Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/D939B99482A411E9A2B80186C4F9AE02.roa
File: D939B99482A411E9A2B80186C4F9AE02.roa (raw, json)
Hash identifier: pTK5D060Qf8xE6X1RD9LQ1watvKUlbtbANeIgL/5J8M=
Subject key identifier: B7:14:DE:4B:1E:76:6E:F7:01:73:22:FC:B1:20:D1:43:80:6B:66:29
Certificate issuer: /CN=A91717D1/serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88
Certificate serial: 0997
Authority key identifier: DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/D939B99482A411E9A2B80186C4F9AE02.roa
Signing time: Tue 03 Aug 2021 19:14:57 +0000
ROA not before: Tue 03 Aug 2021 19:14:57 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 135413
IP address blocks: 103.139.8.0/23 maxlen: 23
103.139.8.0/24 maxlen: 24
103.139.9.0/24 maxlen: 24
2001:df0:6180::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2455 (0x997)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91717D1/serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88
Validity
Not Before: Aug 3 19:14:57 2021 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=610995b0-6c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:54:1e:08:37:14:ca:08:6b:31:1c:5e:6a:91:
ac:ae:f3:9f:df:2a:0c:58:f4:63:08:6c:17:88:b7:
5f:0b:24:1f:d4:00:d5:c6:aa:07:dc:4f:02:49:30:
51:6e:7a:43:34:8b:c9:44:a8:57:75:6f:10:36:33:
95:79:91:d2:e0:11:c3:ed:30:29:e5:83:b1:b9:8a:
09:4a:ae:2e:1d:97:06:e8:dd:67:d8:7c:42:62:95:
c1:0b:88:d7:c1:e9:9e:b4:a7:b4:af:f7:0f:c2:d5:
88:03:e1:54:27:ec:34:82:a0:2d:49:10:c5:96:bd:
85:11:2e:1a:88:0b:73:9b:12:12:ad:0a:12:86:31:
4b:47:d2:01:5a:63:e4:17:72:1e:7d:4c:ea:ea:ea:
46:01:1e:4b:83:70:d1:23:ba:52:3d:99:6c:f1:30:
25:ed:dd:54:0f:b7:2b:1d:c7:d0:c3:47:44:cb:94:
7e:64:cd:2a:a9:0b:46:77:a6:bb:ff:6a:2c:dd:1a:
04:8e:d7:34:14:11:ab:4e:51:9f:b0:4d:ab:15:42:
4f:ee:55:36:89:3a:fd:ed:6d:05:e2:77:38:bd:b7:
5b:bd:93:0b:8a:1a:73:6d:5c:59:51:ce:8a:29:1b:
5c:d9:3c:c3:ba:79:b4:16:35:3c:e3:3b:0b:7e:3b:
fb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:14:DE:4B:1E:76:6E:F7:01:73:22:FC:B1:20:D1:43:80:6B:66:29
X509v3 Authority Key Identifier:
keyid:DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/D939B99482A411E9A2B80186C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.8.0/23
IPv6:
2001:df0:6180::/48
Signature Algorithm: sha256WithRSAEncryption
0e:9b:f8:81:df:d5:b2:04:05:9a:33:6d:e0:9a:7d:a0:d1:93:
e3:1a:b0:bf:5d:8a:8c:fe:49:0e:14:25:55:d1:ce:17:84:a6:
1f:8a:1a:46:71:ac:07:16:63:5c:fa:8d:7d:78:e7:87:a3:13:
75:68:f1:b3:d9:8b:4f:8e:85:9f:f8:e7:4e:6c:2f:84:f2:68:
bc:d0:c4:1b:0e:07:4a:eb:22:75:94:2c:40:ef:c6:bb:24:28:
8b:0a:1a:d6:20:bd:e9:c6:bb:b0:c3:2c:0e:95:de:3b:40:c0:
d3:03:51:4c:5d:a4:1f:e7:4c:9a:13:d0:72:11:88:31:fa:fa:
ac:19:69:b3:1a:aa:aa:9c:40:df:d0:b6:c2:fc:ed:10:cc:2f:
dc:ad:1c:33:3e:25:c4:62:58:4a:f4:08:50:fa:8a:49:51:c3:
44:0d:99:8d:87:7d:de:49:59:ee:45:c3:59:21:81:0d:36:26:
0c:97:2d:82:5d:15:e1:93:81:a0:10:4d:02:eb:f7:97:93:d2:
55:bb:cb:e9:12:12:ea:7f:c7:f0:4c:0c:17:09:04:19:b1:e6:
ad:c9:5a:e9:1f:07:9c:ae:ee:ae:87:65:4e:c2:e2:26:91:e8:
03:68:33:19:9f:16:f0:c7:3e:34:20:0f:41:4b:5e:77:31:97:
23:38:c1:33
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICCZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE3RDExMTAvBgNVBAUTKERDMTg3RkM4NDE2Q0U1QjM0N0JBRjIyMUEzNjEzQTNC
NDc4MjhFODgwHhcNMjEwODAzMTkxNDU3WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTA5OTViMC02YzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAklQeCDcUyghrMRxeapGsrvOf3yoMWPRjCGwXiLdfCyQf1ADVxqoH3E8CSTBR
bnpDNIvJRKhXdW8QNjOVeZHS4BHD7TAp5YOxuYoJSq4uHZcG6N1n2HxCYpXBC4jX
wemetKe0r/cPwtWIA+FUJ+w0gqAtSRDFlr2FES4aiAtzmxISrQoShjFLR9IBWmPk
F3IefUzq6upGAR5Lg3DRI7pSPZls8TAl7d1UD7crHcfQw0dEy5R+ZM0qqQtGd6a7
/2os3RoEjtc0FBGrTlGfsE2rFUJP7lU2iTr97W0F4nc4vbdbvZMLihpzbVxZUc6K
KRtc2TzDunm0FjU84zsLfjv78wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLcU3kse
dm73AXMi/LEg0UOAa2YpMB8GA1UdIwQYMBaAFNwYf8hBbOWzR7ryIaNhOjtHgo6I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTdEMS85QTlCNDhBMjgy
QTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczViTkh1dklobzJFNk8wZUNq
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNCaF95RUZzNWJOSHV2SWhvMkU2TzBlQ2pvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE3RDEvOUE5QjQ4QTI4MkEzMTFFOTlFNTgyMzg0QzRGOUFFMDIvRDkzOUI5OTQ4
MkE0MTFFOUEyQjgwMTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFniwgwDwQCAAIwCQMHACABDfBhgDANBgkqhkiG9w0BAQsF
AAOCAQEADpv4gd/VsgQFmjNt4Jp9oNGT4xqwv12KjP5JDhQlVdHOF4SmH4oaRnGs
BxZjXPqNfXjnh6MTdWjxs9mLT46Fn/jnTmwvhPJovNDEGw4HSusidZQsQO/GuyQo
iwoa1iC96ca7sMMsDpXeO0DA0wNRTF2kH+dMmhPQchGIMfr6rBlpsxqqqpxA39C2
wvztEMwv3K0cMz4lxGJYSvQIUPqKSVHDRA2ZjYd93klZ7kXDWSGBDTYmDJctgl0V
4ZOBoBBNAuv3l5PSVbvL6RIS6n/H8EwMFwkEGbHmrcla6R8HnK7urodlTsLiJpHo
A2gzGZ8W8Mc+NCAPQUtedzGXIzjBMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org