Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/6071434A323011ECA0E83B50C4F9AE02.roa
File: 6071434A323011ECA0E83B50C4F9AE02.roa (raw, json)
Hash identifier: 1TKRO1RNTt+WZE8b73TB4LL6KY52aZqn9rUghvVxOXU=
Subject key identifier: 32:2B:1D:62:D4:80:49:64:96:46:34:A7:1D:A3:1A:4A:69:CB:C9:79
Certificate issuer: /CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Certificate serial: 02
Authority key identifier: 49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/6071434A323011ECA0E83B50C4F9AE02.roa
Signing time: Thu 21 Oct 2021 05:33:10 +0000
ROA not before: Thu 21 Oct 2021 05:33:10 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 10753
IP address blocks: 103.120.128.0/24 maxlen: 24
103.120.129.0/24 maxlen: 24
103.134.74.0/24 maxlen: 24
103.134.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C0C9B/serialNumber=494202B031E9F427643157A06EFAA4C070C7F3ED
Validity
Not Before: Oct 21 05:33:10 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6170fb96-f40c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2d:9c:fd:2d:ee:ee:dc:33:bb:a0:9d:99:04:
77:3d:7f:7c:fc:c4:c6:39:ba:02:34:15:86:27:43:
d5:68:cc:90:1b:e0:66:48:06:75:af:f1:35:2d:2c:
48:c0:89:92:ba:46:98:72:4c:0f:34:0e:99:55:96:
9b:e2:de:d2:b0:3e:14:a4:99:e0:93:c9:61:0b:15:
36:7b:cf:23:93:89:62:08:2d:4d:d9:e9:4d:03:a4:
97:62:6c:33:65:a6:ad:9a:f8:3c:7d:71:83:dc:6b:
01:44:6f:4d:9b:89:1a:ec:80:81:f7:08:c9:90:ae:
af:1f:ff:10:87:60:a4:c5:f2:66:dd:e1:b9:f9:7d:
4c:81:fb:06:5c:c2:1c:c4:14:68:5e:ed:e9:c7:30:
b5:4d:f8:f3:e1:8a:fc:69:1b:22:34:5b:67:4e:c2:
1d:99:47:eb:21:39:64:39:b6:b1:36:a7:45:98:bb:
e3:36:47:70:28:d4:10:91:07:2b:9a:19:8a:d8:b0:
36:53:4e:18:94:c1:82:d8:22:11:c7:8e:7a:47:7c:
bd:4d:d5:ce:4c:74:fe:5e:c4:2d:fc:88:3d:55:cd:
d9:80:c3:fd:99:6c:2d:6c:7f:d4:bd:5c:a0:2a:53:
a7:9e:9e:5a:cb:0e:eb:8b:88:04:11:23:03:ab:31:
c5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:2B:1D:62:D4:80:49:64:96:46:34:A7:1D:A3:1A:4A:69:CB:C9:79
X509v3 Authority Key Identifier:
keyid:49:42:02:B0:31:E9:F4:27:64:31:57:A0:6E:FA:A4:C0:70:C7:F3:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/SUICsDHp9CdkMVegbvqkwHDH8-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SUICsDHp9CdkMVegbvqkwHDH8-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C9B/A46E989A322B11EC97F8CF7CC4F9AE02/6071434A323011ECA0E83B50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.128.0/23
103.134.74.0/23
Signature Algorithm: sha256WithRSAEncryption
