Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/420A9D98B18D11EC886B063CC4F9AE02.roa
File: 420A9D98B18D11EC886B063CC4F9AE02.roa (raw, json)
Hash identifier: BpQxPxnfAZu8Gq+kGHtw0waEDaxpgMhR5K0y1rP8ttQ=
Subject key identifier: FB:FF:1B:98:94:41:AF:96:06:EE:A2:04:EF:82:D4:51:6A:AB:CA:E7
Certificate issuer: /CN=A91C6BF0/serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF
Certificate serial: 0C7C
Authority key identifier: D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/420A9D98B18D11EC886B063CC4F9AE02.roa
Signing time: Fri 31 Mar 2023 19:26:30 +0000
ROA not before: Fri 31 Mar 2023 19:26:30 +0000
ROA not after: Tue 01 Aug 2023 00:00:00 +0000
asID: 63526
IP address blocks: 103.134.24.0/22 maxlen: 22
103.134.24.0/23 maxlen: 23
103.134.24.0/24 maxlen: 24
103.134.25.0/24 maxlen: 24
103.134.26.0/23 maxlen: 23
103.134.26.0/24 maxlen: 24
103.134.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3196 (0xc7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6BF0/serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF
Validity
Not Before: Mar 31 19:26:30 2023 GMT
Not After : Aug 1 00:00:00 2023 GMT
Subject: CN=642733e6-8289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:35:d6:d9:7b:ed:9a:15:16:91:5b:0a:17:80:
d1:73:2a:51:d7:37:1d:12:ad:94:43:2d:3e:60:ec:
57:46:39:04:3f:2e:7c:ba:a8:5a:f8:16:0c:1f:b2:
cc:39:f3:c9:2f:e8:8b:eb:22:9b:79:c9:8e:b5:38:
5c:46:40:46:3a:97:44:57:8a:31:ff:5b:00:6f:58:
b7:dd:76:7e:3c:3e:ce:7d:ae:bf:2e:9c:87:68:db:
ca:f1:e4:9c:fd:39:fd:e0:f8:c8:49:48:70:40:8a:
4f:59:d8:e7:56:67:81:d5:26:56:eb:31:e9:0a:52:
b5:34:90:2b:11:c4:7f:ff:30:e2:22:bb:ea:94:c3:
0e:9a:74:8b:6d:b8:bc:b6:1e:ca:9f:aa:c7:d0:13:
3e:22:de:28:4d:5f:d9:6c:18:21:f1:39:dc:ca:47:
53:b8:51:11:19:48:e8:ce:6d:5d:b9:ac:07:16:6b:
f7:95:47:99:0e:fd:82:60:1d:90:aa:76:e2:b5:14:
e4:05:b6:e0:7e:4f:9f:02:ab:70:fb:94:1d:d4:47:
3b:ce:4a:da:71:61:ce:a3:ec:84:9c:b4:3a:5e:8c:
13:0f:12:ef:0b:de:d3:90:0b:b2:24:e5:66:9e:73:
e2:3c:08:30:6d:73:3a:7f:b2:fc:cd:52:d6:a1:3b:
46:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FF:1B:98:94:41:AF:96:06:EE:A2:04:EF:82:D4:51:6A:AB:CA:E7
X509v3 Authority Key Identifier:
keyid:D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/420A9D98B18D11EC886B063CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.24.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:06:03:60:cd:dc:ce:22:5a:77:9d:d2:d0:f4:05:ee:67:bc:
