Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/D27164062FB811EAB5D0D209C4F9AE02.roa
File: D27164062FB811EAB5D0D209C4F9AE02.roa (raw, json)
Hash identifier: Fgkj/hZn5xi/fvHq7RBiMBAHYdsTrc5p6DBNqOkMvlA=
Subject key identifier: 32:6F:B2:34:C6:8F:2F:24:3E:21:66:B7:4B:DC:A8:12:79:8D:A9:84
Certificate issuer: /CN=A912B2EE/serialNumber=C824347425BAC8AF59B4E1966BC10DBFA8BDAB82
Certificate serial: 09CA
Authority key identifier: C8:24:34:74:25:BA:C8:AF:59:B4:E1:96:6B:C1:0D:BF:A8:BD:AB:82
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/D27164062FB811EAB5D0D209C4F9AE02.roa
Signing time: Wed 23 Jun 2021 12:25:53 +0000
ROA not before: Wed 23 Jun 2021 12:25:53 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 139924
IP address blocks: 103.138.158.0/23 maxlen: 23
103.138.158.0/24 maxlen: 24
103.138.159.0/24 maxlen: 24
2407:98c0::/32 maxlen: 32
2407:98c0::/48 maxlen: 48
2407:98c0:1::/48 maxlen: 48
2407:98c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2506 (0x9ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912B2EE/serialNumber=C824347425BAC8AF59B4E1966BC10DBFA8BDAB82
Validity
Not Before: Jun 23 12:25:53 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60d32851-45d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:28:da:c9:e1:1b:5d:8d:91:65:db:07:c9:c6:
20:b2:35:36:bc:0b:b9:a9:7a:bf:7c:9f:41:c5:c6:
d0:07:d5:27:e5:38:58:eb:7d:6e:fc:01:93:ef:73:
75:47:d5:fe:26:f1:c7:41:7e:55:a8:0c:b0:34:3b:
5b:75:d4:e4:29:c2:25:ff:09:98:5d:9c:6f:90:9e:
c8:9e:32:1f:16:d6:89:4d:e3:7e:4d:ae:c4:06:52:
eb:5c:95:55:2d:51:d5:a9:5e:5c:5e:a2:0c:2a:f8:
4c:5a:27:cf:77:2b:a4:40:a2:58:f3:47:c2:8d:b1:
c5:1d:66:f5:94:7a:17:6e:f1:d1:27:ef:bd:95:05:
ca:29:0f:6b:81:fd:cf:51:83:ab:af:d3:ac:e1:02:
32:0f:43:7b:63:d3:c3:82:9c:36:d6:5d:ab:9c:19:
0d:82:34:bf:63:20:28:ff:b1:af:da:af:ab:67:b5:
9e:4a:d1:f1:54:0a:44:83:25:18:d3:54:37:bd:02:
b5:3b:a4:88:ee:eb:d8:15:b1:d4:51:bb:6c:b1:77:
3a:c1:e3:b2:1b:dd:13:e5:98:ee:98:fd:c1:7d:47:
64:e5:90:6b:66:e8:29:33:1d:d5:04:eb:3e:70:e5:
3b:6c:cb:8a:01:fe:3c:cc:b3:f7:21:7b:5f:94:93:
d9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:6F:B2:34:C6:8F:2F:24:3E:21:66:B7:4B:DC:A8:12:79:8D:A9:84
X509v3 Authority Key Identifier:
keyid:C8:24:34:74:25:BA:C8:AF:59:B4:E1:96:6B:C1:0D:BF:A8:BD:AB:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yCQ0dCW6yK9ZtOGWa8ENv6i9q4I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B2EE/1F411F586C2111E9B76FA909C4F9AE02/D27164062FB811EAB5D0D209C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.158.0/23
