Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/925DB0920F6D11EA8840135DC4F9AE02.roa
File: 925DB0920F6D11EA8840135DC4F9AE02.roa (raw, json)
Hash identifier: PykvjdKpn7Robs0AMP1J36Fxjk9oyb8vmFzyboGTkAA=
Subject key identifier: 96:EE:49:25:C6:9A:C7:58:DF:DF:6F:FB:50:6F:76:E9:87:0F:E3:91
Certificate issuer: /CN=A9183496/serialNumber=2F7A1C1DD27EA78158CE21A94DBBFB9072FB1734
Certificate serial: 0752
Authority key identifier: 2F:7A:1C:1D:D2:7E:A7:81:58:CE:21:A9:4D:BB:FB:90:72:FB:17:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/925DB0920F6D11EA8840135DC4F9AE02.roa
Signing time: Wed 13 Oct 2021 08:55:58 +0000
ROA not before: Wed 13 Oct 2021 08:55:58 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 134383
IP address blocks: 103.121.140.0/22 maxlen: 24
2001:df6:4300::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1874 (0x752)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9183496/serialNumber=2F7A1C1DD27EA78158CE21A94DBBFB9072FB1734
Validity
Not Before: Oct 13 08:55:58 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61669f1d-7a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2e:ae:63:60:80:63:ff:6c:fb:1d:3f:24:31:
de:87:41:94:4a:57:b3:37:06:81:32:9c:62:e3:8e:
86:7c:96:04:6a:20:0a:f1:84:36:6c:24:04:aa:a1:
c5:38:53:9e:55:f4:5c:5d:51:e6:ba:aa:f5:08:b2:
15:44:f0:1d:23:b2:5a:f7:5f:2d:ec:1c:14:6d:8c:
f9:4c:16:60:cb:e6:cb:c4:21:ab:26:d2:04:22:fb:
ed:06:df:8f:10:85:d8:90:04:bf:18:95:a4:9e:09:
13:e3:32:9b:61:de:f3:3a:19:d0:49:3d:36:34:c8:
b5:0f:7d:ec:ea:a5:c0:ab:2c:f1:a9:7b:71:d2:52:
15:ad:13:ba:37:e5:39:f3:41:5c:aa:95:39:d2:f3:
48:85:c3:1b:74:59:9b:ca:90:24:dc:dd:51:22:40:
56:2d:48:0c:80:c2:8c:80:c9:8a:ed:07:51:b8:6d:
52:d8:c3:3d:cc:7b:69:7c:32:a2:50:44:43:05:e9:
12:7f:13:49:29:f9:0b:d0:77:fc:25:6c:1d:e3:2f:
0a:81:05:2c:2a:8c:f7:51:31:5b:ac:c2:83:28:52:
78:06:07:14:d7:79:4f:ba:21:cf:34:3a:ea:c0:39:
03:e0:67:05:87:d7:5f:8f:73:1b:d3:e0:1f:0f:8d:
35:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EE:49:25:C6:9A:C7:58:DF:DF:6F:FB:50:6F:76:E9:87:0F:E3:91
X509v3 Authority Key Identifier:
keyid:2F:7A:1C:1D:D2:7E:A7:81:58:CE:21:A9:4D:BB:FB:90:72:FB:17:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L3ocHdJ-p4FYziGpTbv7kHL7FzQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183496/2341A5660F6C11EAA70F795AC4F9AE02/925DB0920F6D11EA8840135DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.140.0/22
IPv6:
2001:df6:4300::/48
Signature Algorithm: sha256WithRSAEncryption
