WhcNMjMwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI3M2Q1ZC05ZDg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3ode4jGXkiU50ASVlt4fxKW4QlX0pH0d5dkb7chayPoPElkZPE9m3BjeU3n5
OwHCoDBXxcTijk4TFoSVMamTzgqdRGZUpKIQ6GxXodHPzivyLyj5VHvFXtFTNfWR
72dFy2crm6ph5HZLYAVMEjd0ExgGNSskEVpBdfRb7IMraBszY+jSfkrhmV84bTmg
PAA3fgtt22lwyvPJzSw1f95dSW034XxvVcCv1g1w4v5/vptN6YLR/ev30nUoR2Pq
A6cVyZh4drJXF9vryiT2eMaNuOQVBJMy4q+o/s7409I8BW3akzf4gxGUVU1lPecL
8WD4a5XYUh6VcUy+Y7ANIqzUmwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFJelqucy
hfxCwDJZoWhimyw3gzZSMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvQTgwQTUzQ0NC
MTkyMTFFQzlFQUFENDRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAJnbVwwDAMEAGfWyQMEAGfWygMEAJAwlzANBgkqhkiG9w0B
AQsFAAOCAQEAFQl1BSOq22NMGeDLjQmLqMvGqwSY9lYvOxLf8Y84AIkCCJre67OE
DfEHIovWwIYqDyCtwJZpZTbEm9vUOGJjxRpil432aX1axB0e3JpqIxwNDSzff/9S
bQugEX6oCuYaGS++lMlzxLxRtTgeIHLJh/vDWWHs64zza/X2NOjoVpOq7Aotec3R
g6vq4GZuRZrQxVJKmeyqWbAs5sOJrgSn3SV031Jgu+ZQRDeiLNRrom07zS92+C9H
oXSHcu1Fk1cvNoECP9Vu/AKfVrdBMEDPptRrjV5E3e8X+cS005LPQDDGKS1ZPxg4
M8qLRTRHr40o8GvCDjuMc+GMStZYvTjweg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org