Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162661/32911D184FDB11E99AF34C5CC4F9AE02/84C68BDE6D8311E9B02C7110C4F9AE02.roa
File: 84C68BDE6D8311E9B02C7110C4F9AE02.roa (raw, json)
Hash identifier: 9Cfte4BtKi83jKh6SBPS0QLmDRNvWxcFS2nQa6USsh4=
Subject key identifier: 11:BE:61:F1:DA:7B:86:F4:02:B5:50:00:27:DC:31:91:BC:93:78:68
Certificate issuer: /CN=A9162661/serialNumber=ACD26F134FCE0764CC67FC9F265C785341C1B5D4
Certificate serial: 09E3
Authority key identifier: AC:D2:6F:13:4F:CE:07:64:CC:67:FC:9F:26:5C:78:53:41:C1:B5:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNJvE0_OB2TMZ_yfJlx4U0HBtdQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162661/32911D184FDB11E99AF34C5CC4F9AE02/84C68BDE6D8311E9B02C7110C4F9AE02.roa
Signing time: Wed 05 May 2021 18:53:39 +0000
ROA not before: Wed 05 May 2021 18:53:39 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 138932
IP address blocks: 103.137.96.0/24 maxlen: 24
103.137.97.0/24 maxlen: 24
2404:ae40::/32 maxlen: 32
2404:ae40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2531 (0x9e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162661/serialNumber=ACD26F134FCE0764CC67FC9F265C785341C1B5D4
Validity
Not Before: May 5 18:53:39 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=6092e9b3-6010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cd:46:68:64:26:47:dc:c0:f1:6b:0f:b2:97:
ec:f4:9e:cf:d9:fc:e1:43:9d:32:cc:35:56:8a:d2:
f4:6b:5b:87:dc:a2:2a:74:fa:2c:c2:70:aa:2c:72:
81:78:f4:89:e3:bd:a5:85:b3:95:c9:81:40:98:03:
a3:18:65:d2:ed:0f:7a:ef:13:2e:01:a4:28:4b:94:
19:58:94:e5:50:fd:ba:28:09:f2:2d:7f:09:18:91:
b1:24:db:ee:bf:bf:79:29:c6:db:10:95:33:d9:cf:
cc:24:73:1e:b4:7c:5a:62:fe:37:9f:4a:08:ec:22:
d8:46:f1:78:7b:a2:c3:7c:6c:9c:18:1d:04:e7:59:
7c:a9:f2:99:c2:2c:9c:cf:4a:bc:76:65:b7:4e:fa:
48:c1:99:7f:b7:53:b7:86:51:0c:8d:a0:76:fd:da:
d6:75:65:44:50:6f:c9:61:c0:4c:2a:b5:b5:cc:c3:
e2:e8:52:d7:3c:34:9e:39:d8:75:4c:c0:e3:72:d8:
2b:2b:c5:a9:fe:f3:dd:b6:85:ea:e5:4c:b5:21:6f:
91:e2:0b:73:2e:5f:5c:83:7e:03:80:65:24:66:03:
d2:5a:82:21:73:bc:9d:4c:50:31:25:7b:c2:0b:3a:
c4:81:fe:7f:04:6c:56:13:16:af:04:5a:de:f1:45:
76:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:BE:61:F1:DA:7B:86:F4:02:B5:50:00:27:DC:31:91:BC:93:78:68
X509v3 Authority Key Identifier:
keyid:AC:D2:6F:13:4F:CE:07:64:CC:67:FC:9F:26:5C:78:53:41:C1:B5:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162661/32911D184FDB11E99AF34C5CC4F9AE02/rNJvE0_OB2TMZ_yfJlx4U0HBtdQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rNJvE0_OB2TMZ_yfJlx4U0HBtdQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162661/32911D184FDB11E99AF34C5CC4F9AE02/84C68BDE6D8311E9B02C7110C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.96.0/23
