Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/DB234EB683DF11ECBB82F47DC4F9AE02.roa
File: DB234EB683DF11ECBB82F47DC4F9AE02.roa (raw, json)
Hash identifier: LaCNnPsuufn/rTN2rRiZa3LfEvmI4GsnJ6Qd9A+HeGM=
Subject key identifier: D4:1A:D9:66:E7:26:E6:E7:A4:E4:40:96:5A:0D:13:64:00:3D:1C:50
Certificate issuer: /CN=A91E4EF7/serialNumber=AAB524E595A530E12C13AA211C2EF26B69DD9C9B
Certificate serial: 1741
Authority key identifier: AA:B5:24:E5:95:A5:30:E1:2C:13:AA:21:1C:2E:F2:6B:69:DD:9C:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/DB234EB683DF11ECBB82F47DC4F9AE02.roa
Signing time: Wed 02 Feb 2022 04:23:22 +0000
ROA not before: Wed 02 Feb 2022 04:23:22 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 133326
IP address blocks: 103.38.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5953 (0x1741)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4EF7/serialNumber=AAB524E595A530E12C13AA211C2EF26B69DD9C9B
Validity
Not Before: Feb 2 04:23:22 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61fa073a-dfc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f9:4c:68:f9:04:6f:40:57:67:18:4e:44:65:
8b:10:2b:9a:cf:69:9a:36:7b:04:04:9e:17:7b:dc:
1f:43:9e:f7:6f:fe:ba:d4:c7:5c:ad:33:c6:ea:09:
45:82:cf:60:88:ad:17:f9:21:59:bf:c0:2f:aa:02:
13:d6:12:e5:12:04:57:26:b6:7c:b8:8e:62:2a:fc:
94:a7:3a:9b:1f:8a:78:7a:64:cf:bd:41:26:8a:6d:
02:df:36:1d:a4:39:46:ff:dd:7f:25:e5:c6:ba:08:
2f:28:10:c6:6c:74:d9:d7:60:2b:fc:71:aa:ed:61:
b2:1c:1c:cd:c6:1c:6a:92:09:96:ed:99:00:1b:8e:
21:ec:38:6c:ec:86:96:ef:ca:ea:e0:19:70:d9:44:
fb:e6:9d:0b:67:94:37:fc:bb:6d:7b:0a:8c:52:f6:
17:5b:57:11:b8:90:8d:3e:3e:8b:d2:b5:2b:a4:3d:
3b:ba:ee:29:54:b6:8f:94:b2:77:09:98:c8:1e:0a:
71:54:41:12:47:14:f6:45:24:63:90:8e:97:60:ac:
2a:06:b9:1b:0a:90:58:1c:b2:06:b0:ae:dd:a3:75:
da:ce:36:71:92:d1:e6:c2:90:92:78:73:6e:ba:50:
0e:c6:b0:0d:6f:9b:de:db:a6:a8:2d:c3:55:94:4a:
61:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1A:D9:66:E7:26:E6:E7:A4:E4:40:96:5A:0D:13:64:00:3D:1C:50
X509v3 Authority Key Identifier:
keyid:AA:B5:24:E5:95:A5:30:E1:2C:13:AA:21:1C:2E:F2:6B:69:DD:9C:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrUk5ZWlMOEsE6ohHC7ya2ndnJs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4EF7/C46FD7741B8F11E7AC4C7229C4F9AE02/DB234EB683DF11ECBB82F47DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:88:64:f7:36:ad:58:96:4a:a8:45:e9:8a:5f:18:f9:07:77:
