Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130F4B/5772AA3054E411E98536F659C4F9AE02/B26AB9C28C1811ED95522F3EC4F9AE02.roa
File: B26AB9C28C1811ED95522F3EC4F9AE02.roa (raw, json)
Hash identifier: mk69hEaJSKzbJGUSt5GAiHlxVEHvEdo/CJ/x0gP1oVA=
Subject key identifier: 1A:41:DF:35:D6:06:4D:68:5B:5F:13:44:83:C5:5A:CD:EB:D1:EC:2F
Certificate issuer: /CN=A9130F4B/serialNumber=9930D0FFEB870701B4E8EB4DB3C0866233FC5B50
Certificate serial: 0E5C
Authority key identifier: 99:30:D0:FF:EB:87:07:01:B4:E8:EB:4D:B3:C0:86:62:33:FC:5B:50
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mTDQ_-uHBwG06OtNs8CGYjP8W1A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130F4B/5772AA3054E411E98536F659C4F9AE02/B26AB9C28C1811ED95522F3EC4F9AE02.roa
Signing time: Wed 04 Jan 2023 10:15:22 +0000
ROA not before: Wed 04 Jan 2023 10:15:22 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 139005
IP address blocks: 103.138.130.0/24 maxlen: 24
2405:e40::/32 maxlen: 32
2405:e40::/45 maxlen: 48
2405:e40:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3676 (0xe5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130F4B/serialNumber=9930D0FFEB870701B4E8EB4DB3C0866233FC5B50
Validity
Not Before: Jan 4 10:15:22 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63b551ba-c2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:81:dd:89:d7:6d:fd:8c:2e:f1:42:5b:23:6f:
9c:96:7f:4d:41:49:da:46:8f:b3:bc:59:35:e0:aa:
aa:89:f2:a6:25:dc:97:36:e8:ef:80:85:c6:dc:1f:
af:f4:81:d9:b7:78:ca:1e:51:6a:fc:6a:c6:71:57:
05:10:a4:16:9b:3e:fb:df:3f:de:07:d6:a6:8c:65:
53:05:50:c3:11:02:12:26:2d:d7:4b:28:16:71:b4:
45:e8:26:df:f9:42:b9:ba:ae:91:80:95:fa:79:4a:
7d:4a:19:97:01:87:76:15:69:45:c7:8a:a6:51:47:
23:35:9a:1a:4f:fb:21:76:1e:c5:93:06:cc:47:a3:
e7:c7:c6:92:ba:61:d1:f5:33:9e:c1:59:60:d1:78:
6d:24:57:4e:08:93:0c:ab:71:43:bb:9f:20:47:a9:
a5:ab:ab:34:06:f8:49:ae:8b:6f:3f:61:0a:a9:11:
89:b5:2d:36:5b:e4:32:74:db:71:71:e9:65:33:9c:
b2:8e:a2:6e:e5:63:de:25:78:4a:dc:fe:e1:bf:ef:
ee:69:4c:14:b9:32:6b:d3:f0:59:ca:78:73:30:36:
4f:37:79:03:87:75:b7:36:ae:61:bb:91:42:4f:e5:
5b:fa:ce:0a:b5:15:87:d3:8f:1a:0f:00:2e:93:b7:
f7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:41:DF:35:D6:06:4D:68:5B:5F:13:44:83:C5:5A:CD:EB:D1:EC:2F
X509v3 Authority Key Identifier:
keyid:99:30:D0:FF:EB:87:07:01:B4:E8:EB:4D:B3:C0:86:62:33:FC:5B:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130F4B/5772AA3054E411E98536F659C4F9AE02/mTDQ_-uHBwG06OtNs8CGYjP8W1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mTDQ_-uHBwG06OtNs8CGYjP8W1A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130F4B/5772AA3054E411E98536F659C4F9AE02/B26AB9C28C1811ED95522F3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.130.0/24
