Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/EFAB9C70ADF511E998A2D13EC4F9AE02.roa
File: EFAB9C70ADF511E998A2D13EC4F9AE02.roa (raw, json)
Hash identifier: ac2+RkVXkKSPmOUjFjdr1NEsLlIkVVgSV9xxK6RhDyQ=
Subject key identifier: CC:57:0E:90:40:09:70:2F:09:70:9E:BC:18:14:BC:BE:3F:84:C0:D4
Certificate issuer: /CN=A91E3D04/serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13
Certificate serial: 0808
Authority key identifier: DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/EFAB9C70ADF511E998A2D13EC4F9AE02.roa
Signing time: Mon 03 May 2021 07:33:57 +0000
ROA not before: Mon 03 May 2021 07:33:57 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 132459
IP address blocks: 103.137.220.0/22 maxlen: 24
2404:b940::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2056 (0x808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3D04/serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13
Validity
Not Before: May 3 07:33:57 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=608fa764-886b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a4:a1:e4:81:39:3e:a1:d2:5f:95:55:8e:42:
ff:78:17:73:78:89:89:fc:45:49:e5:e3:63:25:5b:
62:7d:90:5d:f7:84:7a:8e:6c:f3:55:e7:06:7c:1b:
6a:be:30:3d:77:20:59:3d:ac:6c:e6:06:41:0c:78:
9e:af:86:a6:65:9d:69:fd:f9:71:04:7f:83:34:5c:
9e:d0:1c:48:69:7b:5c:f7:c8:6f:eb:06:f6:3a:39:
8e:52:ee:26:cb:e4:9d:85:49:49:58:5c:37:25:c9:
c9:4f:ee:2f:cd:55:81:d4:58:3f:c2:33:71:2b:39:
8a:82:9c:6a:d2:1e:c4:1f:46:5d:ee:70:80:57:11:
01:d5:0f:16:ca:64:1a:dd:78:98:42:4f:64:08:fd:
29:3f:f7:87:43:3e:22:6f:8e:fb:99:f7:6a:75:fd:
e7:31:d4:b6:33:4c:de:98:e0:9a:3e:de:48:d4:3b:
f0:b5:68:ad:88:b1:23:70:63:a1:78:4f:24:75:86:
34:60:8e:96:2f:7b:ce:54:27:12:1f:47:c1:42:1a:
e3:64:af:7c:42:13:a7:54:1c:5f:91:07:98:67:90:
fc:75:4c:6c:7a:6e:42:4f:81:a5:20:61:dc:4d:c8:
1e:da:98:06:f1:80:27:83:3a:9d:8a:5f:5e:af:7f:
98:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:57:0E:90:40:09:70:2F:09:70:9E:BC:18:14:BC:BE:3F:84:C0:D4
X509v3 Authority Key Identifier:
keyid:DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/EFAB9C70ADF511E998A2D13EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.220.0/22
IPv6:
2404:b940::/32
Signature Algorithm: sha256WithRSAEncryption
57:ad:3a:0a:78:d8:a0:6e:85:8f:f2:16:4d:8f:93:7f:86:a1:
bb:ab:90:6f:75:f9:a9:ed:26:d2:f4:6c:b4:94:cc:58:86:6f:
00:1b:dc:14:d4:00:93:8a:85:8b:d3:cc:7a:ed:46:27:66:98:
97:91:19:fc:7e:f5:b5:69:e8:cf:54:17:13:51:51:be:4f:7f:
98:5a:c9:be:e0:1e:e7:a6:3b:8f:7a:4d:0b:5c:8a:21:0e:cb:
05:f7:38:ef:eb:e2:02:d5:47:05:42:44:a7:ca:62:fb:36:37:
c2:9c:dc:71:dd:9d:75:e7:07:1a:c7:35:c6:20:81:08:ac:62:
c1:10:77:02:d3:09:13:bc:55:c9:7e:e6:08:86:ad:52:26:96:
f1:09:00:a5:d6:1f:8b:d4:4f:2f:a3:6c:04:3a:38:58:01:28:
a1:cf:cc:2a:93:55:79:5e:f7:38:49:fb:25:20:52:02:34:1f:
e0:72:dd:10:96:7a:0b:08:38:9b:51:9c:f1:df:c1:7e:be:22:
2b:a2:28:be:77:1b:29:f6:f1:a9:06:32:1f:63:1d:8e:9a:79:
f7:a6:c5:28:c4:6a:49:3e:62:98:0e:aa:7e:fc:14:b5:53:38:
46:8c:36:82:0f:12:47:00:38:74:35:9f:88:70:16:90:3b:5e:
25:b1:02:f2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNEMDQxMTAvBgNVBAUTKERGQzIzRTNEOTA1RDBFODM2ODEyMTk1OTZEMDgyMjlB
Njk0RkFGMTMwHhcNMjEwNTAzMDczMzU3WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDhmYTc2NC04ODZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA26Sh5IE5PqHSX5VVjkL/eBdzeImJ/EVJ5eNjJVtifZBd94R6jmzzVecGfBtq
vjA9dyBZPaxs5gZBDHier4amZZ1p/flxBH+DNFye0BxIaXtc98hv6wb2OjmOUu4m
y+SdhUlJWFw3JcnJT+4vzVWB1Fg/wjNxKzmKgpxq0h7EH0Zd7nCAVxEB1Q8WymQa
3XiYQk9kCP0pP/eHQz4ib477mfdqdf3nMdS2M0zemOCaPt5I1DvwtWitiLEjcGOh
eE8kdYY0YI6WL3vOVCcSH0fBQhrjZK98QhOnVBxfkQeYZ5D8dUxsem5CT4GlIGHc
Tcge2pgG8YAngzqdil9er3+YawIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMxXDpBA
CXAvCXCevBgUvL4/hMDUMB8GA1UdIwQYMBaAFN/CPj2QXQ6DaBIZWW0IIpppT68T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0QwNC83QTE3RkU4RUFE
RDkxMUU5Qjc0MDlBNzJDNEY5QUUwMi8zOEktUFpCZERvTm9FaGxaYlFnaW1tbFBy
eE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzM4SS1QWkJkRG9Ob0VobFpiUWdpbW1sUHJ4TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNEMDQvN0ExN0ZFOEVBREQ5MTFFOUI3NDA5QTcyQzRGOUFFMDIvRUZBQjlDNzBB
REY1MTFFOTk4QTJEMTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnidwwDQQCAAIwBwMFACQEuUAwDQYJKoZIhvcNAQELBQAD
ggEBAFetOgp42KBuhY/yFk2Pk3+GoburkG91+antJtL0bLSUzFiGbwAb3BTUAJOK
hYvTzHrtRidmmJeRGfx+9bVp6M9UFxNRUb5Pf5hayb7gHuemO496TQtciiEOywX3
OO/r4gLVRwVCRKfKYvs2N8Kc3HHdnXXnBxrHNcYggQisYsEQdwLTCRO8Vcl+5giG
rVImlvEJAKXWH4vUTy+jbAQ6OFgBKKHPzCqTVXle9zhJ+yUgUgI0H+By3RCWegsI
OJtRnPHfwX6+IiuiKL53Gyn28akGMh9jHY6aefemxSjEakk+YpgOqn78FLVTOEaM
NoIPEkcAOHQ1n4hwFpA7XiWxAvI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org