Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191202/DBAF2DEE8D4711EBBA1A902DC4F9AE02/8DF61C621C4811ECBAA21A3CC4F9AE02.roa
File: 8DF61C621C4811ECBAA21A3CC4F9AE02.roa (raw, json)
Hash identifier: 3glKe36F8wE/0S/cKxbnqyywkuVthe+QcSfy8lK1mTA=
Subject key identifier: 2C:9C:51:13:06:11:72:25:2A:20:F7:7A:AC:EE:4D:63:5B:D7:8B:CE
Certificate issuer: /CN=A9191202/serialNumber=5A6FB2A3A33832E2166574BD90CDE030BE1FCECF
Certificate serial: 045C
Authority key identifier: 5A:6F:B2:A3:A3:38:32:E2:16:65:74:BD:90:CD:E0:30:BE:1F:CE:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wm-yo6M4MuIWZXS9kM3gML4fzs8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191202/DBAF2DEE8D4711EBBA1A902DC4F9AE02/8DF61C621C4811ECBAA21A3CC4F9AE02.roa
Signing time: Wed 21 Sep 2022 13:41:28 +0000
ROA not before: Wed 21 Sep 2022 13:41:28 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 137990
IP address blocks: 103.154.60.0/23 maxlen: 23
103.154.60.0/24 maxlen: 24
103.154.61.0/24 maxlen: 24
2407:8bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1116 (0x45c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191202/serialNumber=5A6FB2A3A33832E2166574BD90CDE030BE1FCECF
Validity
Not Before: Sep 21 13:41:28 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=632b1488-d213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e9:dd:78:bf:25:2b:b4:af:b3:36:28:d6:72:
d1:ca:6b:59:56:cb:b2:8d:7d:0a:7b:7e:8d:a5:fa:
63:e2:45:8f:5a:20:e6:1f:07:63:eb:be:ba:c0:a8:
65:f3:02:78:70:58:f2:fe:cc:e9:bc:e8:1b:68:54:
48:a5:ad:66:60:87:bb:e5:c7:69:b2:56:28:fa:a3:
ea:19:92:dd:a7:2e:08:54:8e:35:da:f1:b6:b3:54:
d5:f5:96:09:d2:b9:4f:e7:ea:f9:fc:fa:aa:b6:dc:
5a:54:ee:b2:d6:b2:57:c6:cf:fa:d4:38:8b:6e:36:
39:f2:7b:85:ad:c3:ea:69:29:42:69:d2:0f:24:e1:
23:eb:db:18:86:90:d4:39:4e:d8:bd:bb:4f:41:62:
45:81:13:e3:e1:ce:a6:56:aa:74:a5:75:0a:c6:f4:
db:cb:53:5b:c3:8a:70:21:f5:dd:63:f0:9d:95:d4:
12:07:e5:03:bd:7a:3b:4a:f7:46:e9:ca:9a:f7:c6:
ab:15:4e:f7:41:0d:b3:68:e1:9d:30:92:97:62:6f:
b5:55:99:46:fc:90:ed:6c:5c:83:38:4e:30:24:1a:
df:be:70:31:e5:5b:7e:d6:db:41:f7:87:39:da:1c:
b0:fa:78:f8:5e:14:c6:8a:51:4d:0d:e6:db:a8:15:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:9C:51:13:06:11:72:25:2A:20:F7:7A:AC:EE:4D:63:5B:D7:8B:CE
X509v3 Authority Key Identifier:
keyid:5A:6F:B2:A3:A3:38:32:E2:16:65:74:BD:90:CD:E0:30:BE:1F:CE:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191202/DBAF2DEE8D4711EBBA1A902DC4F9AE02/Wm-yo6M4MuIWZXS9kM3gML4fzs8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wm-yo6M4MuIWZXS9kM3gML4fzs8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191202/DBAF2DEE8D4711EBBA1A902DC4F9AE02/8DF61C621C4811ECBAA21A3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.154.60.0/23
