Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/3334E842589F11EC9CF19A41C4F9AE02.roa
File: 3334E842589F11EC9CF19A41C4F9AE02.roa (raw, json)
Hash identifier: N9CdNSLJ07ccqldDENO8kABUAeb8W93115N8arc9Yv0=
Subject key identifier: 81:D1:07:38:7F:EE:2B:B4:68:35:EF:D7:2E:47:AB:9C:E8:57:26:F2
Certificate issuer: /CN=A91F8E3D/serialNumber=3AAFFBB7EA4A60D77BB44284ACBF25C398BA9A6D
Certificate serial: 16
Authority key identifier: 3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/3334E842589F11EC9CF19A41C4F9AE02.roa
Signing time: Wed 15 Dec 2021 01:02:37 +0000
ROA not before: Wed 15 Dec 2021 01:02:37 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 138467
IP address blocks: 103.177.136.0/24 maxlen: 24
103.177.137.0/24 maxlen: 24
2400:3f60:1::/48 maxlen: 48
2400:3f60:2::/48 maxlen: 48
2400:3f60:3::/48 maxlen: 48
2400:3f60:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8E3D/serialNumber=3AAFFBB7EA4A60D77BB44284ACBF25C398BA9A6D
Validity
Not Before: Dec 15 01:02:37 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61b93eac-53c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:be:e0:58:fb:ac:ff:dc:67:80:49:32:19:77:
3a:c5:77:c8:78:a7:bf:b2:15:b3:e7:b8:73:aa:b0:
df:50:51:a4:49:9f:4d:45:d0:27:47:41:c5:0c:05:
48:7d:9e:25:f2:b1:f5:14:3d:9a:8f:8c:92:81:a9:
25:c3:e9:a0:66:35:68:38:03:fa:36:dc:84:e6:da:
5f:4c:db:9c:44:9d:05:91:da:f5:2e:ac:98:d0:7f:
ea:68:f3:39:98:d0:01:f7:e5:41:46:07:d3:d0:76:
1b:5e:53:1e:20:b0:0b:14:b9:d4:0c:ea:be:5e:08:
b0:18:15:3d:77:6e:c1:26:81:1a:7e:6e:7d:a8:d9:
d5:04:fe:57:9e:ec:f7:9e:1b:24:e8:c9:c6:5a:26:
52:15:1c:3a:6b:6e:23:9b:bb:67:ff:fb:66:39:a9:
92:07:17:56:3b:1c:cf:25:7b:d5:b6:82:41:43:f7:
4b:25:89:0d:bf:b7:23:6e:1e:75:91:81:33:c0:f4:
b4:7d:82:ed:c3:b9:da:7b:66:15:78:19:36:00:5e:
ea:37:4f:a2:58:bb:4b:9f:0a:17:04:cb:6c:cd:75:
4d:77:18:d0:21:2a:8d:58:04:66:e3:a3:a2:bd:8f:
be:17:ea:6c:cb:19:b9:bf:0f:24:28:e6:17:b7:1a:
c4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D1:07:38:7F:EE:2B:B4:68:35:EF:D7:2E:47:AB:9C:E8:57:26:F2
X509v3 Authority Key Identifier:
keyid:3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/3334E842589F11EC9CF19A41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.136.0/23
IPv6:
2400:3f60:1::-2400:3f60:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
15:0d:14:1f:40:83:e6:ed:73:91:35:b7:71:0c:73:38:05:2a:
96:bc:58:94:46:a0:e9:46:a0:7a:11:ad:d5:d8:c6:b5:d6:a1:
