Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5413/DF99A1E87BE811EB9A092342C4F9AE02/4BEDA5A02CDD11ED84194B1BC4F9AE02.roa
File: 4BEDA5A02CDD11ED84194B1BC4F9AE02.roa (raw, json)
Hash identifier: LZ+05nYqSGK99hPoUdDqKN8+PXvV4QBc/Pl16hi+eY8=
Subject key identifier: 24:ED:E1:96:94:5A:B3:94:F2:59:AE:C3:56:FF:80:71:65:4C:03:F3
Certificate issuer: /CN=A91C5413/serialNumber=366C3653E4875DEF5EB64F98928FAFD30FEE8878
Certificate serial: 051B
Authority key identifier: 36:6C:36:53:E4:87:5D:EF:5E:B6:4F:98:92:8F:AF:D3:0F:EE:88:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nmw2U-SHXe9etk-Yko-v0w_uiHg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C5413/DF99A1E87BE811EB9A092342C4F9AE02/4BEDA5A02CDD11ED84194B1BC4F9AE02.roa
Signing time: Fri 28 Jul 2023 23:40:00 +0000
ROA not before: Fri 28 Jul 2023 23:40:00 +0000
ROA not after: Tue 28 Nov 2023 00:00:00 +0000
asID: 137480
IP address blocks: 103.110.64.0/22 maxlen: 22
103.110.64.0/23 maxlen: 23
103.110.64.0/24 maxlen: 24
103.110.65.0/24 maxlen: 24
103.110.66.0/23 maxlen: 23
103.110.66.0/24 maxlen: 24
103.110.67.0/24 maxlen: 24
2402:8440::/32 maxlen: 32
2402:8440::/48 maxlen: 48
2402:8440:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1307 (0x51b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C5413/serialNumber=366C3653E4875DEF5EB64F98928FAFD30FEE8878
Validity
Not Before: Jul 28 23:40:00 2023 GMT
Not After : Nov 28 00:00:00 2023 GMT
Subject: CN=64c451d0-fbb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7e:a5:04:b3:20:84:39:f3:60:59:4c:71:c6:
14:d1:f4:4d:50:34:b9:78:7e:8b:e1:d6:b4:0c:5f:
79:c4:52:5c:0c:a4:22:1a:04:e2:88:43:e8:e6:c9:
86:9a:b1:55:58:44:1b:ac:38:46:45:d6:07:45:16:
ba:a2:ce:d2:b0:14:38:e3:0f:ad:8a:fa:5d:0f:63:
06:17:8b:62:ac:6b:f9:fd:90:dd:d7:b2:df:bc:12:
17:da:2e:80:c0:00:4a:e3:a6:0c:e7:2e:4a:54:c4:
0e:f7:71:9d:30:84:b6:44:3f:18:d5:4e:4a:07:ea:
44:5f:6e:64:b5:6e:91:08:7a:48:8a:35:ce:7a:72:
a1:d9:fb:65:23:a2:ba:08:12:1a:10:ad:b4:c9:30:
25:9b:63:97:04:bc:f4:d0:9d:ac:2d:39:02:98:a4:
b3:7b:24:56:ca:6d:03:cd:c5:83:1f:55:45:5f:f3:
61:c3:65:a2:a4:b9:64:1d:d5:41:54:8f:68:ed:dd:
ff:ef:b6:ab:41:0c:db:9e:91:61:78:ee:d3:17:c4:
5f:df:bb:1f:c3:a9:fb:dc:4b:06:5c:6d:ab:e4:b3:
c4:61:13:2e:96:bb:07:44:49:5c:56:b5:6f:19:17:
94:f6:58:45:9a:19:c1:5b:19:1d:89:aa:d7:29:c5:
ba:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:ED:E1:96:94:5A:B3:94:F2:59:AE:C3:56:FF:80:71:65:4C:03:F3
X509v3 Authority Key Identifier:
keyid:36:6C:36:53:E4:87:5D:EF:5E:B6:4F:98:92:8F:AF:D3:0F:EE:88:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C5413/DF99A1E87BE811EB9A092342C4F9AE02/Nmw2U-SHXe9etk-Yko-v0w_uiHg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nmw2U-SHXe9etk-Yko-v0w_uiHg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5413/DF99A1E87BE811EB9A092342C4F9AE02/4BEDA5A02CDD11ED84194B1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.64.0/22