IPv6:
2404:ae40::/32
Signature Algorithm: sha256WithRSAEncryption
8b:0a:5e:7a:aa:4c:8f:86:10:8c:51:51:06:1e:36:d2:69:63:
d7:2c:90:55:6f:d1:8a:f3:10:f6:c9:eb:c2:44:14:00:8e:78:
ef:c0:af:58:38:c0:3e:0c:2e:46:54:d1:ea:4f:21:6a:2b:d6:
80:7c:34:38:6a:62:9d:d9:2e:07:65:62:65:fd:f5:9f:59:37:
26:ed:d0:64:18:f1:3c:86:8b:96:e4:51:8d:08:02:ba:04:87:
0c:e5:2b:71:11:01:ff:62:b5:81:4b:ff:cd:e1:a0:56:d4:36:
22:d1:1f:89:f4:af:15:c5:cb:82:32:e6:d3:4f:92:15:38:82:
82:7b:07:16:c6:2f:79:f7:c5:30:c6:14:ae:97:5e:8c:a9:45:
2e:a3:ac:4c:65:59:75:da:37:31:70:4e:f9:eb:0e:de:0f:ac:
99:83:fa:e3:f3:c3:4b:7f:06:6b:87:86:0c:32:7c:0d:a5:9f:
87:60:33:90:9b:f6:fc:52:1d:1c:87:18:7a:07:c6:e6:2a:95:
1e:c1:0d:6e:90:a1:b0:b3:57:0f:bb:bd:5d:5c:b5:12:88:49:
17:e5:dc:ba:cc:73:47:62:3c:bd:a6:fc:0e:bb:74:6b:1d:37:
ad:ef:db:e6:b0:58:c5:b3:98:da:ab:d9:b0:ab:e0:60:75:01:
6c:95:2d:8f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCeMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjI2NjExMTAvBgNVBAUTKEFDRDI2RjEzNEZDRTA3NjRDQzY3RkM5RjI2NUM3ODUz
NDFDMUI1RDQwHhcNMjEwNTA1MTg1MzM5WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDkyZTliMy02MDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvc1GaGQmR9zA8WsPspfs9J7P2fzhQ50yzDVWitL0a1uH3KIqdPoswnCqLHKB
ePSJ472lhbOVyYFAmAOjGGXS7Q967xMuAaQoS5QZWJTlUP26KAnyLX8JGJGxJNvu
v795KcbbEJUz2c/MJHMetHxaYv43n0oI7CLYRvF4e6LDfGycGB0E51l8qfKZwiyc
z0q8dmW3TvpIwZl/t1O3hlEMjaB2/drWdWVEUG/JYcBMKrW1zMPi6FLXPDSeOdh1
TMDjctgrK8Wp/vPdtoXq5Uy1IW+R4gtzLl9cg34DgGUkZgPSWoIhc7ydTFAxJXvC
CzrEgf5/BGxWExavBFre8UV2gwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBG+YfHa
e4b0ArVQACfcMZG8k3hoMB8GA1UdIwQYMBaAFKzSbxNPzgdkzGf8nyZceFNBwbXU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjY2MS8zMjkxMUQxODRG
REIxMUU5OUFGMzRDNUNDNEY5QUUwMi9yTkp2RTBfT0IyVE1aX3lmSmx4NFUwSEJ0
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JOSnZFMF9PQjJUTVpfeWZKbHg0VTBIQnRkUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjI2NjEvMzI5MTFEMTg0RkRCMTFFOTlBRjM0QzVDQzRGOUFFMDIvODRDNjhCREU2
RDgzMTFFOUIwMkM3MTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFniWAwDQQCAAIwBwMFACQErkAwDQYJKoZIhvcNAQELBQAD
ggEBAIsKXnqqTI+GEIxRUQYeNtJpY9cskFVv0YrzEPbJ68JEFACOeO/Ar1g4wD4M
LkZU0epPIWor1oB8NDhqYp3ZLgdlYmX99Z9ZNybt0GQY8TyGi5bkUY0IAroEhwzl
K3ERAf9itYFL/83hoFbUNiLRH4n0rxXFy4Iy5tNPkhU4goJ7BxbGL3n3xTDGFK6X
XoypRS6jrExlWXXaNzFwTvnrDt4PrJmD+uPzw0t/BmuHhgwyfA2ln4dgM5Cb9vxS
HRyHGHoHxuYqlR7BDW6QobCzVw+7vV1ctRKISRfl3LrMc0diPL2m/A67dGsdN63v
2+awWMWzmNqr2bCr4GB1AWyVLY8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org