Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91847B9/FC558882A14411ED95704386C4F9AE02/DC0BA7C0A14711ED93714D0BC4F9AE02.roa
File: DC0BA7C0A14711ED93714D0BC4F9AE02.roa (raw, json)
Hash identifier: eFWXTdGb3e8hhGzFP5xM0BtaA//nxIltKR8wqASvwpU=
Subject key identifier: C8:91:79:28:A6:CE:2B:4C:7D:21:64:84:46:7F:D5:4A:2B:D6:FC:4C
Certificate issuer: /CN=A91847B9/serialNumber=0E58051B24BD5ADB1BCC9F38E2D3E7374B68DB7C
Certificate serial: 08
Authority key identifier: 0E:58:05:1B:24:BD:5A:DB:1B:CC:9F:38:E2:D3:E7:37:4B:68:DB:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DlgFGyS9WtsbzJ844tPnN0to23w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91847B9/FC558882A14411ED95704386C4F9AE02/DC0BA7C0A14711ED93714D0BC4F9AE02.roa
Signing time: Sat 04 Feb 2023 11:34:54 +0000
ROA not before: Sat 04 Feb 2023 11:34:54 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 149478
IP address blocks: 103.77.218.0/23 maxlen: 23
103.77.218.0/24 maxlen: 24
103.77.219.0/24 maxlen: 24
2001:df1:e340::/48 maxlen: 48
2001:df1:e340::/52 maxlen: 52
2001:df1:e340:1000::/52 maxlen: 52
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91847B9/serialNumber=0E58051B24BD5ADB1BCC9F38E2D3E7374B68DB7C
Validity
Not Before: Feb 4 11:34:54 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63de42de-c1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b8:51:3b:56:39:6d:0a:80:7a:b0:0f:e2:23:
c5:7a:c5:9b:12:88:c2:ba:a4:bc:2a:8f:a8:22:2a:
80:f6:e6:de:77:23:d9:03:e9:0a:3c:05:99:2f:37:
03:30:56:6e:e2:99:38:5b:ca:4d:1b:e5:81:1c:ed:
17:cd:e8:d2:fb:d7:18:c6:fb:1c:9c:e6:83:db:e8:
31:64:98:9f:68:7d:00:82:cd:3c:ac:fa:da:f5:78:
c2:7a:04:48:93:ed:70:2e:46:b1:b7:2d:80:4c:63:
2f:f1:f7:20:7c:48:9c:fb:11:9a:bc:43:6f:f4:fe:
b0:dc:e5:b4:e9:40:bc:8d:8f:73:84:e6:bc:08:3a:
07:16:cb:1d:6f:66:03:c8:78:ba:46:be:22:e5:36:
cc:90:08:1c:02:64:a4:60:ef:59:2f:c3:7a:09:ec:
74:54:68:34:f5:f1:81:79:f5:47:c9:96:04:14:28:
d6:ee:15:f8:a0:21:98:8f:fe:8b:e4:39:6f:4f:58:
f7:95:ec:a2:7a:b5:44:26:61:fe:55:11:11:84:37:
5e:53:52:be:ea:d9:79:0f:2b:10:6f:31:3d:5f:06:
77:57:75:c5:a2:01:33:38:b0:36:76:f4:cb:b4:c6:
65:c0:b4:e5:01:1e:00:05:70:e9:b0:9a:71:2e:d6:
f3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:91:79:28:A6:CE:2B:4C:7D:21:64:84:46:7F:D5:4A:2B:D6:FC:4C
X509v3 Authority Key Identifier:
keyid:0E:58:05:1B:24:BD:5A:DB:1B:CC:9F:38:E2:D3:E7:37:4B:68:DB:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91847B9/FC558882A14411ED95704386C4F9AE02/DlgFGyS9WtsbzJ844tPnN0to23w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DlgFGyS9WtsbzJ844tPnN0to23w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847B9/FC558882A14411ED95704386C4F9AE02/DC0BA7C0A14711ED93714D0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.218.0/23
