Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/D6A72446506311E9A500EB09C4F9AE02.roa
File: D6A72446506311E9A500EB09C4F9AE02.roa (raw, json)
Hash identifier: iSWu5QYNFN7RYVQvLUMMeA8EsDKiLAMp1JGDmfJQrC8=
Subject key identifier: E8:FC:B2:F5:C3:D4:DC:51:E4:C6:71:E8:78:48:4F:C0:73:E8:B4:8C
Certificate issuer: /CN=A911D5F1/serialNumber=92E848E71F7008DCC777B8E23F73DA9278C9A50E
Certificate serial: 09FC
Authority key identifier: 92:E8:48:E7:1F:70:08:DC:C7:77:B8:E2:3F:73:DA:92:78:C9:A5:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuhI5x9wCNzHd7jiP3PaknjJpQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/D6A72446506311E9A500EB09C4F9AE02.roa
Signing time: Thu 20 May 2021 06:53:50 +0000
ROA not before: Thu 20 May 2021 06:53:50 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 23678
IP address blocks: 103.137.120.0/24 maxlen: 24
103.137.121.0/24 maxlen: 24
103.137.122.0/24 maxlen: 24
103.137.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2556 (0x9fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D5F1/serialNumber=92E848E71F7008DCC777B8E23F73DA9278C9A50E
Validity
Not Before: May 20 06:53:50 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60a6077e-8657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f8:bf:a1:5d:7e:ac:60:54:af:9e:86:b8:85:
05:fb:76:e6:c5:69:53:8c:d0:ab:c3:a7:bc:04:ef:
93:3c:88:65:8b:cd:9c:7c:40:e7:26:da:51:53:35:
bc:15:e9:7e:c8:3c:55:89:34:b9:47:73:74:9a:5c:
ef:b1:db:c9:4b:4d:18:a8:ff:9e:1b:47:a0:fc:1c:
f5:78:78:e6:39:ea:5c:b5:68:7b:35:aa:68:66:71:
22:8b:70:d6:8d:8d:ce:89:09:12:f1:20:a5:3c:45:
95:89:81:61:f6:09:bd:b5:1b:78:c9:62:45:14:43:
58:62:0e:87:a8:5e:c4:5e:67:9f:14:80:a3:eb:43:
4c:07:07:a6:8c:22:11:a6:f2:c0:3e:54:3d:f7:5f:
7f:5b:01:b9:41:67:a5:57:23:18:2b:89:b9:7a:f4:
be:dc:28:35:c5:ce:a7:d9:26:8d:98:3c:37:f0:9f:
bc:26:72:37:9c:95:28:73:3d:7d:a0:1d:18:5f:9b:
c4:b8:33:75:ec:e1:17:70:ff:b8:9c:4e:ff:f3:b0:
24:6c:94:37:3d:bb:1f:68:b9:9e:2e:27:97:0b:8b:
bb:5b:89:52:a1:80:79:52:b7:e1:d9:70:44:42:b2:
53:70:01:bd:14:e6:37:19:f4:6a:d9:fe:a9:e5:ea:
df:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:FC:B2:F5:C3:D4:DC:51:E4:C6:71:E8:78:48:4F:C0:73:E8:B4:8C
X509v3 Authority Key Identifier:
keyid:92:E8:48:E7:1F:70:08:DC:C7:77:B8:E2:3F:73:DA:92:78:C9:A5:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/kuhI5x9wCNzHd7jiP3PaknjJpQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuhI5x9wCNzHd7jiP3PaknjJpQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D5F1/A95E6C02506211E9BFCB4C87C4F9AE02/D6A72446506311E9A500EB09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.120.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:5e:80:02:e4:bc:ed:fb:ba:a6:60:ab:6c:91:84:c6:d1:cc:
