Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C309F/1DB483A469DC11EB9E16091AC4F9AE02/9471EF1C69DD11EB86A6751BC4F9AE02.roa
File: 9471EF1C69DD11EB86A6751BC4F9AE02.roa (raw, json)
Hash identifier: 5bV7vaeULZVp4zsMhC/lVBGAw/6VcAUqIZshmeSAwM4=
Subject key identifier: 41:88:7F:9B:59:BE:36:2F:A8:4F:19:9F:95:9B:5D:05:A5:02:B5:F6
Certificate issuer: /CN=A91C309F/serialNumber=EC79D17A60ED570EC67B5116162B608B60B9CD41
Certificate serial: 0376
Authority key identifier: EC:79:D1:7A:60:ED:57:0E:C6:7B:51:16:16:2B:60:8B:60:B9:CD:41
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7HnRemDtVw7Ge1EWFitgi2C5zUE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C309F/1DB483A469DC11EB9E16091AC4F9AE02/9471EF1C69DD11EB86A6751BC4F9AE02.roa
Signing time: Thu 28 Apr 2022 01:20:56 +0000
ROA not before: Thu 28 Apr 2022 01:20:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138909
IP address blocks: 103.137.0.0/23 maxlen: 23
103.137.0.0/24 maxlen: 24
103.137.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 886 (0x376)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C309F/serialNumber=EC79D17A60ED570EC67B5116162B608B60B9CD41
Validity
Not Before: Apr 28 01:20:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6269ebf7-32a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ca:87:96:a6:0c:7f:04:61:f0:8d:fd:48:fd:
a5:11:00:39:41:33:23:dc:86:c9:4d:2a:8a:94:f3:
35:ee:15:76:ae:d1:f5:36:96:e7:e6:97:ad:92:c3:
24:ca:d8:aa:62:24:16:5d:cb:35:b0:f5:3a:78:e4:
71:44:97:fd:00:72:80:52:9c:7a:c5:9f:d4:1e:77:
6e:b1:1e:a0:4f:c2:5d:81:77:2b:2c:82:e5:c2:76:
d3:5c:79:93:93:dd:b4:a1:26:49:b0:07:94:90:f7:
80:8a:32:95:65:26:26:dc:59:cc:e9:61:6d:1b:7c:
5e:f9:59:5c:41:79:b8:8c:7e:b4:97:a5:e1:54:f8:
2d:39:ab:bd:af:b2:01:4d:83:a9:7d:65:55:5e:aa:
0c:b0:21:c6:43:62:f8:b8:8b:ce:91:94:ea:5b:64:
da:5f:02:35:f5:06:de:62:11:7d:01:46:5c:93:61:
a0:09:f6:05:ad:38:d5:b1:52:ad:9f:1b:54:0b:2b:
28:45:b5:0b:4f:cc:39:08:dd:4a:e9:b8:d4:cd:a7:
1c:a8:e5:c0:3c:37:7d:97:ac:47:2c:63:56:fa:85:
bd:b5:68:ef:1a:c8:67:fe:85:c6:3c:80:bf:08:01:
a1:80:34:db:dd:96:b2:40:30:e1:d6:36:54:74:96:
f0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:88:7F:9B:59:BE:36:2F:A8:4F:19:9F:95:9B:5D:05:A5:02:B5:F6
X509v3 Authority Key Identifier:
keyid:EC:79:D1:7A:60:ED:57:0E:C6:7B:51:16:16:2B:60:8B:60:B9:CD:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C309F/1DB483A469DC11EB9E16091AC4F9AE02/7HnRemDtVw7Ge1EWFitgi2C5zUE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7HnRemDtVw7Ge1EWFitgi2C5zUE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C309F/1DB483A469DC11EB9E16091AC4F9AE02/9471EF1C69DD11EB86A6751BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.0.0/23