63:81:4b:9b:56:db:3e:ca:0b:19:45:d6:ea:71:9b:59:c5:3c:
78:dd:76:b7:8c:ab:94:61:02:b2:17:ec:69:08:0e:84:e1:d5:
27:a5:dc:8d:2e:af:f7:39:7b:de:c7:1d:43:df:84:fb:1f:ab:
bf:59:39:23:5a:7f:e9:dd:23:f4:93:e4:14:28:b3:99:4d:13:
88:7c:9f:da:78:00:f1:e9:a4:2f:6f:49:f3:12:cd:1a:24:7f:
ee:d2:3e:48:6e:07:ef:a5:75:dc:12:70:47:f0:46:b4:00:e6:
e4:b8:af:6b:ed:6f:16:63:d1:24:fe:f4:a6:af:3f:7e:35:63:
8e:41:76:d8:18:59:c4:c0:98:86:a3:43:74:9b:f0:97:74:23:
74:37:0a:a5:0e:93:fc:94:14:7a:dd:1d:7b:5f:a2:02:cd:85:
9a:0b:13:12:f8:f2:03:1f:67:64:1c:34:0a:ae:ee:04:4a:38:
65:0a:08:16:1f:80:7a:09:c0:c3:a8:ba:36:a2:9e:c9:7e:2c:
ff:f0:79:90:8f:35:2c:fb:ce:74:13:ee:ee:49:f6:5d:7a:5f:
b4:15:98:9c:cb:82:29:0a:39:6f:e4:60:6b:9e:9b:26:29:14:
9d:4e:f8:4e:cb:81:af:e2:eb:ca:cd:45:52:2e:ca:2d:c0:c0:
a7:aa:92:e2
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MEM5QjExMC8GA1UEBRMoNDk0MjAyQjAzMUU5RjQyNzY0MzE1N0EwNkVGQUE0QzA3
MEM3RjNFRDAeFw0yMTEwMjEwNTMzMTBaFw0yMjEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxNzBmYjk2LWY0MGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCLZz9Le7u3DO7oJ2ZBHc9f3z8xMY5ugI0FYYnQ9VozJAb4GZIBnWv8TUtLEjA
iZK6RphyTA80DplVlpvi3tKwPhSkmeCTyWELFTZ7zyOTiWIILU3Z6U0DpJdibDNl
pq2a+Dx9cYPcawFEb02biRrsgIH3CMmQrq8f/xCHYKTF8mbd4bn5fUyB+wZcwhzE
FGhe7enHMLVN+PPhivxpGyI0W2dOwh2ZR+shOWQ5trE2p0WYu+M2R3Ao1BCRByua
GYrYsDZTThiUwYLYIhHHjnpHfL1N1c5MdP5exC38iD1VzdmAw/2ZbC1sf9S9XKAq
U6eenlrLDuuLiAQRIwOrMcXnAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUMisdYtSA
SWSWRjSnHaMaSmnLyXkwHwYDVR0jBBgwFoAUSUICsDHp9CdkMVegbvqkwHDH8+0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwQzlCL0E0NkU5ODlBMzIy
QjExRUM5N0Y4Q0Y3Q0M0RjlBRTAyL1NVSUNzREhwOUNka01WZWdidnFrd0hESDgt
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU1VJQ3NESHA5Q2RrTVZlZ2J2cWt3SERIOC0wLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MEM5Qi9BNDZFOTg5QTMyMkIxMUVDOTdGOENGN0NDNEY5QUUwMi82MDcxNDM0QTMy
MzAxMUVDQTBFODNCNTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAWd4gAMEAWeGSjANBgkqhkiG9w0BAQsFAAOCAQEAY4FLm1bb
PsoLGUXW6nGbWcU8eN12t4yrlGECshfsaQgOhOHVJ6XcjS6v9zl73scdQ9+E+x+r
v1k5I1p/6d0j9JPkFCizmU0TiHyf2ngA8emkL29J8xLNGiR/7tI+SG4H76V13BJw
R/BGtADm5Liva+1vFmPRJP70pq8/fjVjjkF22BhZxMCYhqNDdJvwl3QjdDcKpQ6T
/JQUet0de1+iAs2FmgsTEvjyAx9nZBw0Cq7uBEo4ZQoIFh+AegnAw6i6NqKeyX4s
//B5kI81LPvOdBPu7kn2XXpftBWYnMuCKQo5b+Rga56bJikUnU74TsuBr+Lrys1F
Ui7KLcDAp6qS4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org