Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/F9AC8686908B11EDB0E85717C4F9AE02.roa
File: F9AC8686908B11EDB0E85717C4F9AE02.roa (raw, json)
Hash identifier: a4yhw4F5BMRB0vxq77HLJFrPVkCEeBVTBpEXWntWyP4=
Subject key identifier: 38:D4:79:42:56:C8:8A:E4:08:E7:E8:E4:9A:CD:62:72:CA:E9:30:07
Certificate issuer: /CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Certificate serial: 32E7
Authority key identifier: A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/F9AC8686908B11EDB0E85717C4F9AE02.roa
Signing time: Tue 10 Jan 2023 02:30:41 +0000
ROA not before: Tue 10 Jan 2023 02:30:41 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 58731
IP address blocks: 103.112.36.0/22 maxlen: 22
180.189.160.0/20 maxlen: 20
180.189.164.0/22 maxlen: 22
180.189.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13031 (0x32e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8D22/serialNumber=A683F6724C02A13F2D39CF2F21500BE00380DDE3
Validity
Not Before: Jan 10 02:30:41 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=63bccdd1-ee74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b9:a4:10:6c:01:ca:5e:9b:ef:d2:7c:a2:11:
db:9f:2e:c3:e5:52:18:87:d8:58:36:e7:73:6d:5a:
cd:a8:23:6c:5b:5f:6c:27:74:b4:bf:72:8f:95:ab:
1b:03:54:7c:e7:c8:b6:9b:0b:3a:17:96:4f:63:c9:
4b:78:98:1c:3b:54:be:eb:03:4f:ed:76:2e:8c:ac:
7a:70:ea:76:32:aa:67:3b:3d:42:23:7a:3d:a6:cb:
0e:07:2a:79:cf:71:7a:ef:c0:b5:06:40:0d:2d:91:
b6:e1:25:56:c7:b1:53:e1:cf:7b:a2:4a:68:13:52:
51:ff:83:9e:b1:15:df:5c:c7:db:ba:33:a7:61:34:
f5:c5:44:29:d2:7f:6e:8c:e9:b3:aa:99:c6:6e:64:
8c:d1:fa:4f:39:56:83:31:29:55:f2:14:e1:a0:91:
26:3f:04:65:db:a2:87:3f:a1:20:f3:27:f6:8a:b3:
b0:ba:ff:e6:72:9d:fa:30:38:35:35:e2:fc:7d:91:
7e:34:da:42:58:6b:57:78:75:64:85:70:b7:77:01:
a2:8d:8d:3a:ce:9d:4f:2c:c7:66:ab:5c:6f:20:42:
8c:d1:87:45:e1:1e:73:33:cc:b4:4e:d6:cf:a3:0b:
05:3e:e2:1c:48:35:f7:1e:50:3a:27:b5:1f:37:e6:
fe:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D4:79:42:56:C8:8A:E4:08:E7:E8:E4:9A:CD:62:72:CA:E9:30:07
X509v3 Authority Key Identifier:
keyid:A6:83:F6:72:4C:02:A1:3F:2D:39:CF:2F:21:50:0B:E0:03:80:DD:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/poP2ckwCoT8tOc8vIVAL4AOA3eM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/poP2ckwCoT8tOc8vIVAL4AOA3eM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8D22/252697981D9211E2B618CAF408B02CD2/F9AC8686908B11EDB0E85717C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.36.0/22
180.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
