Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9175155/3744B3C4B02811EB9D27891AC4F9AE02/40DEF6DA7ABA11EC9173A93EC4F9AE02.roa
File: 40DEF6DA7ABA11EC9173A93EC4F9AE02.roa (raw, json)
Hash identifier: zbQSzkj61RHB/gtjlaDPyvZNgKKOsJlN+0G+D2X4mLw=
Subject key identifier: 44:2B:55:D2:E3:2D:31:16:49:94:28:36:41:F0:B1:D7:E6:83:96:F7
Certificate issuer: /CN=A9175155/serialNumber=80084A34FD4F3B932C092182407B8905D9406500
Certificate serial: 0213
Authority key identifier: 80:08:4A:34:FD:4F:3B:93:2C:09:21:82:40:7B:89:05:D9:40:65:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gAhKNP1PO5MsCSGCQHuJBdlAZQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9175155/3744B3C4B02811EB9D27891AC4F9AE02/40DEF6DA7ABA11EC9173A93EC4F9AE02.roa
Signing time: Mon 24 Jan 2022 10:00:56 +0000
ROA not before: Mon 24 Jan 2022 10:00:56 +0000
ROA not after: Sat 28 May 2022 00:00:00 +0000
asID: 138665
IP address blocks: 103.136.0.0/22 maxlen: 22
103.136.0.0/24 maxlen: 24
103.136.1.0/24 maxlen: 24
103.136.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 531 (0x213)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9175155/serialNumber=80084A34FD4F3B932C092182407B8905D9406500
Validity
Not Before: Jan 24 10:00:56 2022 GMT
Not After : May 28 00:00:00 2022 GMT
Subject: CN=61ee78d8-cfcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a7:a7:49:a8:42:d6:ae:f1:a6:c9:ba:42:ca:
9a:2e:c1:8a:eb:66:00:82:e4:de:1d:3e:62:de:13:
0d:94:ec:83:63:3b:00:b4:56:75:8e:91:1e:0e:57:
3a:7c:0e:34:d3:84:6c:66:7b:0f:b9:58:26:62:43:
e7:19:4e:92:0c:d8:b8:5a:f4:9f:76:7b:8b:b8:d2:
55:ef:77:67:6e:ef:46:29:0f:ac:99:69:66:c0:17:
61:85:5a:c2:83:0b:07:f7:73:01:43:c6:04:f7:ad:
a0:01:87:bb:26:a5:6d:bd:0d:9b:f3:76:8b:02:35:
9a:c4:07:9a:24:2a:dd:b5:9b:9b:63:52:20:1b:4d:
32:4f:48:51:e0:07:1d:ef:91:3e:12:32:9a:a8:a7:
d5:72:c3:82:aa:44:63:56:05:2a:78:ea:d5:9b:9b:
d6:ad:d4:82:75:aa:4d:21:0a:d6:7e:ed:de:62:35:
81:58:2d:46:8d:3b:06:40:b0:2a:84:e0:bc:eb:11:
4c:aa:d2:c1:da:f3:c6:27:d8:df:6a:96:06:2d:f6:
b7:d9:c5:5f:7a:d2:60:f7:fd:8b:45:65:6a:79:eb:
89:41:ae:9f:d3:19:e1:6d:55:43:5e:47:a1:90:ea:
81:7f:02:e0:e1:1b:f9:ed:a8:e3:14:0c:8e:ef:e6:
3e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2B:55:D2:E3:2D:31:16:49:94:28:36:41:F0:B1:D7:E6:83:96:F7
X509v3 Authority Key Identifier:
keyid:80:08:4A:34:FD:4F:3B:93:2C:09:21:82:40:7B:89:05:D9:40:65:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9175155/3744B3C4B02811EB9D27891AC4F9AE02/gAhKNP1PO5MsCSGCQHuJBdlAZQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gAhKNP1PO5MsCSGCQHuJBdlAZQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175155/3744B3C4B02811EB9D27891AC4F9AE02/40DEF6DA7ABA11EC9173A93EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.0.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:f1:25:7f:32:4f:f8:d6:be:10:a8:34:73:c2:5e:9e:06:3a:
