Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D16A3/7727CE5C38C711E9A7B5C233C4F9AE02/1AA9DCDC760511ECB30E8D12C4F9AE02.roa
File: 1AA9DCDC760511ECB30E8D12C4F9AE02.roa (raw, json)
Hash identifier: 8bshlUPiWHQ8PlzgdV4nzojjKwiMGmheA4bPFezdY+s=
Subject key identifier: 1F:D9:65:BD:70:7C:99:8B:98:0F:4E:98:E8:34:05:8B:C4:C3:77:C9
Certificate issuer: /CN=A91D16A3/serialNumber=793766084EFC06250650F0FDC9DBC553C0CECA32
Certificate serial: 0D16
Authority key identifier: 79:37:66:08:4E:FC:06:25:06:50:F0:FD:C9:DB:C5:53:C0:CE:CA:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eTdmCE78BiUGUPD9ydvFU8DOyjI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D16A3/7727CE5C38C711E9A7B5C233C4F9AE02/1AA9DCDC760511ECB30E8D12C4F9AE02.roa
Signing time: Wed 02 Feb 2022 13:24:52 +0000
ROA not before: Wed 02 Feb 2022 13:24:52 +0000
ROA not after: Sat 28 May 2022 00:00:00 +0000
asID: 4842
IP address blocks: 103.135.101.0/24 maxlen: 24
2404:7ac0:500::/40 maxlen: 40
2404:7ac0:608::/48 maxlen: 48
2404:7ac0:660::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3350 (0xd16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D16A3/serialNumber=793766084EFC06250650F0FDC9DBC553C0CECA32
Validity
Not Before: Feb 2 13:24:52 2022 GMT
Not After : May 28 00:00:00 2022 GMT
Subject: CN=61fa8624-bc00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ce:d8:be:72:fd:6b:b8:0c:44:9b:fc:73:35:
c5:5d:6b:fe:a3:76:2f:aa:58:d8:7f:b6:e9:66:d4:
01:1b:98:49:48:c2:46:a9:5a:58:5c:d8:fb:84:92:
cf:43:65:ad:0a:0b:c0:cc:15:fa:5c:3d:23:e8:45:
33:b5:cf:38:ab:2a:8a:fc:e1:00:64:31:ee:f0:35:
de:25:77:da:f5:6a:57:63:49:fc:65:00:64:29:d6:
7c:6a:1e:df:df:1a:26:29:79:96:2d:4e:78:82:ea:
f7:ad:4c:99:23:33:ab:4b:18:62:81:fc:5f:6c:c5:
51:9b:a8:6f:60:5a:24:65:06:0d:b8:26:46:79:e5:
01:dd:04:ff:30:5c:6e:43:d4:a0:0a:2b:4d:9f:f5:
83:af:d4:7a:81:53:3b:98:ee:fb:ba:0c:67:9e:12:
94:89:46:22:65:d7:99:42:3c:7c:45:8b:32:65:f2:
24:b4:5d:a4:94:1e:8b:7a:59:21:80:1f:0b:d3:2a:
d1:f9:8f:18:1c:59:2c:2b:fd:4d:51:57:5e:ba:54:
60:6e:e5:0b:9a:38:cb:91:01:57:a0:35:58:b0:b1:
5b:78:41:8a:df:da:3d:68:76:3c:f4:69:0c:59:fc:
1a:85:33:c3:fa:d6:f1:30:71:66:6f:9f:14:e8:93:
7b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D9:65:BD:70:7C:99:8B:98:0F:4E:98:E8:34:05:8B:C4:C3:77:C9
X509v3 Authority Key Identifier:
keyid:79:37:66:08:4E:FC:06:25:06:50:F0:FD:C9:DB:C5:53:C0:CE:CA:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D16A3/7727CE5C38C711E9A7B5C233C4F9AE02/eTdmCE78BiUGUPD9ydvFU8DOyjI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eTdmCE78BiUGUPD9ydvFU8DOyjI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D16A3/7727CE5C38C711E9A7B5C233C4F9AE02/1AA9DCDC760511ECB30E8D12C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.101.0/24
