Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C23DC/06639F860A9311EA85AD886AC4F9AE02/B9C40C000A9311EA9CC1126BC4F9AE02.roa
File: B9C40C000A9311EA9CC1126BC4F9AE02.roa (raw, json)
Hash identifier: 2PcoiTAmP0BpWGodPabRh+4ZZAkCmCNlV1KlnaXgKUE=
Subject key identifier: 6F:79:07:E0:9A:76:82:96:60:B7:47:48:09:B0:B3:8E:71:54:5C:E9
Certificate issuer: /CN=A91C23DC/serialNumber=55F2E48740058E8FCC4F901A4A33E1F4176200F8
Certificate serial: 0A30
Authority key identifier: 55:F2:E4:87:40:05:8E:8F:CC:4F:90:1A:4A:33:E1:F4:17:62:00:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VfLkh0AFjo_MT5AaSjPh9BdiAPg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C23DC/06639F860A9311EA85AD886AC4F9AE02/B9C40C000A9311EA9CC1126BC4F9AE02.roa
Signing time: Wed 28 Sep 2022 12:17:16 +0000
ROA not before: Wed 28 Sep 2022 12:17:16 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 137961
IP address blocks: 103.118.84.0/22 maxlen: 22
103.118.84.0/23 maxlen: 23
103.118.84.0/24 maxlen: 24
103.118.85.0/24 maxlen: 24
103.118.86.0/23 maxlen: 23
103.118.86.0/24 maxlen: 24
103.118.87.0/24 maxlen: 24
2403:2ec0::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2608 (0xa30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C23DC/serialNumber=55F2E48740058E8FCC4F901A4A33E1F4176200F8
Validity
Not Before: Sep 28 12:17:16 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63343b4c-3c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c7:d3:15:03:41:47:38:c3:8b:e4:43:a8:5b:
f5:3d:e1:8e:40:54:0d:49:a9:bc:42:00:b7:d1:df:
4e:9d:d1:9c:3f:51:13:86:d3:da:23:64:88:9c:7a:
64:23:8b:02:58:35:f0:57:b9:af:fd:c1:0a:8e:b8:
b1:90:6f:1f:d4:bc:63:43:79:81:eb:55:cd:49:3c:
3a:da:ca:ff:a6:91:51:f0:ab:e6:5c:a2:80:8a:fd:
6a:e9:a7:d8:0a:c7:ed:06:2d:5c:4e:f1:2f:a0:a6:
aa:bb:d1:2d:fc:5e:1c:f8:3a:ac:48:af:b7:e2:bf:
be:62:d6:b1:57:d7:d6:06:8a:56:ab:2d:4b:bd:30:
08:d9:23:46:57:56:81:93:0c:d0:53:e2:ab:ab:22:
5d:d2:a1:8a:e7:0a:cc:36:21:79:e1:0a:38:4d:bc:
30:aa:a7:66:22:30:56:cd:9c:7d:3d:e4:f1:24:71:
5b:45:d7:44:6b:db:00:7e:76:21:79:62:be:ac:12:
af:5c:c5:0f:96:13:e5:85:7c:f5:b5:30:da:f5:95:
51:29:0f:c0:08:e0:8c:fa:69:05:a5:b1:6d:38:ca:
99:9c:39:28:70:7a:d6:0c:a2:d7:dc:6a:b0:16:86:
08:b6:a8:ac:61:98:47:0c:ae:5e:f0:d3:23:86:90:
d1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:79:07:E0:9A:76:82:96:60:B7:47:48:09:B0:B3:8E:71:54:5C:E9
X509v3 Authority Key Identifier:
keyid:55:F2:E4:87:40:05:8E:8F:CC:4F:90:1A:4A:33:E1:F4:17:62:00:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C23DC/06639F860A9311EA85AD886AC4F9AE02/VfLkh0AFjo_MT5AaSjPh9BdiAPg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VfLkh0AFjo_MT5AaSjPh9BdiAPg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C23DC/06639F860A9311EA85AD886AC4F9AE02/B9C40C000A9311EA9CC1126BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.84.0/22