f8:cf:43:8c:0c:72:ec:50:73:ee:a0:e6:44:be:b7:0c:e4:cd:
89:5a:a1:5f:6f:03:8b:96:a6:4f:47:23:f9:4c:09:78:f5:15:
6a:5b:3f:52:74:1f:d8:f4:9c:54:25:b1:6d:b4:34:af:4f:20:
68:f8:3c:e3:4f:19:5e:0f:9f:90:86:b0:cf:e0:61:bd:8b:36:
8e:ad:9f:e0:89:9b:c1:ba:a9:ca:3f:7d:91:d0:f5:d8:e3:c9:
11:7c:49:bc:ac:79:28:b7:07:78:7b:24:9b:25:60:de:9c:50:
6b:56:d8:4f:8f:44:b5:c8:9a:1c:a6:20:c0:1a:d5:88:e2:dd:
ae:f8:56:c7:84:9e:3a:d9:6c:53:20:12:58:b5:44:f2:1c:ee:
3e:8f:9e:c4:b1:3a:36:f4:3f:bd:cb:19:a5:8b:56:ad:fa:78:
1c:a6:fb:a0:3d:e7:ad:13:80:08:1d:c6:44:8f:da:09:94:85:
e5:e3:d3:ac:a3:24:33:3e:33:98:9d:49:9a:4c:bd:4d:7f:29:
ea:3e:d7:95:b7:70:34:d9:e8:5d:12:19:ec:60:16:2c:8c:8f:
dc:ab:ea:74:4a:04:18:b8:e4:6c:61:31:81:03:68:e7:a3:4f:
d3:0c:24:35
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAhMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzUxNTUxMTAvBgNVBAUTKDgwMDg0QTM0RkQ0RjNCOTMyQzA5MjE4MjQwN0I4OTA1
RDk0MDY1MDAwHhcNMjIwMTI0MTAwMDU2WhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MWVlNzhkOC1jZmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA46enSahC1q7xpsm6QsqaLsGK62YAguTeHT5i3hMNlOyDYzsAtFZ1jpEeDlc6
fA4004RsZnsPuVgmYkPnGU6SDNi4WvSfdnuLuNJV73dnbu9GKQ+smWlmwBdhhVrC
gwsH93MBQ8YE962gAYe7JqVtvQ2b83aLAjWaxAeaJCrdtZubY1IgG00yT0hR4Acd
75E+EjKaqKfVcsOCqkRjVgUqeOrVm5vWrdSCdapNIQrWfu3eYjWBWC1GjTsGQLAq
hOC86xFMqtLB2vPGJ9jfapYGLfa32cVfetJg9/2LRWVqeeuJQa6f0xnhbVVDXkeh
kOqBfwLg4Rv57ajjFAyO7+Y+fwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEQrVdLj
LTEWSZQoNkHwsdfmg5b3MB8GA1UdIwQYMBaAFIAISjT9TzuTLAkhgkB7iQXZQGUA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTE1NS8zNzQ0QjNDNEIw
MjgxMUVCOUQyNzg5MUFDNEY5QUUwMi9nQWhLTlAxUE81TXNDU0dDUUh1SkJkbEFa
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dBaEtOUDFQTzVNc0NTR0NRSHVKQmRsQVpRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzUxNTUvMzc0NEIzQzRCMDI4MTFFQjlEMjc4OTFBQzRGOUFFMDIvNDBERUY2REE3
QUJBMTFFQzkxNzNBOTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJniAAwDQYJKoZIhvcNAQELBQADggEBABvxJX8yT/jWvhCo
NHPCXp4GOvjPQ4wMcuxQc+6g5kS+twzkzYlaoV9vA4uWpk9HI/lMCXj1FWpbP1J0
H9j0nFQlsW20NK9PIGj4PONPGV4Pn5CGsM/gYb2LNo6tn+CJm8G6qco/fZHQ9djj
yRF8SbyseSi3B3h7JJslYN6cUGtW2E+PRLXImhymIMAa1Yji3a74VseEnjrZbFMg
Eli1RPIc7j6PnsSxOjb0P73LGaWLVq36eBym+6A9560TgAgdxkSP2gmUheXj06yj
JDM+M5idSZpMvU1/Keo+15W3cDTZ6F0SGexgFiyMj9yr6nRKBBi45GxhMYEDaOej
T9MMJDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org