Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/6898E4328C7811EBB7E88620C4F9AE02.roa
File: 6898E4328C7811EBB7E88620C4F9AE02.roa (raw, json)
Hash identifier: FNc2qUb3eFF+LSnGyIL0xDZbtc73pgIO2UHYHl7+au0=
Subject key identifier: 4D:4F:62:B9:ED:E7:11:BE:69:05:83:71:1E:B2:6D:D0:C2:EC:2A:5C
Certificate issuer: /CN=A91AABB1/serialNumber=EB7FE9892DF000255FCF3AC0B2B4D12AEA6FF806
Certificate serial: 334D
Authority key identifier: EB:7F:E9:89:2D:F0:00:25:5F:CF:3A:C0:B2:B4:D1:2A:EA:6F:F8:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/63_piS3wACVfzzrAsrTRKupv-AY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/6898E4328C7811EBB7E88620C4F9AE02.roa
Signing time: Sun 18 Sep 2022 08:30:54 +0000
ROA not before: Sun 18 Sep 2022 08:30:54 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 132608
IP address blocks: 103.248.204.0/22 maxlen: 22
103.248.206.0/24 maxlen: 24
114.130.8.0/24 maxlen: 24
114.130.36.0/22 maxlen: 22
114.130.36.0/24 maxlen: 24
114.130.37.0/24 maxlen: 24
114.130.41.0/24 maxlen: 24
114.130.68.0/24 maxlen: 24
114.130.80.0/24 maxlen: 24
114.130.83.0/24 maxlen: 24
114.130.84.0/24 maxlen: 24
114.130.85.0/24 maxlen: 24
114.130.86.0/24 maxlen: 24
114.130.89.0/24 maxlen: 24
114.130.92.0/24 maxlen: 24
114.130.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13133 (0x334d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AABB1/serialNumber=EB7FE9892DF000255FCF3AC0B2B4D12AEA6FF806
Validity
Not Before: Sep 18 08:30:54 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6326d73e-48ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ee:a3:41:91:e3:e9:93:3d:23:52:f1:2d:28:
c4:7b:ce:96:b6:67:b0:ac:08:6f:56:c3:05:7d:b3:
3e:44:d2:66:97:ac:e4:05:30:e7:b5:cd:4c:71:7d:
f1:b1:b4:a9:a9:b7:44:f2:1a:8c:80:50:98:13:06:
ae:61:b7:6f:c8:da:96:e7:55:6c:49:ad:8e:ea:eb:
f1:a2:9a:58:89:be:98:90:9d:fc:9e:85:6e:89:5a:
13:c7:5c:25:66:d8:0c:1f:7d:f3:0a:92:f2:64:19:
c0:a9:50:5d:b7:31:0e:12:6f:79:15:21:bc:9b:7c:
18:65:cd:01:6c:fd:f8:ec:8b:4f:d6:26:13:e8:c9:
3e:8a:35:e3:fb:dc:c8:f8:14:06:ff:96:e8:be:70:
b5:05:cd:b3:fa:52:7a:95:37:12:d0:d7:c6:2b:d8:
f0:1f:76:ea:f1:41:1d:32:1a:81:c8:5d:b4:30:cf:
88:12:7a:ce:75:3f:ad:19:3a:71:12:42:c5:09:80:
81:b1:5e:10:4b:2a:96:6f:3b:82:19:8d:cc:82:e3:
da:22:05:f7:99:e9:a1:62:2e:e9:11:17:44:fd:38:
61:ca:27:ad:c9:80:03:3a:e7:0e:7a:34:2f:2f:72:
46:2c:58:ce:01:9e:70:15:9f:02:00:33:25:8d:0c:
3e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4F:62:B9:ED:E7:11:BE:69:05:83:71:1E:B2:6D:D0:C2:EC:2A:5C
X509v3 Authority Key Identifier:
keyid:EB:7F:E9:89:2D:F0:00:25:5F:CF:3A:C0:B2:B4:D1:2A:EA:6F:F8:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/63_piS3wACVfzzrAsrTRKupv-AY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/63_piS3wACVfzzrAsrTRKupv-AY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AABB1/8874E9E81D9811E29788A98208B02CD2/6898E4328C7811EBB7E88620C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.248.204.0/22