IPv6:
2403:2ec0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:43:db:75:45:22:fe:74:f0:7d:b8:bc:f3:85:bb:16:e5:80:
8a:4e:0b:45:bb:44:30:64:7f:ef:23:34:b5:90:f6:a9:84:e3:
82:17:9b:41:89:e9:b2:68:9e:98:c0:b8:51:d1:33:b3:36:05:
56:3c:69:aa:81:5e:3c:fc:4e:49:3b:4b:c3:41:3a:1a:25:98:
97:d9:25:89:20:ad:63:ce:c3:f2:1a:7d:21:a9:4a:81:ca:a4:
64:cb:2a:e1:f4:32:98:0c:dc:76:54:ea:08:e8:a5:f4:50:7d:
0e:64:e1:48:76:9c:79:37:26:da:b7:9c:15:5c:e4:e6:c2:aa:
f5:9d:53:f4:69:5b:ac:b3:a0:3a:00:1a:d4:f4:91:04:9b:dd:
18:a7:78:ce:74:04:2d:a0:16:87:ab:af:3d:08:be:9b:6a:54:
ce:16:ec:be:b1:21:c6:f5:8f:c7:07:da:5e:f8:49:c9:24:d9:
da:8e:23:31:95:95:e5:f3:1b:48:1a:47:1a:2a:75:54:24:a3:
a6:a0:d7:3b:ee:f6:75:6f:1e:4b:61:8c:70:d2:07:20:f8:ff:
3a:7a:36:97:e4:c3:5a:d2:b1:15:5e:45:e5:99:70:90:e2:5d:
57:1b:52:95:3c:07:a8:3e:8b:62:22:e1:38:67:bf:d3:04:82:
64:a6:07:59
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCjAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzIzREMxMTAvBgNVBAUTKDU1RjJFNDg3NDAwNThFOEZDQzRGOTAxQTRBMzNFMUY0
MTc2MjAwRjgwHhcNMjIwOTI4MTIxNzE2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM0M2I0Yy0zYzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1sfTFQNBRzjDi+RDqFv1PeGOQFQNSam8QgC30d9OndGcP1EThtPaI2SInHpk
I4sCWDXwV7mv/cEKjrixkG8f1LxjQ3mB61XNSTw62sr/ppFR8KvmXKKAiv1q6afY
CsftBi1cTvEvoKaqu9Et/F4c+DqsSK+34r++YtaxV9fWBopWqy1LvTAI2SNGV1aB
kwzQU+KrqyJd0qGK5wrMNiF54Qo4TbwwqqdmIjBWzZx9PeTxJHFbRddEa9sAfnYh
eWK+rBKvXMUPlhPlhXz1tTDa9ZVRKQ/ACOCM+mkFpbFtOMqZnDkocHrWDKLX3Gqw
FoYItqisYZhHDK5e8NMjhpDRkwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFG95B+Ca
doKWYLdHSAmws45xVFzpMB8GA1UdIwQYMBaAFFXy5IdABY6PzE+QGkoz4fQXYgD4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjNEQy8wNjYzOUY4NjBB
OTMxMUVBODVBRDg4NkFDNEY5QUUwMi9WZkxraDBBRmpvX01UNUFhU2pQaDlCZGlB
UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZmTGtoMEFGam9fTVQ1QWFTalBoOUJkaUFQZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzIzREMvMDY2MzlGODYwQTkzMTFFQTg1QUQ4ODZBQzRGOUFFMDIvQjlDNDBDMDAw
QTkzMTFFQTlDQzExMjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndlQwDQQCAAIwBwMFACQDLsAwDQYJKoZIhvcNAQELBQAD
ggEBACxD23VFIv508H24vPOFuxblgIpOC0W7RDBkf+8jNLWQ9qmE44IXm0GJ6bJo
npjAuFHRM7M2BVY8aaqBXjz8Tkk7S8NBOholmJfZJYkgrWPOw/IafSGpSoHKpGTL
KuH0MpgM3HZU6gjopfRQfQ5k4Uh2nHk3Jtq3nBVc5ObCqvWdU/RpW6yzoDoAGtT0
kQSb3RineM50BC2gFoerrz0IvptqVM4W7L6xIcb1j8cH2l74Sckk2dqOIzGVleXz
G0gaRxoqdVQko6ag1zvu9nVvHkthjHDSByD4/zp6Npfkw1rSsRVeReWZcJDiXVcb
UpU8B6g+i2Ii4Thnv9MEgmSmB1k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org