Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/B6D370FA2DB611ED80793346C4F9AE02.roa
File: B6D370FA2DB611ED80793346C4F9AE02.roa (raw, json)
Hash identifier: BPv4BCFskzIOhUXTjQGWUvpDwG5U1yvtJLjaI/364z4=
Subject key identifier: 16:13:7D:A6:39:8E:C7:DB:19:B2:79:C6:13:FD:5A:49:65:73:29:60
Certificate issuer: /CN=A91CBDC8/serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E
Certificate serial: 09BE
Authority key identifier: 9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/B6D370FA2DB611ED80793346C4F9AE02.roa
Signing time: Tue 06 Sep 2022 07:37:10 +0000
ROA not before: Tue 06 Sep 2022 07:37:10 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 138024
IP address blocks: 103.195.0.0/22 maxlen: 22
103.195.0.0/23 maxlen: 23
103.195.0.0/24 maxlen: 24
103.195.1.0/24 maxlen: 24
103.195.2.0/23 maxlen: 23
103.195.2.0/24 maxlen: 24
103.195.3.0/24 maxlen: 24
139.5.132.0/22 maxlen: 22
139.5.132.0/23 maxlen: 23
139.5.132.0/24 maxlen: 24
139.5.133.0/24 maxlen: 24
139.5.134.0/23 maxlen: 23
139.5.134.0/24 maxlen: 24
139.5.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2494 (0x9be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CBDC8/serialNumber=9B67C87214ED99654071190BEBCF0B8D9FA1AF4E
Validity
Not Before: Sep 6 07:37:10 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6316f8a5-2669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:11:59:e2:a5:8e:e5:79:44:ef:3f:40:d4:9c:
fe:7b:52:6b:77:68:62:42:06:72:57:3c:a3:bc:8f:
f8:4b:e3:dd:94:21:03:a5:48:50:08:f5:df:5b:a0:
ce:88:14:ea:1a:f9:62:dc:3c:d0:7b:93:52:25:01:
63:e7:cb:43:2a:22:17:6e:df:a5:df:80:df:1e:5e:
dd:ee:ec:ad:1c:d1:9c:26:06:04:5f:a8:5f:76:4e:
98:48:32:33:b6:1a:ca:af:ed:02:47:46:9a:88:6e:
48:79:c1:ff:61:64:a3:a0:8c:1d:e5:4c:4d:bd:09:
6f:06:f8:69:ab:d6:39:dc:ea:f2:d8:ef:05:db:d5:
8d:07:c4:8f:15:9a:f8:cc:ef:5b:dc:ae:2c:0d:2c:
cc:5b:10:11:b0:23:90:b5:66:c2:6f:b5:2d:f4:ee:
03:36:3d:11:3f:ee:2e:27:04:87:cf:0f:a9:34:2a:
4e:5b:51:79:63:df:83:52:fa:25:9a:f7:98:01:7b:
7d:51:09:33:e0:0a:6c:43:71:19:b4:e6:ae:0f:a8:
60:51:8d:5d:cd:04:4a:1d:31:1d:85:62:3e:d9:5a:
2e:41:f5:89:3a:20:23:62:f8:05:5e:0b:02:25:5b:
73:74:73:35:18:5b:65:00:d4:be:f7:6f:5a:03:b1:
5f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:13:7D:A6:39:8E:C7:DB:19:B2:79:C6:13:FD:5A:49:65:73:29:60
X509v3 Authority Key Identifier:
keyid:9B:67:C8:72:14:ED:99:65:40:71:19:0B:EB:CF:0B:8D:9F:A1:AF:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/m2fIchTtmWVAcRkL688LjZ-hr04.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m2fIchTtmWVAcRkL688LjZ-hr04.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CBDC8/669763F018E011EAA0C38E7BC4F9AE02/B6D370FA2DB611ED80793346C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.195.0.0/22