21:36:c3:2f:09:bc:fb:d7:90:9b:42:9e:37:e2:17:ee:a0:e8:
af:df:c0:b3:d0:dc:5d:5e:a1:09:a9:0c:f7:21:e2:90:bd:cd:
76:e1:1b:f0:b9:cd:82:ef:38:d6:03:80:78:69:c8:2d:89:b1:
3e:8d:c8:8b:84:e9:db:26:9c:8c:d2:b0:72:ad:d9:93:c5:26:
88:fb:d0:47:0b:ad:cb:6a:f1:eb:c5:3c:81:02:da:04:6b:21:
49:48:d2:bf:f9:fc:56:0d:bf:ba:0d:97:ed:23:3a:8b:d7:5d:
d6:da:97:91:c6:45:ca:76:4a:2a:69:cf:18:47:38:0c:73:53:
3f:8d:52:6c:81:ba:5c:74:72:52:66:3f:14:31:dd:97:2d:5b:
20:db:74:9b:b2:03:a0:ff:bd:27:92:b7:24:56:b5:7f:a2:f6:
aa:87:98:8c:a1:c5:57:4f:23:bd:85:39:ca:af:7b:42:10:08:
8e:e5:32:e1:85:19:76:d2:3b:ee:12:16:c6:e4:8f:a8:35:15:
c1:7d:b9:e1:52:68:65:b0:e3:1b:4e:cf:7c:d2:b4:a6:18:f0:
e8:e9:55:d4:09:f1:76:cf:dd:12:79:03:8a:4f:3e:cf:90:44:
d7:a7:c0:6b:c3:c7:4f:b4:45:e1:b4:f3:41:c0:35:85:8b:d4:
1b:f7:d0:f2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICMucwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QThEMjIxMTAvBgNVBAUTKEE2ODNGNjcyNEMwMkExM0YyRDM5Q0YyRjIxNTAwQkUw
MDM4MERERTMwHhcNMjMwMTEwMDIzMDQxWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JjY2RkMS1lZTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6bmkEGwByl6b79J8ohHbny7D5VIYh9hYNudzbVrNqCNsW19sJ3S0v3KPlasb
A1R858i2mws6F5ZPY8lLeJgcO1S+6wNP7XYujKx6cOp2MqpnOz1CI3o9pssOByp5
z3F678C1BkANLZG24SVWx7FT4c97okpoE1JR/4OesRXfXMfbujOnYTT1xUQp0n9u
jOmzqpnGbmSM0fpPOVaDMSlV8hThoJEmPwRl26KHP6Eg8yf2irOwuv/mcp36MDg1
NeL8fZF+NNpCWGtXeHVkhXC3dwGijY06zp1PLMdmq1xvIEKM0YdF4R5zM8y0TtbP
owsFPuIcSDX3HlA6J7UfN+b+XQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDjUeUJW
yIrkCOfo5JrNYnLK6TAHMB8GA1UdIwQYMBaAFKaD9nJMAqE/LTnPLyFQC+ADgN3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOEQyMi8yNTI2OTc5ODFE
OTIxMUUyQjYxOENBRjQwOEIwMkNEMi9wb1AyY2t3Q29UOHRPYzh2SVZBTDRBT0Ez
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BvUDJja3dDb1Q4dE9jOHZJVkFMNEFPQTNlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QThEMjIvMjUyNjk3OTgxRDkyMTFFMkI2MThDQUY0MDhCMDJDRDIvRjlBQzg2ODY5
MDhCMTFFREIwRTg1NzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJncCQDBAS0vaAwDQYJKoZIhvcNAQELBQADggEBACE2wy8J
vPvXkJtCnjfiF+6g6K/fwLPQ3F1eoQmpDPch4pC9zXbhG/C5zYLvONYDgHhpyC2J
sT6NyIuE6dsmnIzSsHKt2ZPFJoj70EcLrctq8evFPIEC2gRrIUlI0r/5/FYNv7oN
l+0jOovXXdbal5HGRcp2SippzxhHOAxzUz+NUmyBulx0clJmPxQx3ZctWyDbdJuy
A6D/vSeStyRWtX+i9qqHmIyhxVdPI72FOcqve0IQCI7lMuGFGXbSO+4SFsbkj6g1
FcF9ueFSaGWw4xtOz3zStKYY8OjpVdQJ8XbP3RJ5A4pPPs+QRNenwGvDx0+0ReG0
80HANYWL1Bv30PI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org