Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/DB3E7718184811EA85FAAE2BC4F9AE02.roa
File: DB3E7718184811EA85FAAE2BC4F9AE02.roa (raw, json)
Hash identifier: FZAwvyFodwaC8+uksPGXoGso6rfVccJuB06leXwIfrc=
Subject key identifier: 8B:87:43:29:16:F7:A4:DF:EB:5C:C7:EB:99:A7:DD:1B:66:90:49:FC
Certificate issuer: /CN=A912BAAD/serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576
Certificate serial: 0615
Authority key identifier: DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/DB3E7718184811EA85FAAE2BC4F9AE02.roa
Signing time: Thu 27 May 2021 20:58:13 +0000
ROA not before: Thu 27 May 2021 20:58:13 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 137570
IP address blocks: 103.113.208.0/22 maxlen: 22
103.113.208.0/23 maxlen: 23
103.113.208.0/24 maxlen: 24
103.113.209.0/24 maxlen: 24
103.113.210.0/23 maxlen: 23
103.113.210.0/24 maxlen: 24
103.113.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1557 (0x615)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912BAAD/serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576
Validity
Not Before: May 27 20:58:13 2021 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=60b007e5-133a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1b:1f:ff:48:70:aa:6f:41:67:12:74:ad:84:
a7:61:a7:ac:b2:d2:24:1f:88:8c:be:57:79:f3:eb:
b2:e0:13:f0:46:8f:d5:41:b3:cf:c9:f1:63:cc:b5:
d6:c9:37:80:77:e8:db:7e:ff:d7:5f:0a:e6:b7:14:
d7:f8:c3:45:3c:e1:94:c1:46:ae:03:05:aa:5f:fc:
a5:3b:13:26:06:d8:5d:c3:e0:38:76:7b:d2:7c:60:
ae:be:4d:de:55:ea:3e:32:14:98:35:f9:4a:84:4b:
50:e0:26:1e:57:2b:06:4d:42:cc:95:90:06:63:17:
41:90:3d:ab:fd:96:db:fa:7b:f2:1a:30:de:20:ab:
a6:ca:9e:31:b5:92:2d:fa:86:b3:85:12:94:e3:07:
ac:8c:f0:17:66:92:85:ee:00:00:97:16:2d:d9:33:
fb:3f:8c:f1:43:4a:9c:37:77:a3:e0:33:c6:c9:c9:
49:81:7f:79:02:29:1a:cf:69:ad:a8:ec:c4:aa:40:
c3:6b:1f:fa:13:af:46:30:48:c2:b9:5f:42:6e:21:
b1:ee:e2:e8:be:c0:cf:b3:4a:4e:5a:20:47:3e:25:
07:c8:57:d9:72:35:c7:89:8b:f9:e7:09:c1:7a:9f:
34:34:95:bb:e2:60:89:d2:db:ac:ee:4e:29:ce:5a:
b9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:87:43:29:16:F7:A4:DF:EB:5C:C7:EB:99:A7:DD:1B:66:90:49:FC
X509v3 Authority Key Identifier:
keyid:DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/DB3E7718184811EA85FAAE2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.113.208.0/22
Signature Algorithm: sha256WithRSAEncryption
23:e5:0e:c9:75:5e:32:0c:02:a6:02:55:3d:8c:de:2e:9a:ec:
78:10:1f:0e:ec:31:bf:a7:b3:16:2b:1c:9e:38:58:0c:ca:74:
da:29:c3:05:b2:71:0a:31:27:6e:d0:d7:84:3b:d9:4a:d0:40:
ea:55:9b:4a:89:0a:49:47:15:eb:5a:83:c0:2d:6c:fb:8f:91:
a6:d4:d0:b3:d0:81:b6:1a:b2:6e:fd:4a:08:91:f7:fa:fb:e1:
be:f4:80:20:78:b4:53:1f:42:ea:79:5a:17:a5:7c:1a:68:3c:
40:7d:92:92:73:3a:2a:0a:0c:56:ba:05:b7:a5:be:e3:f9:6c:
38:c1:ed:a0:25:1c:de:08:99:86:4f:61:34:8f:35:49:e2:b3:
ad:04:9c:38:7b:be:cf:85:8b:8f:1e:fc:79:89:a5:d5:c9:b8:
fc:43:ef:50:21:1f:a5:d6:71:6d:fa:d2:a0:64:7d:16:c0:60:
3f:6c:b5:a4:ae:f9:a9:75:c5:86:55:e7:e3:5c:62:88:bc:b4:
ce:2e:f5:66:af:52:37:7a:4f:9b:df:4a:fd:c7:a8:86:59:9e:
54:d7:3d:a2:5e:b7:ae:8c:d4:e9:09:b5:d6:6f:b8:b9:ef:d2:
06:00:09:6a:e5:79:ed:05:ad:33:22:40:5a:91:62:2e:8a:4e:
75:50:97:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkJBQUQxMTAvBgNVBAUTKERERjg4NDkxMUFEM0YyOENDOUQ5NkE4QzI0QTkzOUE2
NUY4QjI1NzYwHhcNMjEwNTI3MjA1ODEzWhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGIwMDdlNS0xMzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuhsf/0hwqm9BZxJ0rYSnYaesstIkH4iMvld58+uy4BPwRo/VQbPPyfFjzLXW
yTeAd+jbfv/XXwrmtxTX+MNFPOGUwUauAwWqX/ylOxMmBthdw+A4dnvSfGCuvk3e
Veo+MhSYNflKhEtQ4CYeVysGTULMlZAGYxdBkD2r/Zbb+nvyGjDeIKumyp4xtZIt
+oazhRKU4wesjPAXZpKF7gAAlxYt2TP7P4zxQ0qcN3ej4DPGyclJgX95Aikaz2mt
qOzEqkDDax/6E69GMEjCuV9CbiGx7uLovsDPs0pOWiBHPiUHyFfZcjXHiYv55wnB
ep80NJW74mCJ0tus7k4pzlq5kwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIuHQykW
96Tf61zH65mn3RtmkEn8MB8GA1UdIwQYMBaAFN34hJEa0/KMydlqjCSpOaZfiyV2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkFBRC81MjFBRERDODE4
NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhvekoyV3FNSktrNXBsLUxK
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNmaUVrUnJUOG96SjJXcU1KS2s1cGwtTEpYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkJBQUQvNTIxQUREQzgxODQ4MTFFQTkwNzg1NjJCQzRGOUFFMDIvREIzRTc3MTgx
ODQ4MTFFQTg1RkFBRTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJncdAwDQYJKoZIhvcNAQELBQADggEBACPlDsl1XjIMAqYC
VT2M3i6a7HgQHw7sMb+nsxYrHJ44WAzKdNopwwWycQoxJ27Q14Q72UrQQOpVm0qJ
CklHFetag8AtbPuPkabU0LPQgbYasm79SgiR9/r74b70gCB4tFMfQup5WhelfBpo
PEB9kpJzOioKDFa6BbelvuP5bDjB7aAlHN4ImYZPYTSPNUnis60EnDh7vs+Fi48e
/HmJpdXJuPxD71AhH6XWcW360qBkfRbAYD9staSu+al1xYZV5+NcYoi8tM4u9Wav
Ujd6T5vfSv3HqIZZnlTXPaJet66M1OkJtdZvuLnv0gYACWrlee0FrTMiQFqRYi6K
TnVQl+E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org