Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199CE9/6CBB84F431F111E98A7B9317C4F9AE02/AEE8DE5E3AB511E9A79AA42DC4F9AE02.roa
File: AEE8DE5E3AB511E9A79AA42DC4F9AE02.roa (raw, json)
Hash identifier: aqOFq8GTodeM1DIe3JWvv017LjVwMYf05BIODegsjJw=
Subject key identifier: AD:E2:9E:35:7C:B8:FA:0A:92:07:64:D2:23:29:DF:D1:95:C5:7F:37
Certificate issuer: /CN=A9199CE9/serialNumber=D50EE693CB4844DD2E76034BECBD36A881C37897
Certificate serial: 0EE3
Authority key identifier: D5:0E:E6:93:CB:48:44:DD:2E:76:03:4B:EC:BD:36:A8:81:C3:78:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Q7mk8tIRN0udgNL7L02qIHDeJc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199CE9/6CBB84F431F111E98A7B9317C4F9AE02/AEE8DE5E3AB511E9A79AA42DC4F9AE02.roa
Signing time: Fri 10 Mar 2023 18:45:19 +0000
ROA not before: Fri 10 Mar 2023 18:45:19 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 138701
IP address blocks: 103.134.60.0/22 maxlen: 22
103.134.60.0/24 maxlen: 24
103.134.61.0/24 maxlen: 24
103.134.62.0/24 maxlen: 24
103.134.63.0/24 maxlen: 24
2404:5ec0::/32 maxlen: 32
2404:5ec0::/33 maxlen: 33
2404:5ec0::/48 maxlen: 48
2404:5ec0:1::/48 maxlen: 48
2404:5ec0:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3811 (0xee3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199CE9/serialNumber=D50EE693CB4844DD2E76034BECBD36A881C37897
Validity
Not Before: Mar 10 18:45:19 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=640b7abe-f57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c6:08:8f:6f:5f:a9:bd:65:79:4d:af:05:c5:
03:b3:95:bc:f2:90:b8:0e:5a:57:10:0c:b3:e9:17:
46:5c:54:00:58:4f:df:27:a3:7b:1d:fa:bf:9a:6d:
dd:3f:6a:23:e6:15:b7:79:af:12:e2:2d:47:55:a1:
35:ee:d9:2f:30:07:18:e1:02:36:bc:ad:3a:f2:56:
7a:60:bf:0e:69:d8:96:4e:da:19:f7:5f:6f:b3:83:
ca:da:13:40:08:bd:5c:b7:0e:12:48:b9:20:b7:c9:
f6:2c:a5:c7:e3:d1:eb:4f:57:16:14:f4:71:28:95:
b0:8e:30:ea:53:3b:4f:f1:06:b0:16:bd:1f:b5:36:
d7:03:bf:a8:83:0d:8f:36:8a:3c:98:3f:3a:1e:2b:
40:4f:be:aa:35:75:8f:44:f2:57:91:2f:eb:9f:1b:
cb:01:1e:a6:4f:ad:ca:ff:b1:a1:34:55:6c:6e:e4:
f4:15:ab:0e:52:c5:6f:85:e3:c8:fe:2a:05:af:d4:
fc:f8:55:46:b1:e6:da:80:d5:42:7c:56:ff:bf:ef:
32:e3:79:1e:49:0c:ea:11:f3:c6:e4:04:6b:20:6a:
a6:05:2a:f8:ae:d2:3f:ff:40:53:ee:9d:b6:7e:51:
de:05:52:64:96:86:37:2d:16:37:c4:9f:ea:b1:78:
c9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E2:9E:35:7C:B8:FA:0A:92:07:64:D2:23:29:DF:D1:95:C5:7F:37
X509v3 Authority Key Identifier:
keyid:D5:0E:E6:93:CB:48:44:DD:2E:76:03:4B:EC:BD:36:A8:81:C3:78:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199CE9/6CBB84F431F111E98A7B9317C4F9AE02/1Q7mk8tIRN0udgNL7L02qIHDeJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Q7mk8tIRN0udgNL7L02qIHDeJc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199CE9/6CBB84F431F111E98A7B9317C4F9AE02/AEE8DE5E3AB511E9A79AA42DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.60.0/22
