Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/109947647EA111ED9E1F0B86C4F9AE02.roa
File: 109947647EA111ED9E1F0B86C4F9AE02.roa (raw, json)
Hash identifier: zJLtfxO/Ov4Aodw+g51qOwxQ9/uln/pg7M9faqkHNHA=
Subject key identifier: D1:81:4F:B0:78:25:0E:CB:73:AA:E5:B6:B9:DA:CD:9B:53:9B:05:2B
Certificate issuer: /CN=A91D4345/serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB
Certificate serial: 0A7F
Authority key identifier: E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/109947647EA111ED9E1F0B86C4F9AE02.roa
Signing time: Sun 18 Dec 2022 06:56:15 +0000
ROA not before: Sun 18 Dec 2022 06:56:15 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 17471
IP address blocks: 103.7.112.0/22 maxlen: 24
122.99.96.0/21 maxlen: 24
202.125.64.0/20 maxlen: 24
203.83.160.0/19 maxlen: 24
203.191.32.0/23 maxlen: 24
2407:f040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2687 (0xa7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D4345/serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB
Validity
Not Before: Dec 18 06:56:15 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=639eb98f-4ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:74:40:b0:6a:c8:43:d4:f0:5f:1c:e6:5c:a2:
25:98:bc:80:64:6e:9c:e5:d4:6d:5b:2e:73:d9:89:
bc:12:1a:54:e3:53:84:66:c6:e7:ed:c7:d7:bb:c1:
c4:73:a3:d8:d4:96:ff:89:2f:bf:be:12:53:11:aa:
85:c4:7e:57:6b:8a:d8:09:f5:27:f9:2a:fc:51:00:
fd:21:c8:b3:af:d2:a9:76:a5:26:0d:80:51:18:2f:
82:6a:4d:97:b5:16:b4:05:dc:16:04:85:cd:ae:96:
7e:44:ac:ef:77:f4:ea:26:2d:cc:67:bb:26:22:68:
3e:e4:50:c9:e6:16:3d:5f:43:9e:11:d2:70:58:51:
a7:90:15:b1:2f:0c:a2:9b:2b:0c:16:b7:e4:f6:6b:
29:c2:06:32:0b:be:e4:6e:63:85:ed:f3:4f:0b:a2:
54:55:19:c8:62:15:22:61:85:36:b6:f1:54:48:c7:
b2:33:d6:aa:47:59:92:a0:b3:b9:93:5e:22:5d:77:
88:b4:d1:03:df:46:3e:98:9a:d9:b5:c1:fe:e9:a6:
f4:e4:54:97:f5:76:12:01:9c:97:f7:2e:96:5e:dc:
89:0a:7d:0f:1f:7e:82:40:92:0a:18:3b:b6:ae:79:
1a:48:3a:c1:2a:2e:41:84:eb:06:c2:70:f0:18:1e:
23:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:81:4F:B0:78:25:0E:CB:73:AA:E5:B6:B9:DA:CD:9B:53:9B:05:2B
X509v3 Authority Key Identifier:
keyid:E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/109947647EA111ED9E1F0B86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.112.0/22
122.99.96.0/21
202.125.64.0/20
203.83.160.0/19
203.191.32.0/23
IPv6:
2407:f040::/32
Signature Algorithm: sha256WithRSAEncryption
49:2b:ba:ac:82:32:2b:72:21:a5:a8:28:57:40:a6:7a:3f:b7:
