Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/D5575B5292B911EBBC5B077DC4F9AE02.roa
File: D5575B5292B911EBBC5B077DC4F9AE02.roa (raw, json)
Hash identifier: pDsl2HBuVsk4FldvY7jNoVB1Vl+ETFSLzcJXTb1n2og=
Subject key identifier: C8:1B:44:FA:91:8E:CB:2D:BE:D6:78:24:BD:C3:37:2A:7A:99:E3:2C
Certificate issuer: /CN=A91C6BF0/serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF
Certificate serial: 07EF
Authority key identifier: D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/D5575B5292B911EBBC5B077DC4F9AE02.roa
Signing time: Thu 22 Apr 2021 07:14:02 +0000
ROA not before: Thu 22 Apr 2021 07:14:02 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 63526
IP address blocks: 103.134.24.0/22 maxlen: 22
103.134.24.0/23 maxlen: 23
103.134.24.0/24 maxlen: 24
103.134.25.0/24 maxlen: 24
103.134.26.0/23 maxlen: 23
103.134.26.0/24 maxlen: 24
103.134.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2031 (0x7ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6BF0/serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF
Validity
Not Before: Apr 22 07:14:02 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=6081223a-b1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b3:43:81:c9:36:60:e8:c8:db:2f:0c:99:6c:
bb:92:93:b1:5f:e8:92:f0:cf:58:0b:e4:fa:c4:1a:
5f:d3:50:42:45:42:8a:aa:8b:bc:4d:a9:c9:90:63:
e1:b2:1a:26:03:91:10:53:c5:9f:5d:e8:a4:ac:29:
e8:45:58:3d:4e:52:90:ed:0d:7f:bb:9d:c2:76:58:
7c:99:10:b9:9e:5c:9e:16:23:bb:cd:12:03:c4:5e:
62:7e:4a:1c:0c:09:b0:0a:2a:c3:b7:ff:02:b2:e0:
c7:e5:4a:d2:86:45:77:90:00:6c:b4:2c:98:7b:5a:
7a:c1:8c:74:4a:31:49:84:03:e5:88:4a:b1:03:45:
53:d5:f8:3d:5d:31:be:d4:a8:64:7e:58:84:bf:bb:
e6:97:7b:86:ed:a9:49:7c:eb:f0:97:aa:35:f0:91:
04:15:c6:79:2c:eb:d9:f1:62:11:42:22:f1:62:f7:
8a:11:aa:29:b7:4b:89:3c:68:77:3b:23:07:2a:04:
4d:11:a0:cc:b9:30:bf:5e:a8:c8:b2:95:d3:8d:75:
fd:05:7c:2c:c6:da:ab:27:c5:82:b8:b6:09:b5:d9:
30:d4:16:5e:65:64:67:6b:a0:59:8e:7f:83:8a:89:
44:e3:71:5a:cd:95:f6:68:3f:9a:a8:9b:99:41:89:
f2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:1B:44:FA:91:8E:CB:2D:BE:D6:78:24:BD:C3:37:2A:7A:99:E3:2C
X509v3 Authority Key Identifier:
keyid:D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/D5575B5292B911EBBC5B077DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.24.0/22
Signature Algorithm: sha256WithRSAEncryption
55:46:4a:41:e2:cb:29:75:e3:8e:67:24:3a:dd:5e:47:6c:ae:
ab:41:68:fd:ff:5c:19:be:a1:56:e4:96:77:d6:48:4d:42:13:
ad:90:79:f5:7a:a9:93:55:40:4d:5f:d6:48:c6:a6:09:57:0e:
6a:d7:19:34:90:49:fe:27:05:37:26:eb:a9:4f:ee:b2:10:08:
ba:2e:6a:01:87:a5:2a:05:c1:93:96:d7:2c:f9:dd:37:61:7d:
62:4a:2e:3e:b3:bb:58:8a:40:62:31:6c:37:ce:77:e6:a4:73:
5d:6c:29:dc:d7:b5:da:75:64:b9:9e:8b:49:28:58:a1:bc:f1:
fe:f5:a4:11:14:9d:93:6f:a5:ab:44:af:3a:38:ff:90:9b:32:
98:9f:a3:22:f2:b7:fc:72:89:bc:97:0a:4d:7d:d2:7b:cc:b8:
e4:b9:ef:d9:cc:39:ef:b1:22:fb:7d:e1:bc:c4:4e:7e:7f:ee:
ed:07:ee:3f:3a:de:e3:d5:18:44:e2:83:66:48:5e:46:05:72:
95:27:a3:3e:4b:42:93:94:00:03:30:43:2c:62:f8:df:70:da:
55:d7:c4:ac:fd:14:45:99:da:9e:f0:83:9f:68:06:09:5a:3d:
d7:fd:78:03:dc:86:13:df:8d:84:a3:81:11:5f:d3:04:f8:47:
3d:1a:35:59
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCRjAxMTAvBgNVBAUTKEQ5ODQ1QzE5RUFBRTkwOTIyODcyQTBDQUZEMDUxRjE2
NjE0Rjg0QUYwHhcNMjEwNDIyMDcxNDAyWhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDgxMjIzYS1iMWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxbNDgck2YOjI2y8MmWy7kpOxX+iS8M9YC+T6xBpf01BCRUKKqou8TanJkGPh
shomA5EQU8WfXeikrCnoRVg9TlKQ7Q1/u53Cdlh8mRC5nlyeFiO7zRIDxF5ifkoc
DAmwCirDt/8CsuDH5UrShkV3kABstCyYe1p6wYx0SjFJhAPliEqxA0VT1fg9XTG+
1KhkfliEv7vml3uG7alJfOvwl6o18JEEFcZ5LOvZ8WIRQiLxYveKEaopt0uJPGh3
OyMHKgRNEaDMuTC/XqjIspXTjXX9BXwsxtqrJ8WCuLYJtdkw1BZeZWRna6BZjn+D
iolE43FazZX2aD+aqJuZQYnyAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMgbRPqR
jsstvtZ4JL3DNyp6meMsMB8GA1UdIwQYMBaAFNmEXBnqrpCSKHKgyv0FHxZhT4Sv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkJGMC8xNDkxOTc0QUFF
QkIxMUU5OEEzOTBCNTlDNEY5QUUwMi8yWVJjR2VxdWtKSW9jcURLX1FVZkZtRlBo
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJZUmNHZXF1a0pJb2NxREtfUVVmRm1GUGhLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZCRjAvMTQ5MTk3NEFBRUJCMTFFOThBMzkwQjU5QzRGOUFFMDIvRDU1NzVCNTI5
MkI5MTFFQkJDNUIwNzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhhgwDQYJKoZIhvcNAQELBQADggEBAFVGSkHiyyl1445n
JDrdXkdsrqtBaP3/XBm+oVbklnfWSE1CE62QefV6qZNVQE1f1kjGpglXDmrXGTSQ
Sf4nBTcm66lP7rIQCLouagGHpSoFwZOW1yz53TdhfWJKLj6zu1iKQGIxbDfOd+ak
c11sKdzXtdp1ZLmei0koWKG88f71pBEUnZNvpatErzo4/5CbMpifoyLyt/xyibyX
Ck190nvMuOS579nMOe+xIvt94bzETn5/7u0H7j863uPVGETig2ZIXkYFcpUnoz5L
QpOUAAMwQyxi+N9w2lXXxKz9FEWZ2p7wg59oBglaPdf9eAPchhPfjYSjgRFf0wT4
Rz0aNVk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org