Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/AD72C892B30011EDB9077452C4F9AE02.roa
File: AD72C892B30011EDB9077452C4F9AE02.roa (raw, json)
Hash identifier: LSsQhsCeyvUjuDRf2/oOAb6uP/wfvEtVIT12lm+dem8=
Subject key identifier: C4:02:20:7C:64:B2:6A:B7:04:F4:1B:39:15:97:C8:2D:2D:53:91:DB
Certificate issuer: /CN=A91F9665/serialNumber=3058A469B67D03072C2D8A385E9F2AABBA134E2B
Certificate serial: 0555
Authority key identifier: 30:58:A4:69:B6:7D:03:07:2C:2D:8A:38:5E:9F:2A:AB:BA:13:4E:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/AD72C892B30011EDB9077452C4F9AE02.roa
Signing time: Wed 22 Feb 2023 22:31:41 +0000
ROA not before: Wed 22 Feb 2023 22:31:41 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 55933
IP address blocks: 103.226.124.0/22 maxlen: 23
103.226.124.0/23 maxlen: 24
103.226.127.0/24 maxlen: 24
103.242.0.0/22 maxlen: 22
103.242.0.0/23 maxlen: 24
150.129.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1365 (0x555)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F9665/serialNumber=3058A469B67D03072C2D8A385E9F2AABBA134E2B
Validity
Not Before: Feb 22 22:31:41 2023 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63f697cd-e128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:52:0d:93:b6:30:24:ed:80:0a:9b:26:96:73:
a5:ae:af:b1:17:ac:f2:ff:6f:96:e7:c7:17:c6:5d:
85:99:c3:8f:66:e5:01:a3:b7:39:af:ce:e1:03:82:
bb:3a:c8:39:1c:e1:2e:7b:2d:b2:f9:66:b9:36:0e:
2f:5f:d8:30:b6:f5:2d:f1:68:1f:e5:7a:4c:63:e2:
18:64:b8:a3:82:2a:5f:a4:42:2e:e5:41:dc:dd:2f:
08:f1:3a:8c:f0:82:b0:eb:bf:0f:c6:58:78:af:01:
47:75:95:86:5c:47:44:01:58:25:8e:86:25:76:51:
bd:bf:22:93:f3:ab:1f:d7:b5:2a:34:f7:16:49:dc:
84:bd:4e:ab:53:cd:c1:fc:6e:33:45:29:a6:8f:38:
95:3d:79:20:4a:a4:4b:3f:35:38:db:aa:ad:76:df:
cf:b4:da:58:33:9d:47:0a:78:69:66:b1:f2:2e:77:
7d:1c:e4:1b:db:eb:ac:24:f9:05:4a:c0:e5:e5:76:
fd:da:e0:b7:da:a2:9c:3c:a1:c7:dd:1c:6a:af:27:
61:ce:9a:3f:51:4d:51:83:5d:e3:3c:37:51:30:c8:
77:a8:8a:76:87:f2:89:c4:2e:51:69:56:6b:73:cb:
18:37:1f:1a:eb:83:f0:04:3e:94:12:b8:7e:42:32:
d0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:02:20:7C:64:B2:6A:B7:04:F4:1B:39:15:97:C8:2D:2D:53:91:DB
X509v3 Authority Key Identifier:
keyid:30:58:A4:69:B6:7D:03:07:2C:2D:8A:38:5E:9F:2A:AB:BA:13:4E:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/MFikabZ9AwcsLYo4Xp8qq7oTTis.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MFikabZ9AwcsLYo4Xp8qq7oTTis.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9665/6D0D12B84BF511EBBD83B87BC4F9AE02/AD72C892B30011EDB9077452C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.226.124.0/22
