Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/3ED288D8764611EDAB3DDE6EC4F9AE02.roa
File: 3ED288D8764611EDAB3DDE6EC4F9AE02.roa (raw, json)
Hash identifier: oqeo3B9YNysULSnF7sjsMLoY8zlFr4C/ImDPyaRUGcw=
Subject key identifier: 0D:BA:56:BB:1B:65:25:44:39:06:00:78:F5:44:61:FE:11:94:BB:D4
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 0D37
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/3ED288D8764611EDAB3DDE6EC4F9AE02.roa
Signing time: Wed 07 Dec 2022 16:05:53 +0000
ROA not before: Wed 07 Dec 2022 16:05:53 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 17916
IP address blocks: 103.30.184.0/23 maxlen: 23
103.30.186.0/23 maxlen: 23
202.53.192.0/20 maxlen: 20
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00::/32 maxlen: 32
2401:df01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3383 (0xd37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Dec 7 16:05:53 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=6390b9e0-f6d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3e:3f:e9:5c:c5:3c:ae:7a:5c:e8:11:55:de:
86:73:58:31:11:8c:38:be:e6:c6:d5:84:27:8a:5f:
a8:78:73:3d:76:99:f6:67:fc:23:b4:a7:fe:3c:1e:
f5:06:36:22:f6:68:83:4b:92:94:e1:8f:a0:f1:b9:
e6:b2:a7:2e:f5:4e:9f:fd:f7:0b:9b:0a:9f:85:fe:
4c:1d:60:1c:2b:59:4b:3d:f9:de:e4:38:49:f3:33:
9d:00:06:1f:79:20:9d:20:ff:97:50:1e:0a:ce:73:
e2:96:f4:6b:28:23:64:fe:41:22:ad:7a:d2:b8:24:
af:a5:d7:15:83:1a:b9:6e:c6:2f:94:6a:52:05:78:
7c:ce:a7:4f:bf:7f:b5:96:d7:f8:8e:c3:c4:01:0f:
0c:66:da:2e:df:e3:32:f7:3c:01:10:96:87:5d:21:
8c:4c:cd:02:24:db:4d:c3:08:5b:4e:08:f6:f3:fb:
da:8e:7f:7a:6a:cf:4f:f5:fa:e1:81:ba:4b:d2:99:
cd:05:98:4a:f2:3a:18:6d:7a:d2:fc:12:9f:da:50:
5e:2d:a2:65:b4:94:f4:8b:54:cd:33:b3:93:f9:5e:
9a:17:df:23:d4:08:4b:e4:3e:a3:be:8e:63:5f:71:
6e:bb:3f:de:f5:d4:b6:08:5f:0b:14:80:7b:43:c4:
8f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BA:56:BB:1B:65:25:44:39:06:00:78:F5:44:61:FE:11:94:BB:D4
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/3ED288D8764611EDAB3DDE6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.30.184.0/22
202.53.192.0/20
IPv6:
2401:df00::/31
Signature Algorithm: sha256WithRSAEncryption
4c:e6:91:8e:7c:2f:7e:cc:57:6b:50:be:78:fb:5a:b9:a4:d1:
75:ab:fb:9e:9f:24:61:d3:79:0e:85:1a:9f:19:cc:d4:d7:46:
d4:37:a0:73:00:3b:c7:3b:0b:3a:57:b9:01:ad:78:62:34:02:
9d:36:42:04:29:60:71:e6:eb:45:e0:ad:be:8a:59:d9:c4:32:
71:b3:0e:60:ae:f3:64:9d:5b:ff:1c:53:02:ab:c8:fe:0f:55:
80:2f:76:98:bb:f4:62:d7:1d:86:ca:5f:75:ac:1f:e2:94:94:
bc:f3:44:8a:82:73:10:01:08:0c:58:aa:3d:b5:3c:0f:ab:2b:
72:79:73:ce:16:13:b1:ec:6a:70:62:ec:e2:7c:ab:4e:ce:92:
18:3c:87:a6:0a:78:85:05:de:95:36:bf:ac:dc:b7:c1:28:43:
3c:41:68:74:df:7f:2d:4f:e5:6a:68:43:19:82:61:7e:ef:3e:
b4:25:50:cb:ba:9f:a7:c5:04:4b:48:e5:60:72:4e:c1:be:d1:
33:45:fc:99:47:5c:ad:a0:4f:08:f9:d1:cb:f3:98:f0:5a:20:
ab:18:55:03:79:9c:67:07:0d:52:22:35:a5:47:4c:67:02:20:
1b:a2:e2:35:a8:78:a3:27:20:22:b7:15:74:6e:ac:94:5e:6d:
5a:ee:a2:50
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjIxMjA3MTYwNTUzWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MzkwYjllMC1mNmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2D4/6VzFPK56XOgRVd6Gc1gxEYw4vubG1YQnil+oeHM9dpn2Z/wjtKf+PB71
BjYi9miDS5KU4Y+g8bnmsqcu9U6f/fcLmwqfhf5MHWAcK1lLPfne5DhJ8zOdAAYf
eSCdIP+XUB4KznPilvRrKCNk/kEirXrSuCSvpdcVgxq5bsYvlGpSBXh8zqdPv3+1
ltf4jsPEAQ8MZtou3+My9zwBEJaHXSGMTM0CJNtNwwhbTgj28/vajn96as9P9frh
gbpL0pnNBZhK8joYbXrS/BKf2lBeLaJltJT0i1TNM7OT+V6aF98j1AhL5D6jvo5j
X3Fuuz/e9dS2CF8LFIB7Q8SPeQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFA26Vrsb
ZSVEOQYAePVEYf4RlLvUMB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvM0VEMjg4RDg3
NjQ2MTFFREFCM0RERTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnHrgDBATKNcAwDQQCAAIwBwMFASQB3wAwDQYJKoZIhvcN
AQELBQADggEBAEzmkY58L37MV2tQvnj7Wrmk0XWr+56fJGHTeQ6FGp8ZzNTXRtQ3
oHMAO8c7CzpXuQGteGI0Ap02QgQpYHHm60Xgrb6KWdnEMnGzDmCu82SdW/8cUwKr
yP4PVYAvdpi79GLXHYbKX3WsH+KUlLzzRIqCcxABCAxYqj21PA+rK3J5c84WE7Hs
anBi7OJ8q07Okhg8h6YKeIUF3pU2v6zct8EoQzxBaHTffy1P5WpoQxmCYX7vPrQl
UMu6n6fFBEtI5WByTsG+0TNF/JlHXK2gTwj50cvzmPBaIKsYVQN5nGcHDVIiNaVH
TGcCIBui4jWoeKMnICK3FXRurJRebVruolA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org