IPv6:
2001:df1:e340::/48
Signature Algorithm: sha256WithRSAEncryption
66:8a:b6:39:d7:0d:2b:50:07:ad:a9:47:f4:f4:2e:5b:b2:51:
ec:ff:8e:67:5c:ba:eb:cf:a4:3b:af:b7:df:8a:a1:57:e8:36:
1f:27:63:36:be:bc:37:4c:1f:92:4c:a6:5b:4e:a3:32:83:06:
ac:a4:fa:df:b6:3a:bb:eb:81:8d:2c:c2:f0:5d:3b:49:14:42:
a2:3b:ae:1d:c3:5f:38:6c:83:b0:ea:89:a3:0a:ba:c1:66:a2:
05:2a:c2:34:7d:91:a8:0e:b7:09:47:9a:ca:02:93:2d:e9:3a:
4b:47:34:73:33:4e:2e:ed:ed:7c:de:a6:8b:6a:44:30:03:3a:
52:35:47:97:e0:29:fe:fc:3e:62:d1:01:a8:f0:aa:d4:ad:0d:
85:7c:03:65:fb:30:c3:03:c9:f5:8e:99:f0:0b:c3:61:9a:40:
2a:13:77:75:cf:3b:a7:46:04:fe:59:6e:52:d0:12:13:e2:73:
bd:e0:2d:07:eb:eb:08:da:f7:d8:4c:cc:f2:94:5c:bb:38:bc:
1e:4e:d8:b9:24:b9:79:af:6c:5d:29:98:a6:5b:d4:f9:d9:8b:
f5:bd:88:b2:af:26:70:ef:a9:6f:18:c5:1f:b1:b4:4e:30:fa:
53:7d:01:55:41:88:13:b7:34:5b:75:48:eb:a9:ef:e9:91:eb:
27:40:2a:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NDdCOTExMC8GA1UEBRMoMEU1ODA1MUIyNEJENUFEQjFCQ0M5RjM4RTJEM0U3Mzc0
QjY4REI3QzAeFw0yMzAyMDQxMTM0NTRaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZGU0MmRlLWMxYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDiuFE7VjltCoB6sA/iI8V6xZsSiMK6pLwqj6giKoD25t53I9kD6Qo8BZkvNwMw
Vm7imThbyk0b5YEc7RfN6NL71xjG+xyc5oPb6DFkmJ9ofQCCzTys+tr1eMJ6BEiT
7XAuRrG3LYBMYy/x9yB8SJz7EZq8Q2/0/rDc5bTpQLyNj3OE5rwIOgcWyx1vZgPI
eLpGviLlNsyQCBwCZKRg71kvw3oJ7HRUaDT18YF59UfJlgQUKNbuFfigIZiP/ovk
OW9PWPeV7KJ6tUQmYf5VERGEN15TUr7q2XkPKxBvMT1fBndXdcWiATM4sDZ29Mu0
xmXAtOUBHgAFcOmwmnEu1vNTAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUyJF5KKbO
K0x9IWSERn/VSivW/EwwHwYDVR0jBBgwFoAUDlgFGyS9WtsbzJ844tPnN0to23ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg0N0I5L0ZDNTU4ODgyQTE0
NDExRUQ5NTcwNDM4NkM0RjlBRTAyL0RsZ0ZHeVM5V3RzYnpKODQ0dFBuTjB0bzIz
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRGxnRkd5UzlXdHNieko4NDR0UG5OMHRvMjN3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NDdCOS9GQzU1ODg4MkExNDQxMUVEOTU3MDQzODZDNEY5QUUwMi9EQzBCQTdDMEEx
NDcxMUVEOTM3MTREMEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdN2jAPBAIAAjAJAwcAIAEN8eNAMA0GCSqGSIb3DQEBCwUA
A4IBAQBmirY51w0rUAetqUf09C5bslHs/45nXLrrz6Q7r7ffiqFX6DYfJ2M2vrw3
TB+STKZbTqMygwaspPrftjq764GNLMLwXTtJFEKiO64dw184bIOw6omjCrrBZqIF
KsI0fZGoDrcJR5rKApMt6TpLRzRzM04u7e183qaLakQwAzpSNUeX4Cn+/D5i0QGo
8KrUrQ2FfANl+zDDA8n1jpnwC8NhmkAqE3d1zzunRgT+WW5S0BIT4nO94C0H6+sI
2vfYTMzylFy7OLweTti5JLl5r2xdKZimW9T52Yv1vYiyryZw76lvGMUfsbROMPpT
fQFVQYgTtzRbdUjrqe/pkesnQCqC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org