Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBF7F/453EB6F4874511E9BF86445CC4F9AE02/8EC1CD38CB8611ECB5F21C41C4F9AE02.roa
File: 8EC1CD38CB8611ECB5F21C41C4F9AE02.roa (raw, json)
Hash identifier: 2cg/j9uzdZSXI/cgJs309NGLbCErwE46lTppHLchTRw=
Subject key identifier: 0B:29:92:0C:7B:43:F9:5D:F8:8C:E2:72:0A:C2:DB:D3:60:F5:81:FA
Certificate issuer: /CN=A91BBF7F/serialNumber=D5F6DD63C0381060AFFBC9D20ED30F07FBDE88EA
Certificate serial: 0BBA
Authority key identifier: D5:F6:DD:63:C0:38:10:60:AF:FB:C9:D2:0E:D3:0F:07:FB:DE:88:EA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fbdY8A4EGCv-8nSDtMPB_veiOo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BBF7F/453EB6F4874511E9BF86445CC4F9AE02/8EC1CD38CB8611ECB5F21C41C4F9AE02.roa
Signing time: Tue 10 May 2022 19:06:18 +0000
ROA not before: Tue 10 May 2022 19:06:18 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 134739
IP address blocks: 103.138.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3002 (0xbba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BBF7F/serialNumber=D5F6DD63C0381060AFFBC9D20ED30F07FBDE88EA
Validity
Not Before: May 10 19:06:18 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=627ab7aa-ebbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bd:34:00:5c:d8:53:1f:81:7d:a4:63:76:64:
79:bf:ae:ca:26:1f:f8:b3:f6:07:25:04:11:0e:0e:
e7:d6:4e:bb:09:81:d0:6d:a7:82:41:6f:44:b3:09:
45:0b:d7:e4:71:57:5b:2f:62:8d:4f:bb:8c:4b:15:
cc:35:ca:d5:80:9b:88:dc:58:56:c6:ac:0a:65:d3:
b2:97:a1:f0:f4:fe:4f:b0:77:b3:99:93:4d:a7:e3:
3e:81:2c:d2:3a:db:57:b3:62:4c:94:de:c1:3c:dc:
58:e4:72:4b:3b:46:f3:89:0d:cc:b9:0b:45:15:a0:
b2:9b:2a:1e:3e:b5:23:49:23:79:3d:8f:11:a5:76:
9b:11:76:03:75:ea:9f:83:73:54:27:c9:aa:90:d8:
89:eb:a9:31:9e:a5:36:1e:e1:11:f4:1b:53:20:15:
3d:6b:89:76:9a:13:14:a9:35:1c:c3:18:d6:1c:ec:
a7:44:af:c6:12:1b:ff:3e:b4:65:4c:cc:c1:71:f4:
2d:d8:b7:11:4f:84:f0:54:93:f0:e0:19:bb:29:88:
97:bf:79:34:ef:7e:4b:5d:82:23:93:d3:74:50:16:
f1:35:82:ba:ff:35:00:d4:8d:74:28:b5:97:b9:56:
da:10:b3:4e:06:fb:66:36:74:cd:38:0e:5f:4d:bf:
cb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:29:92:0C:7B:43:F9:5D:F8:8C:E2:72:0A:C2:DB:D3:60:F5:81:FA
X509v3 Authority Key Identifier:
keyid:D5:F6:DD:63:C0:38:10:60:AF:FB:C9:D2:0E:D3:0F:07:FB:DE:88:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BBF7F/453EB6F4874511E9BF86445CC4F9AE02/1fbdY8A4EGCv-8nSDtMPB_veiOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1fbdY8A4EGCv-8nSDtMPB_veiOo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBF7F/453EB6F4874511E9BF86445CC4F9AE02/8EC1CD38CB8611ECB5F21C41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.253.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:d8:1a:65:7e:a1:a3:ea:4b:00:69:47:5a:72:07:44:6b:45:
34:73:7c:68:76:e3:60:0b:31:5f:a3:f2:54:aa:1e:6e:58:c7:
8f:c7:61:98:3e:19:3b:01:6d:c1:9d:4d:25:72:ce:d9:8f:c9:
e4:6f:10:80:fb:2c:16:66:d4:24:53:a0:82:e0:53:71:cb:5f:
45:4e:d8:bf:b4:34:d9:30:60:52:48:90:50:31:7e:e8:16:3c:
84:0d:85:51:1d:16:14:20:d9:e2:6f:ae:be:d4:58:ae:5d:20:
a9:3a:c8:0b:51:fa:6e:72:19:10:01:43:f9:bf:d9:81:c8:fc:
b5:98:4b:3a:d5:93:27:ce:f3:a7:a8:a0:75:86:10:b2:24:ff:
6d:74:4b:5d:e7:ee:8a:46:a8:3f:56:04:92:3b:eb:24:09:e8:
f8:ee:9e:dd:67:d2:eb:e9:dc:94:ec:50:a4:25:ba:c2:0b:d1:
c0:fe:d6:d0:b9:66:8d:9e:c8:70:69:52:a0:b1:ae:e9:96:c8:
5e:9b:4a:b0:5d:e5:9a:1a:3d:e0:fe:d0:5c:71:7a:35:f7:97:
af:3b:7a:65:9b:8b:f8:b5:62:e5:d8:43:30:b5:88:29:09:47:
18:fe:c9:07:fa:63:5d:02:d8:a4:fb:aa:ca:92:85:54:04:91:
69:27:db:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkJGN0YxMTAvBgNVBAUTKEQ1RjZERDYzQzAzODEwNjBBRkZCQzlEMjBFRDMwRjA3
RkJERTg4RUEwHhcNMjIwNTEwMTkwNjE4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdhYjdhYS1lYmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt700AFzYUx+BfaRjdmR5v67KJh/4s/YHJQQRDg7n1k67CYHQbaeCQW9EswlF
C9fkcVdbL2KNT7uMSxXMNcrVgJuI3FhWxqwKZdOyl6Hw9P5PsHezmZNNp+M+gSzS
OttXs2JMlN7BPNxY5HJLO0bziQ3MuQtFFaCymyoePrUjSSN5PY8RpXabEXYDdeqf
g3NUJ8mqkNiJ66kxnqU2HuER9BtTIBU9a4l2mhMUqTUcwxjWHOynRK/GEhv/PrRl
TMzBcfQt2LcRT4TwVJPw4Bm7KYiXv3k0735LXYIjk9N0UBbxNYK6/zUA1I10KLWX
uVbaELNOBvtmNnTNOA5fTb/LeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAspkgx7
Q/ld+IzicgrC29Ng9YH6MB8GA1UdIwQYMBaAFNX23WPAOBBgr/vJ0g7TDwf73ojq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkY3Ri80NTNFQjZGNDg3
NDUxMUU5QkY4NjQ0NUNDNEY5QUUwMi8xZmJkWThBNEVHQ3YtOG5TRHRNUEJfdmVp
T28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFmYmRZOEE0RUdDdi04blNEdE1QQl92ZWlPby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkJGN0YvNDUzRUI2RjQ4NzQ1MTFFOUJGODY0NDVDQzRGOUFFMDIvOEVDMUNEMzhD
Qjg2MTFFQ0I1RjIxQzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABniv0wDQYJKoZIhvcNAQELBQADggEBALvYGmV+oaPqSwBp
R1pyB0RrRTRzfGh242ALMV+j8lSqHm5Yx4/HYZg+GTsBbcGdTSVyztmPyeRvEID7
LBZm1CRToILgU3HLX0VO2L+0NNkwYFJIkFAxfugWPIQNhVEdFhQg2eJvrr7UWK5d
IKk6yAtR+m5yGRABQ/m/2YHI/LWYSzrVkyfO86eooHWGELIk/210S13n7opGqD9W
BJI76yQJ6Pjunt1n0uvp3JTsUKQlusIL0cD+1tC5Zo2eyHBpUqCxrumWyF6bSrBd
5ZoaPeD+0FxxejX3l687emWbi/i1YuXYQzC1iCkJRxj+yQf6Y10C2KT7qsqShVQE
kWkn25s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:23 2024 by rpki-client on console-ams.rpki-client.org