Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/DA53BC78340311EB9DBF2456C4F9AE02.roa
File: DA53BC78340311EB9DBF2456C4F9AE02.roa (raw, json)
Hash identifier: VNcAG9ZzF6UKQicqZjE/PKV7jg8D+kdj7CG1qbj1RBo=
Subject key identifier: F6:79:01:4C:8A:7E:39:6C:97:F5:18:D7:7B:DE:ED:01:1C:AA:C0:74
Certificate issuer: /CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586
Certificate serial: 076F
Authority key identifier: A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/DA53BC78340311EB9DBF2456C4F9AE02.roa
Signing time: Tue 01 Feb 2022 21:26:57 +0000
ROA not before: Tue 01 Feb 2022 21:26:57 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 138505
IP address blocks: 103.133.208.0/23 maxlen: 23
103.133.208.0/24 maxlen: 24
103.133.209.0/24 maxlen: 24
103.133.210.0/23 maxlen: 23
103.133.210.0/24 maxlen: 24
103.133.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1903 (0x76f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586
Validity
Not Before: Feb 1 21:26:57 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=61f9a5a1-9b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fa:f4:47:d4:9f:de:50:41:2a:ea:3f:be:0f:
99:5c:b2:c3:e8:b9:99:3b:59:a2:8b:6b:a1:50:27:
65:90:b3:b9:7d:65:4c:ec:41:6a:b5:2d:63:af:ca:
11:0f:cf:7a:41:7e:79:12:3d:d1:5d:76:c5:1e:82:
8e:d5:ab:22:98:0d:aa:cc:4b:ff:f1:26:40:65:27:
d4:52:98:f8:05:f7:2e:f2:0f:58:bf:9e:68:c1:64:
64:11:07:af:4b:5c:34:18:c1:fe:4f:7f:63:5e:c8:
5a:03:9a:f0:a0:45:cc:06:47:b7:fd:af:40:0c:41:
e4:2f:ad:3d:a2:db:4f:08:07:25:ba:a6:42:e8:cc:
98:81:d5:b1:3b:c4:fe:bf:3c:41:71:2d:eb:f7:24:
da:98:87:30:f5:e2:c9:b8:cf:17:c4:5b:6d:3e:25:
fd:7c:18:0a:54:0a:07:b9:e3:88:e5:1d:16:74:b6:
c4:43:58:42:87:04:af:4a:8a:1e:95:ea:99:03:f3:
37:a2:bd:a1:79:4f:74:d7:52:c8:60:26:f8:88:8c:
7d:5c:9b:a0:e3:50:a3:f0:38:09:61:e1:ec:5d:da:
83:7c:98:47:11:c7:94:0b:93:74:42:57:e8:cb:1a:
bc:a2:3a:90:41:5c:40:1e:03:3e:7b:1c:2e:99:7c:
a2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:79:01:4C:8A:7E:39:6C:97:F5:18:D7:7B:DE:ED:01:1C:AA:C0:74
X509v3 Authority Key Identifier:
keyid:A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/qSFjXHST8hzSYJPVkDUQgC9ONYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/DA53BC78340311EB9DBF2456C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:37:e7:13:da:36:86:da:5d:2d:9b:96:a3:a5:20:3f:d0:47:
23:26:85:a0:0d:09:c0:78:db:a4:22:71:33:70:a1:55:89:a0:
a7:e9:64:95:ce:57:22:2b:bc:1c:4e:50:59:68:31:bf:d2:b2:
dd:db:85:69:be:3d:10:bd:39:4e:58:78:27:c9:e4:6b:50:34:
83:0c:32:c4:e6:93:de:5c:e8:2f:85:62:bd:c8:d4:df:e4:55:
c2:47:c4:02:e4:89:7a:6a:55:50:89:a4:53:1d:59:09:d5:ba:
c8:aa:89:ce:4d:f5:90:fd:4d:5d:38:52:7c:3f:2e:8c:e7:e5:
1e:eb:dc:2b:91:c6:62:98:b0:e5:36:01:ef:e9:37:f6:a8:e4:
9e:c0:65:92:31:bc:97:76:89:51:80:34:79:cf:46:01:40:96:
52:64:2f:1d:b8:dc:92:bb:48:29:c0:b1:48:ff:57:ef:01:73:
fb:57:26:e9:bf:8d:a2:cd:dc:9b:cf:8b:69:81:14:ef:c3:46:
b2:1b:7d:27:88:6c:a9:e6:e1:f9:aa:fc:50:ad:35:27:32:51:
35:c9:eb:5e:d9:65:91:b3:91:b8:30:9d:1f:cd:17:87:af:47:
40:c7:d9:58:57:4e:5e:3b:91:89:c7:9d:af:10:8a:ae:24:42:
bd:fd:a0:0a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB28wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFBNEUxMTAvBgNVBAUTKEE5MjE2MzVDNzQ5M0YyMUNEMjYwOTNENTkwMzUxMDgw
MkY0RTM1ODYwHhcNMjIwMjAxMjEyNjU3WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY5YTVhMS05Yjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAofr0R9Sf3lBBKuo/vg+ZXLLD6LmZO1mii2uhUCdlkLO5fWVM7EFqtS1jr8oR
D896QX55Ej3RXXbFHoKO1asimA2qzEv/8SZAZSfUUpj4Bfcu8g9Yv55owWRkEQev
S1w0GMH+T39jXshaA5rwoEXMBke3/a9ADEHkL609ottPCAcluqZC6MyYgdWxO8T+
vzxBcS3r9yTamIcw9eLJuM8XxFttPiX9fBgKVAoHueOI5R0WdLbEQ1hChwSvSooe
leqZA/M3or2heU9011LIYCb4iIx9XJug41Cj8DgJYeHsXdqDfJhHEceUC5N0Qlfo
yxq8ojqQQVxAHgM+exwumXyi3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFPZ5AUyK
fjlsl/UY13ve7QEcqsB0MB8GA1UdIwQYMBaAFKkhY1x0k/Ic0mCT1ZA1EIAvTjWG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUE0RS9BNDlCNEQ3NDM3
QzYxMUVBOUQ5NkFFNTFDNEY5QUUwMi9xU0ZqWEhTVDhoelNZSlBWa0RVUWdDOU9O
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FTRmpYSFNUOGh6U1lKUFZrRFVRZ0M5T05ZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFBNEUvQTQ5QjRENzQzN0M2MTFFQTlEOTZBRTUxQzRGOUFFMDIvREE1M0JDNzgz
NDAzMTFFQjlEQkYyNDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhdAwDQYJKoZIhvcNAQELBQADggEBAC035xPaNobaXS2b
lqOlID/QRyMmhaANCcB426QicTNwoVWJoKfpZJXOVyIrvBxOUFloMb/Sst3bhWm+
PRC9OU5YeCfJ5GtQNIMMMsTmk95c6C+FYr3I1N/kVcJHxALkiXpqVVCJpFMdWQnV
usiqic5N9ZD9TV04Unw/Lozn5R7r3CuRxmKYsOU2Ae/pN/ao5J7AZZIxvJd2iVGA
NHnPRgFAllJkLx243JK7SCnAsUj/V+8Bc/tXJum/jaLN3JvPi2mBFO/DRrIbfSeI
bKnm4fmq/FCtNScyUTXJ617ZZZGzkbgwnR/NF4evR0DH2VhXTl47kYnHna8Qiq4k
Qr39oAo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org