IPv6:
2407:8bc0::/32
Signature Algorithm: sha256WithRSAEncryption
db:05:a2:00:ee:c4:e3:e5:2c:b4:0d:64:3e:ee:24:43:56:93:
cc:dc:28:ac:5e:78:23:2a:23:d0:4e:d5:db:de:b9:b9:06:7a:
fa:c8:54:d3:1c:45:ca:1b:81:f6:0e:19:d4:ed:5a:26:6c:a6:
6b:25:2b:72:7e:7c:40:e0:87:79:4d:37:f3:30:36:45:16:af:
79:e3:c1:c9:f0:f1:ac:3f:44:45:f2:4e:a1:9d:64:81:d0:c2:
8f:df:c3:a6:27:ea:04:56:5e:f3:29:a8:df:35:39:5f:4e:bf:
ae:ae:40:90:77:22:ee:8b:9b:36:6b:5a:ef:0e:2f:40:38:cd:
36:54:91:94:2f:30:fb:13:ab:48:88:a7:2b:c9:12:80:16:e2:
96:f8:d2:68:ee:0a:02:50:a6:38:c6:d9:1f:d2:af:2d:59:d4:
18:ce:6c:4c:85:8f:06:1a:45:06:c4:32:c0:24:0d:94:f1:53:
4f:7d:15:f2:4a:15:9e:c5:ff:53:36:85:53:3b:73:5f:8f:02:
14:19:fe:61:17:88:0b:e6:a0:ca:3f:49:18:29:f9:22:ed:96:
e8:33:06:cc:ab:61:14:1c:f6:98:ba:15:66:b6:17:2a:5c:ca:
86:5b:df:e3:b4:0d:44:6f:14:b5:ea:7a:2a:aa:3b:99:4e:a0:
40:54:5b:f1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBFwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTEyMDIxMTAvBgNVBAUTKDVBNkZCMkEzQTMzODMyRTIxNjY1NzRCRDkwQ0RFMDMw
QkUxRkNFQ0YwHhcNMjIwOTIxMTM0MTI4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJiMTQ4OC1kMjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2OndeL8lK7SvszYo1nLRymtZVsuyjX0Ke36Npfpj4kWPWiDmHwdj6766wKhl
8wJ4cFjy/szpvOgbaFRIpa1mYIe75cdpslYo+qPqGZLdpy4IVI412vG2s1TV9ZYJ
0rlP5+r5/PqqttxaVO6y1rJXxs/61DiLbjY58nuFrcPqaSlCadIPJOEj69sYhpDU
OU7YvbtPQWJFgRPj4c6mVqp0pXUKxvTby1Nbw4pwIfXdY/CdldQSB+UDvXo7SvdG
6cqa98arFU73QQ2zaOGdMJKXYm+1VZlG/JDtbFyDOE4wJBrfvnAx5Vt+1ttB94c5
2hyw+nj4XhTGilFNDebbqBX8kwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCycURMG
EXIlKiD3eqzuTWNb14vOMB8GA1UdIwQYMBaAFFpvsqOjODLiFmV0vZDN4DC+H87P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTIwMi9EQkFGMkRFRThE
NDcxMUVCQkExQTkwMkRDNEY5QUUwMi9XbS15bzZNNE11SVdaWFM5a00zZ01MNGZ6
czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dtLXlvNk00TXVJV1pYUzlrTTNnTUw0ZnpzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTEyMDIvREJBRjJERUU4RDQ3MTFFQkJBMUE5MDJEQzRGOUFFMDIvOERGNjFDNjIx
QzQ4MTFFQ0JBQTIxQTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnmjwwDQQCAAIwBwMFACQHi8AwDQYJKoZIhvcNAQELBQAD
ggEBANsFogDuxOPlLLQNZD7uJENWk8zcKKxeeCMqI9BO1dveubkGevrIVNMcRcob
gfYOGdTtWiZspmslK3J+fEDgh3lNN/MwNkUWr3njwcnw8aw/REXyTqGdZIHQwo/f
w6Yn6gRWXvMpqN81OV9Ov66uQJB3Iu6LmzZrWu8OL0A4zTZUkZQvMPsTq0iIpyvJ
EoAW4pb40mjuCgJQpjjG2R/Sry1Z1BjObEyFjwYaRQbEMsAkDZTxU099FfJKFZ7F
/1M2hVM7c1+PAhQZ/mEXiAvmoMo/SRgp+SLtlugzBsyrYRQc9pi6FWa2FypcyoZb
3+O0DURvFLXqeiqqO5lOoEBUW/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org