Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D56CA/914E53F6C0D111E78D1EF82BC4F9AE02/9F671B5CC0D211E78AD1112CC4F9AE02.roa
File: 9F671B5CC0D211E78AD1112CC4F9AE02.roa (raw, json)
Hash identifier: klG9CYNpzCvhu1XIIRpzv7fN3k5M73lLID5ZKbE23+I=
Subject key identifier: 32:55:31:0C:E1:7D:6E:3A:46:B9:E8:FF:47:A4:B3:74:61:CF:0A:CF
Certificate issuer: /CN=A91D56CA/serialNumber=675A8676ED37D16ABBCA2FEF8EAA1F23F257B29F
Certificate serial: 1379
Authority key identifier: 67:5A:86:76:ED:37:D1:6A:BB:CA:2F:EF:8E:AA:1F:23:F2:57:B2:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z1qGdu030Wq7yi_vjqofI_JXsp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D56CA/914E53F6C0D111E78D1EF82BC4F9AE02/9F671B5CC0D211E78AD1112CC4F9AE02.roa
Signing time: Fri 26 Nov 2021 05:53:36 +0000
ROA not before: Fri 26 Nov 2021 05:53:36 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 135628
IP address blocks: 103.77.16.0/22 maxlen: 24
203.153.60.0/23 maxlen: 23
203.153.60.0/24 maxlen: 24
203.153.61.0/24 maxlen: 24
203.153.62.0/24 maxlen: 24
203.153.63.0/24 maxlen: 24
2407:8780::/32 maxlen: 32
2407:8780::/48 maxlen: 48
2407:8780:1::/48 maxlen: 48
2407:8780:2::/48 maxlen: 48
2407:8780:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4985 (0x1379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D56CA/serialNumber=675A8676ED37D16ABBCA2FEF8EAA1F23F257B29F
Validity
Not Before: Nov 26 05:53:36 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61a0765f-7d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3d:0c:a8:03:4c:74:b6:ec:06:5b:cf:18:74:
2c:e3:fa:12:a2:42:69:56:3a:3d:1f:6a:5e:fd:c1:
0f:3a:a6:df:cd:03:80:ab:31:14:ff:8d:9a:6f:d2:
22:12:b9:39:a5:4c:d3:30:74:1c:15:87:e5:f7:8e:
5e:87:4a:75:65:11:69:95:77:f4:30:ef:01:d3:cb:
be:8e:7e:f2:50:a7:5f:5f:e2:c3:6c:c3:e1:29:67:
d0:c8:03:1f:bf:ea:57:62:bd:99:56:1d:58:73:df:
6e:88:9f:61:18:40:f5:6c:a1:e3:f7:9d:8d:e7:d6:
46:8a:97:e3:69:06:77:22:0c:ea:ab:7a:03:bd:8f:
db:33:0b:5c:d2:17:10:65:b8:30:2f:d5:67:3d:66:
bf:6e:3f:45:4a:33:73:98:2b:46:d4:9e:d1:cb:a6:
10:77:26:05:c4:83:4b:3e:30:7d:1d:39:7d:ad:72:
33:19:41:21:67:f4:a7:4b:35:e9:a6:c6:4c:ae:50:
02:4c:9c:c7:25:93:36:6b:6d:b9:cc:7c:24:10:d0:
80:8b:66:a0:4e:c7:9c:93:b9:fc:73:5c:da:9b:9f:
c2:ad:b0:b9:ec:73:05:b0:74:6e:4d:9b:61:0a:0b:
fd:0b:f1:a7:69:08:82:e2:5d:25:e5:71:5e:94:ac:
b1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:55:31:0C:E1:7D:6E:3A:46:B9:E8:FF:47:A4:B3:74:61:CF:0A:CF
X509v3 Authority Key Identifier:
keyid:67:5A:86:76:ED:37:D1:6A:BB:CA:2F:EF:8E:AA:1F:23:F2:57:B2:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D56CA/914E53F6C0D111E78D1EF82BC4F9AE02/Z1qGdu030Wq7yi_vjqofI_JXsp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z1qGdu030Wq7yi_vjqofI_JXsp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D56CA/914E53F6C0D111E78D1EF82BC4F9AE02/9F671B5CC0D211E78AD1112CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.16.0/22
