Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129797/09F2D9941A2211E9BC06D30AC4F9AE02/DEB14DEED1F911EDA0A31C2FC4F9AE02.roa
File: DEB14DEED1F911EDA0A31C2FC4F9AE02.roa (raw, json)
Hash identifier: lmK/FrsPaiAmIb1IG1r/ScL5tiSjuvtiGnNFJFQ4BDw=
Subject key identifier: DD:5E:64:C4:E7:B7:90:38:E7:92:72:2D:1A:0F:B5:CF:A5:0F:49:A9
Certificate issuer: /CN=A9129797/serialNumber=70BD1A5D9512BF6DE0BA69253DBBF01103E53A43
Certificate serial: 0F6C
Authority key identifier: 70:BD:1A:5D:95:12:BF:6D:E0:BA:69:25:3D:BB:F0:11:03:E5:3A:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cL0aXZUSv23gumklPbvwEQPlOkM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129797/09F2D9941A2211E9BC06D30AC4F9AE02/DEB14DEED1F911EDA0A31C2FC4F9AE02.roa
Signing time: Mon 03 Apr 2023 08:31:04 +0000
ROA not before: Mon 03 Apr 2023 08:31:04 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 135413
IP address blocks: 103.132.248.0/22 maxlen: 22
103.132.250.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3948 (0xf6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129797/serialNumber=70BD1A5D9512BF6DE0BA69253DBBF01103E53A43
Validity
Not Before: Apr 3 08:31:04 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=642a8ec7-e88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d7:f6:3b:01:00:8e:63:67:dd:e1:3b:11:02:
04:07:53:88:85:40:88:b0:bf:15:88:22:73:15:41:
ec:35:f2:4a:3d:05:80:c4:73:72:e3:2a:81:1f:96:
56:2d:fd:7e:13:d8:f2:b5:a7:75:72:f9:69:89:aa:
38:33:22:82:13:8e:50:f3:4f:21:cd:65:31:97:dc:
f3:aa:ff:33:c4:64:1f:8c:0e:f8:89:cd:00:29:ed:
9d:1a:d9:d0:bf:5b:d2:2a:11:75:ba:04:10:88:cd:
2f:fd:64:b2:0b:6d:3a:67:9f:86:3d:6a:49:d3:6f:
64:e2:64:6d:83:25:b2:33:a9:e6:8c:80:ba:ed:cf:
1d:ff:ac:65:a4:30:d3:f6:64:83:21:11:9a:07:5f:
82:65:55:4d:b2:11:df:b3:33:a9:77:81:d3:ee:7e:
3a:77:ef:63:0c:35:7b:2e:9c:e6:be:35:76:86:ad:
b4:42:14:53:20:32:7e:23:93:05:84:15:af:5b:72:
e5:b7:a3:75:f1:eb:3a:f3:db:46:e3:ac:fc:f0:69:
08:54:80:63:67:2a:30:6b:7c:a1:4e:71:57:1f:5a:
dc:f6:4f:6d:ef:7e:94:77:d2:af:cc:27:a6:c4:10:
20:1d:a7:fc:63:20:2f:f3:91:3b:d8:17:b9:75:ca:
d9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:5E:64:C4:E7:B7:90:38:E7:92:72:2D:1A:0F:B5:CF:A5:0F:49:A9
X509v3 Authority Key Identifier:
keyid:70:BD:1A:5D:95:12:BF:6D:E0:BA:69:25:3D:BB:F0:11:03:E5:3A:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129797/09F2D9941A2211E9BC06D30AC4F9AE02/cL0aXZUSv23gumklPbvwEQPlOkM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cL0aXZUSv23gumklPbvwEQPlOkM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129797/09F2D9941A2211E9BC06D30AC4F9AE02/DEB14DEED1F911EDA0A31C2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:c6:89:e9:fb:59:9d:6a:40:9c:d2:41:03:e3:98:f5:d8:d0:
db:90:8b:63:6e:1f:74:e3:17:4d:db:f1:77:d4:2c:dd:cd:cb:
9c:bb:fa:96:ca:20:37:a8:3e:65:2d:de:5f:39:c7:b2:47:72:
90:97:37:37:ff:22:bd:96:fd:2b:61:11:ae:ac:56:7a:ec:b3:
4e:27:eb:27:07:ba:d3:2f:2e:be:f6:3a:1b:84:e3:40:1b:a4:
51:a1:d9:fd:d2:aa:84:68:9a:83:79:52:c5:3a:0d:e4:66:9a:
d5:3e:e3:92:fe:32:bc:6e:44:45:bf:91:0d:02:2c:88:50:2b:
c4:75:e8:00:41:f4:2c:64:60:f2:05:04:dd:63:5e:16:4a:ac:
f6:a1:2c:44:6d:6c:43:50:81:81:b2:ac:05:71:fc:4e:ee:89:
20:04:02:ca:96:2a:f2:62:8a:8c:4a:75:a2:f4:57:8c:f8:74:
eb:43:44:51:d4:58:9d:c7:c8:e5:ac:4d:73:7c:91:e5:80:e2:
8e:97:c1:f7:bf:f8:b0:40:60:9f:66:3e:1c:db:73:e9:09:8d:
76:2e:99:8b:e0:7c:c5:4d:5f:62:9c:9e:ab:ca:f5:19:90:50:
14:96:f8:f3:e7:71:82:28:66:4d:bf:ed:87:20:a6:0a:a8:d0:
dc:82:8f:b5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICD2wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk3OTcxMTAvBgNVBAUTKDcwQkQxQTVEOTUxMkJGNkRFMEJBNjkyNTNEQkJGMDEx
MDNFNTNBNDMwHhcNMjMwNDAzMDgzMTA0WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJhOGVjNy1lODhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw9f2OwEAjmNn3eE7EQIEB1OIhUCIsL8ViCJzFUHsNfJKPQWAxHNy4yqBH5ZW
Lf1+E9jytad1cvlpiao4MyKCE45Q808hzWUxl9zzqv8zxGQfjA74ic0AKe2dGtnQ
v1vSKhF1ugQQiM0v/WSyC206Z5+GPWpJ029k4mRtgyWyM6nmjIC67c8d/6xlpDDT
9mSDIRGaB1+CZVVNshHfszOpd4HT7n46d+9jDDV7LpzmvjV2hq20QhRTIDJ+I5MF
hBWvW3Llt6N18es689tG46z88GkIVIBjZyowa3yhTnFXH1rc9k9t736Ud9KvzCem
xBAgHaf8YyAv85E72Be5dcrZPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFN1eZMTn
t5A455JyLRoPtc+lD0mpMB8GA1UdIwQYMBaAFHC9Gl2VEr9t4LppJT278BED5TpD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTc5Ny8wOUYyRDk5NDFB
MjIxMUU5QkMwNkQzMEFDNEY5QUUwMi9jTDBhWFpVU3YyM2d1bWtsUGJ2d0VRUGxP
a00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NMMGFYWlVTdjIzZ3Vta2xQYnZ3RVFQbE9rTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk3OTcvMDlGMkQ5OTQxQTIyMTFFOUJDMDZEMzBBQzRGOUFFMDIvREVCMTRERUVE
MUY5MTFFREEwQTMxQzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhPgwDQYJKoZIhvcNAQELBQADggEBAI3Gien7WZ1qQJzS
QQPjmPXY0NuQi2NuH3TjF03b8XfULN3Ny5y7+pbKIDeoPmUt3l85x7JHcpCXNzf/
Ir2W/SthEa6sVnrss04n6ycHutMvLr72OhuE40AbpFGh2f3SqoRomoN5UsU6DeRm
mtU+45L+MrxuREW/kQ0CLIhQK8R16ABB9CxkYPIFBN1jXhZKrPahLERtbENQgYGy
rAVx/E7uiSAEAsqWKvJiioxKdaL0V4z4dOtDRFHUWJ3HyOWsTXN8keWA4o6Xwfe/
+LBAYJ9mPhzbc+kJjXYumYvgfMVNX2KcnqvK9RmQUBSW+PPncYIoZk2/7Ycgpgqo
0NyCj7U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org