68:67:e2:33:d2:61:91:20:f4:28:fe:1e:de:bb:b6:1c:a6:e0:
67:24:bf:67:c8:4a:59:ef:89:1b:25:cb:3b:ee:ad:78:ec:69:
d8:90:7a:8e:bd:f7:8a:bb:bf:a5:2c:c5:40:f6:c0:3c:42:90:
93:a8:35:2e:f6:dd:b2:c9:99:7a:eb:f1:72:4c:0f:56:c5:e5:
cb:ab:2a:bd:33:f1:70:54:9c:91:90:4e:44:0e:49:b8:41:a2:
66:f3:10:22:92:d3:b5:e7:13:9c:ee:ca:7a:22:01:c5:68:b9:
b4:71:b7:35:6e:f7:f2:8b:eb:d7:a6:eb:e4:f8:ab:ec:d2:3b:
aa:49:68:48:83:44:f6:e0:0d:c6:de:10:ad:27:82:c5:1e:8b:
9f:64:36:47:b2:f6:23:db:7a:31:8b:19:2d:42:aa:ad:e1:ba:
4b:56:89:d3:39:29:09:dd:b7:d6:bb:70:b7:bb:f3:56:fd:3a:
e9:81:7c:71:99:96:65:c6:82:a1:a2:23:d0:c9:3e:07:9a:d4:
f1:f8:e3:aa:95:db:2a:35:a0:82:5c:02:2a:cc:38:10:64:03:
e8:fe:df:38:3b:25:fe:96:9b:c4:1d:ce:a1:fc:9b:89:42:d5:
77:78:fc:71
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICCn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQzNDUxMTAvBgNVBAUTKEU1MzdEMEMzNDhGRDdEQzQ5RjVGQzNCMDA2NkEzMUM1
ODRGQUUxQUIwHhcNMjIxMjE4MDY1NjE1WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzllYjk4Zi00ZGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5HRAsGrIQ9TwXxzmXKIlmLyAZG6c5dRtWy5z2Ym8EhpU41OEZsbn7cfXu8HE
c6PY1Jb/iS+/vhJTEaqFxH5Xa4rYCfUn+Sr8UQD9Icizr9KpdqUmDYBRGC+Cak2X
tRa0BdwWBIXNrpZ+RKzvd/TqJi3MZ7smImg+5FDJ5hY9X0OeEdJwWFGnkBWxLwyi
mysMFrfk9mspwgYyC77kbmOF7fNPC6JUVRnIYhUiYYU2tvFUSMeyM9aqR1mSoLO5
k14iXXeItNED30Y+mJrZtcH+6ab05FSX9XYSAZyX9y6WXtyJCn0PH36CQJIKGDu2
rnkaSDrBKi5BhOsGwnDwGB4jRQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFNGBT7B4
JQ7Lc6rltrnazZtTmwUrMB8GA1UdIwQYMBaAFOU30MNI/X3En1/DsAZqMcWE+uGr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDM0NS9FQzc4Q0REQTA1
MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZjU2ZYOE93Qm1veHhZVDY0
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVUZlF3MGo5ZmNTZlg4T3dCbW94eFlUNjRhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQzNDUvRUM3OENEREEwNTM4MTFFQUI1ODk3NjY4QzRGOUFFMDIvMTA5OTQ3NjQ3
RUExMTFFRDlFMUYwQjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnB3ADBAN6Y2ADBATKfUADBAXLU6ADBAHLvyAwDQQCAAIw
BwMFACQH8EAwDQYJKoZIhvcNAQELBQADggEBAEkruqyCMityIaWoKFdApno/t2hn
4jPSYZEg9Cj+Ht67thym4Gckv2fISlnviRslyzvurXjsadiQeo6994q7v6UsxUD2
wDxCkJOoNS723bLJmXrr8XJMD1bF5curKr0z8XBUnJGQTkQOSbhBombzECKS07Xn
E5zuynoiAcVoubRxtzVu9/KL69em6+T4q+zSO6pJaEiDRPbgDcbeEK0ngsUei59k
Nkey9iPbejGLGS1Cqq3huktWidM5KQndt9a7cLe781b9OumBfHGZlmXGgqGiI9DJ
Pgea1PH446qV2yo1oIJcAirMOBBkA+j+3zg7Jf6Wm8QdzqH8m4lC1Xd4/HE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org