Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/DFB168509F0511EC9DA80B77C4F9AE02.roa
File: DFB168509F0511EC9DA80B77C4F9AE02.roa (raw, json)
Hash identifier: 4XSIDCzANCbwmuz4yd2wURvAtolVptiKMlvlj3gmH4o=
Subject key identifier: 19:5E:F1:E7:5A:1A:48:ED:E5:64:90:E7:6B:12:C3:E8:13:51:F9:C8
Certificate issuer: /CN=A91398A3/serialNumber=775FE5A1F61A7408DFEED47F1447E3464DA50B2A
Certificate serial: 77
Authority key identifier: 77:5F:E5:A1:F6:1A:74:08:DF:EE:D4:7F:14:47:E3:46:4D:A5:0B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d1_lofYadAjf7tR_FEfjRk2lCyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/DFB168509F0511EC9DA80B77C4F9AE02.roa
Signing time: Tue 08 Mar 2022 17:33:32 +0000
ROA not before: Tue 08 Mar 2022 17:33:32 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 3786
IP address blocks: 103.80.132.0/24 maxlen: 24
103.80.133.0/24 maxlen: 24
103.80.134.0/24 maxlen: 24
103.80.135.0/24 maxlen: 24
182.161.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119 (0x77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91398A3/serialNumber=775FE5A1F61A7408DFEED47F1447E3464DA50B2A
Validity
Not Before: Mar 8 17:33:32 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=6227936c-4917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:0b:2f:06:df:3d:52:b1:3a:c2:35:15:45:
41:f6:31:a7:1c:8a:e4:94:31:2a:2b:45:3d:e6:65:
91:b9:24:9f:e8:95:71:77:9d:bd:7f:05:33:3d:46:
32:3e:de:23:e8:2c:3d:e8:fd:a5:9f:d4:ca:be:62:
fa:a1:82:da:a2:f1:94:23:4c:9f:2a:f2:d6:95:dc:
d6:82:31:f2:22:e2:ec:40:dd:a7:61:5d:44:a6:4f:
18:d6:5e:2d:5a:cb:59:f1:6d:3a:15:d2:98:0c:fb:
23:36:ee:6d:81:30:ab:14:3f:5a:f1:c2:80:b4:8a:
d1:7a:78:58:aa:73:62:0b:b4:93:3b:08:fa:68:1a:
f3:1d:92:e3:ef:f2:c7:f1:c2:56:f7:8a:e9:36:71:
da:30:0b:b2:24:b7:ca:84:b2:ed:3a:7d:ce:68:a1:
2b:4c:ba:70:14:99:e1:26:d9:2f:2c:09:34:9e:34:
8b:70:4a:50:5e:c4:82:6e:e6:09:3b:30:88:43:35:
91:b0:85:90:11:58:15:bb:d7:6c:da:cc:b4:7a:a6:
ed:20:fd:b7:43:1e:dd:c9:af:0c:69:ff:9b:90:99:
64:38:b1:40:15:e7:f6:37:14:57:c6:07:3a:fa:15:
e8:88:bf:b1:54:d5:5f:17:c0:b9:b7:35:d2:18:ef:
fa:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:5E:F1:E7:5A:1A:48:ED:E5:64:90:E7:6B:12:C3:E8:13:51:F9:C8
X509v3 Authority Key Identifier:
keyid:77:5F:E5:A1:F6:1A:74:08:DF:EE:D4:7F:14:47:E3:46:4D:A5:0B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/d1_lofYadAjf7tR_FEfjRk2lCyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d1_lofYadAjf7tR_FEfjRk2lCyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/DFB168509F0511EC9DA80B77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.80.132.0/22
