Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/8A540E0A011311EE8A25F429C4F9AE02.roa
File: 8A540E0A011311EE8A25F429C4F9AE02.roa (raw, json)
Hash identifier: zGWvTF2VomCJHL9wgl1OII1JXXjsOtu9MlJx+FCXobM=
Subject key identifier: 0D:C5:BF:B4:BE:C2:A0:9A:46:CC:DB:55:0A:A4:E5:14:6D:31:75:F1
Certificate issuer: /CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Certificate serial: 022F
Authority key identifier: 70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/8A540E0A011311EE8A25F429C4F9AE02.roa
Signing time: Fri 02 Jun 2023 07:33:43 +0000
ROA not before: Fri 02 Jun 2023 07:33:43 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 136816
IP address blocks: 103.84.44.0/22 maxlen: 22
210.79.61.0/24 maxlen: 24
210.79.62.0/24 maxlen: 24
210.79.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 559 (0x22f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Validity
Not Before: Jun 2 07:33:43 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64799b56-6ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:91:aa:dd:22:24:fc:0a:23:6e:31:86:31:c6:
e7:d9:c8:8b:9a:e0:e2:c5:08:d8:35:39:ac:4c:af:
82:29:11:8c:f8:b2:77:97:dc:84:4e:8c:61:af:41:
ca:bd:cb:14:89:36:ce:ff:69:a4:64:db:f2:d6:fe:
ed:7d:6d:c1:41:0d:4a:66:99:44:e1:14:58:df:77:
8a:d9:1f:9d:d2:ef:36:03:e5:ce:00:47:fe:f5:4f:
a9:99:08:e4:55:11:1c:2e:07:b0:75:2a:1b:9f:40:
a3:ec:82:bc:f7:64:cb:67:5b:ea:37:eb:16:e1:93:
03:25:11:0f:74:25:ac:bc:91:0a:94:55:1a:0a:af:
d8:0e:61:2d:fb:df:d2:d1:b7:bb:60:ac:4a:aa:6a:
93:86:9f:21:9c:ad:15:b3:82:46:81:e6:ff:63:eb:
f9:80:b3:1b:60:8f:6a:66:3a:68:ac:9e:a3:6b:ca:
5b:87:cb:44:96:fc:a0:de:8b:37:97:a6:03:de:57:
b3:f3:78:3f:e7:ba:6a:ac:4e:d5:7b:47:8b:af:6f:
58:2d:0e:0c:58:8d:53:46:5d:e1:fc:b2:d2:7f:01:
96:a9:12:95:18:b9:21:e3:16:3b:28:35:04:b5:df:
55:9b:33:7b:70:4b:f8:f1:fc:29:fc:92:6a:27:d0:
63:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:C5:BF:B4:BE:C2:A0:9A:46:CC:DB:55:0A:A4:E5:14:6D:31:75:F1
X509v3 Authority Key Identifier:
keyid:70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/cB88FPCtfu9l000APNwZJGSM3jc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/8A540E0A011311EE8A25F429C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.44.0/22
210.79.61.0-210.79.63.255
Signature Algorithm: sha256WithRSAEncryption
6f:c3:a6:95:c9:06:3d:44:6a:a3:de:7e:27:f6:3b:aa:a9:d2:
18:18:06:98:f3:f0:ca:e5:e4:e3:d7:d4:2b:70:d6:e4:8c:d3:
56:a9:a4:35:a7:e5:a6:74:03:a6:16:a5:44:13:6c:4a:72:a9:
6f:04:e0:97:e8:be:66:14:f0:41:90:83:13:d7:a2:c0:a0:70:
67:05:6d:3d:53:3f:3c:b0:96:ef:e6:4e:25:39:7a:4e:8c:7b:
b7:83:29:9d:ad:f6:a6:5b:c4:ea:88:66:d7:6c:03:c3:b1:94:
38:38:c6:97:fc:e0:64:d7:6b:ff:45:04:19:96:97:7b:91:44:
16:82:8c:39:53:ab:24:f8:43:9e:58:f9:4a:06:87:27:de:d9:
42:3e:73:f3:34:5f:95:f5:22:8f:28:d9:54:e8:1b:f0:1b:29:
96:78:e6:ae:42:bf:8e:f6:24:36:32:d7:a2:05:44:dd:77:42:
2d:6c:d5:11:85:18:c0:23:35:ee:b9:ef:07:ef:50:11:a2:0a:
03:d0:5b:76:e7:27:52:ae:d6:5c:6d:a1:46:18:63:c1:03:6d:
3c:20:54:09:d1:b9:96:50:36:61:6c:e9:ec:26:65:ab:13:03:
ae:64:00:e0:12:d9:28:73:9c:8c:50:a3:c5:f9:fe:5b:28:5d:
21:70:c2:d4
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICAi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzYzQTYxMTAvBgNVBAUTKDcwMUYzQzE0RjBBRDdFRUY2NUQzNEQwMDNDREMxOTI0
NjQ4Q0RFMzcwHhcNMjMwNjAyMDczMzQzWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5OWI1Ni02YWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0JGq3SIk/AojbjGGMcbn2ciLmuDixQjYNTmsTK+CKRGM+LJ3l9yEToxhr0HK
vcsUiTbO/2mkZNvy1v7tfW3BQQ1KZplE4RRY33eK2R+d0u82A+XOAEf+9U+pmQjk
VREcLgewdSobn0Cj7IK892TLZ1vqN+sW4ZMDJREPdCWsvJEKlFUaCq/YDmEt+9/S
0be7YKxKqmqThp8hnK0Vs4JGgeb/Y+v5gLMbYI9qZjporJ6ja8pbh8tElvyg3os3
l6YD3lez83g/57pqrE7Ve0eLr29YLQ4MWI1TRl3h/LLSfwGWqRKVGLkh4xY7KDUE
td9VmzN7cEv48fwp/JJqJ9BjbQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFA3Fv7S+
wqCaRszbVQqk5RRtMXXxMB8GA1UdIwQYMBaAFHAfPBTwrX7vZdNNADzcGSRkjN43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjNBNi8wRDM5QzRFNDlB
OUIxMUVDODJDNzBCMjBDNEY5QUUwMi9jQjg4RlBDdGZ1OWwwMDBBUE53WkpHU00z
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NCODhGUEN0ZnU5bDAwMEFQTndaSkdTTTNqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzYzQTYvMEQzOUM0RTQ5QTlCMTFFQzgyQzcwQjIwQzRGOUFFMDIvOEE1NDBFMEEw
MTEzMTFFRThBMjVGNDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAJnVCwwDAMEANJPPQMEBtJPADANBgkqhkiG9w0BAQsFAAOC
AQEAb8OmlckGPURqo95+J/Y7qqnSGBgGmPPwyuXk49fUK3DW5IzTVqmkNaflpnQD
phalRBNsSnKpbwTgl+i+ZhTwQZCDE9eiwKBwZwVtPVM/PLCW7+ZOJTl6Tox7t4Mp
na32plvE6ohm12wDw7GUODjGl/zgZNdr/0UEGZaXe5FEFoKMOVOrJPhDnlj5SgaH
J97ZQj5z8zRflfUijyjZVOgb8BsplnjmrkK/jvYkNjLXogVE3XdCLWzVEYUYwCM1
7rnvB+9QEaIKA9BbducnUq7WXG2hRhhjwQNtPCBUCdG5llA2YWzp7CZlqxMDrmQA
4BLZKHOcjFCjxfn+WyhdIXDC1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org