Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE984/28745E4C15EE11EAA2D9E06EC4F9AE02/C9D1A3E415EE11EA88186D6FC4F9AE02.roa
File: C9D1A3E415EE11EA88186D6FC4F9AE02.roa (raw, json)
Hash identifier: Jj/ychgmjuLIOfD183XVnC2PEtxlIHWcK/1lpavmGYE=
Subject key identifier: 51:41:FD:0B:9E:C4:D1:CD:C3:27:B8:1A:05:F7:56:F7:7E:8F:2F:2B
Certificate issuer: /CN=A91AE984/serialNumber=8ABA3E47D51C5D2C9EF343E5AF41101E43C58A88
Certificate serial: 0A2F
Authority key identifier: 8A:BA:3E:47:D5:1C:5D:2C:9E:F3:43:E5:AF:41:10:1E:43:C5:8A:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iro-R9UcXSye80Plr0EQHkPFiog.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE984/28745E4C15EE11EAA2D9E06EC4F9AE02/C9D1A3E415EE11EA88186D6FC4F9AE02.roa
Signing time: Sun 08 Jan 2023 09:36:48 +0000
ROA not before: Sun 08 Jan 2023 09:36:48 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 59238
IP address blocks: 103.135.108.0/22 maxlen: 24
2404:7bc0::/32 maxlen: 32
2404:7bc0::/40 maxlen: 40
2404:7bc0:100::/40 maxlen: 40
2404:7bc0:300::/40 maxlen: 40
2404:7bc0:400::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2607 (0xa2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE984/serialNumber=8ABA3E47D51C5D2C9EF343E5AF41101E43C58A88
Validity
Not Before: Jan 8 09:36:48 2023 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63ba8eb0-4606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c6:b3:1a:78:7c:c2:f6:1a:02:18:1a:b9:c5:
6b:5b:20:9c:c9:ea:5c:27:24:95:1d:8b:fb:59:5c:
f1:5b:99:87:dd:14:fd:33:0e:ca:b4:c4:ce:2d:fc:
21:2a:f1:13:b4:54:41:22:88:02:a7:3b:a8:80:ce:
84:1b:f1:d5:53:29:d2:72:af:a2:1e:f6:54:a0:12:
dd:dd:47:c2:7a:ed:9c:48:2a:7b:a8:20:23:83:82:
60:c5:66:92:a7:2e:3f:76:19:85:89:62:cb:9a:ef:
cc:01:0b:f5:75:12:66:47:02:99:4d:89:e8:62:33:
d9:6a:dc:2c:c5:59:98:ae:9e:5c:d1:8a:20:6c:4a:
c4:46:db:c8:d6:ac:41:49:0a:e7:b8:f4:c3:f8:3a:
12:2b:e9:73:62:aa:b8:07:aa:68:0d:93:2f:7a:1e:
00:3a:9b:a1:5f:3e:3a:0b:24:e5:9c:5a:d8:30:64:
8e:72:d0:f1:db:7d:2b:03:aa:c8:07:b1:31:1f:a0:
44:60:70:af:20:48:bb:51:e9:aa:2e:1d:20:ac:c9:
fc:67:0c:82:a1:74:9b:a9:21:1c:c6:3c:d2:51:c8:
de:1a:8e:98:7d:04:72:42:a6:72:8c:a3:b1:b1:1a:
fd:ac:79:eb:7b:22:fe:af:21:bf:9b:fb:b6:60:b8:
81:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:41:FD:0B:9E:C4:D1:CD:C3:27:B8:1A:05:F7:56:F7:7E:8F:2F:2B
X509v3 Authority Key Identifier:
keyid:8A:BA:3E:47:D5:1C:5D:2C:9E:F3:43:E5:AF:41:10:1E:43:C5:8A:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE984/28745E4C15EE11EAA2D9E06EC4F9AE02/iro-R9UcXSye80Plr0EQHkPFiog.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iro-R9UcXSye80Plr0EQHkPFiog.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE984/28745E4C15EE11EAA2D9E06EC4F9AE02/C9D1A3E415EE11EA88186D6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.108.0/22