IPv6:
2405:e40::/32
Signature Algorithm: sha256WithRSAEncryption
5d:87:48:aa:f9:7b:18:82:f1:cc:4d:2b:2d:66:95:75:b2:4b:
33:1f:b3:c1:40:dd:80:2b:59:f0:b9:e3:e4:62:af:12:38:cf:
6c:f5:ea:ef:c5:3d:70:62:b0:87:a7:f5:5d:a9:54:2c:11:79:
5b:57:de:94:ac:fd:4a:fa:63:44:a6:ff:71:07:21:76:0d:84:
76:f6:9a:49:72:32:25:55:a4:e0:52:b1:bf:ef:28:ef:36:1f:
70:27:05:12:15:23:aa:7b:6b:7b:0a:89:3f:7a:4d:ec:a1:e2:
18:93:73:7d:79:80:07:65:e1:79:86:30:79:72:42:e6:dc:c2:
0e:f8:d3:f6:28:4b:ce:c7:b0:e6:51:75:c6:39:54:70:7a:c6:
55:46:e7:3a:fa:b1:d6:ba:65:d0:c4:f1:04:18:21:9b:8d:c2:
2b:88:c2:4f:24:9b:35:3e:55:87:af:75:7e:22:d3:4e:77:02:
81:cf:18:97:9b:1c:9a:18:68:79:5d:3e:00:aa:3b:e5:16:ac:
f8:61:57:77:09:9e:4c:c3:25:56:8c:27:56:40:78:e3:fe:2a:
6d:45:0f:6f:6f:b7:74:6b:ca:78:60:45:fe:75:c2:08:12:f3:
66:3a:1d:08:5d:79:bd:d8:2d:42:c8:c2:bf:c1:3f:76:7b:8c:
31:ee:8c:f4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDlwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzBGNEIxMTAvBgNVBAUTKDk5MzBEMEZGRUI4NzA3MDFCNEU4RUI0REIzQzA4NjYy
MzNGQzVCNTAwHhcNMjMwMTA0MTAxNTIyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I1NTFiYS1jMmU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwYHdiddt/Ywu8UJbI2+cln9NQUnaRo+zvFk14KqqifKmJdyXNujvgIXG3B+v
9IHZt3jKHlFq/GrGcVcFEKQWmz773z/eB9amjGVTBVDDEQISJi3XSygWcbRF6Cbf
+UK5uq6RgJX6eUp9ShmXAYd2FWlFx4qmUUcjNZoaT/shdh7FkwbMR6Pnx8aSumHR
9TOewVlg0XhtJFdOCJMMq3FDu58gR6mlq6s0BvhJrotvP2EKqRGJtS02W+QydNtx
cellM5yyjqJu5WPeJXhK3P7hv+/uaUwUuTJr0/BZynhzMDZPN3kDh3W3Nq5hu5FC
T+Vb+s4KtRWH048aDwAuk7f3wwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBpB3zXW
Bk1oW18TRIPFWs3r0ewvMB8GA1UdIwQYMBaAFJkw0P/rhwcBtOjrTbPAhmIz/FtQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMEY0Qi81NzcyQUEzMDU0
RTQxMUU5ODUzNkY2NTlDNEY5QUUwMi9tVERRXy11SEJ3RzA2T3ROczhDR1lqUDhX
MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21URFFfLXVIQndHMDZPdE5zOENHWWpQOFcxQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzBGNEIvNTc3MkFBMzA1NEU0MTFFOTg1MzZGNjU5QzRGOUFFMDIvQjI2QUI5QzI4
QzE4MTFFRDk1NTIyRjNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnioIwDQQCAAIwBwMFACQFDkAwDQYJKoZIhvcNAQELBQAD
ggEBAF2HSKr5exiC8cxNKy1mlXWySzMfs8FA3YArWfC54+RirxI4z2z16u/FPXBi
sIen9V2pVCwReVtX3pSs/Ur6Y0Sm/3EHIXYNhHb2mklyMiVVpOBSsb/vKO82H3An
BRIVI6p7a3sKiT96Teyh4hiTc315gAdl4XmGMHlyQubcwg740/YoS87HsOZRdcY5
VHB6xlVG5zr6sda6ZdDE8QQYIZuNwiuIwk8kmzU+VYevdX4i0053AoHPGJebHJoY
aHldPgCqO+UWrPhhV3cJnkzDJVaMJ1ZAeOP+Km1FD29vt3RrynhgRf51wggS82Y6
HQhdeb3YLULIwr/BP3Z7jDHujPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org