139.5.132.0/22
Signature Algorithm: sha256WithRSAEncryption
17:5f:c0:35:f7:a0:7e:0a:55:e3:a3:6e:cb:db:69:c0:b5:d8:
c8:91:28:01:89:02:ba:e7:69:7b:a1:b9:07:ba:3c:ba:a5:a3:
c6:eb:cb:70:69:30:e0:cc:2d:d1:90:e2:ae:12:24:0e:23:ea:
09:1a:64:0d:d5:88:21:9d:03:4e:e3:63:25:9d:2a:50:9d:80:
de:d2:61:24:bf:41:0a:9e:e5:74:2d:09:2a:2c:ce:4d:60:3c:
ca:15:2c:b9:3a:65:c5:cf:19:9a:81:47:2c:3a:95:b7:d6:9c:
99:72:92:f4:39:8e:b8:d5:7a:09:1c:f2:99:57:c0:f0:fa:4e:
4f:b4:c9:d8:51:96:b6:57:19:6b:e9:64:0c:dd:0d:1a:42:cc:
a9:56:25:4d:70:f2:1f:0e:7b:a5:1f:30:15:92:38:ff:1d:70:
1e:60:53:56:4f:1d:c5:d1:99:87:35:fe:dc:eb:65:53:4e:a9:
0f:4e:37:9d:48:f1:49:fa:64:7b:ef:54:08:4e:cb:e1:c4:83:
d6:b8:39:c8:db:c9:06:6e:da:36:f6:fc:ad:7d:08:cd:03:a0:
b3:e2:48:cd:09:d6:fc:59:56:27:39:40:b2:d2:c5:ac:91:38:
a0:10:67:92:b9:23:0a:93:58:38:f4:d5:38:a2:a3:4e:57:db:
e0:30:2e:04
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCb4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0JEQzgxMTAvBgNVBAUTKDlCNjdDODcyMTRFRDk5NjU0MDcxMTkwQkVCQ0YwQjhE
OUZBMUFGNEUwHhcNMjIwOTA2MDczNzEwWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE2ZjhhNS0yNjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApxFZ4qWO5XlE7z9A1Jz+e1Jrd2hiQgZyVzyjvI/4S+PdlCEDpUhQCPXfW6DO
iBTqGvli3DzQe5NSJQFj58tDKiIXbt+l34DfHl7d7uytHNGcJgYEX6hfdk6YSDIz
thrKr+0CR0aaiG5IecH/YWSjoIwd5UxNvQlvBvhpq9Y53Ory2O8F29WNB8SPFZr4
zO9b3K4sDSzMWxARsCOQtWbCb7Ut9O4DNj0RP+4uJwSHzw+pNCpOW1F5Y9+DUvol
mveYAXt9UQkz4ApsQ3EZtOauD6hgUY1dzQRKHTEdhWI+2VouQfWJOiAjYvgFXgsC
JVtzdHM1GFtlANS+929aA7FfJQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBYTfaY5
jsfbGbJ5xhP9WkllcylgMB8GA1UdIwQYMBaAFJtnyHIU7ZllQHEZC+vPC42foa9O
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQkRDOC82Njk3NjNGMDE4
RTAxMUVBQTBDMzhFN0JDNEY5QUUwMi9tMmZJY2hUdG1XVkFjUmtMNjg4TGpaLWhy
MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL20yZkljaFR0bVdWQWNSa0w2ODhMalotaHIwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0JEQzgvNjY5NzYzRjAxOEUwMTFFQUEwQzM4RTdCQzRGOUFFMDIvQjZEMzcwRkEy
REI2MTFFRDgwNzkzMzQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnwwADBAKLBYQwDQYJKoZIhvcNAQELBQADggEBABdfwDX3
oH4KVeOjbsvbacC12MiRKAGJArrnaXuhuQe6PLqlo8bry3BpMODMLdGQ4q4SJA4j
6gkaZA3ViCGdA07jYyWdKlCdgN7SYSS/QQqe5XQtCSoszk1gPMoVLLk6ZcXPGZqB
Ryw6lbfWnJlykvQ5jrjVegkc8plXwPD6Tk+0ydhRlrZXGWvpZAzdDRpCzKlWJU1w
8h8Oe6UfMBWSOP8dcB5gU1ZPHcXRmYc1/tzrZVNOqQ9ON51I8Un6ZHvvVAhOy+HE
g9a4OcjbyQZu2jb2/K19CM0DoLPiSM0J1vxZVic5QLLSxayROKAQZ5K5IwqTWDj0
1Tiio05X2+AwLgQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org