Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/13DA0DE2C5D311EB81C65769C4F9AE02.roa
File: 13DA0DE2C5D311EB81C65769C4F9AE02.roa (raw, json)
Hash identifier: b8KzOdftGY3iY6xcKXvLbw26oMRrlT0DzZho6XZE1MQ=
Subject key identifier: 14:50:11:DA:C2:7F:0A:CA:AC:6E:E0:6C:09:DD:31:D7:B9:65:CA:C9
Certificate issuer: /CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Certificate serial: 0369
Authority key identifier: 28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/13DA0DE2C5D311EB81C65769C4F9AE02.roa
Signing time: Thu 11 Aug 2022 02:11:09 +0000
ROA not before: Thu 11 Aug 2022 02:11:09 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 212744
IP address blocks: 103.167.234.0/24 maxlen: 24
103.167.235.0/24 maxlen: 24
2407:79c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 873 (0x369)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9
Validity
Not Before: Aug 11 02:11:09 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62f4653c-af02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b5:c2:4e:ca:62:69:4f:c8:06:52:be:3e:bf:
c2:00:e8:03:56:e7:77:70:dd:30:ca:d1:ac:70:00:
99:df:4b:ac:fc:2f:22:dc:32:74:ae:5b:2a:49:59:
cd:68:3d:3b:28:4a:e1:46:8a:36:63:bf:3f:7a:9c:
c4:74:ee:cb:52:6e:e4:0c:83:39:f6:97:fe:c9:83:
e7:84:3d:4c:d4:e1:81:d7:32:b5:e5:e1:e8:88:14:
36:b9:b1:a0:25:47:54:f7:98:d4:d4:10:36:52:90:
b0:03:55:21:1e:44:f8:e6:2f:7b:dc:71:93:a5:ce:
b8:36:ec:7b:71:b3:d2:91:60:11:ba:c2:ac:52:ec:
9a:b7:6f:3d:51:36:2a:b7:f4:85:78:8b:13:54:e1:
87:04:ee:0b:bf:08:1a:cf:87:fc:d4:0f:20:8e:3d:
3a:98:f3:9c:b7:fd:19:3b:6a:c2:a9:23:4f:ed:a2:
c0:62:de:2c:b6:6b:3a:ae:b7:d0:6b:5d:c2:6c:32:
9d:dc:1f:bc:ab:54:54:8b:c1:3a:7e:ae:e5:42:4c:
e1:3c:4c:3d:b9:e0:46:f4:60:67:11:a2:82:52:49:
92:e5:0c:7a:a4:d7:84:f7:9a:b0:24:77:0c:56:14:
00:d2:91:a1:16:91:6f:56:97:74:31:92:bf:f5:88:
6c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:50:11:DA:C2:7F:0A:CA:AC:6E:E0:6C:09:DD:31:D7:B9:65:CA:C9
X509v3 Authority Key Identifier:
keyid:28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/13DA0DE2C5D311EB81C65769C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.234.0/23
IPv6:
2407:79c0::/32
Signature Algorithm: sha256WithRSAEncryption
37:c3:16:42:67:10:d8:67:06:0a:36:94:20:33:e3:a4:e9:52:
40:08:b7:82:4f:e8:86:39:32:2b:f7:91:3e:c1:b7:65:b0:71:
63:4c:7c:b1:02:4b:34:4c:52:e6:49:d8:a7:dc:ef:bb:57:97:
9c:9f:1f:14:34:da:e9:c6:ce:20:f0:a4:3a:2b:ad:91:f8:fb:
68:9a:69:1b:7e:d0:28:08:56:0e:33:0a:7c:05:67:3f:9c:8b:
37:03:3d:89:d5:bd:05:c2:cd:2a:ec:24:68:a7:a8:5b:69:4c:
2b:8a:58:20:91:6d:f0:3f:18:34:8b:27:9e:91:eb:ba:50:59:
d6:31:09:4e:ee:89:01:b9:b8:73:cf:d2:87:08:bc:01:e4:b6:
c2:6e:82:04:ab:a4:cf:2c:b5:17:1a:56:54:37:7e:f9:0b:d6:
66:99:be:e9:ab:aa:b4:2a:44:32:c8:85:8a:de:13:a1:b8:90:
ff:09:56:59:94:d2:c1:0b:01:96:41:f4:67:c6:eb:3e:1d:77:
a0:b5:11:3a:fc:e3:ae:b0:45:08:5a:a9:19:2e:bb:a4:56:e4:
2b:7c:cf:eb:95:e8:d2:22:fe:52:73:d1:b7:49:dc:87:89:84:
fb:3d:85:bd:04:ee:2d:7a:b8:7c:7f:a7:a2:81:1d:65:8f:0f:
3a:00:06:a1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA2kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzYxMDkxMTAvBgNVBAUTKDI4RTAxNzdDNzBBNTcyNDcwN0RCQjE0OUVENTU3QzBG
ODE1NkUwRTkwHhcNMjIwODExMDIxMTA5WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmY0NjUzYy1hZjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm7XCTspiaU/IBlK+Pr/CAOgDVud3cN0wytGscACZ30us/C8i3DJ0rlsqSVnN
aD07KErhRoo2Y78/epzEdO7LUm7kDIM59pf+yYPnhD1M1OGB1zK15eHoiBQ2ubGg
JUdU95jU1BA2UpCwA1UhHkT45i973HGTpc64Nux7cbPSkWARusKsUuyat289UTYq
t/SFeIsTVOGHBO4Lvwgaz4f81A8gjj06mPOct/0ZO2rCqSNP7aLAYt4stms6rrfQ
a13CbDKd3B+8q1RUi8E6fq7lQkzhPEw9ueBG9GBnEaKCUkmS5Qx6pNeE95qwJHcM
VhQA0pGhFpFvVpd0MZK/9YhstwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBRQEdrC
fwrKrG7gbAndMde5ZcrJMB8GA1UdIwQYMBaAFCjgF3xwpXJHB9uxSe1VfA+BVuDp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjEwOS9DODIwNzIxMkM1
MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNrY0gyN0ZKN1ZWOEQ0Rlc0
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPQVhmSENsY2tjSDI3Rko3VlY4RDRGVzRPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzYxMDkvQzgyMDcyMTJDNTBEMTFFQjlBQUVFODdCQzRGOUFFMDIvMTNEQTBERTJD
NUQzMTFFQjgxQzY1NzY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnp+owDQQCAAIwBwMFACQHecAwDQYJKoZIhvcNAQELBQAD
ggEBADfDFkJnENhnBgo2lCAz46TpUkAIt4JP6IY5Miv3kT7Bt2WwcWNMfLECSzRM
UuZJ2Kfc77tXl5yfHxQ02unGziDwpDorrZH4+2iaaRt+0CgIVg4zCnwFZz+cizcD
PYnVvQXCzSrsJGinqFtpTCuKWCCRbfA/GDSLJ56R67pQWdYxCU7uiQG5uHPP0ocI
vAHktsJuggSrpM8stRcaVlQ3fvkL1maZvumrqrQqRDLIhYreE6G4kP8JVlmU0sEL
AZZB9GfG6z4dd6C1ETr8466wRQhaqRkuu6RW5Ct8z+uV6NIi/lJz0bdJ3IeJhPs9
hb0E7i16uHx/p6KBHWWPDzoABqE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org