a7:92:dc:27:56:39:84:04:0e:7e:1d:ff:0d:41:91:50:32:1b:
5e:7e:6d:7f:28:66:b6:6e:51:88:35:1a:32:67:47:7d:05:fd:
70:a3:e8:57:1c:25:c9:c3:a2:1c:c4:88:7a:b9:7d:6f:8a:a6:
f3:d8:89:95:e6:63:66:b3:49:57:2b:f8:05:6e:29:e4:00:3b:
03:66:4b:84:ed:5c:92:55:93:6f:65:ee:c1:3c:94:57:6f:d0:
21:3e:ae:6b:ed:da:9a:c1:b4:10:dd:2c:5b:cc:f4:b2:2e:74:
35:6f:d7:df:31:a0:ea:0d:4c:8d:3a:c8:9d:32:9d:d6:39:75:
cd:e1:3a:f1:bf:a8:ef:14:d3:fe:26:03:cf:95:5e:de:91:95:
e4:ec:85:4b:2b:29:4a:a6:06:7f:1f:51:64:b3:8a:d7:b3:1e:
4a:49:69:b4:f9:ad:3c:1d:5f:be:09:61:91:b7:0f:13:8b:1e:
08:6b:aa:52:97:53:68:05:b3:f3:bb:61:31:09:16:9f:c1:b1:
c3:99:c9:43:0a:8e:3d:0a:f0:ee:47:40:89:3f:1b:ee:58:4d:
6e:05:c8:f6
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIBFjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
OEUzRDExMC8GA1UEBRMoM0FBRkZCQjdFQTRBNjBENzdCQjQ0Mjg0QUNCRjI1QzM5
OEJBOUE2RDAeFw0yMTEyMTUwMTAyMzdaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYjkzZWFjLTUzYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYvuBY+6z/3GeASTIZdzrFd8h4p7+yFbPnuHOqsN9QUaRJn01F0CdHQcUMBUh9
niXysfUUPZqPjJKBqSXD6aBmNWg4A/o23ITm2l9M25xEnQWR2vUurJjQf+po8zmY
0AH35UFGB9PQdhteUx4gsAsUudQM6r5eCLAYFT13bsEmgRp+bn2o2dUE/lee7Pee
GyToycZaJlIVHDprbiObu2f/+2Y5qZIHF1Y7HM8le9W2gkFD90sliQ2/tyNuHnWR
gTPA9LR9gu3Dudp7ZhV4GTYAXuo3T6JYu0ufChcEy2zNdU13GNAhKo1YBGbjo6K9
j74X6mzLGbm/DyQo5he3GsSzAgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUgdEHOH/u
K7RoNe/XLkernOhXJvIwHwYDVR0jBBgwFoAUOq/7t+pKYNd7tEKErL8lw5i6mm0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4RTNELzBBQjQzODZBNTg0
RTExRUM5RkNGMTc3OUM0RjlBRTAyL09xXzd0LXBLWU5kN3RFS0VyTDhsdzVpNm1t
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT3FfN3QtcEtZTmQ3dEVLRXJMOGx3NWk2bW0wLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OEUzRC8wQUI0Mzg2QTU4NEUxMUVDOUZDRjE3NzlDNEY5QUUwMi8zMzM0RTg0MjU4
OUYxMUVDOUNGMTlBNDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA7BggrBgEFBQcBBwEB/wQs
MCowDAQCAAEwBgMEAWexiDAaBAIAAjAUMBIDBwAkAD9gAAEDBwAkAD9gAAQwDQYJ
KoZIhvcNAQELBQADggEBABUNFB9Ag+btc5E1t3EMczgFKpa8WJRGoOlGoHoRrdXY
xrXWoaeS3CdWOYQEDn4d/w1BkVAyG15+bX8oZrZuUYg1GjJnR30F/XCj6FccJcnD
ohzEiHq5fW+KpvPYiZXmY2azSVcr+AVuKeQAOwNmS4TtXJJVk29l7sE8lFdv0CE+
rmvt2prBtBDdLFvM9LIudDVv198xoOoNTI06yJ0yndY5dc3hOvG/qO8U0/4mA8+V
Xt6RleTshUsrKUqmBn8fUWSzitezHkpJabT5rTwdX74JYZG3DxOLHghrqlKXU2gF
s/O7YTEJFp/BscOZyUMKjj0K8O5HQIk/G+5YTW4FyPY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org