Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/319130365FE211ED8598786CC4F9AE02.roa
File: 319130365FE211ED8598786CC4F9AE02.roa (raw, json)
Hash identifier: CPR+6PlaJXeBmY7DcbVmo+T4o48GQrKOmAVu98Gwfas=
Subject key identifier: 3A:A0:AF:C8:39:19:92:E8:0A:F8:59:C9:94:94:9D:64:5C:A2:8F:DE
Certificate issuer: /CN=A91F2B47/serialNumber=E11896B00C9486E43EE74802D21969F888EE4E2D
Certificate serial: 40
Authority key identifier: E1:18:96:B0:0C:94:86:E4:3E:E7:48:02:D2:19:69:F8:88:EE:4E:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RiWsAyUhuQ-50gC0hlp-IjuTi0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/319130365FE211ED8598786CC4F9AE02.roa
Signing time: Mon 14 Nov 2022 06:35:05 +0000
ROA not before: Mon 14 Nov 2022 06:35:05 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 9426
IP address blocks: 110.5.80.0/21 maxlen: 24
110.5.88.0/21 maxlen: 24
203.10.111.0/24 maxlen: 24
203.16.39.0/24 maxlen: 24
203.23.44.0/24 maxlen: 24
203.24.0.0/22 maxlen: 22
203.24.1.0/24 maxlen: 24
203.24.3.0/24 maxlen: 24
203.24.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2B47/serialNumber=E11896B00C9486E43EE74802D21969F888EE4E2D
Validity
Not Before: Nov 14 06:35:05 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6371e199-5f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:04:68:d9:fc:c6:b7:a6:42:d3:80:aa:0d:80:
fc:c1:b6:e0:e0:b3:4c:43:00:f6:9b:54:fe:35:f3:
de:4f:33:9c:47:32:89:82:c9:ca:af:77:4c:55:e4:
a6:97:37:2c:96:f2:07:a4:d3:90:f5:e3:64:cd:6d:
95:37:16:82:ee:c6:da:ab:ea:06:a2:a5:15:55:4b:
9a:ae:cb:26:3d:7a:f9:e6:f1:e4:98:71:fb:93:ea:
cb:e0:ae:d7:f8:c1:ec:13:77:8c:1a:8f:cd:10:dc:
d5:94:23:76:d1:67:17:67:5d:8a:95:eb:e6:e9:45:
d9:79:8b:5e:f1:74:70:4c:be:fb:c1:e4:b6:92:09:
56:55:05:f4:a3:23:48:d3:31:86:c4:3d:69:81:4c:
f8:15:2d:b8:1b:44:e9:57:f9:75:1f:42:b4:db:d5:
f6:e3:2d:27:1a:ce:42:56:58:18:b1:46:99:d0:1b:
db:fa:80:cc:21:e7:c2:e8:7d:f2:98:ea:85:27:c7:
c3:0d:fe:3c:c0:af:55:ef:72:81:63:2a:e7:19:f0:
a2:ed:83:81:4e:c0:50:5c:1d:b2:9a:a5:bb:65:06:
2c:69:d9:37:a6:be:c8:67:3a:10:66:c6:2a:28:32:
8c:08:d7:72:5a:be:7e:12:4f:98:c8:48:e3:8d:88:
16:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A0:AF:C8:39:19:92:E8:0A:F8:59:C9:94:94:9D:64:5C:A2:8F:DE
X509v3 Authority Key Identifier:
keyid:E1:18:96:B0:0C:94:86:E4:3E:E7:48:02:D2:19:69:F8:88:EE:4E:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/4RiWsAyUhuQ-50gC0hlp-IjuTi0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RiWsAyUhuQ-50gC0hlp-IjuTi0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/319130365FE211ED8598786CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.5.80.0/20
