Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188A06/801CA584F67F11E9AA3E703DC4F9AE02/1DDBEFD491B211ED92AB0679C4F9AE02.roa
File: 1DDBEFD491B211ED92AB0679C4F9AE02.roa (raw, json)
Hash identifier: gbjqPkoj2kDeIWXFywpVNyWkOPuUQlpmMJuPQN3EDNc=
Subject key identifier: 55:43:16:CF:E3:39:0D:0C:D6:5B:15:24:16:16:FA:20:0F:B0:4F:2A
Certificate issuer: /CN=A9188A06/serialNumber=F9F34DF7EF8A3104AAF75A7711A52F7DB1A50DA4
Certificate serial: 0B02
Authority key identifier: F9:F3:4D:F7:EF:8A:31:04:AA:F7:5A:77:11:A5:2F:7D:B1:A5:0D:A4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-fNN9--KMQSq91p3EaUvfbGlDaQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188A06/801CA584F67F11E9AA3E703DC4F9AE02/1DDBEFD491B211ED92AB0679C4F9AE02.roa
Signing time: Tue 28 Mar 2023 19:46:42 +0000
ROA not before: Tue 28 Mar 2023 19:46:42 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 135341
IP address blocks: 103.135.138.0/24 maxlen: 24
103.135.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2818 (0xb02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188A06/serialNumber=F9F34DF7EF8A3104AAF75A7711A52F7DB1A50DA4
Validity
Not Before: Mar 28 19:46:42 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64234421-3a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ae:27:5b:78:47:62:9c:df:f4:40:ed:55:89:
15:66:09:41:eb:ae:95:35:55:a3:71:35:41:77:06:
01:c5:c4:3e:1c:d4:ed:f7:05:01:9e:17:9a:e1:de:
b1:34:64:3d:b9:6b:30:0c:f6:89:c0:3a:27:90:27:
c0:b3:0d:75:4d:88:20:f0:24:98:6e:03:a0:c3:6e:
b9:51:bf:20:3d:93:4f:30:87:a5:8f:17:00:47:11:
3e:55:6c:fc:40:bb:47:87:17:36:21:30:1b:27:53:
24:7d:bc:03:ed:84:07:2a:8e:22:8c:19:6f:74:b7:
af:fe:0e:a9:dd:9a:42:13:8b:c6:9c:93:1f:4a:3d:
86:c2:b1:97:f7:d3:f5:d1:fd:5b:b2:67:d2:a0:ba:
1b:c3:2e:ba:55:ab:a2:bb:43:dc:fe:f9:0d:36:41:
30:f8:a4:d1:73:35:07:93:30:97:a7:36:cc:18:2c:
cc:25:3b:38:0b:6f:0a:f6:da:e5:d1:ed:2e:a2:3c:
27:de:50:d9:c6:1b:8b:f2:6e:8e:45:db:60:0e:5c:
93:71:2a:71:b2:b2:ff:cf:3c:d0:14:eb:b1:18:de:
10:c2:16:d0:28:1f:3e:1c:ab:22:7d:ba:38:2c:c7:
ab:86:29:56:69:27:e4:e4:c5:9c:e9:48:f2:fe:18:
08:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:43:16:CF:E3:39:0D:0C:D6:5B:15:24:16:16:FA:20:0F:B0:4F:2A
X509v3 Authority Key Identifier:
keyid:F9:F3:4D:F7:EF:8A:31:04:AA:F7:5A:77:11:A5:2F:7D:B1:A5:0D:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188A06/801CA584F67F11E9AA3E703DC4F9AE02/-fNN9--KMQSq91p3EaUvfbGlDaQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-fNN9--KMQSq91p3EaUvfbGlDaQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188A06/801CA584F67F11E9AA3E703DC4F9AE02/1DDBEFD491B211ED92AB0679C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.138.0/23
