Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/E04A46389F0511EC9DA80B77C4F9AE02.roa
File: E04A46389F0511EC9DA80B77C4F9AE02.roa (raw, json)
Hash identifier: ju55i9N1pv62S6eex5ke0M5wlltP6QYGpFBZzok+XGA=
Subject key identifier: 6B:7F:0C:CB:26:10:8D:3D:CF:A0:4B:D1:3F:47:F5:05:8E:56:D8:3B
Certificate issuer: /CN=A91398A3/serialNumber=775FE5A1F61A7408DFEED47F1447E3464DA50B2A
Certificate serial: 78
Authority key identifier: 77:5F:E5:A1:F6:1A:74:08:DF:EE:D4:7F:14:47:E3:46:4D:A5:0B:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d1_lofYadAjf7tR_FEfjRk2lCyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/E04A46389F0511EC9DA80B77C4F9AE02.roa
Signing time: Tue 08 Mar 2022 17:33:34 +0000
ROA not before: Tue 08 Mar 2022 17:33:34 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 57724
IP address blocks: 103.80.132.0/24 maxlen: 24
103.80.133.0/24 maxlen: 24
103.80.134.0/24 maxlen: 24
103.80.135.0/24 maxlen: 24
182.161.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91398A3/serialNumber=775FE5A1F61A7408DFEED47F1447E3464DA50B2A
Validity
Not Before: Mar 8 17:33:34 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=6227936d-be8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:54:df:0f:bb:11:d9:f2:e5:61:64:5e:e0:29:
45:59:73:2f:70:3c:eb:c7:7a:e6:21:f6:1c:ef:29:
01:de:7e:5b:e7:75:c2:e3:b8:62:33:17:14:19:75:
22:01:05:ac:3b:93:02:42:33:44:db:7a:c2:55:e5:
0f:1f:bc:61:fa:af:77:69:f1:b0:32:96:eb:82:ba:
01:f2:5e:39:57:04:7c:e5:07:bd:3e:22:fa:9c:17:
35:53:5b:75:17:73:85:fa:42:5c:3e:86:f7:78:8c:
f5:bd:36:9d:9b:71:3c:f8:95:10:9e:9e:e6:60:a2:
56:a6:aa:2a:b8:67:e5:09:1d:19:a5:4a:ed:31:6d:
bb:2a:02:cb:6b:b4:15:8f:d1:cc:5d:42:a2:a5:f4:
ea:52:03:de:0d:65:f8:ec:64:c5:0a:34:8d:be:3a:
4c:a7:d1:28:70:f1:b1:b6:94:b4:0a:a8:38:4b:1a:
c9:a6:1f:a9:5b:35:12:d1:15:94:70:35:f4:1d:4e:
a1:00:58:04:38:25:d2:9c:c4:40:bb:0f:18:22:a2:
ed:9d:99:5a:6f:bf:f0:21:8c:c7:a5:90:99:c8:51:
86:ea:be:ad:db:c0:4c:86:6d:76:7c:7c:ee:02:1c:
10:60:1c:0a:4d:fe:bb:7d:71:45:45:d0:2d:31:9e:
3d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7F:0C:CB:26:10:8D:3D:CF:A0:4B:D1:3F:47:F5:05:8E:56:D8:3B
X509v3 Authority Key Identifier:
keyid:77:5F:E5:A1:F6:1A:74:08:DF:EE:D4:7F:14:47:E3:46:4D:A5:0B:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/d1_lofYadAjf7tR_FEfjRk2lCyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d1_lofYadAjf7tR_FEfjRk2lCyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91398A3/E219B61C711311ECBC308919C4F9AE02/E04A46389F0511EC9DA80B77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.80.132.0/22
