Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1DB8/16CBC054A11E11E89E636710C4F9AE02/D6EBD2D859F611EA82A2AA85C4F9AE02.roa
File: D6EBD2D859F611EA82A2AA85C4F9AE02.roa (raw, json)
Hash identifier: UI5pKa+qiiQF0Mo+Xn8iwu1em9Z7g7Wqk/DsDDhqZw4=
Subject key identifier: E2:AE:EF:B8:C0:69:B6:44:8D:FF:05:8D:61:CD:04:2B:F7:CF:9C:FC
Certificate issuer: /CN=A91C1DB8/serialNumber=C319AF7BB4F981611AD00C32F8A357DE6353DC36
Certificate serial: 1154
Authority key identifier: C3:19:AF:7B:B4:F9:81:61:1A:D0:0C:32:F8:A3:57:DE:63:53:DC:36
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxmve7T5gWEa0Awy-KNX3mNT3DY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1DB8/16CBC054A11E11E89E636710C4F9AE02/D6EBD2D859F611EA82A2AA85C4F9AE02.roa
Signing time: Wed 07 Sep 2022 03:54:36 +0000
ROA not before: Wed 07 Sep 2022 03:54:36 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 10204
IP address blocks: 103.229.32.0/24 maxlen: 24
103.229.33.0/24 maxlen: 24
103.229.34.0/24 maxlen: 24
103.229.35.0/24 maxlen: 24
203.115.192.0/21 maxlen: 21
203.115.192.0/24 maxlen: 24
203.115.199.0/24 maxlen: 24
203.115.201.0/24 maxlen: 24
203.115.205.0/24 maxlen: 24
203.115.208.0/21 maxlen: 21
203.115.211.0/24 maxlen: 24
203.115.212.0/22 maxlen: 22
203.115.217.0/24 maxlen: 24
203.115.222.0/24 maxlen: 24
203.115.224.0/19 maxlen: 19
203.115.225.0/24 maxlen: 24
203.115.226.0/23 maxlen: 23
203.115.231.0/24 maxlen: 24
203.115.238.0/24 maxlen: 24
203.115.246.0/24 maxlen: 24
203.115.249.0/24 maxlen: 24
203.115.251.0/24 maxlen: 24
203.115.252.0/22 maxlen: 22
203.115.252.0/24 maxlen: 24
2001:c18::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4436 (0x1154)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1DB8/serialNumber=C319AF7BB4F981611AD00C32F8A357DE6353DC36
Validity
Not Before: Sep 7 03:54:36 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=631815fc-4b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:63:8e:19:7d:59:a8:b9:da:ff:d7:46:f0:e3:
32:2e:27:97:7c:f6:01:0a:df:96:cb:18:04:42:55:
6f:b9:c6:bb:cd:ea:00:8e:8a:14:39:4c:74:23:3a:
07:2f:46:ea:3c:16:63:ae:a0:95:1d:b4:74:d8:ed:
55:e1:8b:ba:37:53:13:52:e1:5f:45:13:ea:7a:8c:
9a:59:20:d2:13:87:cf:96:bb:b2:c5:62:79:a4:84:
37:01:45:b9:d7:d0:34:ea:cd:3e:32:e8:48:79:cc:
6d:8f:16:3c:01:bc:21:c3:3a:3e:1b:aa:19:b7:7c:
2e:83:6c:1e:9e:d4:d4:73:0a:7c:51:8c:88:5d:23:
84:c7:70:02:f8:cd:28:bf:b8:d5:97:ae:96:0d:78:
b2:16:54:7e:8c:7f:97:a1:9e:fc:d7:06:b9:43:91:
1f:d8:00:1c:6b:b7:72:0a:c2:5a:8a:c9:49:3f:80:
4e:31:d3:3e:b3:83:e9:3b:61:69:62:5e:87:c0:16:
a8:a1:68:23:80:9e:4f:ce:f3:a5:8b:1d:7f:e6:33:
11:48:c7:53:e9:9e:6f:70:51:43:c7:3a:54:75:27:
d9:3d:6d:2f:d7:ec:4e:62:26:75:66:2e:ba:01:fb:
2a:6e:72:0c:e1:24:f1:e7:7a:fb:60:e3:bd:e2:06:
23:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AE:EF:B8:C0:69:B6:44:8D:FF:05:8D:61:CD:04:2B:F7:CF:9C:FC
X509v3 Authority Key Identifier:
