Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5308/A81914E2F4D511E9B917F349C4F9AE02/5AE2607AA8C411EC8F560C42C4F9AE02.roa
File: 5AE2607AA8C411EC8F560C42C4F9AE02.roa (raw, json)
Hash identifier: HRb43fNROniGD5bVihpnsSEbytqQFJ9y0XXBFw7nJdw=
Subject key identifier: A7:C8:F4:65:C9:04:55:17:4F:96:E3:66:8E:12:A5:67:F0:C2:8D:1B
Certificate issuer: /CN=A91A5308/serialNumber=7B59055212849105AD6F39E5881D842E707439AF
Certificate serial: 0940
Authority key identifier: 7B:59:05:52:12:84:91:05:AD:6F:39:E5:88:1D:84:2E:70:74:39:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1kFUhKEkQWtbznliB2ELnB0Oa8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A5308/A81914E2F4D511E9B917F349C4F9AE02/5AE2607AA8C411EC8F560C42C4F9AE02.roa
Signing time: Mon 21 Mar 2022 03:09:43 +0000
ROA not before: Mon 21 Mar 2022 03:09:43 +0000
ROA not after: Sat 28 May 2022 00:00:00 +0000
asID: 138638
IP address blocks: 103.135.88.0/22 maxlen: 24
2404:7840::/32 maxlen: 32
2404:7840::/48 maxlen: 48
2404:7840:1::/48 maxlen: 48
2404:7840:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2368 (0x940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A5308/serialNumber=7B59055212849105AD6F39E5881D842E707439AF
Validity
Not Before: Mar 21 03:09:43 2022 GMT
Not After : May 28 00:00:00 2022 GMT
Subject: CN=6237ec77-e235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:62:1d:60:b2:f6:ce:53:a6:15:5d:98:65:f1:
7b:6a:8e:02:f2:71:8e:d6:8d:3b:11:5c:fb:8c:e9:
2f:01:eb:7a:db:cd:85:89:58:01:b2:0f:40:3c:24:
1e:73:67:a1:cb:18:24:0f:da:c4:25:6a:8c:4c:b3:
36:35:69:a0:b3:1a:c7:ef:8a:1f:7a:1f:6f:b0:0b:
3e:72:24:cb:04:6d:89:22:48:53:2a:5f:be:f9:07:
17:b3:aa:2d:4e:75:2c:84:e4:63:b2:e6:b5:db:3b:
f6:6d:55:10:80:b5:b8:c9:5b:7d:c7:0c:82:ef:6c:
6d:3e:ee:40:81:97:5d:ab:3e:c7:13:cf:c5:ed:fc:
17:c8:f7:78:71:e9:b8:b3:2b:4b:65:da:e4:e9:c8:
f3:cc:0b:1b:f6:f0:87:44:77:7c:e9:5b:be:20:62:
e3:bb:6d:c1:61:9e:a7:40:b0:ab:57:da:35:d8:6a:
d0:3b:34:36:df:d5:65:30:c3:d9:b7:a8:54:2b:f8:
24:e6:19:a7:a7:33:7e:c6:92:65:4a:c8:4c:5e:a7:
a0:71:e3:2a:d6:bd:2d:e4:2c:d2:0e:ad:a7:ed:2f:
d0:92:3f:32:2d:06:a2:76:57:4f:c7:14:c0:e9:2a:
be:c4:9d:c8:e7:eb:20:80:e3:26:d6:0e:82:51:0d:
ad:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C8:F4:65:C9:04:55:17:4F:96:E3:66:8E:12:A5:67:F0:C2:8D:1B
X509v3 Authority Key Identifier:
keyid:7B:59:05:52:12:84:91:05:AD:6F:39:E5:88:1D:84:2E:70:74:39:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A5308/A81914E2F4D511E9B917F349C4F9AE02/e1kFUhKEkQWtbznliB2ELnB0Oa8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e1kFUhKEkQWtbznliB2ELnB0Oa8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5308/A81914E2F4D511E9B917F349C4F9AE02/5AE2607AA8C411EC8F560C42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.88.0/22