182.161.66.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:b0:4b:b2:da:1a:5c:41:31:36:63:59:50:23:56:1e:57:54:
5c:0a:ad:67:60:e1:26:1a:3a:25:73:88:cc:5f:ff:69:6c:64:
df:64:4b:c3:f6:ea:19:ff:ec:e3:64:15:0d:b9:7e:b3:00:01:
9f:96:f8:6b:23:b1:61:3a:d2:cf:be:91:a7:72:f7:a4:f8:b8:
1f:24:66:ad:96:a0:cf:e6:39:60:7a:78:10:76:32:e1:60:48:
47:a5:90:d9:53:4f:03:65:6e:f5:ba:eb:5b:81:e7:3e:30:0d:
8b:35:c5:f8:b5:3c:7d:7b:df:dc:21:5f:cd:b7:39:d5:e3:d0:
6c:74:6f:d6:f9:55:9f:c0:81:37:c3:79:2a:e5:6b:ab:11:15:
49:b8:16:38:ff:e2:fd:61:25:d3:9a:d8:1f:e4:89:d9:4a:a1:
4a:63:6a:35:df:72:19:f7:c9:58:68:c9:bd:e2:b5:d2:b4:63:
69:de:e6:3f:ec:4c:0e:15:fd:72:c3:e4:6c:a5:d1:89:f3:a3:
09:4d:99:90:57:7c:5c:b2:af:97:18:0c:23:8a:64:b1:05:06:
7d:84:4c:6f:a5:aa:98:9c:84:90:6a:37:cb:46:7c:33:da:e5:
ab:b0:6e:38:32:eb:d2:8e:48:37:f2:65:32:e8:64:59:33:c0:
ca:09:3c:42
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
OThBMzExMC8GA1UEBRMoNzc1RkU1QTFGNjFBNzQwOERGRUVENDdGMTQ0N0UzNDY0
REE1MEIyQTAeFw0yMjAzMDgxNzMzMzRaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMjc5MzZkLWJlOGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3VN8PuxHZ8uVhZF7gKUVZcy9wPOvHeuYh9hzvKQHeflvndcLjuGIzFxQZdSIB
Baw7kwJCM0TbesJV5Q8fvGH6r3dp8bAyluuCugHyXjlXBHzlB70+IvqcFzVTW3UX
c4X6Qlw+hvd4jPW9Np2bcTz4lRCenuZgolamqiq4Z+UJHRmlSu0xbbsqAstrtBWP
0cxdQqKl9OpSA94NZfjsZMUKNI2+Okyn0Shw8bG2lLQKqDhLGsmmH6lbNRLRFZRw
NfQdTqEAWAQ4JdKcxEC7Dxgiou2dmVpvv/AhjMelkJnIUYbqvq3bwEyGbXZ8fO4C
HBBgHApN/rt9cUVF0C0xnj3RAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUa38MyyYQ
jT3PoEvRP0f1BY5W2DswHwYDVR0jBBgwFoAUd1/lofYadAjf7tR/FEfjRk2lCyow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM5OEEzL0UyMTlCNjFDNzEx
MzExRUNCQzMwODkxOUM0RjlBRTAyL2QxX2xvZllhZEFqZjd0Ul9GRWZqUmsybEN5
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZDFfbG9mWWFkQWpmN3RSX0ZFZmpSazJsQ3lvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OThBMy9FMjE5QjYxQzcxMTMxMUVDQkMzMDg5MTlDNEY5QUUwMi9FMDRBNDYzODlG
MDUxMUVDOURBODBCNzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmdQhAMEALahQjANBgkqhkiG9w0BAQsFAAOCAQEAfLBLstoa
XEExNmNZUCNWHldUXAqtZ2DhJho6JXOIzF//aWxk32RLw/bqGf/s42QVDbl+swAB
n5b4ayOxYTrSz76Rp3L3pPi4HyRmrZagz+Y5YHp4EHYy4WBIR6WQ2VNPA2Vu9brr
W4HnPjANizXF+LU8fXvf3CFfzbc51ePQbHRv1vlVn8CBN8N5KuVrqxEVSbgWOP/i
/WEl05rYH+SJ2UqhSmNqNd9yGffJWGjJveK10rRjad7mP+xMDhX9csPkbKXRifOj
CU2ZkFd8XLKvlxgMI4pksQUGfYRMb6WqmJyEkGo3y0Z8M9rlq7BuODLr0o5IN/Jl
MuhkWTPAygk8Qg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org