IPv6:
2404:7ac0:500::/40
2404:7ac0:608::/48
2404:7ac0:660::/44
Signature Algorithm: sha256WithRSAEncryption
7c:c1:ad:df:1d:fa:60:ed:bf:0c:7f:f6:37:1b:bf:1a:61:b4:
23:9d:4b:e4:76:57:c2:9b:63:50:0c:1e:7d:51:20:5d:e2:c0:
45:21:5b:d3:f4:a7:34:2c:65:8f:21:b3:e6:e7:00:54:e5:b0:
7e:d8:9c:b9:b8:93:52:d5:5b:9e:b3:55:00:17:79:71:a5:8e:
01:8a:0c:b1:8c:49:d3:bc:46:93:82:5b:59:b9:94:88:3e:df:
73:47:26:ff:34:74:46:52:e5:77:95:cb:b4:0a:72:0a:fb:f9:
8c:05:e9:7a:23:6c:a8:a6:de:91:8a:a7:2a:10:f9:06:41:59:
de:62:8d:7c:68:f0:e0:21:83:03:c9:d9:ab:9d:ca:60:8a:0d:
e4:54:d6:6e:f9:a3:b0:0d:79:d6:a6:cd:f6:67:32:3c:cc:36:
b4:bd:08:79:dc:33:5d:03:97:9c:a3:9b:be:14:fc:ec:6c:73:
2c:eb:3c:28:68:f2:a1:e7:ed:7f:6f:2d:4b:c5:36:a5:9a:38:
a2:b1:2a:bb:04:e0:42:a5:fa:6a:eb:9f:a5:21:62:96:50:69:
06:8d:cf:8b:23:38:69:fc:0e:d4:8d:20:72:d8:d8:e7:94:95:
5f:cd:ca:76:7f:55:e2:8a:28:ac:c8:71:c9:24:59:94:eb:22:
92:9a:57:40
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICDRYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2QTMxMTAvBgNVBAUTKDc5Mzc2NjA4NEVGQzA2MjUwNjUwRjBGREM5REJDNTUz
QzBDRUNBMzIwHhcNMjIwMjAyMTMyNDUyWhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MWZhODYyNC1iYzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqM7YvnL9a7gMRJv8czXFXWv+o3YvqljYf7bpZtQBG5hJSMJGqVpYXNj7hJLP
Q2WtCgvAzBX6XD0j6EUztc84qyqK/OEAZDHu8DXeJXfa9WpXY0n8ZQBkKdZ8ah7f
3xomKXmWLU54gur3rUyZIzOrSxhigfxfbMVRm6hvYFokZQYNuCZGeeUB3QT/MFxu
Q9SgCitNn/WDr9R6gVM7mO77ugxnnhKUiUYiZdeZQjx8RYsyZfIktF2klB6Lelkh
gB8L0yrR+Y8YHFksK/1NUVdeulRgbuULmjjLkQFXoDVYsLFbeEGK39o9aHY89GkM
WfwahTPD+tbxMHFmb58U6JN7lwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFB/ZZb1w
fJmLmA9OmOg0BYvEw3fJMB8GA1UdIwQYMBaAFHk3ZghO/AYlBlDw/cnbxVPAzsoy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTZBMy83NzI3Q0U1QzM4
QzcxMUU5QTdCNUMyMzNDNEY5QUUwMi9lVGRtQ0U3OEJpVUdVUEQ5eWR2RlU4RE95
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VUZG1DRTc4QmlVR1VQRDl5ZHZGVThET3lqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2QTMvNzcyN0NFNUMzOEM3MTFFOUE3QjVDMjMzQzRGOUFFMDIvMUFBOURDREM3
NjA1MTFFQ0IzMEU4RDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMAwEAgABMAYDBABnh2UwIAQCAAIwGgMGACQEesAFAwcAJAR6wAYIAwcEJAR6
wAZgMA0GCSqGSIb3DQEBCwUAA4IBAQB8wa3fHfpg7b8Mf/Y3G78aYbQjnUvkdlfC
m2NQDB59USBd4sBFIVvT9Kc0LGWPIbPm5wBU5bB+2Jy5uJNS1Vues1UAF3lxpY4B
igyxjEnTvEaTgltZuZSIPt9zRyb/NHRGUuV3lcu0CnIK+/mMBel6I2yopt6Riqcq
EPkGQVneYo18aPDgIYMDydmrncpgig3kVNZu+aOwDXnWps32ZzI8zDa0vQh53DNd
A5eco5u+FPzsbHMs6zwoaPKh5+1/by1LxTalmjiisSq7BOBCpfpq65+lIWKWUGkG
jc+LIzhp/A7UjSBy2NjnlJVfzcp2f1XiiiisyHHJJFmU6yKSmldA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org