Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/0B486600053C11EAB8B8F070C4F9AE02.roa
File: 0B486600053C11EAB8B8F070C4F9AE02.roa (raw, json)
Hash identifier: BQSMIErWYxECPm1ZqNVe0smTOmb1Tv0g8t5B2Jxzoh0=
Subject key identifier: DA:F3:F4:57:69:8C:69:CC:17:81:D8:DC:4B:11:58:01:F5:9E:C4:EC
Certificate issuer: /CN=A91D4345/serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB
Certificate serial: 07FF
Authority key identifier: E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/0B486600053C11EAB8B8F070C4F9AE02.roa
Signing time: Thu 09 Dec 2021 08:15:50 +0000
ROA not before: Thu 09 Dec 2021 08:15:50 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 17471
IP address blocks: 103.7.112.0/22 maxlen: 24
122.99.96.0/21 maxlen: 24
202.125.64.0/20 maxlen: 24
203.83.160.0/19 maxlen: 24
203.191.32.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2047 (0x7ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D4345/serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB
Validity
Not Before: Dec 9 08:15:50 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61b1bb35-19be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:54:90:99:61:9a:85:3e:72:3e:1a:f0:1a:2d:
5f:f8:e6:00:f3:56:62:1a:31:e8:72:fb:0a:04:f7:
f6:bf:ab:5d:35:87:b7:9e:ec:fd:5a:88:11:2c:a9:
52:30:fe:4c:04:34:ba:fb:68:f4:d1:b5:a6:c0:26:
5a:94:47:3e:b0:e0:8d:28:80:be:0c:e1:3b:34:9b:
68:f7:af:80:68:12:17:b2:95:3d:75:0e:7a:ec:06:
83:2a:16:41:63:60:86:5c:8b:a5:5b:23:34:79:6b:
ab:27:47:04:b5:6b:2f:9b:f2:53:e5:f4:f3:fc:92:
fd:ac:c9:85:87:23:09:3b:b1:f1:17:b0:b8:ce:3f:
94:fe:ce:56:08:22:bf:c7:10:e2:47:a0:1a:a4:30:
7b:72:9b:4b:b4:b0:99:ba:69:67:1c:ee:a2:12:95:
72:04:7a:9c:22:85:50:c5:1b:f7:b8:72:2e:ca:de:
25:b5:77:40:43:80:57:04:72:3c:b2:71:5c:a1:18:
3e:52:a9:8e:72:64:59:47:b2:a6:6b:e6:43:68:3f:
43:f3:ec:0a:44:34:13:ce:70:ff:dc:64:40:93:ef:
5f:ef:e4:0f:ae:50:65:74:fc:5a:df:7c:68:22:40:
4d:04:21:fc:e8:54:fd:c4:64:60:8e:52:5a:08:1f:
22:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F3:F4:57:69:8C:69:CC:17:81:D8:DC:4B:11:58:01:F5:9E:C4:EC
X509v3 Authority Key Identifier:
keyid:E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/0B486600053C11EAB8B8F070C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.112.0/22
122.99.96.0/21
202.125.64.0/20
203.83.160.0/19
203.191.32.0/23
Signature Algorithm: sha256WithRSAEncryption
53:29:69:5a:ec:a7:8a:99:57:2c:58:c9:50:dc:c7:9d:39:02:
4a:3a:5e:a4:b1:4b:60:aa:16:0c:a2:93:70:62:4d:e6:4c:25:
24:09:f6:5f:91:e2:50:ef:12:a4:9e:e6:a2:b4:3c:92:93:09:
70:d6:db:4f:1b:d3:b1:39:fa:3a:60:cd:2d:32:94:f5:68:93:
37:b1:62:b3:e0:c4:44:cf:f3:53:06:9d:54:c6:18:14:40:8c:
6f:bf:62:82:7d:36:5a:54:6e:40:07:9b:7d:82:87:bc:6e:3f:
e5:9d:28:21:ec:da:d8:a3:67:26:f1:53:c2:e3:75:da:b4:a4:
32:20:02:7b:27:a7:b5:27:2b:b9:03:8a:32:4e:46:54:be:ce:
55:47:9e:64:cb:59:d6:e7:4f:20:d3:b6:e3:3f:6b:09:d5:40:
62:8d:34:c1:58:06:c9:7b:ad:e1:2f:fd:31:7b:19:db:7e:04:
2d:be:4c:8e:e2:e5:9f:b5:c1:fe:9d:54:99:af:75:a1:74:e9:
a1:50:a0:b5:7b:c9:1f:85:dd:93:ef:ad:61:8c:b4:08:23:2b:
a3:32:25:af:a7:b8:9d:1e:d2:99:2e:54:bc:cb:ee:6e:a9:e9:
6e:16:0d:df:e9:10:38:92:cd:9d:35:80:07:ed:2d:f6:aa:e7:
ee:35:0d:80
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICB/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQzNDUxMTAvBgNVBAUTKEU1MzdEMEMzNDhGRDdEQzQ5RjVGQzNCMDA2NkEzMUM1
ODRGQUUxQUIwHhcNMjExMjA5MDgxNTUwWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWIxYmIzNS0xOWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsVSQmWGahT5yPhrwGi1f+OYA81ZiGjHocvsKBPf2v6tdNYe3nuz9WogRLKlS
MP5MBDS6+2j00bWmwCZalEc+sOCNKIC+DOE7NJto96+AaBIXspU9dQ567AaDKhZB
Y2CGXIulWyM0eWurJ0cEtWsvm/JT5fTz/JL9rMmFhyMJO7HxF7C4zj+U/s5WCCK/
xxDiR6AapDB7cptLtLCZumlnHO6iEpVyBHqcIoVQxRv3uHIuyt4ltXdAQ4BXBHI8
snFcoRg+UqmOcmRZR7Kma+ZDaD9D8+wKRDQTznD/3GRAk+9f7+QPrlBldPxa33xo
IkBNBCH86FT9xGRgjlJaCB8i+QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNrz9Fdp
jGnMF4HY3EsRWAH1nsTsMB8GA1UdIwQYMBaAFOU30MNI/X3En1/DsAZqMcWE+uGr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDM0NS9FQzc4Q0REQTA1
MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZjU2ZYOE93Qm1veHhZVDY0
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVUZlF3MGo5ZmNTZlg4T3dCbW94eFlUNjRhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQzNDUvRUM3OENEREEwNTM4MTFFQUI1ODk3NjY4QzRGOUFFMDIvMEI0ODY2MDAw
NTNDMTFFQUI4QjhGMDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAJnB3ADBAN6Y2ADBATKfUADBAXLU6ADBAHLvyAwDQYJKoZI
hvcNAQELBQADggEBAFMpaVrsp4qZVyxYyVDcx505Ako6XqSxS2CqFgyik3BiTeZM
JSQJ9l+R4lDvEqSe5qK0PJKTCXDW208b07E5+jpgzS0ylPVokzexYrPgxETP81MG
nVTGGBRAjG+/YoJ9NlpUbkAHm32Ch7xuP+WdKCHs2tijZybxU8Ljddq0pDIgAnsn
p7UnK7kDijJORlS+zlVHnmTLWdbnTyDTtuM/awnVQGKNNMFYBsl7reEv/TF7Gdt+
BC2+TI7i5Z+1wf6dVJmvdaF06aFQoLV7yR+F3ZPvrWGMtAgjK6MyJa+nuJ0e0pku
VLzL7m6p6W4WDd/pEDiSzZ01gAftLfaq5+41DYA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org