Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91685DF/AB7357AECD6D11E9A6C26E46C4F9AE02/776DD0E8687411ECB6E9CC6FC4F9AE02.roa
File: 776DD0E8687411ECB6E9CC6FC4F9AE02.roa (raw, json)
Hash identifier: sZli7rpA2APH/MG797opyTn/FahJj2S/x9eotrexf04=
Subject key identifier: 38:69:E9:BA:C8:A8:A8:80:7D:D6:AB:9C:81:EA:28:2F:7E:B5:C1:53
Certificate issuer: /CN=A91685DF/serialNumber=BF237EE623BD2853AC04554EB812280434A85A8F
Certificate serial: 093E
Authority key identifier: BF:23:7E:E6:23:BD:28:53:AC:04:55:4E:B8:12:28:04:34:A8:5A:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vyN-5iO9KFOsBFVOuBIoBDSoWo8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91685DF/AB7357AECD6D11E9A6C26E46C4F9AE02/776DD0E8687411ECB6E9CC6FC4F9AE02.roa
Signing time: Wed 29 Dec 2021 06:56:38 +0000
ROA not before: Wed 29 Dec 2021 06:56:38 +0000
ROA not after: Sat 28 May 2022 00:00:00 +0000
asID: 138620
IP address blocks: 103.134.216.0/22 maxlen: 22
103.134.216.0/24 maxlen: 24
103.134.217.0/24 maxlen: 24
103.134.218.0/24 maxlen: 24
103.134.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2366 (0x93e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91685DF/serialNumber=BF237EE623BD2853AC04554EB812280434A85A8F
Validity
Not Before: Dec 29 06:56:38 2021 GMT
Not After : May 28 00:00:00 2022 GMT
Subject: CN=61cc06a5-fe82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5c:05:0a:41:f6:b2:74:e5:ce:d7:8a:64:43:
74:07:33:c8:cd:42:8c:61:3d:d0:5a:f3:95:a0:93:
49:2a:4b:80:21:40:80:f0:0f:05:cd:c3:ad:ce:b8:
99:88:24:50:71:d3:0c:27:d2:27:8f:ad:b2:a2:b2:
df:5b:6c:36:42:39:06:ec:b0:fe:6e:af:26:99:f4:
a1:1c:9a:33:da:bd:79:cf:7f:6c:07:47:d4:9c:4e:
11:4c:9a:13:cb:35:59:e7:79:9a:fc:f3:8e:7f:77:
eb:d0:0b:9f:96:4c:18:7e:1e:a2:fd:71:e9:73:bf:
b5:de:a0:e5:7c:6f:18:dd:9a:13:e1:9c:d5:ff:0d:
31:17:a0:eb:7a:b4:49:5a:57:3e:a4:3d:f4:e0:13:
fa:02:08:79:0b:02:36:3c:13:0e:c0:c2:df:73:36:
fe:6b:d6:e1:e5:ef:19:82:15:fd:08:a2:b9:dc:3b:
01:b9:40:ba:a7:c3:7b:a0:f4:63:dc:50:fc:22:74:
94:94:26:6e:de:d0:21:18:80:17:77:d6:85:c3:21:
b9:48:b1:2a:96:04:d0:32:72:5e:4b:b9:24:30:7a:
e6:df:b8:09:cf:e3:b7:e8:6f:a1:cd:7e:3b:10:72:
d7:1c:7f:36:0e:56:4c:e7:55:f1:f7:83:69:d2:23:
e8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:69:E9:BA:C8:A8:A8:80:7D:D6:AB:9C:81:EA:28:2F:7E:B5:C1:53
X509v3 Authority Key Identifier:
keyid:BF:23:7E:E6:23:BD:28:53:AC:04:55:4E:B8:12:28:04:34:A8:5A:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91685DF/AB7357AECD6D11E9A6C26E46C4F9AE02/vyN-5iO9KFOsBFVOuBIoBDSoWo8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vyN-5iO9KFOsBFVOuBIoBDSoWo8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685DF/AB7357AECD6D11E9A6C26E46C4F9AE02/776DD0E8687411ECB6E9CC6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.216.0/22