114.130.8.0/24
114.130.36.0/22
114.130.41.0/24
114.130.68.0/24
114.130.80.0/24
114.130.83.0-114.130.86.255
114.130.89.0/24
114.130.92.0/24
114.130.95.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:2c:45:18:d0:85:21:12:dc:e6:f1:7d:84:26:ab:4e:d1:d0:
a2:3e:b1:bf:f6:49:ba:33:eb:2e:ae:da:77:ee:45:63:81:b1:
34:d0:cd:f6:3b:9c:17:9a:7c:ad:78:e8:2a:02:7f:8e:5e:03:
7b:1c:96:00:af:12:7c:ea:4e:a5:34:34:00:c4:f1:a2:82:10:
7d:78:8c:03:c5:91:2f:ea:13:e4:55:0e:f2:e5:5c:03:a9:38:
a6:81:05:cb:c0:88:98:18:28:80:55:dc:36:23:d0:93:2b:58:
8a:f8:c5:1e:1a:7a:fb:20:c2:23:23:ae:07:a2:a2:8e:8e:88:
0a:46:17:8a:cd:4f:5c:10:d3:53:28:d4:a5:dc:88:75:c8:3f:
b7:9b:1f:a4:ca:83:a1:72:b6:48:59:46:31:f1:4f:42:0a:27:
6c:90:6d:a8:84:bd:25:7b:71:76:75:e8:1c:8f:e1:88:ac:69:
aa:b0:84:c4:4f:96:24:66:05:bf:9d:0e:60:80:c4:3e:bf:9a:
69:82:4d:fa:be:80:39:62:5c:43:69:c8:11:38:42:81:0d:44:
c5:89:92:0c:35:d5:4e:3e:ff:e0:94:fc:47:78:24:3f:59:f0:
04:09:28:b8:cc:73:31:d2:05:fd:4e:63:17:a6:82:08:de:cf:
8c:3f:fa:a0
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICM00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFCQjExMTAvBgNVBAUTKEVCN0ZFOTg5MkRGMDAwMjU1RkNGM0FDMEIyQjREMTJB
RUE2RkY4MDYwHhcNMjIwOTE4MDgzMDU0WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzI2ZDczZS00OGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqu6jQZHj6ZM9I1LxLSjEe86WtmewrAhvVsMFfbM+RNJml6zkBTDntc1McX3x
sbSpqbdE8hqMgFCYEwauYbdvyNqW51VsSa2O6uvxoppYib6YkJ38noVuiVoTx1wl
ZtgMH33zCpLyZBnAqVBdtzEOEm95FSG8m3wYZc0BbP347ItP1iYT6Mk+ijXj+9zI
+BQG/5bovnC1Bc2z+lJ6lTcS0NfGK9jwH3bq8UEdMhqByF20MM+IEnrOdT+tGTpx
EkLFCYCBsV4QSyqWbzuCGY3MguPaIgX3memhYi7pERdE/ThhyietyYADOucOejQv
L3JGLFjOAZ5wFZ8CADMljQw+LwIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFE1PYrnt
5xG+aQWDcR6ybdDC7CpcMB8GA1UdIwQYMBaAFOt/6Ykt8AAlX886wLK00Srqb/gG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUJCMS84ODc0RTlFODFE
OTgxMUUyOTc4OEE5ODIwOEIwMkNEMi82M19waVMzd0FDVmZ6enJBc3JUUkt1cHYt
QVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzYzX3BpUzN3QUNWZnp6ckFzclRSS3Vwdi1BWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFCQjEvODg3NEU5RTgxRDk4MTFFMjk3ODhBOTgyMDhCMDJDRDIvNjg5OEU0MzI4
Qzc4MTFFQkI3RTg4NjIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMEoEAgABMEQDBAJn+MwDBABygggDBAJygiQDBABygikDBABygkQDBAByglAw
DAMEAHKCUwMEAHKCVgMEAHKCWQMEAHKCXAMEAHKCXzANBgkqhkiG9w0BAQsFAAOC
AQEAXixFGNCFIRLc5vF9hCarTtHQoj6xv/ZJujPrLq7ad+5FY4GxNNDN9jucF5p8
rXjoKgJ/jl4DexyWAK8SfOpOpTQ0AMTxooIQfXiMA8WRL+oT5FUO8uVcA6k4poEF
y8CImBgogFXcNiPQkytYivjFHhp6+yDCIyOuB6Kijo6ICkYXis1PXBDTUyjUpdyI
dcg/t5sfpMqDoXK2SFlGMfFPQgonbJBtqIS9JXtxdnXoHI/hiKxpqrCExE+WJGYF
v50OYIDEPr+aaYJN+r6AOWJcQ2nIEThCgQ1ExYmSDDXVTj7/4JT8R3gkP1nwBAko
uMxzMdIF/U5jF6aCCN7PjD/6oA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org