Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/DDD19C327E8311ECA552B67FC4F9AE02.roa
File: DDD19C327E8311ECA552B67FC4F9AE02.roa (raw, json)
Hash identifier: Dj+wog6lVVdC+TXAqFfXux4fLOMwLhGv6hvzU2y2fwE=
Subject key identifier: 39:2C:46:71:BE:41:B7:88:09:B3:E6:D0:B7:98:37:4E:63:59:BE:7E
Certificate issuer: /CN=A9124731/serialNumber=801702BC9CDEF73DF739BFB7D4BD2F7B8885E077
Certificate serial: 02B4
Authority key identifier: 80:17:02:BC:9C:DE:F7:3D:F7:39:BF:B7:D4:BD:2F:7B:88:85:E0:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gBcCvJze9z33Ob-31L0ve4iF4Hc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/DDD19C327E8311ECA552B67FC4F9AE02.roa
Signing time: Tue 11 Apr 2023 04:24:05 +0000
ROA not before: Tue 11 Apr 2023 04:24:05 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 142127
IP address blocks: 103.162.136.0/24 maxlen: 24
103.162.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 692 (0x2b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124731/serialNumber=801702BC9CDEF73DF739BFB7D4BD2F7B8885E077
Validity
Not Before: Apr 11 04:24:05 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6434e0e5-2d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:60:27:55:a1:00:58:27:78:60:75:9c:e3:94:
ee:e5:e2:e9:3f:82:37:d1:99:2c:0a:8b:00:eb:dd:
27:19:fe:9e:4a:ee:6e:08:d5:41:10:0f:c9:85:92:
a2:7d:7f:93:28:42:24:02:6f:bd:f9:24:31:11:26:
72:40:3f:d0:e0:20:d8:06:81:8c:88:53:44:81:96:
f8:a4:11:e0:d3:6c:cd:66:d9:d3:ce:bf:d8:6d:9b:
dc:4e:e4:f0:b4:f7:b7:e7:19:da:8c:83:e8:a9:34:
b8:0b:4f:a3:48:a1:c7:c5:c0:27:cd:e9:38:7b:d0:
e4:ff:85:93:be:5b:30:0a:9b:aa:55:9e:07:93:19:
02:eb:df:e4:ad:5b:ea:c8:83:48:dd:ce:1b:14:67:
42:fe:93:ae:6b:3b:c7:09:96:94:99:97:24:84:6d:
6e:cc:01:f2:a1:dc:7e:5e:ad:e8:ca:97:d1:66:12:
27:d9:e0:53:72:96:d4:6d:e8:83:2f:24:70:b2:d5:
ce:04:fe:34:6c:66:d4:9d:4a:5b:f6:34:5a:32:6c:
82:ac:2a:0a:71:7c:83:8b:9d:5e:5a:72:4c:d0:a0:
64:fe:e3:c0:79:25:be:df:dc:7e:48:91:40:bd:e2:
cb:74:4e:54:18:74:2f:ee:96:44:1d:a5:e9:1d:2d:
87:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2C:46:71:BE:41:B7:88:09:B3:E6:D0:B7:98:37:4E:63:59:BE:7E
X509v3 Authority Key Identifier:
keyid:80:17:02:BC:9C:DE:F7:3D:F7:39:BF:B7:D4:BD:2F:7B:88:85:E0:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/gBcCvJze9z33Ob-31L0ve4iF4Hc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gBcCvJze9z33Ob-31L0ve4iF4Hc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/DDD19C327E8311ECA552B67FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.162.136.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:12:7b:df:78:53:6d:7c:d1:81:51:dd:3c:0f:bd:13:52:99:
a6:1a:15:61:3c:1b:7a:3b:d7:ed:1d:ed:8d:47:bf:8b:f0:8b:
58:76:13:2c:5d:3b:78:06:09:5c:7b:02:3f:cf:57:92:77:31:
00:dc:8e:6d:82:a1:4c:1e:d0:89:7b:2c:bd:81:3f:67:60:b8:
ed:d4:fe:cf:27:a0:96:1d:0e:63:f0:6c:ba:36:44:26:7e:9c:
74:10:f1:64:72:50:8f:83:52:36:45:30:9c:60:81:6d:ab:8f:
08:9c:28:e8:da:a5:9b:b9:4f:8f:09:75:c7:f3:df:9b:28:b6:
1b:db:c3:40:30:a5:11:86:16:0c:52:1c:f7:5e:ad:ba:58:ea:
dd:e5:22:21:17:28:66:c7:11:2c:f3:b1:46:31:31:a8:c6:77:
ab:dc:d3:fb:94:d6:e2:88:e0:3e:26:aa:5c:0f:ca:97:a0:02:
18:a3:e2:99:5b:ff:8a:aa:69:57:b8:e3:77:de:c6:09:3f:46:
1c:05:d1:a5:fd:59:f5:df:05:b9:fa:c8:d9:63:fa:70:0f:2a:
a6:27:39:4b:e7:cf:ef:ce:22:83:48:9e:e7:3b:ad:aa:87:12:
06:01:cf:4f:85:5d:1e:97:67:f2:29:77:f0:a7:3f:9d:0f:53:
bb:a5:81:f5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICArQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ3MzExMTAvBgNVBAUTKDgwMTcwMkJDOUNERUY3M0RGNzM5QkZCN0Q0QkQyRjdC
ODg4NUUwNzcwHhcNMjMwNDExMDQyNDA1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM0ZTBlNS0yZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyGAnVaEAWCd4YHWc45Tu5eLpP4I30ZksCosA690nGf6eSu5uCNVBEA/JhZKi
fX+TKEIkAm+9+SQxESZyQD/Q4CDYBoGMiFNEgZb4pBHg02zNZtnTzr/YbZvcTuTw
tPe35xnajIPoqTS4C0+jSKHHxcAnzek4e9Dk/4WTvlswCpuqVZ4HkxkC69/krVvq
yINI3c4bFGdC/pOuazvHCZaUmZckhG1uzAHyodx+Xq3oypfRZhIn2eBTcpbUbeiD
LyRwstXOBP40bGbUnUpb9jRaMmyCrCoKcXyDi51eWnJM0KBk/uPAeSW+39x+SJFA
veLLdE5UGHQv7pZEHaXpHS2HQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDksRnG+
QbeICbPm0LeYN05jWb5+MB8GA1UdIwQYMBaAFIAXAryc3vc99zm/t9S9L3uIheB3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDczMS9CNkIwMTRCMjVE
NkQxMUVDOEZGNjEzMUVDNEY5QUUwMi9nQmNDdkp6ZTl6MzNPYi0zMUwwdmU0aUY0
SGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dCY0N2SnplOXozM09iLTMxTDB2ZTRpRjRIYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ3MzEvQjZCMDE0QjI1RDZEMTFFQzhGRjYxMzFFQzRGOUFFMDIvREREMTlDMzI3
RTgzMTFFQ0E1NTJCNjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoogwDQYJKoZIhvcNAQELBQADggEBAA8Se994U2180YFR
3TwPvRNSmaYaFWE8G3o71+0d7Y1Hv4vwi1h2EyxdO3gGCVx7Aj/PV5J3MQDcjm2C
oUwe0Il7LL2BP2dguO3U/s8noJYdDmPwbLo2RCZ+nHQQ8WRyUI+DUjZFMJxggW2r
jwicKOjapZu5T48Jdcfz35sothvbw0AwpRGGFgxSHPderbpY6t3lIiEXKGbHESzz
sUYxMajGd6vc0/uU1uKI4D4mqlwPypegAhij4plb/4qqaVe443fexgk/RhwF0aX9
WfXfBbn6yNlj+nAPKqYnOUvnz+/OIoNInuc7raqHEgYBz0+FXR6XZ/Ipd/CnP50P
U7ulgfU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org