Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/AF73EBD0682D11ED92E1CB22C4F9AE02.roa
File: AF73EBD0682D11ED92E1CB22C4F9AE02.roa (raw, json)
Hash identifier: rUtS5B1mentgBsbBF8duwAtLsMUDiNsnGFFrJYAH6rM=
Subject key identifier: 9B:21:F0:FA:9D:0D:CD:CA:D2:ED:5E:F4:2C:C7:37:27:51:82:00:80
Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A
Certificate serial: 39
Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/AF73EBD0682D11ED92E1CB22C4F9AE02.roa
Signing time: Wed 28 Dec 2022 13:25:23 +0000
ROA not before: Wed 28 Dec 2022 13:25:23 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 150334
IP address blocks: 103.14.168.0/24 maxlen: 24
103.14.169.0/24 maxlen: 24
2001:df1:55c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57 (0x39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A
Validity
Not Before: Dec 28 13:25:23 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63ac43c3-4185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:09:0a:21:23:f8:be:06:c8:2d:f0:ef:2b:1c:
60:23:90:b5:ab:e0:a7:14:e9:84:58:1d:4b:c0:05:
6c:08:ac:af:f6:df:9e:d8:ec:65:e0:2c:ce:70:ce:
aa:2f:ad:dc:10:5f:e0:6d:c6:98:bd:19:e0:5f:58:
16:45:2c:4c:f9:cc:3f:3d:ab:a3:94:c2:22:42:30:
12:8c:ef:a9:df:2d:48:6f:dd:24:da:09:8c:76:b2:
c6:9a:ba:1d:45:ec:ac:6d:ad:26:a4:89:19:43:e2:
12:17:2e:9c:77:cc:33:e8:37:44:3e:e4:55:d0:3a:
cb:c8:c3:ff:38:8f:59:dc:e2:77:2b:8c:94:1d:0f:
02:a9:2c:68:0a:98:ad:5e:a4:a6:07:e6:4e:63:4e:
5b:d2:3c:bd:c4:f1:ed:6c:16:03:25:f9:95:61:f2:
ff:25:04:4b:b6:19:bf:e1:66:ce:6e:b2:a6:c8:b7:
a8:4f:de:05:b3:68:a5:61:26:d3:25:25:88:6a:a9:
8f:b2:e2:11:68:40:ae:06:0a:4a:12:ce:cd:dc:9c:
9a:ab:9c:20:0f:10:ed:34:b3:43:06:91:35:c6:68:
d7:c7:15:b9:4b:f2:22:15:b7:29:14:cc:59:c2:39:
de:aa:aa:ac:44:ad:23:7e:06:c5:6d:b6:d1:19:06:
0b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:21:F0:FA:9D:0D:CD:CA:D2:ED:5E:F4:2C:C7:37:27:51:82:00:80
X509v3 Authority Key Identifier:
keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/AF73EBD0682D11ED92E1CB22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.14.168.0/23
IPv6:
2001:df1:55c0::/48
Signature Algorithm: sha256WithRSAEncryption
a6:21:72:07:1a:be:6e:97:e6:d6:33:43:36:07:b1:b9:7c:d4:
d5:7e:aa:7d:73:35:fe:49:87:b4:28:90:6e:bf:14:35:1e:83:
a9:52:f5:3a:9f:a7:71:d1:2a:1f:b7:19:40:d1:c4:da:a1:6e:
70:1f:26:a1:9f:32:35:4a:4b:fe:a9:ca:55:41:11:c8:59:08:
09:71:52:ef:37:c2:99:77:ea:a3:af:39:94:0b:9f:f6:de:d7:
38:f3:eb:58:75:dc:80:d2:3b:c2:42:0f:de:e4:1a:f2:95:a3:
1c:2b:2f:89:cc:b2:90:bb:54:60:5c:84:82:0a:06:b4:75:79:
74:86:e3:d8:47:5d:c0:fe:a6:5a:e8:15:57:cc:17:23:90:6a:
e7:40:b9:08:ec:69:27:b6:8c:02:88:72:36:64:06:3d:84:75:
1b:56:e7:82:b8:c1:0d:a9:1b:45:b8:31:4a:ab:46:a6:f1:58:
05:9e:d0:c6:71:bf:a5:7d:05:02:a1:26:51:63:1f:5e:1a:4b:
76:d4:87:5b:5e:9e:d2:77:fc:7b:35:27:12:42:25:86:05:5e:
b9:15:13:56:ec:cc:05:bb:48:7f:c7:4f:3e:00:aa:51:1b:da:
45:9b:52:51:fa:94:9b:cf:fd:49:c7:e3:7f:cb:7d:02:eb:dc:
5f:6d:8d:43
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OEM3RjExMC8GA1UEBRMoODk3NkI1RkI0OEYyRTQxMTFENzhENUEzQ0Q1QTJGQ0Ex
OTYxMzk3QTAeFw0yMjEyMjgxMzI1MjNaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYWM0M2MzLTQxODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcCQohI/i+Bsgt8O8rHGAjkLWr4KcU6YRYHUvABWwIrK/2357Y7GXgLM5wzqov
rdwQX+Btxpi9GeBfWBZFLEz5zD89q6OUwiJCMBKM76nfLUhv3STaCYx2ssaauh1F
7KxtrSakiRlD4hIXLpx3zDPoN0Q+5FXQOsvIw/84j1nc4ncrjJQdDwKpLGgKmK1e
pKYH5k5jTlvSPL3E8e1sFgMl+ZVh8v8lBEu2Gb/hZs5usqbIt6hP3gWzaKVhJtMl
JYhqqY+y4hFoQK4GCkoSzs3cnJqrnCAPEO00s0MGkTXGaNfHFblL8iIVtykUzFnC
Od6qqqxErSN+BsVtttEZBguJAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUmyHw+p0N
zcrS7V70LMc3J1GCAIAwHwYDVR0jBBgwFoAUiXa1+0jy5BEdeNWjzVovyhlhOXow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI4QzdGLzNCN0JEQUJFM0ZD
NzExRURBQzlCMjIxREM0RjlBRTAyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Y
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVhhMS0wank1QkVkZU5XanpWb3Z5aGxoT1hvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9BRjczRUJEMDY4
MkQxMUVEOTJFMUNCMjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWcOqDAPBAIAAjAJAwcAIAEN8VXAMA0GCSqGSIb3DQEBCwUA
A4IBAQCmIXIHGr5ul+bWM0M2B7G5fNTVfqp9czX+SYe0KJBuvxQ1HoOpUvU6n6dx
0SoftxlA0cTaoW5wHyahnzI1Skv+qcpVQRHIWQgJcVLvN8KZd+qjrzmUC5/23tc4
8+tYddyA0jvCQg/e5BrylaMcKy+JzLKQu1RgXISCCga0dXl0huPYR13A/qZa6BVX
zBcjkGrnQLkI7GkntowCiHI2ZAY9hHUbVueCuMENqRtFuDFKq0am8VgFntDGcb+l
fQUCoSZRYx9eGkt21IdbXp7Sd/x7NScSQiWGBV65FRNW7MwFu0h/x08+AKpRG9pF
m1JR+pSbz/1Jx+N/y30C69xfbY1D
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org