182.161.66.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:ad:14:26:db:06:5e:52:b3:d8:bf:9f:5d:ac:91:21:c1:0e:
1d:0f:c5:80:03:7e:da:5c:28:43:29:32:e5:21:ad:0b:a7:7e:
61:45:89:1b:c6:b2:d9:2a:07:25:f0:dc:1d:21:a4:b7:3c:fe:
4b:ac:30:32:80:b9:90:97:f8:43:b9:ce:d7:09:b6:16:4e:3a:
83:18:ca:dd:26:64:ab:0d:09:95:4a:23:92:b9:bf:1c:85:9e:
46:0c:5e:83:b7:f8:f5:c9:57:a6:4b:5c:3d:44:6f:f3:ba:7a:
b4:df:db:7f:44:3d:21:a2:de:3b:f3:30:a8:7b:ca:fc:bd:39:
52:90:c1:6a:9c:56:0e:f2:ed:00:22:98:80:8c:c5:ce:35:a5:
43:9e:d6:ee:db:2a:7c:96:b7:c5:8b:7f:b6:26:9b:6d:d9:f3:
1a:f9:2f:7f:1c:e8:08:92:b2:aa:3d:ef:ec:62:d9:47:82:6c:
48:ef:c5:fa:52:1c:f6:32:27:f7:bc:e2:84:ec:ec:b4:b4:f5:
31:b0:a3:a3:f6:72:18:54:ce:68:9f:fc:50:97:4a:1a:6a:51:
ab:d8:48:8e:35:10:99:17:74:67:ac:ef:f0:d8:3d:f8:64:27:
ef:a8:ca:72:20:37:50:cf:57:d8:e7:2e:e8:20:71:a3:8e:5b:
50:e0:e3:7c
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBdzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
OThBMzExMC8GA1UEBRMoNzc1RkU1QTFGNjFBNzQwOERGRUVENDdGMTQ0N0UzNDY0
REE1MEIyQTAeFw0yMjAzMDgxNzMzMzJaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMjc5MzZjLTQ5MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBeAsvBt89UrE6wjUVRUH2MacciuSUMSorRT3mZZG5JJ/olXF3nb1/BTM9RjI+
3iPoLD3o/aWf1Mq+Yvqhgtqi8ZQjTJ8q8taV3NaCMfIi4uxA3adhXUSmTxjWXi1a
y1nxbToV0pgM+yM27m2BMKsUP1rxwoC0itF6eFiqc2ILtJM7CPpoGvMdkuPv8sfx
wlb3iuk2cdowC7Ikt8qEsu06fc5ooStMunAUmeEm2S8sCTSeNItwSlBexIJu5gk7
MIhDNZGwhZARWBW712zazLR6pu0g/bdDHt3Jrwxp/5uQmWQ4sUAV5/Y3FFfGBzr6
FeiIv7FU1V8XwLm3NdIY7/oLAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUGV7x51oa
SO3lZJDnaxLD6BNR+cgwHwYDVR0jBBgwFoAUd1/lofYadAjf7tR/FEfjRk2lCyow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM5OEEzL0UyMTlCNjFDNzEx
MzExRUNCQzMwODkxOUM0RjlBRTAyL2QxX2xvZllhZEFqZjd0Ul9GRWZqUmsybEN5
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZDFfbG9mWWFkQWpmN3RSX0ZFZmpSazJsQ3lvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OThBMy9FMjE5QjYxQzcxMTMxMUVDQkMzMDg5MTlDNEY5QUUwMi9ERkIxNjg1MDlG
MDUxMUVDOURBODBCNzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmdQhAMEALahQjANBgkqhkiG9w0BAQsFAAOCAQEASq0UJtsG
XlKz2L+fXayRIcEOHQ/FgAN+2lwoQyky5SGtC6d+YUWJG8ay2SoHJfDcHSGktzz+
S6wwMoC5kJf4Q7nO1wm2Fk46gxjK3SZkqw0JlUojkrm/HIWeRgxeg7f49clXpktc
PURv87p6tN/bf0Q9IaLeO/MwqHvK/L05UpDBapxWDvLtACKYgIzFzjWlQ57W7tsq
fJa3xYt/tiabbdnzGvkvfxzoCJKyqj3v7GLZR4JsSO/F+lIc9jIn97zihOzstLT1
MbCjo/ZyGFTOaJ/8UJdKGmpRq9hIjjUQmRd0Z6zv8Ng9+GQn76jKciA3UM9X2Ocu
6CBxo45bUODjfA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-ams.rpki-client.org