IPv6:
2402:8440::/32
Signature Algorithm: sha256WithRSAEncryption
68:52:70:ad:87:c3:0d:40:69:68:23:c9:2e:c4:0a:c0:a8:78:
56:69:eb:e2:75:f1:5d:2f:00:18:8d:c7:00:07:0a:1b:34:3d:
3e:ba:5f:a1:67:8f:23:71:45:f9:43:40:72:d3:6c:ff:98:68:
d0:2b:ff:7e:74:fd:bd:8d:02:3e:48:ea:27:9f:0b:c2:06:02:
7b:e3:f8:2e:e4:8a:58:b7:bf:8f:fe:4e:98:ef:ff:21:fc:d7:
c6:81:43:78:96:25:ea:fb:59:f8:51:da:bd:9b:20:52:f6:72:
17:8b:2e:5c:17:f3:85:82:f3:f6:d2:68:ff:64:2f:f2:0b:f8:
20:04:e9:6a:d0:bf:7d:d2:86:20:16:4d:8a:1c:0e:eb:85:e8:
06:d1:7c:47:8c:fb:51:49:b6:31:cf:f5:9a:97:a9:ca:cd:97:
dc:a0:d2:8a:ba:b7:84:69:62:3b:69:e3:66:4d:29:97:0c:b0:
63:fa:a6:b3:3f:d6:11:6c:b9:53:cc:5f:a6:0e:a3:e5:cf:8a:
e2:ea:ae:38:93:aa:5b:b5:f3:e7:32:b6:d3:bb:68:04:2d:11:
b4:0a:45:8e:d3:bb:4b:bc:07:96:34:e8:f0:ee:c0:b1:49:b8:
a4:a8:39:e0:ac:77:29:ad:3a:67:38:b9:a4:5a:b6:44:bb:22:
96:55:d7:13
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBRswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzU0MTMxMTAvBgNVBAUTKDM2NkMzNjUzRTQ4NzVERUY1RUI2NEY5ODkyOEZBRkQz
MEZFRTg4NzgwHhcNMjMwNzI4MjM0MDAwWhcNMjMxMTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM0NTFkMC1mYmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxX6lBLMghDnzYFlMccYU0fRNUDS5eH6L4da0DF95xFJcDKQiGgTiiEPo5smG
mrFVWEQbrDhGRdYHRRa6os7SsBQ44w+tivpdD2MGF4tirGv5/ZDd17LfvBIX2i6A
wABK46YM5y5KVMQO93GdMIS2RD8Y1U5KB+pEX25ktW6RCHpIijXOenKh2ftlI6K6
CBIaEK20yTAlm2OXBLz00J2sLTkCmKSzeyRWym0DzcWDH1VFX/Nhw2WipLlkHdVB
VI9o7d3/77arQQzbnpFheO7TF8Rf37sfw6n73EsGXG2r5LPEYRMulrsHRElcVrVv
GReU9lhFmhnBWxkdiarXKcW6uwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCTt4ZaU
WrOU8lmuw1b/gHFlTAPzMB8GA1UdIwQYMBaAFDZsNlPkh13vXrZPmJKPr9MP7oh4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTQxMy9ERjk5QTFFODdC
RTgxMUVCOUEwOTIzNDJDNEY5QUUwMi9ObXcyVS1TSFhlOWV0ay1Za28tdjB3X3Vp
SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05tdzJVLVNIWGU5ZXRrLVlrby12MHdfdWlIZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzU0MTMvREY5OUExRTg3QkU4MTFFQjlBMDkyMzQyQzRGOUFFMDIvNEJFREE1QTAy
Q0REMTFFRDg0MTk0QjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnbkAwDQQCAAIwBwMFACQChEAwDQYJKoZIhvcNAQELBQAD
ggEBAGhScK2Hww1AaWgjyS7ECsCoeFZp6+J18V0vABiNxwAHChs0PT66X6FnjyNx
RflDQHLTbP+YaNAr/350/b2NAj5I6iefC8IGAnvj+C7kili3v4/+Tpjv/yH818aB
Q3iWJer7WfhR2r2bIFL2cheLLlwX84WC8/bSaP9kL/IL+CAE6WrQv33ShiAWTYoc
DuuF6AbRfEeM+1FJtjHP9ZqXqcrNl9yg0oq6t4RpYjtp42ZNKZcMsGP6prM/1hFs
uVPMX6YOo+XPiuLqrjiTqlu18+cyttO7aAQtEbQKRY7Tu0u8B5Y06PDuwLFJuKSo
OeCsdymtOmc4uaRatkS7IpZV1xM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org