Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/31D69DA65D7211EC969EDD4BC4F9AE02.roa
File: 31D69DA65D7211EC969EDD4BC4F9AE02.roa (raw, json)
Hash identifier: 5fDH5kc3aENRDsRPI5fuFIeg2Ku6eRMVDs/tdKMx2N8=
Subject key identifier: FC:A7:E2:4A:BF:9B:A7:23:29:07:D1:00:26:73:93:41:C7:28:82:20
Certificate issuer: /CN=A9124731/serialNumber=801702BC9CDEF73DF739BFB7D4BD2F7B8885E077
Certificate serial: 02B3
Authority key identifier: 80:17:02:BC:9C:DE:F7:3D:F7:39:BF:B7:D4:BD:2F:7B:88:85:E0:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gBcCvJze9z33Ob-31L0ve4iF4Hc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/31D69DA65D7211EC969EDD4BC4F9AE02.roa
Signing time: Tue 11 Apr 2023 04:24:04 +0000
ROA not before: Tue 11 Apr 2023 04:24:04 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 136969
IP address blocks: 103.162.136.0/24 maxlen: 24
103.162.137.0/24 maxlen: 24
2407:1940::/43 maxlen: 43
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 691 (0x2b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124731/serialNumber=801702BC9CDEF73DF739BFB7D4BD2F7B8885E077
Validity
Not Before: Apr 11 04:24:04 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6434e0e3-949a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:00:ed:14:bc:a0:e5:ea:03:31:a7:07:4a:84:
fd:06:30:dc:ae:8d:0d:84:32:11:46:23:52:a6:6d:
9d:ae:b7:f9:b3:2f:0a:ee:be:36:e1:32:81:b1:99:
32:c4:a7:cf:11:44:c7:3f:63:16:99:36:d7:87:63:
1a:ef:e8:18:ae:d3:08:38:27:b8:15:62:d8:1e:a5:
c3:6b:36:8c:6d:1a:34:6c:ec:3a:d7:7e:c3:d8:0a:
f6:ca:42:34:79:5d:55:8d:a6:da:07:54:61:f8:85:
a9:ef:92:5a:bf:58:2d:d1:4c:72:d0:1b:67:a4:06:
33:a1:24:b2:a5:78:9a:15:2d:b0:d8:3c:f7:77:2d:
56:ae:cd:c7:28:b3:90:c1:e3:25:b8:78:27:71:90:
a6:c0:af:e9:bf:0b:2e:09:03:42:04:a7:08:9a:86:
31:0b:57:85:4d:0e:b8:81:05:fb:a7:1e:cb:21:e8:
1b:29:f9:82:77:ed:18:09:09:f0:00:a2:67:3d:89:
23:92:1e:95:22:67:08:46:85:02:52:da:3e:f8:70:
84:dd:75:fa:5f:9b:14:52:81:e0:b2:0c:e2:1a:2c:
55:0f:31:20:47:54:82:a7:ec:e4:58:81:90:a0:a9:
37:86:cb:64:cb:ba:05:44:7d:81:a5:b7:8b:ac:0e:
f4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A7:E2:4A:BF:9B:A7:23:29:07:D1:00:26:73:93:41:C7:28:82:20
X509v3 Authority Key Identifier:
keyid:80:17:02:BC:9C:DE:F7:3D:F7:39:BF:B7:D4:BD:2F:7B:88:85:E0:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/gBcCvJze9z33Ob-31L0ve4iF4Hc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gBcCvJze9z33Ob-31L0ve4iF4Hc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/31D69DA65D7211EC969EDD4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.162.136.0/23