IPv6:
2407:98c0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:c9:e7:4f:36:04:9c:6d:e4:bd:30:5d:de:e8:1b:ab:c0:e1:
85:51:ec:c5:4d:68:3b:b0:aa:49:94:05:98:69:c5:c3:2f:5f:
5d:cb:90:76:e2:e2:b1:41:89:9d:37:76:26:02:ee:e0:b0:fd:
26:66:1d:78:8a:86:12:57:58:cc:7c:c0:24:0b:de:fc:fa:a7:
c5:81:52:e7:f5:f9:ae:7b:00:b4:a6:96:bb:15:a3:8d:52:f4:
2d:4e:79:37:49:8e:44:36:55:ee:d8:70:85:c0:28:1f:35:d3:
84:75:3e:a8:9e:cc:c7:c1:a9:e0:c7:a4:c4:ab:76:a2:f6:25:
1d:ce:9b:da:53:42:bc:e5:02:bd:17:37:d7:62:36:ca:32:a1:
1b:ec:44:98:f5:80:d7:09:b9:d4:99:38:76:48:bb:50:19:4b:
d4:84:69:32:ef:68:7e:ad:c6:b9:42:af:db:4e:28:3d:b2:3b:
b7:f1:19:b8:06:7a:1e:e4:8e:da:8f:bf:48:3c:ea:b1:b2:2f:
bf:50:9a:24:a2:47:4f:84:c3:2c:c1:2b:7f:24:eb:da:e1:2d:
94:30:c0:4c:23:11:7b:db:45:e5:bd:cc:dc:95:ec:19:51:70:
21:55:3a:56:d9:93:c1:eb:16:23:e9:b1:7e:d0:51:94:4e:aa:
6b:44:62:e4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkIyRUUxMTAvBgNVBAUTKEM4MjQzNDc0MjVCQUM4QUY1OUI0RTE5NjZCQzEwREJG
QThCREFCODIwHhcNMjEwNjIzMTIyNTUzWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGQzMjg1MS00NWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2CjayeEbXY2RZdsHycYgsjU2vAu5qXq/fJ9BxcbQB9Un5ThY631u/AGT73N1
R9X+JvHHQX5VqAywNDtbddTkKcIl/wmYXZxvkJ7InjIfFtaJTeN+Ta7EBlLrXJVV
LVHVqV5cXqIMKvhMWifPdyukQKJY80fCjbHFHWb1lHoXbvHRJ++9lQXKKQ9rgf3P
UYOrr9Os4QIyD0N7Y9PDgpw21l2rnBkNgjS/YyAo/7Gv2q+rZ7WeStHxVApEgyUY
01Q3vQK1O6SI7uvYFbHUUbtssXc6weOyG90T5ZjumP3BfUdk5ZBrZugpMx3VBOs+
cOU7bMuKAf48zLP3IXtflJPZ8wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDJvsjTG
jy8kPiFmt0vcqBJ5jamEMB8GA1UdIwQYMBaAFMgkNHQlusivWbThlmvBDb+ovauC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjJFRS8xRjQxMUY1ODZD
MjExMUU5Qjc2RkE5MDlDNEY5QUUwMi95Q1EwZENXNnlLOVp0T0dXYThFTnY2aTlx
NEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lDUTBkQ1c2eUs5WnRPR1dhOEVOdjZpOXE0SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkIyRUUvMUY0MTFGNTg2QzIxMTFFOUI3NkZBOTA5QzRGOUFFMDIvRDI3MTY0MDYy
RkI4MTFFQUI1RDBEMjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnip4wDQQCAAIwBwMFACQHmMAwDQYJKoZIhvcNAQELBQAD
ggEBAJzJ5082BJxt5L0wXd7oG6vA4YVR7MVNaDuwqkmUBZhpxcMvX13LkHbi4rFB
iZ03diYC7uCw/SZmHXiKhhJXWMx8wCQL3vz6p8WBUuf1+a57ALSmlrsVo41S9C1O
eTdJjkQ2Ve7YcIXAKB8104R1PqiezMfBqeDHpMSrdqL2JR3Om9pTQrzlAr0XN9di
NsoyoRvsRJj1gNcJudSZOHZIu1AZS9SEaTLvaH6txrlCr9tOKD2yO7fxGbgGeh7k
jtqPv0g86rGyL79QmiSiR0+EwyzBK38k69rhLZQwwEwjEXvbReW9zNyV7BlRcCFV
OlbZk8HrFiPpsX7QUZROqmtEYuQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org