e6:98:b6:3f:b0:4b:d4:e3:b8:66:2d:a3:32:6d:f9:fc:d9:3f:
2c:89:16:cb:a2:6f:79:9b:91:83:c7:1c:0a:5e:ea:ba:54:25:
ae:5f:ff:a9:4d:39:88:b9:2e:5c:44:29:11:c0:61:cd:d8:99:
b3:3e:92:df:d9:95:ef:0a:cc:d5:c8:96:1a:c3:22:08:6f:ad:
e9:cb:cf:3e:65:5c:dc:cd:74:e7:ad:20:cd:b8:0c:76:5f:79:
59:cc:83:a5:ad:f2:91:5d:c2:59:8a:87:e4:70:15:34:06:3e:
b9:5b:c8:7d:74:f3:bd:53:d2:bb:41:d0:91:01:a8:58:c7:47:
6a:53:b7:09:7b:e2:12:c5:1a:11:7a:a0:9b:3a:5d:b7:0d:fe:
4f:33:60:6c:58:0f:b2:49:5f:60:ff:03:31:b3:58:b0:52:e9:
e1:2e:17:00:42:16:ed:f7:d9:79:76:c8:b4:6d:dd:91:92:30:
27:9f:f8:26:10:2a:09:4d:e8:b8:cb:d3:af:63:a3:dd:b7:c8:
fe:f9:96:a4:f1:54:85:09:6c:b2:e0:46:bf:c1:74:f1:da:82:
e8:d4:37:18:58:d4:34:bf:9e:66:dd:ce:60:b2:9d:2a:e1:fd:
da:1f:d6:28
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzZCRjAxMTAvBgNVBAUTKEQ5ODQ1QzE5RUFBRTkwOTIyODcyQTBDQUZEMDUxRjE2
NjE0Rjg0QUYwHhcNMjMwMzMxMTkyNjMwWhcNMjMwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI3MzNlNi04Mjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnjXW2XvtmhUWkVsKF4DRcypR1zcdEq2UQy0+YOxXRjkEPy58uqha+BYMH7LM
OfPJL+iL6yKbecmOtThcRkBGOpdEV4ox/1sAb1i33XZ+PD7Ofa6/LpyHaNvK8eSc
/Tn94PjISUhwQIpPWdjnVmeB1SZW6zHpClK1NJArEcR//zDiIrvqlMMOmnSLbbi8
th7Kn6rH0BM+It4oTV/ZbBgh8TncykdTuFERGUjozm1duawHFmv3lUeZDv2CYB2Q
qnbitRTkBbbgfk+fAqtw+5Qd1Ec7zkracWHOo+yEnLQ6XowTDxLvC97TkAuyJOVm
nnPiPAgwbXM6f7L8zVLWoTtGTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPv/G5iU
Qa+WBu6iBO+C1FFqq8rnMB8GA1UdIwQYMBaAFNmEXBnqrpCSKHKgyv0FHxZhT4Sv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkJGMC8xNDkxOTc0QUFF
QkIxMUU5OEEzOTBCNTlDNEY5QUUwMi8yWVJjR2VxdWtKSW9jcURLX1FVZkZtRlBo
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJZUmNHZXF1a0pJb2NxREtfUVVmRm1GUGhLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzZCRjAvMTQ5MTk3NEFBRUJCMTFFOThBMzkwQjU5QzRGOUFFMDIvNDIwQTlEOThC
MThEMTFFQzg4NkIwNjNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhhgwDQYJKoZIhvcNAQELBQADggEBALQGA2DN3M4iWned
0tD0Be5nvOaYtj+wS9TjuGYtozJt+fzZPyyJFsuib3mbkYPHHApe6rpUJa5f/6lN
OYi5LlxEKRHAYc3YmbM+kt/Zle8KzNXIlhrDIghvrenLzz5lXNzNdOetIM24DHZf
eVnMg6Wt8pFdwlmKh+RwFTQGPrlbyH10871T0rtB0JEBqFjHR2pTtwl74hLFGhF6
oJs6XbcN/k8zYGxYD7JJX2D/AzGzWLBS6eEuFwBCFu332Xl2yLRt3ZGSMCef+CYQ
KglN6LjL069jo923yP75lqTxVIUJbLLgRr/BdPHagujUNxhY1DS/nmbdzmCynSrh
/dof1ig=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:25 2023 by rpki-client on console.sobornost.net