IPv6:
2404:5ec0::/32
Signature Algorithm: sha256WithRSAEncryption
89:7b:e0:ae:d5:50:dc:a1:2f:d6:71:a7:49:fe:78:3e:bb:c0:
e7:d2:92:3f:f9:d5:37:ed:4b:51:d6:b3:4a:df:ce:af:b5:10:
20:c9:13:71:87:ee:3e:a9:91:fb:35:5d:e4:b1:72:32:0e:8c:
5a:a1:0c:86:c3:04:f0:eb:27:b4:a5:5c:d3:0d:30:8b:fd:3d:
37:3a:a0:9c:be:eb:18:4b:0d:25:21:1c:25:bd:00:af:93:8b:
b4:ef:d8:2c:55:89:13:c4:97:78:d8:f5:fe:f1:b7:42:de:b6:
4e:76:24:be:16:66:de:d9:d6:cf:af:85:f8:f4:f5:25:4b:76:
fc:5b:bf:80:79:c1:21:fc:08:2c:ab:c4:2b:12:14:00:bb:5e:
03:4d:6c:a4:ce:0c:d1:8c:1f:c7:01:13:37:02:05:17:95:7f:
9d:cc:dd:b6:5d:7c:66:fc:8a:2d:b1:80:e0:92:a1:d3:46:9f:
74:13:e1:40:5b:35:dc:50:c1:d1:45:2c:4d:e2:99:5e:d6:fa:
35:6c:5e:80:76:92:64:74:ed:88:59:39:a8:9e:a1:dd:94:58:
da:d9:f9:9b:40:1d:ae:18:e1:11:12:18:42:37:44:96:a3:68:
11:0b:87:5f:95:e6:4d:0c:39:9c:64:5f:ad:e6:15:75:7d:85:
e6:f7:bd:7b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDuMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTlDRTkxMTAvBgNVBAUTKEQ1MEVFNjkzQ0I0ODQ0REQyRTc2MDM0QkVDQkQzNkE4
ODFDMzc4OTcwHhcNMjMwMzEwMTg0NTE5WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBiN2FiZS1mNTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuMYIj29fqb1leU2vBcUDs5W88pC4DlpXEAyz6RdGXFQAWE/fJ6N7Hfq/mm3d
P2oj5hW3ea8S4i1HVaE17tkvMAcY4QI2vK068lZ6YL8OadiWTtoZ919vs4PK2hNA
CL1ctw4SSLkgt8n2LKXH49HrT1cWFPRxKJWwjjDqUztP8QawFr0ftTbXA7+ogw2P
Noo8mD86HitAT76qNXWPRPJXkS/rnxvLAR6mT63K/7GhNFVsbuT0FasOUsVvhePI
/ioFr9T8+FVGsebagNVCfFb/v+8y43keSQzqEfPG5ARrIGqmBSr4rtI//0BT7p22
flHeBVJkloY3LRY3xJ/qsXjJEwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFK3injV8
uPoKkgdk0iMp39GVxX83MB8GA1UdIwQYMBaAFNUO5pPLSETdLnYDS+y9NqiBw3iX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OUNFOS82Q0JCODRGNDMx
RjExMUU5OEE3QjkzMTdDNEY5QUUwMi8xUTdtazh0SVJOMHVkZ05MN0wwMnFJSERl
SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFRN21rOHRJUk4wdWRnTkw3TDAycUlIRGVKYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTlDRTkvNkNCQjg0RjQzMUYxMTFFOThBN0I5MzE3QzRGOUFFMDIvQUVFOERFNUUz
QUI1MTFFOUE3OUFBNDJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhjwwDQQCAAIwBwMFACQEXsAwDQYJKoZIhvcNAQELBQAD
ggEBAIl74K7VUNyhL9Zxp0n+eD67wOfSkj/51TftS1HWs0rfzq+1ECDJE3GH7j6p
kfs1XeSxcjIOjFqhDIbDBPDrJ7SlXNMNMIv9PTc6oJy+6xhLDSUhHCW9AK+Ti7Tv
2CxViRPEl3jY9f7xt0Letk52JL4WZt7Z1s+vhfj09SVLdvxbv4B5wSH8CCyrxCsS
FAC7XgNNbKTODNGMH8cBEzcCBReVf53M3bZdfGb8ii2xgOCSodNGn3QT4UBbNdxQ
wdFFLE3imV7W+jVsXoB2kmR07YhZOaieod2UWNrZ+ZtAHa4Y4RESGEI3RJajaBEL
h1+V5k0MOZxkX63mFXV9heb3vXs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org