Signature Algorithm: sha256WithRSAEncryption
63:9e:9d:d3:11:f0:0e:b2:3c:e5:44:15:af:e4:41:1b:b0:42:
d3:77:3e:6a:31:74:ab:cd:4f:30:a4:fc:24:84:1a:0b:57:98:
8b:6c:2d:b8:69:e4:9a:a4:2f:f0:4e:31:18:64:ce:44:7e:d5:
03:04:4a:b5:7c:aa:3e:49:8f:84:c5:75:6b:e7:7f:30:f8:af:
e9:87:f3:39:dc:07:11:63:69:b8:40:ea:01:7b:fa:91:f2:56:
9a:c1:c4:49:88:69:86:3c:d0:08:d2:0b:86:ea:06:44:50:b3:
53:86:18:12:45:66:e3:71:68:06:e9:23:94:bc:1e:13:8b:62:
4c:0a:eb:4a:a2:29:92:6c:84:72:4d:23:ea:27:c4:3b:d2:5c:
de:fa:86:ba:29:2b:39:fa:e3:61:94:e2:54:97:e5:2c:85:d0:
f6:7d:6b:65:c0:41:5c:19:63:a5:67:c4:b4:ac:28:09:c2:21:
83:01:09:2e:bb:d6:22:9b:e2:dd:ca:e5:72:7e:41:0e:ab:9b:
96:5a:b6:ff:fc:6b:3b:cd:74:4d:dd:50:66:99:e3:01:f0:3b:
9d:76:0a:eb:4d:72:05:89:92:7d:39:be:a6:e0:d2:92:6d:fd:
df:df:04:59:0b:25:04:38:43:a1:d0:ed:5b:7b:ea:1b:c9:ac:
6e:0c:11:2b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzMwOUYxMTAvBgNVBAUTKEVDNzlEMTdBNjBFRDU3MEVDNjdCNTExNjE2MkI2MDhC
NjBCOUNENDEwHhcNMjIwNDI4MDEyMDU2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY5ZWJmNy0zMmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvcqHlqYMfwRh8I39SP2lEQA5QTMj3IbJTSqKlPM17hV2rtH1Npbn5petksMk
ytiqYiQWXcs1sPU6eORxRJf9AHKAUpx6xZ/UHndusR6gT8JdgXcrLILlwnbTXHmT
k920oSZJsAeUkPeAijKVZSYm3FnM6WFtG3xe+VlcQXm4jH60l6XhVPgtOau9r7IB
TYOpfWVVXqoMsCHGQ2L4uIvOkZTqW2TaXwI19QbeYhF9AUZck2GgCfYFrTjVsVKt
nxtUCysoRbULT8w5CN1K6bjUzaccqOXAPDd9l6xHLGNW+oW9tWjvGshn/oXGPIC/
CAGhgDTb3ZayQDDh1jZUdJbwBQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEGIf5tZ
vjYvqE8Zn5WbXQWlArX2MB8GA1UdIwQYMBaAFOx50Xpg7VcOxntRFhYrYItguc1B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzA5Ri8xREI0ODNBNDY5
REMxMUVCOUUxNjA5MUFDNEY5QUUwMi83SG5SZW1EdFZ3N0dlMUVXRml0Z2kyQzV6
VUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdIblJlbUR0Vnc3R2UxRVdGaXRnaTJDNXpVRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzMwOUYvMURCNDgzQTQ2OURDMTFFQjlFMTYwOTFBQzRGOUFFMDIvOTQ3MUVGMUM2
OUREMTFFQjg2QTY3NTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFniQAwDQYJKoZIhvcNAQELBQADggEBAGOendMR8A6yPOVE
Fa/kQRuwQtN3PmoxdKvNTzCk/CSEGgtXmItsLbhp5JqkL/BOMRhkzkR+1QMESrV8
qj5Jj4TFdWvnfzD4r+mH8zncBxFjabhA6gF7+pHyVprBxEmIaYY80AjSC4bqBkRQ
s1OGGBJFZuNxaAbpI5S8HhOLYkwK60qiKZJshHJNI+onxDvSXN76hropKzn642GU
4lSX5SyF0PZ9a2XAQVwZY6VnxLSsKAnCIYMBCS671iKb4t3K5XJ+QQ6rm5Zatv/8
azvNdE3dUGaZ4wHwO512CutNcgWJkn05vqbg0pJt/d/fBFkLJQQ4Q6HQ7Vt76hvJ
rG4MESs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:04 2023 by rpki-client on console-ams.rpki-client.org