Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/CFDE988EA3FC11EC8C13532AC4F9AE02.roa
File: CFDE988EA3FC11EC8C13532AC4F9AE02.roa (raw, json)
Hash identifier: BdVOalhOXQOHj7nlTil+4Z2Yk/2nxPwFMPs9VC3sdA0=
Subject key identifier: 83:A7:53:A4:90:11:E4:2F:73:E4:0A:29:5D:FF:23:6E:1A:DF:35:3D
Certificate issuer: /CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Certificate serial: 0494
Authority key identifier: 24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/CFDE988EA3FC11EC8C13532AC4F9AE02.roa
Signing time: Tue 23 Aug 2022 12:40:18 +0000
ROA not before: Tue 23 Aug 2022 12:40:18 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 136969
IP address blocks: 103.152.100.0/24 maxlen: 24
103.152.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1172 (0x494)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E99B/serialNumber=246F6A4BE15B00CFEC0DC399A5E8439F939C9174
Validity
Not Before: Aug 23 12:40:18 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=6304cab2-f5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e6:d2:e9:c9:ed:53:c6:18:8e:e5:c4:84:09:
d8:35:ea:03:27:01:09:a3:ed:6a:3f:a3:3d:ce:5d:
0b:78:a5:42:5e:68:cd:65:82:a2:5e:9d:23:26:d1:
42:05:cd:fa:2b:11:b7:09:09:84:38:03:9c:44:a3:
0a:e6:18:2e:48:74:6a:5a:4a:9e:b1:e6:e1:46:97:
e3:c6:52:b9:f0:37:c1:4a:f1:57:8c:dd:10:8e:7b:
9a:45:10:c6:48:08:69:de:75:d8:d6:28:6e:99:b5:
9e:90:85:fa:79:ef:5c:14:b7:2e:f3:ff:49:c4:c0:
df:bb:6f:1a:d7:cf:dd:36:1c:16:4d:22:16:29:0f:
73:b1:5c:26:bb:fc:07:d3:0d:ff:11:61:e2:b9:77:
fb:ec:2d:fb:f0:97:7c:e4:a2:6c:f8:91:53:17:f3:
f5:2a:23:98:73:ac:8d:a8:04:da:83:13:4d:f0:ca:
88:a5:ed:18:2e:e8:08:0a:0b:45:33:0c:34:ea:86:
16:b2:38:06:8a:b3:92:1e:db:31:b2:e9:b5:3f:c0:
49:12:1f:82:30:9c:09:33:dc:59:3a:5a:59:13:b0:
00:90:0b:85:9a:82:e0:f6:3f:5c:e0:09:fc:49:7d:
29:16:3d:79:64:ed:b1:f3:2c:e4:4c:6b:cf:84:0f:
0a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A7:53:A4:90:11:E4:2F:73:E4:0A:29:5D:FF:23:6E:1A:DF:35:3D
X509v3 Authority Key Identifier:
keyid:24:6F:6A:4B:E1:5B:00:CF:EC:0D:C3:99:A5:E8:43:9F:93:9C:91:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/JG9qS-FbAM_sDcOZpehDn5OckXQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JG9qS-FbAM_sDcOZpehDn5OckXQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E99B/733DA4E85B3311EB800CB80CC4F9AE02/CFDE988EA3FC11EC8C13532AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.100.0/23