Signature Algorithm: sha256WithRSAEncryption
65:77:f4:d9:08:97:14:17:94:99:03:5f:ae:b6:bd:d1:df:91:
aa:53:f6:04:f1:c0:fe:12:97:9d:d7:b0:8b:52:16:55:30:a4:
a4:95:c6:13:33:b4:d9:59:ef:3e:3c:de:4b:2c:96:07:70:7d:
11:58:40:23:c2:23:c1:03:17:74:a3:45:f4:55:2d:9f:22:04:
3e:53:d8:9b:2f:91:63:8a:62:36:ca:f1:05:18:06:68:59:8e:
16:9a:a5:63:97:51:93:40:14:af:bd:6d:75:b2:2f:66:6f:8d:
46:ef:8a:f5:f3:20:8f:33:c0:2d:0d:b2:93:5d:d8:8d:5b:54:
02:a0:23:88:a3:ff:f1:5c:13:5a:1c:c9:50:7e:94:5f:e5:08:
d4:58:20:55:e1:8b:5f:7e:2e:85:64:6c:39:2b:35:5d:66:86:
18:f1:ef:39:6e:9c:15:2e:49:db:5c:a3:e9:b7:a4:26:23:28:
44:fe:81:57:46:d6:5b:34:f1:a9:a3:62:b5:7b:b5:99:c6:08:
d9:a7:03:6f:0a:59:88:5e:23:ff:6a:4f:41:8c:d1:35:1e:2b:
46:3d:2e:b7:2a:f6:00:7f:c0:c6:7e:e5:2e:d9:03:4a:57:e6:
5c:e4:2c:27:aa:d0:a3:e5:c2:da:9f:9f:d0:91:f3:d4:0e:64:
01:b9:75:87
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg1REYxMTAvBgNVBAUTKEJGMjM3RUU2MjNCRDI4NTNBQzA0NTU0RUI4MTIyODA0
MzRBODVBOEYwHhcNMjExMjI5MDY1NjM4WhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNjMDZhNS1mZTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz1wFCkH2snTlzteKZEN0BzPIzUKMYT3QWvOVoJNJKkuAIUCA8A8FzcOtzriZ
iCRQcdMMJ9Inj62yorLfW2w2QjkG7LD+bq8mmfShHJoz2r15z39sB0fUnE4RTJoT
yzVZ53ma/POOf3fr0AuflkwYfh6i/XHpc7+13qDlfG8Y3ZoT4ZzV/w0xF6DrerRJ
Wlc+pD304BP6Agh5CwI2PBMOwMLfczb+a9bh5e8ZghX9CKK53DsBuUC6p8N7oPRj
3FD8InSUlCZu3tAhGIAXd9aFwyG5SLEqlgTQMnJeS7kkMHrm37gJz+O36G+hzX47
EHLXHH82DlZM51Xx94Np0iPoRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDhp6brI
qKiAfdarnIHqKC9+tcFTMB8GA1UdIwQYMBaAFL8jfuYjvShTrARVTrgSKAQ0qFqP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODVERi9BQjczNTdBRUNE
NkQxMUU5QTZDMjZFNDZDNEY5QUUwMi92eU4tNWlPOUtGT3NCRlZPdUJJb0JEU29X
bzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Z5Ti01aU85S0ZPc0JGVk91QklvQkRTb1dvOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg1REYvQUI3MzU3QUVDRDZEMTFFOUE2QzI2RTQ2QzRGOUFFMDIvNzc2REQwRTg2
ODc0MTFFQ0I2RTlDQzZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhtgwDQYJKoZIhvcNAQELBQADggEBAGV39NkIlxQXlJkD
X662vdHfkapT9gTxwP4Sl53XsItSFlUwpKSVxhMztNlZ7z483ksslgdwfRFYQCPC
I8EDF3SjRfRVLZ8iBD5T2JsvkWOKYjbK8QUYBmhZjhaapWOXUZNAFK+9bXWyL2Zv
jUbvivXzII8zwC0NspNd2I1bVAKgI4ij//FcE1ocyVB+lF/lCNRYIFXhi19+LoVk
bDkrNV1mhhjx7zlunBUuSdtco+m3pCYjKET+gVdG1ls08amjYrV7tZnGCNmnA28K
WYheI/9qT0GM0TUeK0Y9Lrcq9gB/wMZ+5S7ZA0pX5lzkLCeq0KPlwtqfn9CR89QO
ZAG5dYc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-ams.rpki-client.org