Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/9DA1CE483A7B11ED9E511E2DC4F9AE02.roa
File: 9DA1CE483A7B11ED9E511E2DC4F9AE02.roa (raw, json)
Hash identifier: WY4zJAhz+OgBHXPk2K6C4jmaWFI1o19EBMzlXsZcVWA=
Subject key identifier: 59:29:C6:C1:27:A7:9D:24:DB:91:84:82:AE:6A:16:11:F8:3A:8A:E0
Certificate issuer: /CN=A91B5073/serialNumber=17817CB8289231B4707E9D5B406D58AFF79D1E01
Certificate serial: 0699
Authority key identifier: 17:81:7C:B8:28:92:31:B4:70:7E:9D:5B:40:6D:58:AF:F7:9D:1E:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/9DA1CE483A7B11ED9E511E2DC4F9AE02.roa
Signing time: Thu 22 Sep 2022 13:36:53 +0000
ROA not before: Thu 22 Sep 2022 13:36:53 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 138619
IP address blocks: 103.134.200.0/24 maxlen: 24
103.134.201.0/24 maxlen: 24
2404:6ac0::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1689 (0x699)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5073/serialNumber=17817CB8289231B4707E9D5B406D58AFF79D1E01
Validity
Not Before: Sep 22 13:36:53 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=632c64f4-362b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1e:37:ec:01:72:c7:11:b1:67:68:48:7a:6d:
cb:d4:6c:2c:70:1a:4f:42:7d:06:00:7b:ae:f5:0e:
24:f3:f0:f4:5b:75:71:5a:2d:f8:3f:49:b8:ce:66:
68:ea:6f:b5:88:07:aa:59:33:72:4f:00:2c:3c:f0:
77:1c:99:96:8c:79:00:fb:c3:13:57:31:48:e8:07:
84:f0:67:90:31:71:8e:1c:11:fd:6a:42:83:0d:6d:
7f:1e:d7:0f:62:e0:af:0f:c9:80:0b:f2:f7:44:68:
0a:32:4a:f4:1c:3f:34:ab:43:ed:1d:d1:b7:f1:d0:
63:a1:2f:b2:15:19:24:2d:91:a3:db:67:5e:8f:81:
eb:38:fc:50:ad:d4:da:a7:fd:36:0d:d8:cf:f1:21:
c3:5a:74:4a:47:47:5a:07:7a:38:0a:72:a8:fa:ac:
de:34:4b:a0:93:b5:ba:a4:04:d5:d7:e5:70:91:1d:
b6:a0:f4:1d:0f:7e:ed:46:c9:60:b1:63:2b:ee:4f:
09:8f:2c:69:3d:c3:06:c1:c5:2f:24:71:1f:38:5d:
50:b6:a5:f2:fc:f4:8f:b8:f0:d9:6b:10:ee:53:69:
96:ad:64:1d:b4:f4:86:ca:14:98:c4:72:e3:29:ee:
21:24:49:db:96:eb:94:13:d4:5f:c3:19:80:a2:22:
2a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:29:C6:C1:27:A7:9D:24:DB:91:84:82:AE:6A:16:11:F8:3A:8A:E0
X509v3 Authority Key Identifier:
keyid:17:81:7C:B8:28:92:31:B4:70:7E:9D:5B:40:6D:58:AF:F7:9D:1E:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/F4F8uCiSMbRwfp1bQG1Yr_edHgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/9DA1CE483A7B11ED9E511E2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.200.0/23
IPv6:
2404:6ac0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:9a:67:09:9f:45:9e:dd:e0:fe:23:fb:28:a3:1f:1c:90:7e:
35:41:84:87:1a:d9:f8:f5:14:72:0c:f0:cd:71:23:af:37:75:
d7:8f:ef:11:78:24:72:38:56:b2:1a:99:7b:42:34:ba:79:f5:
8a:77:a0:0a:a0:9b:e6:f2:20:e8:88:7f:be:fb:b5:f6:3b:d3:
d5:88:21:5b:bb:e1:60:40:d6:45:a2:91:4f:6b:0b:c6:4f:65:
9c:2f:ca:de:f6:00:19:ab:2d:3a:0b:39:0c:ec:08:dc:16:09:
01:b0:24:6a:ae:b1:68:59:50:f5:79:24:ab:cc:5f:e0:f9:11:
78:ce:e6:ca:ad:d0:a1:78:5c:cc:38:80:16:49:13:16:cc:1d:
5a:3b:9b:0e:e6:1e:9d:3b:58:f6:17:c9:16:d5:7d:9a:8b:96:
4c:29:97:8a:4a:8b:f9:0d:d5:97:ae:3f:19:b3:0b:b8:45:4d:
a1:fe:09:d1:4d:04:5d:76:70:01:34:40:78:3c:f7:00:bb:63:
64:90:41:fa:1b:ec:08:c2:a3:96:12:67:22:59:46:d9:44:48:
8c:55:5d:45:24:66:e7:6c:63:06:71:4c:e3:55:fc:0d:5b:e1:
fd:98:d7:e5:f6:94:81:e3:16:22:ae:2f:06:1f:b6:6c:fe:7c:
08:d2:59:6e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBpkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjUwNzMxMTAvBgNVBAUTKDE3ODE3Q0I4Mjg5MjMxQjQ3MDdFOUQ1QjQwNkQ1OEFG
Rjc5RDFFMDEwHhcNMjIwOTIyMTMzNjUzWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJjNjRmNC0zNjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzh437AFyxxGxZ2hIem3L1GwscBpPQn0GAHuu9Q4k8/D0W3VxWi34P0m4zmZo
6m+1iAeqWTNyTwAsPPB3HJmWjHkA+8MTVzFI6AeE8GeQMXGOHBH9akKDDW1/HtcP
YuCvD8mAC/L3RGgKMkr0HD80q0PtHdG38dBjoS+yFRkkLZGj22dej4HrOPxQrdTa
p/02DdjP8SHDWnRKR0daB3o4CnKo+qzeNEugk7W6pATV1+VwkR22oPQdD37tRslg
sWMr7k8JjyxpPcMGwcUvJHEfOF1QtqXy/PSPuPDZaxDuU2mWrWQdtPSGyhSYxHLj
Ke4hJEnbluuUE9RfwxmAoiIqQwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFkpxsEn
p50k25GEgq5qFhH4OorgMB8GA1UdIwQYMBaAFBeBfLgokjG0cH6dW0BtWK/3nR4B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTA3My80M0YxNjI2NDMz
OTUxMUU5QkZCMUMyMUFDNEY5QUUwMi9GNEY4dUNpU01iUndmcDFiUUcxWXJfZWRI
Z0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Y0Rjh1Q2lTTWJSd2ZwMWJRRzFZcl9lZEhnRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjUwNzMvNDNGMTYyNjQzMzk1MTFFOUJGQjFDMjFBQzRGOUFFMDIvOURBMUNFNDgz
QTdCMTFFRDlFNTExRTJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnhsgwDQQCAAIwBwMFACQEasAwDQYJKoZIhvcNAQELBQAD
ggEBAKSaZwmfRZ7d4P4j+yijHxyQfjVBhIca2fj1FHIM8M1xI683ddeP7xF4JHI4
VrIamXtCNLp59Yp3oAqgm+byIOiIf777tfY709WIIVu74WBA1kWikU9rC8ZPZZwv
yt72ABmrLToLOQzsCNwWCQGwJGqusWhZUPV5JKvMX+D5EXjO5sqt0KF4XMw4gBZJ
ExbMHVo7mw7mHp07WPYXyRbVfZqLlkwpl4pKi/kN1ZeuPxmzC7hFTaH+CdFNBF12
cAE0QHg89wC7Y2SQQfob7AjCo5YSZyJZRtlESIxVXUUkZudsYwZxTONV/A1b4f2Y
1+X2lIHjFiKuLwYftmz+fAjSWW4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org