IPv6:
2404:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
b1:a8:1e:ee:79:53:08:f3:4e:9c:47:d3:a1:84:f8:ab:d9:c6:
14:5a:53:50:38:f9:99:67:15:ad:c0:14:7b:47:c1:a8:5d:8f:
3d:fd:cd:75:50:64:53:ba:fd:02:6e:ec:ed:64:d5:e5:5f:c9:
30:a2:3e:57:21:0b:58:fd:62:42:76:f0:96:78:b9:b4:3c:ce:
39:d8:4a:6f:c9:02:b5:38:9c:59:0c:5f:d9:24:8c:a6:b0:1c:
ec:85:97:b7:87:64:40:7b:33:0a:37:fb:3d:6e:26:37:7c:84:
e8:11:f5:ef:0e:2a:fe:e4:7d:43:d3:c3:89:2a:b3:21:3a:27:
d9:f5:6c:b0:3f:d1:ba:e3:19:8b:58:f8:4c:67:65:e1:4b:58:
ef:e6:38:89:5f:ee:32:f8:0f:2b:5a:e4:82:0d:22:98:55:fa:
75:90:68:a7:dc:ee:55:16:e0:6c:6e:e1:a8:d7:74:cc:31:e2:
78:74:60:a7:5d:d5:04:85:ed:c5:5e:c3:67:69:2c:ff:63:57:
c6:22:b6:ac:51:77:35:11:85:85:b5:0c:5d:45:78:97:0f:3b:
55:af:11:89:95:c8:be:e1:3a:2b:0a:d3:89:79:53:e3:d0:c8:
d5:3e:16:48:38:42:ed:91:76:3e:3a:ea:84:c6:8f:2d:91:19:
3e:83:51:6f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU5ODQxMTAvBgNVBAUTKDhBQkEzRTQ3RDUxQzVEMkM5RUYzNDNFNUFGNDExMDFF
NDNDNThBODgwHhcNMjMwMTA4MDkzNjQ4WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2JhOGViMC00NjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt8azGnh8wvYaAhgaucVrWyCcyepcJySVHYv7WVzxW5mH3RT9Mw7KtMTOLfwh
KvETtFRBIogCpzuogM6EG/HVUynScq+iHvZUoBLd3UfCeu2cSCp7qCAjg4JgxWaS
py4/dhmFiWLLmu/MAQv1dRJmRwKZTYnoYjPZatwsxVmYrp5c0YogbErERtvI1qxB
SQrnuPTD+DoSK+lzYqq4B6poDZMveh4AOpuhXz46CyTlnFrYMGSOctDx230rA6rI
B7ExH6BEYHCvIEi7UemqLh0grMn8ZwyCoXSbqSEcxjzSUcjeGo6YfQRyQqZyjKOx
sRr9rHnreyL+ryG/m/u2YLiBrQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFFB/Que
xNHNwye4GgX3Vvd+jy8rMB8GA1UdIwQYMBaAFIq6PkfVHF0snvND5a9BEB5DxYqI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTk4NC8yODc0NUU0QzE1
RUUxMUVBQTJEOUUwNkVDNEY5QUUwMi9pcm8tUjlVY1hTeWU4MFBscjBFUUhrUEZp
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lyby1SOVVjWFN5ZTgwUGxyMEVRSGtQRmlvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU5ODQvMjg3NDVFNEMxNUVFMTFFQUEyRDlFMDZFQzRGOUFFMDIvQzlEMUEzRTQx
NUVFMTFFQTg4MTg2RDZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnh2wwDQQCAAIwBwMFACQEe8AwDQYJKoZIhvcNAQELBQAD
ggEBALGoHu55UwjzTpxH06GE+KvZxhRaU1A4+ZlnFa3AFHtHwahdjz39zXVQZFO6
/QJu7O1k1eVfyTCiPlchC1j9YkJ28JZ4ubQ8zjnYSm/JArU4nFkMX9kkjKawHOyF
l7eHZEB7Mwo3+z1uJjd8hOgR9e8OKv7kfUPTw4kqsyE6J9n1bLA/0brjGYtY+Exn
ZeFLWO/mOIlf7jL4Dyta5IINIphV+nWQaKfc7lUW4Gxu4ajXdMwx4nh0YKdd1QSF
7cVew2dpLP9jV8YitqxRdzURhYW1DF1FeJcPO1WvEYmVyL7hOisK04l5U+PQyNU+
Fkg4Qu2Rdj466oTGjy2RGT6DUW8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-ams.rpki-client.org