103.242.0.0/22
150.129.80.0/22
Signature Algorithm: sha256WithRSAEncryption
54:ed:03:7c:35:47:2e:64:8c:3e:2d:54:05:e8:4d:ed:be:0c:
85:bc:99:14:b0:79:01:90:9e:47:33:35:c4:47:bc:af:0e:0c:
9e:e8:30:55:d4:ac:41:fb:a1:89:31:0c:6c:4c:ad:04:c5:51:
7c:1d:07:ce:78:79:94:a4:8e:83:98:d4:74:f1:99:74:42:04:
af:c2:2f:8e:39:07:3e:54:4b:fb:1d:91:82:7f:6a:57:cb:fd:
72:29:ed:e1:fd:a2:27:04:73:ea:01:fc:cd:9b:08:c9:12:ff:
c6:69:1e:0b:39:86:1d:95:96:36:12:27:cf:8c:07:a4:f7:4e:
51:41:d0:03:4e:87:17:06:26:aa:fc:8c:cc:d4:ee:05:43:ca:
74:b2:76:4d:32:7d:b0:83:df:36:5c:ed:a5:4d:24:89:68:6c:
e8:cc:cf:df:7e:ce:9d:0c:1e:9c:b3:9f:e0:41:cd:3c:13:70:
34:3c:97:0f:0f:e5:3e:99:b7:c8:1d:3a:d5:b6:c1:a0:35:6f:
e0:7a:49:7b:9d:cf:f8:e8:93:e4:5e:ee:8c:6f:4e:0f:26:55:
04:5e:66:f5:60:3e:71:b3:98:b7:9f:1e:75:a3:80:41:59:3f:
3a:f3:36:96:56:68:1d:e7:a9:6c:90:30:52:cf:13:b5:6f:3c:
20:0f:42:9a
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjk2NjUxMTAvBgNVBAUTKDMwNThBNDY5QjY3RDAzMDcyQzJEOEEzODVFOUYyQUFC
QkExMzRFMkIwHhcNMjMwMjIyMjIzMTQxWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Y2OTdjZC1lMTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsFINk7YwJO2ACpsmlnOlrq+xF6zy/2+W58cXxl2FmcOPZuUBo7c5r87hA4K7
Osg5HOEuey2y+Wa5Ng4vX9gwtvUt8Wgf5XpMY+IYZLijgipfpEIu5UHc3S8I8TqM
8IKw678Pxlh4rwFHdZWGXEdEAVgljoYldlG9vyKT86sf17UqNPcWSdyEvU6rU83B
/G4zRSmmjziVPXkgSqRLPzU426qtdt/PtNpYM51HCnhpZrHyLnd9HOQb2+usJPkF
SsDl5Xb92uC32qKcPKHH3Rxqrydhzpo/UU1Rg13jPDdRMMh3qIp2h/KJxC5RaVZr
c8sYNx8a64PwBD6UErh+QjLQdQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFMQCIHxk
smq3BPQbORWXyC0tU5HbMB8GA1UdIwQYMBaAFDBYpGm2fQMHLC2KOF6fKqu6E04r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTY2NS82RDBEMTJCODRC
RjUxMUVCQkQ4M0I4N0JDNEY5QUUwMi9NRmlrYWJaOUF3Y3NMWW80WHA4cXE3b1RU
aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01GaWthYlo5QXdjc0xZbzRYcDhxcTdvVFRpcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjk2NjUvNkQwRDEyQjg0QkY1MTFFQkJEODNCODdCQzRGOUFFMDIvQUQ3MkM4OTJC
MzAwMTFFREI5MDc3NDUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJn4nwDBAJn8gADBAKWgVAwDQYJKoZIhvcNAQELBQADggEB
AFTtA3w1Ry5kjD4tVAXoTe2+DIW8mRSweQGQnkczNcRHvK8ODJ7oMFXUrEH7oYkx
DGxMrQTFUXwdB854eZSkjoOY1HTxmXRCBK/CL445Bz5US/sdkYJ/alfL/XIp7eH9
oicEc+oB/M2bCMkS/8ZpHgs5hh2VljYSJ8+MB6T3TlFB0ANOhxcGJqr8jMzU7gVD
ynSydk0yfbCD3zZc7aVNJIlobOjMz99+zp0MHpyzn+BBzTwTcDQ8lw8P5T6Zt8gd
OtW2waA1b+B6SXudz/jok+Re7oxvTg8mVQReZvVgPnGzmLefHnWjgEFZPzrzNpZW
aB3nqWyQMFLPE7VvPCAPQpo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:15 2023 by rpki-client on console-fra.rpki-client.org