Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/B5196C0A92DB11EB9192913BC4F9AE02.roa
File: B5196C0A92DB11EB9192913BC4F9AE02.roa (raw, json)
Hash identifier: 9AU5JxiwW89DuDjmbs+lLsao56e5ISbCsg8Swtg21RM=
Subject key identifier: 2A:4C:F7:9E:1B:1C:CE:19:F6:3D:7C:57:25:7B:7F:1B:4F:24:3C:2A
Certificate issuer: /CN=A9185D34/serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD
Certificate serial: 035A
Authority key identifier: 9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/B5196C0A92DB11EB9192913BC4F9AE02.roa
Signing time: Sat 23 Oct 2021 11:08:49 +0000
ROA not before: Sat 23 Oct 2021 11:08:49 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 138574
IP address blocks: 103.133.134.0/23 maxlen: 23
103.133.134.0/24 maxlen: 24
103.133.135.0/24 maxlen: 24
2001:df7:e480::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 858 (0x35a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185D34/serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD
Validity
Not Before: Oct 23 11:08:49 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=6173ed40-cc52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:10:a6:3e:60:6a:92:bd:98:84:7b:50:2b:4c:
b9:50:fd:79:19:62:5e:91:52:85:f7:8e:8a:fa:62:
04:2d:3e:87:87:b4:58:e6:5a:48:1f:54:23:0e:fd:
65:a3:be:ff:38:62:cc:c8:17:fc:44:41:7e:ae:7a:
73:fb:77:1d:ee:e7:7d:4d:61:f9:61:7d:99:82:fe:
71:ff:84:c4:4e:fd:27:74:cf:55:63:19:01:3a:a2:
9c:4e:5d:c4:f2:e2:5c:fb:7b:b6:06:6e:9a:86:f4:
8c:27:8f:c2:b2:fb:2e:aa:4e:6d:57:a6:73:d8:28:
eb:0a:68:ad:83:45:69:d3:a5:2e:25:34:e5:b8:a7:
f8:f2:17:b4:95:b1:24:d7:d5:47:6e:48:10:cf:27:
ed:55:e5:1c:0b:58:52:76:67:e7:0a:97:e1:d7:1b:
0c:86:42:81:9c:f8:ed:d9:5f:86:1d:a9:a0:d5:34:
94:d6:b1:81:a4:a6:88:f5:8b:f2:46:16:3c:fb:ba:
f8:05:c0:30:5e:b3:79:3b:9c:56:88:11:ff:0d:a8:
a0:ab:df:df:0f:07:27:4d:ca:4f:9a:3b:99:71:ab:
3d:16:b9:2c:00:90:50:aa:ba:e6:1f:3f:40:bd:cb:
95:85:c1:0d:93:94:9d:5c:12:f6:f1:a8:42:20:a4:
39:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4C:F7:9E:1B:1C:CE:19:F6:3D:7C:57:25:7B:7F:1B:4F:24:3C:2A
X509v3 Authority Key Identifier:
keyid:9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/B5196C0A92DB11EB9192913BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.134.0/23
IPv6:
2001:df7:e480::/48
Signature Algorithm: sha256WithRSAEncryption
2e:5c:35:10:7f:03:58:bc:5c:81:2f:2c:52:35:ac:8e:6a:c7:
75:09:07:04:62:d7:c9:3c:61:86:2a:3d:65:e1:71:f1:e0:e1:
15:ec:83:78:aa:f0:46:87:4a:ac:b8:e1:55:43:3a:0f:98:90:
4c:c5:3b:bb:e2:ac:13:b9:f6:95:45:3f:cc:65:75:3c:29:d4:
22:f0:d2:a5:40:c2:c3:b1:e0:99:44:1d:be:ec:fd:94:88:16:
1d:9e:f2:75:df:fc:95:ed:7e:68:07:20:3e:be:51:25:43:9f:
f7:62:cc:89:3e:78:0f:3d:fc:f1:bf:69:da:01:8e:09:d5:f7:
a3:40:91:ca:e7:99:9b:2b:b3:d5:39:1f:85:94:2b:5e:25:57:
30:52:1e:23:87:b2:a2:2c:33:e7:4c:c7:19:45:1a:fa:6c:58:
82:f3:ba:c6:3d:dd:cb:f8:5f:61:72:88:aa:65:a8:aa:9a:71:
55:da:b3:4a:ae:9b:4d:be:2e:58:80:52:f4:63:01:79:54:78:
74:32:b6:81:f9:00:bd:25:50:2f:73:ad:f4:72:35:a8:12:7a:
c4:2e:41:4e:25:86:10:1f:b0:9a:2e:a9:4f:bb:97:42:f0:62:
56:ae:3c:1d:bf:78:17:e1:ea:b6:fd:cd:27:e6:ef:bc:01:7a:
59:e1:4c:21
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICA1owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVEMzQxMTAvBgNVBAUTKDlFQzEyMTZEMjU2NDE2NDAzQ0I1QzUzRTczNDU1MzBG
ODMyNzJDREQwHhcNMjExMDIzMTEwODQ5WhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTczZWQ0MC1jYzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAshCmPmBqkr2YhHtQK0y5UP15GWJekVKF946K+mIELT6Hh7RY5lpIH1QjDv1l
o77/OGLMyBf8REF+rnpz+3cd7ud9TWH5YX2Zgv5x/4TETv0ndM9VYxkBOqKcTl3E
8uJc+3u2Bm6ahvSMJ4/Csvsuqk5tV6Zz2CjrCmitg0Vp06UuJTTluKf48he0lbEk
19VHbkgQzyftVeUcC1hSdmfnCpfh1xsMhkKBnPjt2V+GHamg1TSU1rGBpKaI9Yvy
RhY8+7r4BcAwXrN5O5xWiBH/Daigq9/fDwcnTcpPmjuZcas9FrksAJBQqrrmHz9A
vcuVhcENk5SdXBL28ahCIKQ52QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCpM954b
HM4Z9j18VyV7fxtPJDwqMB8GA1UdIwQYMBaAFJ7BIW0lZBZAPLXFPnNFUw+DJyzd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQzNC9EQkE4Nzg1OEU2
QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0ZrQTh0Y1UtYzBWVEQ0TW5M
TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25zRWhiU1ZrRmtBOHRjVS1jMFZURDRNbkxOMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODVEMzQvREJBODc4NThFNkEwMTFFQUE4NTQ0QjQzQzRGOUFFMDIvQjUxOTZDMEE5
MkRCMTFFQjkxOTI5MTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnhYYwDwQCAAIwCQMHACABDffkgDANBgkqhkiG9w0BAQsF
AAOCAQEALlw1EH8DWLxcgS8sUjWsjmrHdQkHBGLXyTxhhio9ZeFx8eDhFeyDeKrw
RodKrLjhVUM6D5iQTMU7u+KsE7n2lUU/zGV1PCnUIvDSpUDCw7HgmUQdvuz9lIgW
HZ7ydd/8le1+aAcgPr5RJUOf92LMiT54Dz388b9p2gGOCdX3o0CRyueZmyuz1Tkf
hZQrXiVXMFIeI4eyoiwz50zHGUUa+mxYgvO6xj3dy/hfYXKIqmWoqppxVdqzSq6b
Tb4uWIBS9GMBeVR4dDK2gfkAvSVQL3Ot9HI1qBJ6xC5BTiWGEB+wmi6pT7uXQvBi
Vq48Hb94F+Hqtv3NJ+bvvAF6WeFMIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org