IPv6:
2404:7840::/32
Signature Algorithm: sha256WithRSAEncryption
1d:c4:f9:80:33:72:03:2e:53:0a:f1:b1:51:04:2e:13:b6:88:
c2:50:c5:5a:3a:32:c6:07:5f:16:fc:17:4e:e2:1e:d5:0f:04:
64:e0:ee:2d:b0:b8:ba:80:e4:a7:9a:be:02:c3:b5:57:cc:86:
a4:9c:fc:79:0b:2c:af:cd:49:40:69:95:e2:30:27:2f:5f:9f:
bc:cc:e7:86:64:b9:ad:31:94:90:04:4d:98:1d:37:74:ce:aa:
69:d0:d3:96:e5:62:4e:27:e1:b1:bc:42:fd:aa:9f:ae:83:3b:
8d:19:83:2b:f8:6e:ba:49:f9:0d:fd:2d:14:ec:90:51:53:84:
3c:8b:f1:0d:98:6b:a0:77:c9:c7:a0:72:d3:c7:b3:66:e0:7b:
04:74:c9:81:1c:ea:4e:88:3d:27:3d:bd:77:13:52:06:5a:ce:
41:02:e0:69:0f:40:33:1a:3c:ae:9a:8a:8d:0a:f1:db:a9:30:
76:7c:1d:c1:3e:9f:2c:52:37:e3:35:91:8d:66:b4:ea:0f:4e:
b2:ee:c7:64:45:a2:b4:9a:73:90:fb:f0:5b:e6:d9:57:77:6d:
6d:54:e5:c0:c7:c9:16:3a:52:87:e9:b6:6a:9d:32:c1:49:69:
b6:55:cd:63:c3:3f:71:27:1f:d6:64:3d:fa:7a:d7:00:f9:c3:
32:aa:11:23
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTUzMDgxMTAvBgNVBAUTKDdCNTkwNTUyMTI4NDkxMDVBRDZGMzlFNTg4MUQ4NDJF
NzA3NDM5QUYwHhcNMjIwMzIxMDMwOTQzWhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjM3ZWM3Ny1lMjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnGIdYLL2zlOmFV2YZfF7ao4C8nGO1o07EVz7jOkvAet6282FiVgBsg9APCQe
c2ehyxgkD9rEJWqMTLM2NWmgsxrH74ofeh9vsAs+ciTLBG2JIkhTKl+++QcXs6ot
TnUshORjsua12zv2bVUQgLW4yVt9xwyC72xtPu5AgZddqz7HE8/F7fwXyPd4cem4
sytLZdrk6cjzzAsb9vCHRHd86Vu+IGLju23BYZ6nQLCrV9o12GrQOzQ239VlMMPZ
t6hUK/gk5hmnpzN+xpJlSshMXqegceMq1r0t5CzSDq2n7S/Qkj8yLQaidldPxxTA
6Sq+xJ3I5+sggOMm1g6CUQ2tSQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKfI9GXJ
BFUXT5bjZo4SpWfwwo0bMB8GA1UdIwQYMBaAFHtZBVIShJEFrW855YgdhC5wdDmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTMwOC9BODE5MTRFMkY0
RDUxMUU5QjkxN0YzNDlDNEY5QUUwMi9lMWtGVWhLRWtRV3Riem5saUIyRUxuQjBP
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Uxa0ZVaEtFa1FXdGJ6bmxpQjJFTG5CME9hOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTUzMDgvQTgxOTE0RTJGNEQ1MTFFOUI5MTdGMzQ5QzRGOUFFMDIvNUFFMjYwN0FB
OEM0MTFFQzhGNTYwQzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnh1gwDQQCAAIwBwMFACQEeEAwDQYJKoZIhvcNAQELBQAD
ggEBAB3E+YAzcgMuUwrxsVEELhO2iMJQxVo6MsYHXxb8F07iHtUPBGTg7i2wuLqA
5KeavgLDtVfMhqSc/HkLLK/NSUBpleIwJy9fn7zM54Zkua0xlJAETZgdN3TOqmnQ
05blYk4n4bG8Qv2qn66DO40Zgyv4brpJ+Q39LRTskFFThDyL8Q2Ya6B3ycegctPH
s2bgewR0yYEc6k6IPSc9vXcTUgZazkEC4GkPQDMaPK6aio0K8dupMHZ8HcE+nyxS
N+M1kY1mtOoPTrLux2RForSac5D78Fvm2Vd3bW1U5cDHyRY6UofptmqdMsFJabZV
zWPDP3EnH9ZkPfp61wD5wzKqESM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-fra.rpki-client.org