Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8632/05CE44EA2E5E11E7BAC88B69C4F9AE02/56822F88E94311EB981A5F5DC4F9AE02.roa
File: 56822F88E94311EB981A5F5DC4F9AE02.roa (raw, json)
Hash identifier: 49IDdcffeMQqZE9g9/7K88rj9HKuVogHo+hokwoMDjU=
Subject key identifier: CF:68:FA:C9:5C:59:6F:69:9D:5C:ED:7C:77:69:1C:BB:85:15:10:C3
Certificate issuer: /CN=A91E8632/serialNumber=EC563DBFE2F398C8E9FB19F9F74232B6B54AA6EA
Certificate serial: 172F
Authority key identifier: EC:56:3D:BF:E2:F3:98:C8:E9:FB:19:F9:F7:42:32:B6:B5:4A:A6:EA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7FY9v-LzmMjp-xn590IytrVKpuo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8632/05CE44EA2E5E11E7BAC88B69C4F9AE02/56822F88E94311EB981A5F5DC4F9AE02.roa
Signing time: Wed 16 Feb 2022 11:45:24 +0000
ROA not before: Wed 16 Feb 2022 11:45:24 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 134371
IP address blocks: 103.43.149.0/24 maxlen: 24
2401:c680:e::/48 maxlen: 48
2401:c680:f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5935 (0x172f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8632/serialNumber=EC563DBFE2F398C8E9FB19F9F74232B6B54AA6EA
Validity
Not Before: Feb 16 11:45:24 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=620ce3d4-5db0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bf:37:dd:75:81:48:f5:61:d8:f9:82:74:f8:
4c:55:f1:b6:a7:ff:db:c7:5c:3d:60:59:1e:42:1c:
c1:48:cf:8e:5a:fb:23:dd:ce:dc:e1:59:61:25:41:
54:2f:a5:99:51:63:6a:51:48:26:aa:84:58:be:30:
9d:02:49:db:c0:c5:f2:5a:1b:3b:39:53:c3:bb:97:
bf:8e:56:9e:2d:9d:05:ee:3d:f7:12:8c:44:b3:bd:
e2:7f:af:be:23:40:4c:8b:70:42:72:27:cc:6d:cc:
67:dd:b0:c8:7b:4c:2f:4f:23:b2:2f:75:cb:7e:0d:
58:71:8e:b7:8d:9a:2c:95:76:d1:34:ee:44:e0:c6:
dc:36:96:a0:12:d1:f8:80:dd:1b:47:b3:24:1c:33:
75:df:60:1d:08:07:9c:77:0d:2e:5d:13:a3:83:cd:
bc:d3:bf:77:3a:d1:e6:c5:24:17:cd:e5:f4:23:3f:
12:a3:a5:2a:7d:01:11:5c:77:7a:b3:40:1f:86:f3:
d0:cf:3f:76:ba:d1:a0:8d:45:17:c5:34:6d:d5:f2:
29:3d:9e:ef:7c:22:c0:5a:c5:fc:29:06:fa:b8:91:
8f:2a:1f:fa:c7:6b:d9:d3:45:5d:40:99:13:bc:f7:
4a:04:65:b2:ae:f3:8d:13:d2:83:fa:a8:2c:49:14:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:68:FA:C9:5C:59:6F:69:9D:5C:ED:7C:77:69:1C:BB:85:15:10:C3
X509v3 Authority Key Identifier:
keyid:EC:56:3D:BF:E2:F3:98:C8:E9:FB:19:F9:F7:42:32:B6:B5:4A:A6:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8632/05CE44EA2E5E11E7BAC88B69C4F9AE02/7FY9v-LzmMjp-xn590IytrVKpuo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7FY9v-LzmMjp-xn590IytrVKpuo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8632/05CE44EA2E5E11E7BAC88B69C4F9AE02/56822F88E94311EB981A5F5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.149.0/24