Signature Algorithm: sha256WithRSAEncryption
73:07:4b:d2:74:d2:f9:4a:b5:75:4f:1d:58:fa:f4:05:96:56:
31:3d:57:34:65:75:71:c7:48:ae:ad:3b:41:5b:27:33:e0:96:
41:34:42:2a:11:79:85:18:0b:ee:97:89:20:d0:f9:6a:6c:cd:
3b:5f:d1:c0:0e:d7:80:69:7e:bb:d9:8f:98:c5:ad:b3:9d:48:
07:99:16:95:8a:6b:b2:8c:4b:36:c3:26:c8:d0:36:6d:5b:82:
78:81:b3:84:1d:31:c0:5f:bf:7c:a6:ba:35:41:fa:3a:a5:4e:
b6:9f:9f:81:3e:b6:c3:09:7b:4f:ca:70:93:b0:db:29:b9:3a:
f7:6b:ec:00:09:0a:c9:79:e2:88:03:11:a3:81:54:7b:45:98:
e5:a5:74:1f:79:b3:db:1d:d1:91:88:71:7d:b2:d5:45:7d:38:
a4:51:eb:02:c1:b8:96:bc:93:28:a9:dd:11:f3:35:8a:14:01:
9c:37:79:aa:b2:c8:aa:90:e2:dc:86:f0:28:c7:fb:a1:40:7b:
c1:0f:76:a1:06:99:37:39:aa:b5:af:6a:6d:0e:b4:cf:83:9e:
b5:af:3f:e3:92:cc:34:4f:98:ce:df:51:e2:48:33:7f:27:ae:
d0:81:0d:26:ef:ca:b1:35:4b:07:6c:28:ae:dd:52:0d:6b:53:
38:ac:2b:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU5OUIxMTAvBgNVBAUTKDI0NkY2QTRCRTE1QjAwQ0ZFQzBEQzM5OUE1RTg0MzlG
OTM5QzkxNzQwHhcNMjIwODIzMTI0MDE4WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA0Y2FiMi1mNWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzebS6cntU8YYjuXEhAnYNeoDJwEJo+1qP6M9zl0LeKVCXmjNZYKiXp0jJtFC
Bc36KxG3CQmEOAOcRKMK5hguSHRqWkqesebhRpfjxlK58DfBSvFXjN0QjnuaRRDG
SAhp3nXY1ihumbWekIX6ee9cFLcu8/9JxMDfu28a18/dNhwWTSIWKQ9zsVwmu/wH
0w3/EWHiuXf77C378Jd85KJs+JFTF/P1KiOYc6yNqATagxNN8MqIpe0YLugICgtF
Mww06oYWsjgGirOSHtsxsum1P8BJEh+CMJwJM9xZOlpZE7AAkAuFmoLg9j9c4An8
SX0pFj15ZO2x8yzkTGvPhA8KaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIOnU6SQ
EeQvc+QKKV3/I24a3zU9MB8GA1UdIwQYMBaAFCRvakvhWwDP7A3DmaXoQ5+TnJF0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTk5Qi83MzNEQTRFODVC
MzMxMUVCODAwQ0I4MENDNEY5QUUwMi9KRzlxUy1GYkFNX3NEY09acGVoRG41T2Nr
WFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pHOXFTLUZiQU1fc0RjT1pwZWhEbjVPY2tYUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU5OUIvNzMzREE0RTg1QjMzMTFFQjgwMENCODBDQzRGOUFFMDIvQ0ZERTk4OEVB
M0ZDMTFFQzhDMTM1MzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmGQwDQYJKoZIhvcNAQELBQADggEBAHMHS9J00vlKtXVP
HVj69AWWVjE9VzRldXHHSK6tO0FbJzPglkE0QioReYUYC+6XiSDQ+WpszTtf0cAO
14BpfrvZj5jFrbOdSAeZFpWKa7KMSzbDJsjQNm1bgniBs4QdMcBfv3ymujVB+jql
Trafn4E+tsMJe0/KcJOw2ym5Ovdr7AAJCsl54ogDEaOBVHtFmOWldB95s9sd0ZGI
cX2y1UV9OKRR6wLBuJa8kyip3RHzNYoUAZw3eaqyyKqQ4tyG8CjH+6FAe8EPdqEG
mTc5qrWvam0OtM+DnrWvP+OSzDRPmM7fUeJIM38nrtCBDSbvyrE1SwdsKK7dUg1r
UzisK8U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org