2f:57:d7:a6:a1:d7:f3:eb:5f:c5:30:54:7a:1a:0d:9c:24:47:
71:59:2a:9b:e7:11:11:2d:fd:b6:93:ff:79:d9:08:c8:4b:c8:
09:9a:89:6a:86:0b:1e:ac:73:78:b1:1d:cd:34:44:2d:4f:32:
42:fb:30:bf:40:34:90:49:bf:ca:c8:d9:0d:8d:9c:22:0f:0e:
1e:49:60:b6:56:ee:c1:d6:fc:ce:28:6d:24:08:64:4b:e2:b0:
e8:41:b5:c3:8b:92:14:15:f9:d9:d6:7d:03:31:43:48:c9:de:
c2:af:3b:7e:e1:3e:ed:06:f7:db:ea:6b:a4:dd:9b:4d:f4:b8:
aa:b6:9a:b9:95:2c:66:4d:a6:fd:6d:73:5d:b9:b4:71:74:6c:
87:8c:f7:68:75:1b:13:b8:a2:46:6b:d8:8d:36:06:a4:b9:3a:
41:a1:2d:00:8f:79:f2:23:77:ae:13:c8:5e:db:9b:2a:c3:6c:
62:3f:02:c3:10:92:13:bc:cf:33:e0:b1:28:67:b2:d3:fc:94:
ae:32:21:25:14:b2:c7:74:96:15:d6:15:09:75:68:51:85:b3:
a3:76:d9:5d:b6:bf:aa:15:1a:da:cd:26:20:e3:3c:6e:13:b7:
dc:c4:51:c3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICF0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRFRjcxMTAvBgNVBAUTKEFBQjUyNEU1OTVBNTMwRTEyQzEzQUEyMTFDMkVGMjZC
NjlERDlDOUIwHhcNMjIwMjAyMDQyMzIyWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWZhMDczYS1kZmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvflMaPkEb0BXZxhORGWLECuaz2maNnsEBJ4Xe9wfQ573b/661MdcrTPG6glF
gs9giK0X+SFZv8AvqgIT1hLlEgRXJrZ8uI5iKvyUpzqbH4p4emTPvUEmim0C3zYd
pDlG/91/JeXGuggvKBDGbHTZ12Ar/HGq7WGyHBzNxhxqkgmW7ZkAG44h7Dhs7IaW
78rq4Blw2UT75p0LZ5Q3/LttewqMUvYXW1cRuJCNPj6L0rUrpD07uu4pVLaPlLJ3
CZjIHgpxVEESRxT2RSRjkI6XYKwqBrkbCpBYHLIGsK7do3XazjZxktHmwpCSeHNu
ulAOxrANb5ve26aoLcNVlEphAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNQa2Wbn
JubnpORAlloNE2QAPRxQMB8GA1UdIwQYMBaAFKq1JOWVpTDhLBOqIRwu8mtp3Zyb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEVGNy9DNDZGRDc3NDFC
OEYxMUU3QUM0QzcyMjlDNEY5QUUwMi9xclVrNVpXbE1PRXNFNm9oSEM3eWEybmRu
SnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FyVWs1WldsTU9Fc0U2b2hIQzd5YTJuZG5Kcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRFRjcvQzQ2RkQ3NzQxQjhGMTFFN0FDNEM3MjI5QzRGOUFFMDIvREIyMzRFQjY4
M0RGMTFFQ0JCODJGNDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnJngwDQYJKoZIhvcNAQELBQADggEBALSIZPc2rViWSqhF
6YpfGPkHdy9X16ah1/PrX8UwVHoaDZwkR3FZKpvnEREt/baT/3nZCMhLyAmaiWqG
Cx6sc3ixHc00RC1PMkL7ML9ANJBJv8rI2Q2NnCIPDh5JYLZW7sHW/M4obSQIZEvi
sOhBtcOLkhQV+dnWfQMxQ0jJ3sKvO37hPu0G99vqa6Tdm030uKq2mrmVLGZNpv1t
c125tHF0bIeM92h1GxO4okZr2I02BqS5OkGhLQCPefIjd64TyF7bmyrDbGI/AsMQ
khO8zzPgsShnstP8lK4yISUUssd0lhXWFQl1aFGFs6N22V22v6oVGtrNJiDjPG4T
t9zEUcM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org