IPv6:
2401:c680:e::/47
Signature Algorithm: sha256WithRSAEncryption
6f:b9:1c:98:9a:ae:7e:61:a9:01:55:22:ba:1c:4a:64:c4:33:
05:de:48:59:fe:1d:22:0c:5d:66:19:f0:91:55:6c:e6:58:df:
1f:17:d9:2e:9e:bb:2d:ce:32:95:be:36:38:43:9a:ab:ac:b5:
33:c3:8f:e7:bc:26:78:7c:0f:4d:10:8f:a2:2a:27:2e:e7:cc:
28:a0:96:14:f2:5f:a7:38:f0:11:a9:0d:dc:16:fa:5f:20:d0:
74:d1:d5:8c:e6:39:0c:24:52:95:79:c8:e3:d7:55:e0:9b:d8:
39:0b:72:c0:85:aa:77:df:57:e0:50:87:23:01:8c:d3:15:42:
14:e7:41:d2:c5:46:d3:14:3e:0e:df:15:4c:bf:49:f3:d9:8b:
ad:ad:49:e8:3a:e3:83:2f:e8:ca:7b:ad:ae:81:5e:6a:c8:81:
3e:10:4b:2e:f2:a7:d8:de:fa:75:f6:e6:7c:a7:c4:c4:39:1b:
88:5e:9d:95:ad:b7:13:b8:20:2e:aa:d0:29:fc:e3:d5:aa:89:
28:69:4e:94:18:eb:c1:66:07:f6:f9:5a:7a:2c:d6:d8:13:4a:
52:2a:88:81:9f:f4:ce:20:c5:8c:3c:29:c4:f5:07:8f:99:d3:
37:2b:07:c5:4d:04:7f:cc:09:30:97:ec:11:19:ef:fb:0b:ae:
b3:bf:b8:b6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICFy8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2MzIxMTAvBgNVBAUTKEVDNTYzREJGRTJGMzk4QzhFOUZCMTlGOUY3NDIzMkI2
QjU0QUE2RUEwHhcNMjIwMjE2MTE0NTI0WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBjZTNkNC01ZGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsr833XWBSPVh2PmCdPhMVfG2p//bx1w9YFkeQhzBSM+OWvsj3c7c4VlhJUFU
L6WZUWNqUUgmqoRYvjCdAknbwMXyWhs7OVPDu5e/jlaeLZ0F7j33EoxEs73if6++
I0BMi3BCcifMbcxn3bDIe0wvTyOyL3XLfg1YcY63jZoslXbRNO5E4MbcNpagEtH4
gN0bR7MkHDN132AdCAecdw0uXROjg8280793OtHmxSQXzeX0Iz8So6UqfQERXHd6
s0AfhvPQzz92utGgjUUXxTRt1fIpPZ7vfCLAWsX8KQb6uJGPKh/6x2vZ00VdQJkT
vPdKBGWyrvONE9KD+qgsSRQHlQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFM9o+slc
WW9pnVztfHdpHLuFFRDDMB8GA1UdIwQYMBaAFOxWPb/i85jI6fsZ+fdCMra1Sqbq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODYzMi8wNUNFNDRFQTJF
NUUxMUU3QkFDODhCNjlDNEY5QUUwMi83Rlk5di1Mem1NanAteG41OTBJeXRyVktw
dW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdGWTl2LUx6bU1qcC14bjU5MEl5dHJWS3B1by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg2MzIvMDVDRTQ0RUEyRTVFMTFFN0JBQzg4QjY5QzRGOUFFMDIvNTY4MjJGODhF
OTQzMTFFQjk4MUE1RjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnK5UwDwQCAAIwCQMHASQBxoAADjANBgkqhkiG9w0BAQsF
AAOCAQEAb7kcmJqufmGpAVUiuhxKZMQzBd5IWf4dIgxdZhnwkVVs5ljfHxfZLp67
Lc4ylb42OEOaq6y1M8OP57wmeHwPTRCPoionLufMKKCWFPJfpzjwEakN3Bb6XyDQ
dNHVjOY5DCRSlXnI49dV4JvYOQtywIWqd99X4FCHIwGM0xVCFOdB0sVG0xQ+Dt8V
TL9J89mLra1J6Drjgy/oynutroFeasiBPhBLLvKn2N76dfbmfKfExDkbiF6dla23
E7ggLqrQKfzj1aqJKGlOlBjrwWYH9vlaeizW2BNKUiqIgZ/0ziDFjDwpxPUHj5nT
NysHxU0Ef8wJMJfsERnv+wuus7+4tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org