Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/201867E6378B11EC8BB75C6CC4F9AE02.roa
File: 201867E6378B11EC8BB75C6CC4F9AE02.roa (raw, json)
Hash identifier: cMnmM68yh/iUavbHc70UEjQxrvyPB43L5LhceLu3GGs=
Subject key identifier: F5:B9:92:83:33:52:F4:71:CD:9F:AB:55:0E:A6:39:DC:17:0C:ED:DE
Certificate issuer: /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial: 2391
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/201867E6378B11EC8BB75C6CC4F9AE02.roa
Signing time: Fri 30 Dec 2022 18:55:31 +0000
ROA not before: Fri 30 Dec 2022 18:55:31 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 141384
IP address blocks: 103.138.210.0/24 maxlen: 32
2001:df0:5580::/52 maxlen: 52
2001:df0:5580:1000::/52 maxlen: 52
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9105 (0x2391)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Validity
Not Before: Dec 30 18:55:31 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=63af3423-dce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:90:da:e8:42:8e:0e:59:27:f6:74:3e:17:92:
0e:d8:6d:7e:38:de:91:e4:33:2f:ed:54:1b:d5:51:
09:b0:1b:6f:0e:f0:a2:33:28:90:5a:f8:dc:05:c6:
f5:cf:5d:70:b3:91:19:b0:a3:81:ee:74:21:14:fb:
27:55:25:d7:a9:e6:3a:91:7f:c3:ee:d1:b9:06:f1:
00:41:2e:7f:e4:2f:29:4d:45:0c:ab:56:9e:6c:e1:
b1:50:01:e3:18:80:a1:b2:ce:c5:35:a8:0c:41:e0:
09:03:47:b3:4f:a7:51:4f:0c:96:d0:88:3b:33:10:
d9:26:84:4f:5b:94:48:4a:be:97:82:69:56:11:1d:
0b:bc:01:bd:1d:3e:e5:39:71:05:45:a3:f6:99:48:
03:5d:72:62:0e:08:bd:e0:a8:7a:7c:0b:af:53:08:
62:25:78:c2:9b:a1:e1:01:2d:07:a0:6b:64:f8:1b:
80:0a:50:24:70:b9:03:65:1e:f2:52:a5:e9:cc:2c:
d6:fd:1e:60:22:e5:c7:4b:ff:b7:63:27:c4:90:e9:
7c:11:fb:3a:a1:83:13:23:88:f5:52:77:5f:9d:f5:
24:4d:f7:56:e2:d7:f9:59:d9:e8:29:e9:be:09:72:
ee:51:f3:bc:02:cb:5c:8e:9b:52:2d:12:57:52:09:
d8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B9:92:83:33:52:F4:71:CD:9F:AB:55:0E:A6:39:DC:17:0C:ED:DE
X509v3 Authority Key Identifier:
keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/201867E6378B11EC8BB75C6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.210.0/24
IPv6:
2001:df0:5580::/51
Signature Algorithm: sha256WithRSAEncryption
49:b9:7e:ee:57:32:fb:0d:31:d2:04:e0:be:6d:4c:ef:e2:11:
43:40:7d:dc:9d:70:27:90:87:4d:7e:4b:e1:7b:fb:9f:eb:07:
58:d9:3c:bd:e5:a3:4b:59:71:9c:4e:71:f2:f0:f9:a2:72:11:
14:96:3e:49:4b:da:71:7c:8c:21:ef:52:5e:6c:dc:f4:68:04:
14:41:fc:04:58:2a:3d:2f:49:9b:70:27:b8:24:08:57:e4:a0:
44:ee:67:75:b1:f1:8a:53:0a:33:b1:44:06:a9:69:5c:67:d3:
e4:61:9d:1f:9d:78:d9:3b:41:26:ca:49:9e:57:67:d6:62:b7:
1f:f8:85:15:9c:bb:1a:ce:71:2c:ad:e1:29:32:69:2d:9b:f3:
c8:df:8d:21:64:d0:55:a3:5b:17:60:b0:5b:da:63:e2:42:4f:
46:aa:0f:4f:b3:af:ed:14:6a:dd:9e:e2:12:be:ab:76:73:79:
0c:3c:f6:ea:c9:ed:e2:83:85:b6:ee:e4:0b:ae:25:09:8e:5b:
67:96:99:49:d7:f7:b2:66:6c:9d:9a:24:c4:35:0e:ca:3c:14:
34:c1:29:f9:07:68:11:15:cb:80:03:29:d4:a2:96:62:40:8e:
ae:1b:65:4d:94:25:d8:d7:30:cd:e4:9e:01:25:e8:81:1e:10:
27:21:e0:18
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICI5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjIxMjMwMTg1NTMxWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FmMzQyMy1kY2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA45Da6EKODlkn9nQ+F5IO2G1+ON6R5DMv7VQb1VEJsBtvDvCiMyiQWvjcBcb1
z11ws5EZsKOB7nQhFPsnVSXXqeY6kX/D7tG5BvEAQS5/5C8pTUUMq1aebOGxUAHj
GIChss7FNagMQeAJA0ezT6dRTwyW0Ig7MxDZJoRPW5RISr6XgmlWER0LvAG9HT7l
OXEFRaP2mUgDXXJiDgi94Kh6fAuvUwhiJXjCm6HhAS0HoGtk+BuAClAkcLkDZR7y
UqXpzCzW/R5gIuXHS/+3YyfEkOl8Efs6oYMTI4j1UndfnfUkTfdW4tf5WdnoKem+
CXLuUfO8AstcjptSLRJXUgnY3QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFPW5koMz
UvRxzZ+rVQ6mOdwXDO3eMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvMjAxODY3RTYz
NzhCMTFFQzhCQjc1QzZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMAwEAgABMAYDBABnitIwEAQCAAIwCgMIBSABDfBVgAAwDQYJKoZIhvcNAQEL
BQADggEBAEm5fu5XMvsNMdIE4L5tTO/iEUNAfdydcCeQh01+S+F7+5/rB1jZPL3l
o0tZcZxOcfLw+aJyERSWPklL2nF8jCHvUl5s3PRoBBRB/ARYKj0vSZtwJ7gkCFfk
oETuZ3Wx8YpTCjOxRAapaVxn0+RhnR+deNk7QSbKSZ5XZ9Zitx/4hRWcuxrOcSyt
4SkyaS2b88jfjSFk0FWjWxdgsFvaY+JCT0aqD0+zr+0Uat2e4hK+q3ZzeQw89urJ
7eKDhbbu5AuuJQmOW2eWmUnX97JmbJ2aJMQ1Dso8FDTBKfkHaBEVy4ADKdSilmJA
jq4bZU2UJdjXMM3kngEl6IEeECch4Bg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:39 2023 by rpki-client on console-fra.rpki-client.org