IPv6:
2407:1940::/43
Signature Algorithm: sha256WithRSAEncryption
66:84:fd:d0:13:e0:a7:22:05:7d:c8:34:30:6f:d1:6e:c6:c5:
57:33:21:b7:c7:1d:d3:c9:b5:ae:66:bb:eb:06:44:a7:fd:40:
92:04:fa:b3:9a:ab:10:e4:95:07:5a:4a:1f:17:7a:01:d2:fc:
2b:2e:7b:99:c1:60:b7:0d:44:6a:47:6f:a5:78:e7:bd:96:99:
bc:07:66:ad:dd:d2:f8:0f:eb:7c:4a:d5:f8:3d:8e:08:80:d4:
37:76:6c:fc:a2:c0:1e:4b:84:3e:2a:fd:76:4a:65:5b:69:16:
16:b0:36:89:45:13:3a:4e:08:19:21:24:e0:13:ad:8a:02:b5:
1e:72:db:13:c1:00:46:28:e5:9d:3d:7e:53:1c:61:be:c6:8f:
ea:df:7b:b8:2a:98:29:f1:ed:56:19:d4:bd:66:b3:94:3e:c8:
47:1f:76:1b:f2:46:3c:49:81:41:1b:65:cf:57:a5:9e:1b:a2:
91:74:a1:39:48:c1:63:d1:ed:bd:7c:b3:9e:10:0a:4e:e1:0c:
9e:f2:50:c4:4f:d1:3f:fa:8a:3c:d0:39:88:26:d9:28:d2:67:
a7:49:2d:14:0d:48:46:87:c9:04:ec:e3:3f:9b:29:d8:0b:79:
6a:a5:ec:77:0a:47:c7:84:a9:1a:c9:db:1a:4f:77:4e:bd:2e:
a2:5b:f8:49
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICArMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ3MzExMTAvBgNVBAUTKDgwMTcwMkJDOUNERUY3M0RGNzM5QkZCN0Q0QkQyRjdC
ODg4NUUwNzcwHhcNMjMwNDExMDQyNDA0WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM0ZTBlMy05NDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyADtFLyg5eoDMacHSoT9BjDcro0NhDIRRiNSpm2drrf5sy8K7r424TKBsZky
xKfPEUTHP2MWmTbXh2Ma7+gYrtMIOCe4FWLYHqXDazaMbRo0bOw6137D2Ar2ykI0
eV1VjabaB1Rh+IWp75Jav1gt0Uxy0BtnpAYzoSSypXiaFS2w2Dz3dy1Wrs3HKLOQ
weMluHgncZCmwK/pvwsuCQNCBKcImoYxC1eFTQ64gQX7px7LIegbKfmCd+0YCQnw
AKJnPYkjkh6VImcIRoUCUto++HCE3XX6X5sUUoHgsgziGixVDzEgR1SCp+zkWIGQ
oKk3hstky7oFRH2BpbeLrA70+QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPyn4kq/
m6cjKQfRACZzk0HHKIIgMB8GA1UdIwQYMBaAFIAXAryc3vc99zm/t9S9L3uIheB3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDczMS9CNkIwMTRCMjVE
NkQxMUVDOEZGNjEzMUVDNEY5QUUwMi9nQmNDdkp6ZTl6MzNPYi0zMUwwdmU0aUY0
SGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dCY0N2SnplOXozM09iLTMxTDB2ZTRpRjRIYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ3MzEvQjZCMDE0QjI1RDZEMTFFQzhGRjYxMzFFQzRGOUFFMDIvMzFENjlEQTY1
RDcyMTFFQzk2OUVERDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnoogwDwQCAAIwCQMHBSQHGUAAADANBgkqhkiG9w0BAQsF
AAOCAQEAZoT90BPgpyIFfcg0MG/RbsbFVzMht8cd08m1rma76wZEp/1AkgT6s5qr
EOSVB1pKHxd6AdL8Ky57mcFgtw1EakdvpXjnvZaZvAdmrd3S+A/rfErV+D2OCIDU
N3Zs/KLAHkuEPir9dkplW2kWFrA2iUUTOk4IGSEk4BOtigK1HnLbE8EARijlnT1+
UxxhvsaP6t97uCqYKfHtVhnUvWazlD7IRx92G/JGPEmBQRtlz1elnhuikXShOUjB
Y9HtvXyznhAKTuEMnvJQxE/RP/qKPNA5iCbZKNJnp0ktFA1IRofJBOzjP5sp2At5
aqXsdwpHx4SpGsnbGk93Tr0uolv4SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org