keyid:C3:19:AF:7B:B4:F9:81:61:1A:D0:0C:32:F8:A3:57:DE:63:53:DC:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/16CBC054A11E11E89E636710C4F9AE02/wxmve7T5gWEa0Awy-KNX3mNT3DY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxmve7T5gWEa0Awy-KNX3mNT3DY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1DB8/16CBC054A11E11E89E636710C4F9AE02/D6EBD2D859F611EA82A2AA85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.229.32.0/22
203.115.192.0/21
203.115.201.0/24
203.115.205.0/24
203.115.208.0/21
203.115.217.0/24
203.115.222.0/24
203.115.224.0/19
IPv6:
2001:c18::/32
Signature Algorithm: sha256WithRSAEncryption
54:90:21:f1:07:f9:14:25:4a:3e:f6:a1:eb:b7:e0:0f:a2:46:
20:f1:56:33:dc:78:9e:6c:da:a7:e1:74:a1:6b:7e:34:78:42:
cc:d5:be:ed:86:f3:b7:c5:5f:96:ae:57:bd:bc:16:46:cb:87:
a5:9b:b7:30:b8:73:33:80:6e:2c:2d:1c:fb:50:4f:d8:cf:de:
7a:6b:46:aa:81:41:f0:87:1a:3d:a9:83:33:c9:dd:c8:43:57:
cc:02:b7:f7:14:df:03:7d:b6:ee:f5:20:82:b2:d6:68:37:80:
ac:35:97:0d:53:68:47:16:4e:c2:2c:4a:12:b7:4c:20:b2:d3:
ad:6b:a1:a4:53:d8:69:22:86:5d:64:c7:5b:c1:b6:5b:f6:a2:
9f:d8:b6:93:27:26:5a:a7:54:58:88:0e:f1:f6:0d:15:70:ae:
20:9d:d4:17:69:5a:9c:42:b4:15:22:03:32:a8:12:23:05:ee:
f2:58:54:64:21:24:0d:19:0d:ba:6c:02:25:76:75:c1:26:b6:
ed:5f:85:71:f3:cb:45:0d:68:56:33:f7:76:e9:25:0e:8f:ab:
a6:40:93:bf:7d:ff:42:9b:7d:67:40:b9:b6:11:4a:d4:12:b4:
c2:87:63:dc:94:e9:2a:26:31:49:ab:b2:c1:12:10:0c:31:76:
08:fd:4b:1c
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICEVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFEQjgxMTAvBgNVBAUTKEMzMTlBRjdCQjRGOTgxNjExQUQwMEMzMkY4QTM1N0RF
NjM1M0RDMzYwHhcNMjIwOTA3MDM1NDM2WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE4MTVmYy00YjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqmOOGX1ZqLna/9dG8OMyLieXfPYBCt+WyxgEQlVvuca7zeoAjooUOUx0IzoH
L0bqPBZjrqCVHbR02O1V4Yu6N1MTUuFfRRPqeoyaWSDSE4fPlruyxWJ5pIQ3AUW5
19A06s0+MuhIecxtjxY8Abwhwzo+G6oZt3wug2wentTUcwp8UYyIXSOEx3AC+M0o
v7jVl66WDXiyFlR+jH+XoZ781wa5Q5Ef2AAca7dyCsJaislJP4BOMdM+s4PpO2Fp
Yl6HwBaooWgjgJ5PzvOlix1/5jMRSMdT6Z5vcFFDxzpUdSfZPW0v1+xOYiZ1Zi66
AfsqbnIM4STx53r7YOO94gYjVQIDAQABo4ICzjCCAsowHQYDVR0OBBYEFOKu77jA
abZEjf8FjWHNBCv3z5z8MB8GA1UdIwQYMBaAFMMZr3u0+YFhGtAMMvijV95jU9w2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMURCOC8xNkNCQzA1NEEx
MUUxMUU4OUU2MzY3MTBDNEY5QUUwMi93eG12ZTdUNWdXRWEwQXd5LUtOWDNtTlQz
RFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3d4bXZlN1Q1Z1dFYTBBd3ktS05YM21OVDNEWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFEQjgvMTZDQkMwNTRBMTFFMTFFODlFNjM2NzEwQzRGOUFFMDIvRDZFQkQyRDg1
OUY2MTFFQTgyQTJBQTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAJn5SADBAPLc8ADBADLc8kDBADLc80DBAPLc9ADBADLc9kD
BADLc94DBAXLc+AwDQQCAAIwBwMFACABDBgwDQYJKoZIhvcNAQELBQADggEBAFSQ
IfEH+RQlSj72oeu34A+iRiDxVjPceJ5s2qfhdKFrfjR4QszVvu2G87fFX5auV728
FkbLh6WbtzC4czOAbiwtHPtQT9jP3nprRqqBQfCHGj2pgzPJ3chDV8wCt/cU3wN9
tu71IIKy1mg3gKw1lw1TaEcWTsIsShK3TCCy061roaRT2Gkihl1kx1vBtlv2op/Y
tpMnJlqnVFiIDvH2DRVwriCd1BdpWpxCtBUiAzKoEiMF7vJYVGQhJA0ZDbpsAiV2
dcEmtu1fhXHzy0UNaFYz93bpJQ6Pq6ZAk799/0KbfWdAubYRStQStMKHY9yU6Som
MUmrssESEAwxdgj9Sxw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-fra.rpki-client.org