47:6f:89:a4:1b:00:56:82:dd:e5:6a:39:0f:ef:a2:08:53:aa:
bb:fb:61:9f:b0:f0:5c:cb:9d:61:1f:d7:66:a8:28:2f:34:50:
80:72:c8:be:3f:7b:86:e3:7d:01:5c:c6:77:a5:5e:cc:a0:56:
3d:95:b4:b4:27:9a:aa:cc:c2:8b:b6:41:a7:4d:78:06:e7:f3:
e2:74:9b:dd:9f:14:23:ba:fe:46:c6:da:65:bf:c1:4e:a8:e7:
f2:14:0b:8a:60:e4:94:34:42:db:df:93:e4:0c:40:bf:d6:93:
ee:ed:34:aa:65:15:17:f6:e2:de:e9:68:e4:d6:3f:53:de:89:
fc:5a:69:80:80:06:76:47:1a:be:a7:1f:09:0a:c1:aa:ba:3e:
48:5c:33:76:64:58:11:35:cd:96:5a:49:76:51:15:15:49:c2:
3c:9c:b6:60:e0:d0:8e:a1:d4:06:3f:2f:2e:11:cd:51:20:c2:
bc:0f:db:8d:e7:32:e4:27:53:e0:1f:b9:df:eb:0f:ba:83:6c:
4d:a7:0c:b2:0c:89:25:af:87:ef:3b:4d:1b:e4:13:16:65:77:
96:87:d6:76:56:7e:05:2d:86:70:5b:f0:de:fa:3f:28:42:64:
cf:d6:7e:f6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ1RjExMTAvBgNVBAUTKDkyRTg0OEU3MUY3MDA4RENDNzc3QjhFMjNGNzNEQTky
NzhDOUE1MEUwHhcNMjEwNTIwMDY1MzUwWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGE2MDc3ZS04NjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvPi/oV1+rGBUr56GuIUF+3bmxWlTjNCrw6e8BO+TPIhli82cfEDnJtpRUzW8
Fel+yDxViTS5R3N0mlzvsdvJS00YqP+eG0eg/Bz1eHjmOepctWh7NapoZnEii3DW
jY3OiQkS8SClPEWViYFh9gm9tRt4yWJFFENYYg6HqF7EXmefFICj60NMBwemjCIR
pvLAPlQ9919/WwG5QWelVyMYK4m5evS+3Cg1xc6n2SaNmDw38J+8JnI3nJUocz19
oB0YX5vEuDN17OEXcP+4nE7/87AkbJQ3PbsfaLmeLieXC4u7W4lSoYB5Urfh2XBE
QrJTcAG9FOY3GfRq2f6p5erfpwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOj8svXD
1NxR5MZx6HhIT8Bz6LSMMB8GA1UdIwQYMBaAFJLoSOcfcAjcx3e44j9z2pJ4yaUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDVGMS9BOTVFNkMwMjUw
NjIxMUU5QkZDQjRDODdDNEY5QUUwMi9rdWhJNXg5d0NOekhkN2ppUDNQYWtuakpw
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2t1aEk1eDl3Q056SGQ3amlQM1Bha25qSnBRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ1RjEvQTk1RTZDMDI1MDYyMTFFOUJGQ0I0Qzg3QzRGOUFFMDIvRDZBNzI0NDY1
MDYzMTFFOUE1MDBFQjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJniXgwDQYJKoZIhvcNAQELBQADggEBAD1egALkvO37uqZg
q2yRhMbRzEdviaQbAFaC3eVqOQ/voghTqrv7YZ+w8FzLnWEf12aoKC80UIByyL4/
e4bjfQFcxnelXsygVj2VtLQnmqrMwou2QadNeAbn8+J0m92fFCO6/kbG2mW/wU6o
5/IUC4pg5JQ0Qtvfk+QMQL/Wk+7tNKplFRf24t7paOTWP1PeifxaaYCABnZHGr6n
HwkKwaq6PkhcM3ZkWBE1zZZaSXZRFRVJwjyctmDg0I6h1AY/Ly4RzVEgwrwP243n
MuQnU+Afud/rD7qDbE2nDLIMiSWvh+87TRvkExZld5aH1nZWfgUthnBb8N76PyhC
ZM/WfvY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org