203.153.60.0/22
IPv6:
2407:8780::/32
Signature Algorithm: sha256WithRSAEncryption
28:96:b2:b0:6d:89:14:95:0f:a6:3f:2b:98:16:f4:f9:66:a5:
7e:a1:6a:8d:5c:7f:8c:d8:7d:11:73:97:f1:72:5f:82:0e:28:
76:7c:56:57:c3:80:a8:ad:a9:a6:b8:95:c5:f3:70:54:e0:c7:
70:40:6d:db:02:cb:ae:5b:c9:f0:c8:a7:67:e1:2e:da:a9:6b:
48:0c:55:ca:57:07:69:e5:84:86:9f:d4:27:53:13:fa:87:2b:
ae:5f:c0:af:14:5d:bc:2c:d5:72:1a:97:1d:7a:75:a5:ff:75:
e5:bf:6b:45:7e:58:a4:f5:98:03:01:77:14:83:4e:f9:f6:6a:
9b:d5:f3:83:b0:12:d2:38:13:ad:3c:1d:7e:cb:12:51:d0:46:
68:0e:21:dd:55:73:b2:0d:62:bf:9e:a5:12:e1:5c:be:05:32:
5a:c4:08:cf:96:0f:21:02:18:83:f5:e5:02:d4:c8:62:96:68:
e6:be:e1:af:7e:25:d4:bc:e9:b1:9f:f0:03:f8:26:00:ab:a0:
a7:41:c1:3d:6f:94:11:d6:ea:22:5c:06:70:69:62:f2:cf:82:
97:1c:2c:65:3c:be:4d:6d:bd:2c:1d:d5:45:00:40:1b:7d:e5:
61:45:65:d4:8c:ef:40:51:98:93:d0:15:10:e0:46:c3:dc:72:
5e:a5:44:12
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICE3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDU2Q0ExMTAvBgNVBAUTKDY3NUE4Njc2RUQzN0QxNkFCQkNBMkZFRjhFQUExRjIz
RjI1N0IyOUYwHhcNMjExMTI2MDU1MzM2WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWEwNzY1Zi03ZDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2z0MqANMdLbsBlvPGHQs4/oSokJpVjo9H2pe/cEPOqbfzQOAqzEU/42ab9Ii
Erk5pUzTMHQcFYfl945eh0p1ZRFplXf0MO8B08u+jn7yUKdfX+LDbMPhKWfQyAMf
v+pXYr2ZVh1Yc99uiJ9hGED1bKHj952N59ZGipfjaQZ3Igzqq3oDvY/bMwtc0hcQ
ZbgwL9VnPWa/bj9FSjNzmCtG1J7Ry6YQdyYFxINLPjB9HTl9rXIzGUEhZ/SnSzXp
psZMrlACTJzHJZM2a225zHwkENCAi2agTseck7n8c1zam5/CrbC57HMFsHRuTZth
Cgv9C/GnaQiC4l0l5XFelKyxTQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDJVMQzh
fW46Rrno/0eks3RhzwrPMB8GA1UdIwQYMBaAFGdahnbtN9Fqu8ov746qHyPyV7Kf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTZDQS85MTRFNTNGNkMw
RDExMUU3OEQxRUY4MkJDNEY5QUUwMi9aMXFHZHUwMzBXcTd5aV92anFvZklfSlhz
cDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1oxcUdkdTAzMFdxN3lpX3ZqcW9mSV9KWHNwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDU2Q0EvOTE0RTUzRjZDMEQxMTFFNzhEMUVGODJCQzRGOUFFMDIvOUY2NzFCNUND
MEQyMTFFNzhBRDExMTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnTRADBALLmTwwDQQCAAIwBwMFACQHh4AwDQYJKoZIhvcN
AQELBQADggEBACiWsrBtiRSVD6Y/K5gW9PlmpX6hao1cf4zYfRFzl/FyX4IOKHZ8
VlfDgKitqaa4lcXzcFTgx3BAbdsCy65byfDIp2fhLtqpa0gMVcpXB2nlhIaf1CdT
E/qHK65fwK8UXbws1XIalx16daX/deW/a0V+WKT1mAMBdxSDTvn2apvV84OwEtI4
E608HX7LElHQRmgOId1Vc7INYr+epRLhXL4FMlrECM+WDyECGIP15QLUyGKWaOa+
4a9+JdS86bGf8AP4JgCroKdBwT1vlBHW6iJcBnBpYvLPgpccLGU8vk1tvSwd1UUA
QBt95WFFZdSM70BRmJPQFRDgRsPccl6lRBI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org