0f:c0:43:88:f9:ac:59:42:c3:e9:45:12:49:3b:da:1c:e7:b9:
25:09:f7:8f:49:ee:72:24:19:d3:76:12:f2:41:62:53:3c:43:
f0:cc:e9:57:07:77:f1:bd:c6:59:0a:5c:6f:e9:6b:b7:18:0d:
5a:d0:40:bf:68:91:03:65:66:2c:24:1e:1c:07:7f:4b:08:5a:
aa:c6:d8:e4:aa:56:2d:53:16:c3:11:97:bc:60:00:0a:5f:d5:
49:20:d8:af:f8:4b:0f:27:a7:9c:7e:e6:e2:dc:2a:95:fb:d1:
a4:d9:33:90:21:18:42:1d:24:45:4f:83:c5:69:67:27:35:cb:
6a:9c:3e:76:fa:94:db:8f:59:19:96:2e:22:f1:64:25:3e:db:
ed:4b:85:f5:69:b1:e0:c5:9a:10:6e:7a:b2:64:a5:39:64:51:
ba:cf:4d:9d:ff:aa:c1:6f:ca:80:04:94:95:96:3d:64:8d:78:
57:aa:eb:24:74:35:ad:19:a2:19:c9:9f:55:98:9f:13:c8:99:
ec:56:cd:c2:4d:f9:04:cc:4a:24:0f:c8:98:36:43:0e:37:40:
ab:6b:68:93:73:c5:a9:17:da:55:11:92:ba:72:1d:be:11:8e:
f1:02:ea:e3:2c:84:3f:93:13:e4:77:8f:74:39:63:29:2d:f9:
a2:7f:cc:72
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICB1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODM0OTYxMTAvBgNVBAUTKDJGN0ExQzFERDI3RUE3ODE1OENFMjFBOTREQkJGQjkw
NzJGQjE3MzQwHhcNMjExMDEzMDg1NTU4WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTY2OWYxZC03YTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0y6uY2CAY/9s+x0/JDHeh0GUSlezNwaBMpxi446GfJYEaiAK8YQ2bCQEqqHF
OFOeVfRcXVHmuqr1CLIVRPAdI7Ja918t7BwUbYz5TBZgy+bLxCGrJtIEIvvtBt+P
EIXYkAS/GJWkngkT4zKbYd7zOhnQST02NMi1D33s6qXAqyzxqXtx0lIVrRO6N+U5
80FcqpU50vNIhcMbdFmbypAk3N1RIkBWLUgMgMKMgMmK7QdRuG1S2MM9zHtpfDKi
UERDBekSfxNJKfkL0Hf8JWwd4y8KgQUsKoz3UTFbrMKDKFJ4BgcU13lPuiHPNDrq
wDkD4GcFh9dfj3Mb0+AfD401EQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJbuSSXG
msdY399v+1BvdumHD+ORMB8GA1UdIwQYMBaAFC96HB3SfqeBWM4hqU27+5By+xc0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MzQ5Ni8yMzQxQTU2NjBG
NkMxMUVBQTcwRjc5NUFDNEY5QUUwMi9MM29jSGRKLXA0Rll6aUdwVGJ2N2tITDdG
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0wzb2NIZEotcDRGWXppR3BUYnY3a0hMN0Z6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODM0OTYvMjM0MUE1NjYwRjZDMTFFQUE3MEY3OTVBQzRGOUFFMDIvOTI1REIwOTIw
RjZEMTFFQTg4NDAxMzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJneYwwDwQCAAIwCQMHACABDfZDADANBgkqhkiG9w0BAQsF
AAOCAQEAD8BDiPmsWULD6UUSSTvaHOe5JQn3j0nuciQZ03YS8kFiUzxD8MzpVwd3
8b3GWQpcb+lrtxgNWtBAv2iRA2VmLCQeHAd/SwhaqsbY5KpWLVMWwxGXvGAACl/V
SSDYr/hLDyennH7m4twqlfvRpNkzkCEYQh0kRU+DxWlnJzXLapw+dvqU249ZGZYu
IvFkJT7b7UuF9Wmx4MWaEG56smSlOWRRus9Nnf+qwW/KgASUlZY9ZI14V6rrJHQ1
rRmiGcmfVZifE8iZ7FbNwk35BMxKJA/ImDZDDjdAq2tok3PFqRfaVRGSunIdvhGO
8QLq4yyEP5MT5HePdDljKS35on/Mcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org