203.10.111.0/24
203.16.39.0/24
203.23.44.0/24
203.24.0.0/21
Signature Algorithm: sha256WithRSAEncryption
94:01:a5:2e:6a:34:4d:5a:1f:92:8a:38:d7:ef:58:58:38:6a:
39:83:b4:23:8d:b3:85:9f:6e:b0:39:59:35:41:bc:cc:cd:86:
0f:fb:a1:53:e7:96:a8:3b:dc:c8:32:0d:4d:ab:5d:10:ab:f0:
27:97:3b:35:62:19:42:b9:28:cb:7d:db:35:d2:f6:81:b5:64:
f4:83:ef:54:ca:ea:d5:81:82:18:c9:08:d7:ba:eb:f5:58:8e:
b5:45:52:ae:a6:cf:49:a8:ba:fb:af:fe:79:91:8e:41:7d:d0:
40:98:be:ad:1e:b2:2a:71:61:94:8e:c5:82:93:df:59:bc:56:
9a:17:0c:a3:ee:2d:cc:81:43:1f:a4:6b:d6:7c:05:c9:c8:8e:
b9:00:2b:d1:c3:31:40:35:a8:2c:ab:d4:28:fa:1e:f7:da:62:
95:eb:15:c2:3f:14:de:bc:4e:34:22:60:3c:4c:eb:75:de:07:
88:99:ef:04:fa:57:29:9a:48:e0:f3:6d:92:8f:db:b7:56:f9:
bb:08:0b:31:d2:78:b0:21:0e:d1:0c:9f:92:9c:4d:44:ce:9c:
57:f5:a9:2b:01:1e:26:d7:e0:c7:56:cb:9e:ab:d9:93:d5:19:
eb:64:98:25:b7:50:9e:41:34:70:77:1c:71:fb:64:cb:9b:ca:
ce:d7:4b:a0
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MkI0NzExMC8GA1UEBRMoRTExODk2QjAwQzk0ODZFNDNFRTc0ODAyRDIxOTY5Rjg4
OEVFNEUyRDAeFw0yMjExMTQwNjM1MDVaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNzFlMTk5LTVmMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0BGjZ/Ma3pkLTgKoNgPzBtuDgs0xDAPabVP41895PM5xHMomCycqvd0xV5KaX
NyyW8gek05D142TNbZU3FoLuxtqr6gaipRVVS5quyyY9evnm8eSYcfuT6svgrtf4
wewTd4waj80Q3NWUI3bRZxdnXYqV6+bpRdl5i17xdHBMvvvB5LaSCVZVBfSjI0jT
MYbEPWmBTPgVLbgbROlX+XUfQrTb1fbjLScazkJWWBixRpnQG9v6gMwh58LoffKY
6oUnx8MN/jzAr1XvcoFjKucZ8KLtg4FOwFBcHbKapbtlBixp2TemvshnOhBmxioo
MowI13Javn4ST5jISOONiBZrAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUOqCvyDkZ
kugK+FnJlJSdZFyij94wHwYDVR0jBBgwFoAU4RiWsAyUhuQ+50gC0hlp+IjuTi0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYyQjQ3L0YxRkUzMkJBMzNB
RjExRURCNjEwNzQzNEM0RjlBRTAyLzRSaVdzQXlVaHVRLTUwZ0MwaGxwLUlqdVRp
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNFJpV3NBeVVodVEtNTBnQzBobHAtSWp1VGkwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MkI0Ny9GMUZFMzJCQTMzQUYxMUVEQjYxMDc0MzRDNEY5QUUwMi8zMTkxMzAzNjVG
RTIxMUVEODU5ODc4NkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEBG4FUAMEAMsKbwMEAMsQJwMEAMsXLAMEA8sYADANBgkqhkiG
9w0BAQsFAAOCAQEAlAGlLmo0TVofkoo41+9YWDhqOYO0I42zhZ9usDlZNUG8zM2G
D/uhU+eWqDvcyDINTatdEKvwJ5c7NWIZQrkoy33bNdL2gbVk9IPvVMrq1YGCGMkI
17rr9ViOtUVSrqbPSai6+6/+eZGOQX3QQJi+rR6yKnFhlI7FgpPfWbxWmhcMo+4t
zIFDH6Rr1nwFyciOuQAr0cMxQDWoLKvUKPoe99pilesVwj8U3rxONCJgPEzrdd4H
iJnvBPpXKZpI4PNtko/bt1b5uwgLMdJ4sCEO0QyfkpxNRM6cV/WpKwEeJtfgx1bL
nqvZk9UZ62SYJbdQnkE0cHcccftky5vKztdLoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org