Signature Algorithm: sha256WithRSAEncryption
32:e4:6d:f4:5d:87:d2:7b:74:66:58:b3:11:95:99:82:89:41:
44:9f:a8:2c:81:7b:34:5f:68:5f:bf:93:08:3d:b2:82:0e:f5:
67:e8:b0:50:10:31:89:bd:94:5c:b6:52:3a:42:ad:7d:5c:3a:
d2:14:59:cc:09:37:f5:33:80:c7:94:fa:77:56:80:4f:29:1f:
8b:41:5f:ca:54:dd:d4:3e:87:c4:c3:f9:39:50:a7:1f:01:19:
a3:6a:93:41:ab:91:de:a2:02:6f:1e:b2:7a:fa:eb:44:60:3c:
82:fc:90:e1:c8:4c:f0:bb:1b:b6:88:10:8e:78:31:a3:60:f1:
b5:62:25:a3:41:31:08:8a:69:dd:02:22:fc:f8:d7:43:ed:23:
e5:8c:ad:bc:cd:13:9e:08:d7:0d:ca:41:bd:36:6e:af:dc:8b:
8d:44:58:a0:5e:65:7c:eb:96:f9:ae:7e:70:55:02:52:5d:96:
37:fa:5e:a1:cd:7f:11:1d:ac:80:e2:3d:03:97:9a:84:e9:35:
23:30:1f:82:12:ce:6c:1f:08:9d:23:d3:72:ae:04:ba:ef:69:
fc:00:67:06:1a:3a:1a:0a:68:2c:24:11:88:bf:be:ed:04:cb:
1f:78:e4:97:fb:15:bb:a7:ef:08:b5:c1:42:8d:bb:e9:d8:99:
d0:5e:6a:a5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhBMDYxMTAvBgNVBAUTKEY5RjM0REY3RUY4QTMxMDRBQUY3NUE3NzExQTUyRjdE
QjFBNTBEQTQwHhcNMjMwMzI4MTk0NjQyWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIzNDQyMS0zYTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApq4nW3hHYpzf9EDtVYkVZglB666VNVWjcTVBdwYBxcQ+HNTt9wUBnhea4d6x
NGQ9uWswDPaJwDonkCfAsw11TYgg8CSYbgOgw265Ub8gPZNPMIeljxcARxE+VWz8
QLtHhxc2ITAbJ1MkfbwD7YQHKo4ijBlvdLev/g6p3ZpCE4vGnJMfSj2GwrGX99P1
0f1bsmfSoLobwy66Vauiu0Pc/vkNNkEw+KTRczUHkzCXpzbMGCzMJTs4C28K9trl
0e0uojwn3lDZxhuL8m6ORdtgDlyTcSpxsrL/zzzQFOuxGN4QwhbQKB8+HKsifbo4
LMerhilWaSfk5MWc6Ujy/hgIAwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFVDFs/j
OQ0M1lsVJBYW+iAPsE8qMB8GA1UdIwQYMBaAFPnzTffvijEEqvdadxGlL32xpQ2k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEEwNi84MDFDQTU4NEY2
N0YxMUU5QUEzRTcwM0RDNEY5QUUwMi8tZk5OOS0tS01RU3E5MXAzRWFVdmZiR2xE
YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1mTk45LS1LTVFTcTkxcDNFYVV2ZmJHbERhUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhBMDYvODAxQ0E1ODRGNjdGMTFFOUFBM0U3MDNEQzRGOUFFMDIvMUREQkVGRDQ5
MUIyMTFFRDkyQUIwNjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnh4owDQYJKoZIhvcNAQELBQADggEBADLkbfRdh9J7dGZY
sxGVmYKJQUSfqCyBezRfaF+/kwg9soIO9WfosFAQMYm9lFy2UjpCrX1cOtIUWcwJ
N/UzgMeU+ndWgE8pH4tBX8pU3dQ+h8TD+TlQpx8BGaNqk0Grkd6iAm8esnr660Rg
PIL8kOHITPC7G7aIEI54MaNg8bViJaNBMQiKad0CIvz410PtI+WMrbzNE54I1w3K
Qb02bq/ci41EWKBeZXzrlvmufnBVAlJdljf6XqHNfxEdrIDiPQOXmoTpNSMwH4IS
zmwfCJ0j03KuBLrvafwAZwYaOhoKaCwkEYi/vu0Eyx945Jf7Fbun7wi1wUKNu+nY
mdBeaqU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org