Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/EB5E0E24BA4E11ECA7F2FE31C4F9AE02.roa
File: EB5E0E24BA4E11ECA7F2FE31C4F9AE02.roa (raw, json)
Hash identifier: /pjf/FFYj7qPXXDyeMFjR8BYkEsTp2RnA7iDQnP61Og=
Subject key identifier: 33:2B:02:E0:3B:6F:41:FE:CC:F0:EB:40:72:C9:F9:AA:29:DB:CD:A1
Certificate issuer: /CN=A9129F42/serialNumber=DBAFFC0C002D43DC47346BC4E19FEB3EBF3BB4D5
Certificate serial: 07
Authority key identifier: DB:AF:FC:0C:00:2D:43:DC:47:34:6B:C4:E1:9F:EB:3E:BF:3B:B4:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/26_8DAAtQ9xHNGvE4Z_rPr87tNU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/EB5E0E24BA4E11ECA7F2FE31C4F9AE02.roa
Signing time: Wed 13 Apr 2022 08:14:17 +0000
ROA not before: Wed 13 Apr 2022 08:14:17 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 149780
IP address blocks: 103.186.56.0/23 maxlen: 23
103.186.56.0/24 maxlen: 24
103.186.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129F42/serialNumber=DBAFFC0C002D43DC47346BC4E19FEB3EBF3BB4D5
Validity
Not Before: Apr 13 08:14:17 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62568659-0c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f9:9d:3f:61:3b:93:ac:62:39:a3:95:f0:53:
44:e8:07:b9:6f:14:6b:f0:aa:53:cb:e6:3e:7a:de:
09:dd:ca:f7:e8:2c:91:f3:a8:61:f5:49:4f:50:03:
4c:70:3c:1a:68:30:4a:de:ad:5f:de:53:20:56:2f:
dd:20:32:a3:ff:3a:9f:8b:dc:bf:d4:26:4b:ae:df:
32:b1:0f:d7:e7:5e:9b:e5:40:87:3e:da:77:8c:e4:
9a:86:34:59:d2:07:f1:22:2a:42:70:57:54:4c:c1:
39:78:a8:a6:c5:fb:df:bc:9f:75:63:2c:55:b7:dd:
d8:af:18:9b:3e:19:a6:25:a3:6a:76:e0:4d:25:83:
ca:28:21:d6:de:72:ba:d4:0b:2f:31:6c:e3:12:40:
b5:35:60:1b:c7:69:dd:ac:e5:98:c4:23:cd:6d:d1:
d5:b7:f7:62:9f:62:65:7e:71:c0:88:d7:a0:70:62:
09:81:10:d1:39:39:81:37:c4:58:fe:e5:c0:0f:8c:
1e:05:08:29:d8:30:25:bb:98:bd:78:7b:cd:4d:32:
e6:84:3c:1a:8f:94:2b:e6:0c:e1:4c:99:81:f8:1c:
65:f3:0f:c7:b5:df:4e:f8:16:04:05:d6:8d:c8:1c:
f9:a6:d0:63:3b:d6:8f:3a:34:83:36:29:89:7e:9e:
fa:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2B:02:E0:3B:6F:41:FE:CC:F0:EB:40:72:C9:F9:AA:29:DB:CD:A1
X509v3 Authority Key Identifier:
keyid:DB:AF:FC:0C:00:2D:43:DC:47:34:6B:C4:E1:9F:EB:3E:BF:3B:B4:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/26_8DAAtQ9xHNGvE4Z_rPr87tNU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/26_8DAAtQ9xHNGvE4Z_rPr87tNU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/EB5E0E24BA4E11ECA7F2FE31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.56.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:d2:49:d6:80:de:5d:65:4a:08:7b:e7:ad:3d:df:e0:9d:e9:
d9:f2:9b:01:c2:09:0e:80:79:e5:da:1d:84:5f:07:b2:b4:15:
ed:72:34:aa:90:a4:08:c3:bb:87:fd:c4:f9:73:51:d2:d5:4e:
ba:47:2f:b6:7e:ec:30:df:59:4f:77:71:8d:5c:c7:45:69:51:
b6:dc:a7:ad:10:f9:2f:72:6a:f1:93:e7:12:81:d5:c6:9d:ed:
63:9d:60:6d:21:18:92:ca:69:59:93:20:68:62:cd:0d:1e:f2:
33:40:bd:fc:b8:79:f0:a2:a9:3a:b6:42:37:fc:42:aa:e8:3c:
ff:6b:61:f5:0d:06:90:7b:43:d2:9e:7d:49:79:bf:23:b8:fc:
99:7a:1d:7f:79:8e:15:72:3d:9b:2b:64:d5:99:af:8c:3c:86:
e8:63:8d:47:c3:dd:4d:70:db:87:b5:ae:83:f9:7b:18:03:22:
37:e3:83:68:22:4f:43:71:e6:4c:ba:78:cc:f5:e6:7c:54:3a:
20:35:74:b5:17:90:5a:21:24:45:b5:61:f0:9c:61:c6:d7:98:
98:9f:e5:45:3f:c2:9c:db:80:70:28:70:a9:6f:55:82:81:1e:
55:07:18:8c:53:2a:0b:e9:34:f0:07:c4:fa:02:05:24:4b:5e:
74:2c:67:b0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OUY0MjExMC8GA1UEBRMoREJBRkZDMEMwMDJENDNEQzQ3MzQ2QkM0RTE5RkVCM0VC
RjNCQjRENTAeFw0yMjA0MTMwODE0MTdaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNTY4NjU5LTBjOGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDY+Z0/YTuTrGI5o5XwU0ToB7lvFGvwqlPL5j563gndyvfoLJHzqGH1SU9QA0xw
PBpoMErerV/eUyBWL90gMqP/Op+L3L/UJkuu3zKxD9fnXpvlQIc+2neM5JqGNFnS
B/EiKkJwV1RMwTl4qKbF+9+8n3VjLFW33divGJs+GaYlo2p24E0lg8ooIdbecrrU
Cy8xbOMSQLU1YBvHad2s5ZjEI81t0dW392KfYmV+ccCI16BwYgmBENE5OYE3xFj+
5cAPjB4FCCnYMCW7mL14e81NMuaEPBqPlCvmDOFMmYH4HGXzD8e13074FgQF1o3I
HPmm0GM71o86NIM2KYl+nvrnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUMysC4Dtv
Qf7M8OtAcsn5qinbzaEwHwYDVR0jBBgwFoAU26/8DAAtQ9xHNGvE4Z/rPr87tNUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI5RjQyLzYxRjYwMUZDQkEy
NDExRUM5NzUwQjk0QUM0RjlBRTAyLzI2XzhEQUF0UTl4SE5HdkU0Wl9yUHI4N3RO
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMjZfOERBQXRROXhITkd2RTRaX3JQcjg3dE5VLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OUY0Mi82MUY2MDFGQ0JBMjQxMUVDOTc1MEI5NEFDNEY5QUUwMi9FQjVFMEUyNEJB
NEUxMUVDQTdGMkZFMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe6ODANBgkqhkiG9w0BAQsFAAOCAQEAW9JJ1oDeXWVKCHvn
rT3f4J3p2fKbAcIJDoB55dodhF8HsrQV7XI0qpCkCMO7h/3E+XNR0tVOukcvtn7s
MN9ZT3dxjVzHRWlRttynrRD5L3Jq8ZPnEoHVxp3tY51gbSEYksppWZMgaGLNDR7y
M0C9/Lh58KKpOrZCN/xCqug8/2th9Q0GkHtD0p59SXm/I7j8mXodf3mOFXI9mytk
1ZmvjDyG6GONR8PdTXDbh7Wug/l7GAMiN+ODaCJPQ3HmTLp4zPXmfFQ6IDV0tReQ
WiEkRbVh8JxhxteYmJ/lRT/CnNuAcChwqW9VgoEeVQcYjFMqC+k08AfE+gIFJEte
dCxnsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org