Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/076175301D5E11ED9EC58C55C4F9AE02.roa
File: 076175301D5E11ED9EC58C55C4F9AE02.roa (raw, json)
Hash identifier: s2I8bWh5RdeCb6tz1B06k5zWsuyaDANiFYK+JK4W9P8=
Subject key identifier: 40:38:32:5E:20:34:16:FE:85:61:74:3F:00:48:B5:AD:07:CC:87:60
Certificate issuer: /CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Certificate serial: 0375
Authority key identifier: 28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/076175301D5E11ED9EC58C55C4F9AE02.roa
Signing time: Tue 16 Aug 2022 12:22:01 +0000
ROA not before: Tue 16 Aug 2022 12:22:01 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 197706
IP address blocks: 103.167.234.0/24 maxlen: 24
103.167.235.0/24 maxlen: 24
2407:79c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 885 (0x375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Validity
Not Before: Aug 16 12:22:01 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62fb8be8-be40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1c:d1:10:fd:35:70:b8:af:1c:65:24:0f:4e:
df:7d:03:9f:26:c6:87:46:8d:63:32:1f:e4:d3:cc:
b4:0f:9e:7e:73:e7:b4:10:3a:31:0d:59:2b:6f:00:
c7:df:5e:af:6f:81:07:1b:49:e7:23:30:ce:cc:da:
d9:fe:7a:6f:0d:9a:f1:5d:d5:be:da:12:08:bc:32:
93:34:f4:cb:68:6b:f9:d3:ca:86:d2:b1:99:a9:c5:
31:b8:4d:44:18:36:86:24:83:e7:49:4a:7b:30:37:
73:94:a4:cd:ad:04:8d:bf:fc:06:5d:15:62:34:0c:
b4:13:63:e2:45:e5:43:c2:ed:27:df:19:19:b4:2d:
0e:10:42:e0:82:d1:6e:c8:04:b1:60:c1:7b:2d:bb:
ac:55:42:61:28:67:f6:c3:f1:2b:b0:da:dd:a4:a5:
b9:51:fa:c3:e9:70:6a:2f:4a:ca:0d:dd:37:48:d1:
6d:3a:ba:21:e3:a9:fc:f6:e0:eb:df:19:cd:94:cb:
a3:1b:55:d9:ed:7c:1c:a8:ce:a4:7e:0c:bf:03:bd:
a7:53:ee:f2:bf:71:3c:1b:13:81:e0:e1:9b:82:03:
67:61:fa:df:5d:d0:c8:bb:71:e9:18:69:e0:40:b2:
77:c4:82:88:9a:70:ae:ff:73:d6:b2:1f:e3:e3:e0:
0a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:38:32:5E:20:34:16:FE:85:61:74:3F:00:48:B5:AD:07:CC:87:60
X509v3 Authority Key Identifier:
keyid:28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/076175301D5E11ED9EC58C55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.234.0/23
IPv6:
2407:79c0::/32
Signature Algorithm: sha256WithRSAEncryption
13:27:d4:fb:a9:99:4e:59:a9:bd:f0:5f:0c:53:61:0f:df:d7:
dc:90:72:ed:34:84:bc:72:dc:e1:46:93:d1:6a:bb:45:3f:3c:
67:36:f4:c8:07:18:8c:1b:11:d1:ef:e3:10:fc:ac:26:a0:31:
9a:60:42:9a:88:a0:49:78:19:d4:e0:8b:5a:b9:b0:0a:7d:28:
f8:ef:26:ec:b4:6f:c9:ad:4c:ae:54:b6:be:1c:e3:48:3a:3f:
fc:43:4f:1b:bc:d3:f1:ae:d2:9c:e5:7d:28:c7:c3:17:60:a3:
f1:da:8e:27:3a:0e:44:fa:da:6d:e8:21:60:67:7d:64:52:67:
6c:85:9b:95:b8:d4:77:75:f7:8a:34:d2:40:9a:46:48:bf:29:
e7:7f:ae:ff:d3:cd:d1:de:28:23:89:cb:4d:cf:d6:d0:96:c8:
2c:df:53:69:57:f6:50:6f:a4:93:16:74:29:fd:01:32:31:eb:
4a:c6:27:20:3c:7d:49:98:e7:af:9b:84:44:4c:43:2f:20:33:
e8:a7:15:1e:83:77:76:49:84:c0:e0:81:43:60:9e:77:c1:71:
02:e0:1c:c7:75:67:29:07:a7:50:63:97:22:b9:99:65:b2:fb:
18:d5:30:ff:0c:1d:2d:8a:a1:6b:01:b4:bb:9e:0e:e1:52:aa:
b3:04:29:35
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzYxMDkxMTAvBgNVBAUTKDI4RTAxNzdDNzBBNTcyNDcwN0RCQjE0OUVENTU3QzBG
ODE1NkUwRTkwHhcNMjIwODE2MTIyMjAxWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmZiOGJlOC1iZTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0RzREP01cLivHGUkD07ffQOfJsaHRo1jMh/k08y0D55+c+e0EDoxDVkrbwDH
316vb4EHG0nnIzDOzNrZ/npvDZrxXdW+2hIIvDKTNPTLaGv508qG0rGZqcUxuE1E
GDaGJIPnSUp7MDdzlKTNrQSNv/wGXRViNAy0E2PiReVDwu0n3xkZtC0OEELggtFu
yASxYMF7LbusVUJhKGf2w/ErsNrdpKW5UfrD6XBqL0rKDd03SNFtOroh46n89uDr
3xnNlMujG1XZ7XwcqM6kfgy/A72nU+7yv3E8GxOB4OGbggNnYfrfXdDIu3HpGGng
QLJ3xIKImnCu/3PWsh/j4+AKdwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEA4Ml4g
NBb+hWF0PwBIta0HzIdgMB8GA1UdIwQYMBaAFCjgF3xwpXJHB9uxSe1VfA+BVuDp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjEwOS9DODIwNzIxMkM1
MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNrY0gyN0ZKN1ZWOEQ0Rlc0
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPQVhmSENsY2tjSDI3Rko3VlY4RDRGVzRPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzYxMDkvQzgyMDcyMTJDNTBEMTFFQjlBQUVFODdCQzRGOUFFMDIvMDc2MTc1MzAx
RDVFMTFFRDlFQzU4QzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnp+owDQQCAAIwBwMFACQHecAwDQYJKoZIhvcNAQELBQAD
ggEBABMn1PupmU5Zqb3wXwxTYQ/f19yQcu00hLxy3OFGk9Fqu0U/PGc29MgHGIwb
EdHv4xD8rCagMZpgQpqIoEl4GdTgi1q5sAp9KPjvJuy0b8mtTK5Utr4c40g6P/xD
Txu80/Gu0pzlfSjHwxdgo/Hajic6DkT62m3oIWBnfWRSZ2yFm5W41Hd194o00kCa
Rki/Ked/rv/TzdHeKCOJy03P1tCWyCzfU2lX9lBvpJMWdCn9ATIx60rGJyA8fUmY
56+bhERMQy8gM+inFR6Dd3ZJhMDggUNgnnfBcQLgHMd1ZykHp1BjlyK5mWWy+xjV
MP8MHS2KoWsBtLueDuFSqrMEKTU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org