Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/7BE443EEF6BB11EB865C4246C4F9AE02.roa
File: 7BE443EEF6BB11EB865C4246C4F9AE02.roa (raw, json)
Hash identifier: 7l+mt1BY1BnJt/4Boz7ie4Yrik6xpxsaNiyXPtNgAcU=
Subject key identifier: 6D:D1:4A:74:90:72:A9:FB:C5:0F:EE:71:9B:FA:BC:78:53:1F:2F:C3
Certificate issuer: /CN=A9174685/serialNumber=A5F065FCC9EDA11DCA4D0DFC6D7C99075298D7FF
Certificate serial: 0717
Authority key identifier: A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/7BE443EEF6BB11EB865C4246C4F9AE02.roa
Signing time: Sun 02 Oct 2022 22:18:54 +0000
ROA not before: Sun 02 Oct 2022 22:18:54 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 133633
IP address blocks: 103.38.16.0/22 maxlen: 22
103.38.16.0/24 maxlen: 24
103.38.17.0/24 maxlen: 24
103.38.18.0/24 maxlen: 24
103.38.19.0/24 maxlen: 24
202.58.252.0/22 maxlen: 22
202.58.254.0/24 maxlen: 24
202.58.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1815 (0x717)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174685/serialNumber=A5F065FCC9EDA11DCA4D0DFC6D7C99075298D7FF
Validity
Not Before: Oct 2 22:18:54 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=633a0e4e-ba8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:88:8c:07:9f:30:69:17:80:e6:15:82:40:cd:
3c:42:f2:cd:ea:2b:2f:19:90:12:a8:62:75:f0:3a:
e4:5f:96:dd:99:c0:65:6e:d9:8c:af:47:81:c6:7f:
aa:c0:ba:ee:a3:77:f5:4c:63:7c:18:90:07:97:03:
e0:13:9b:7c:79:e4:89:d2:59:34:54:a7:96:45:bb:
4f:ba:4a:ee:09:70:c5:c8:69:b8:23:36:04:9f:d8:
cc:30:06:08:c0:07:e5:e3:88:9b:f9:6e:12:f6:9b:
ce:58:f5:48:04:a5:a5:02:95:50:cc:40:5a:71:57:
d6:08:06:83:66:c2:8c:66:98:f2:9c:b8:83:0a:87:
56:63:6d:94:c6:fa:79:22:87:a8:84:46:0f:21:d8:
07:23:5e:cc:27:cc:fa:fb:48:e6:18:5f:df:83:dd:
18:40:66:df:fd:38:c8:fd:ce:cc:b7:14:d5:17:80:
e4:ba:d4:fd:56:a8:80:3a:97:1b:a1:23:d9:ec:89:
37:f5:55:5e:91:bb:c5:04:d9:0e:3c:05:5d:d7:c5:
2f:79:18:5a:58:cc:15:84:d5:84:2f:ce:62:e7:8f:
29:7d:b3:b5:bc:fd:36:6a:cb:b1:76:45:24:5c:23:
b1:b9:b2:ca:da:ad:f0:2a:88:2e:a0:f2:96:bf:f7:
b3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D1:4A:74:90:72:A9:FB:C5:0F:EE:71:9B:FA:BC:78:53:1F:2F:C3
X509v3 Authority Key Identifier:
keyid:A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/pfBl_MntoR3KTQ38bXyZB1KY1_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/7BE443EEF6BB11EB865C4246C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.16.0/22
202.58.252.0/22
Signature Algorithm: sha256WithRSAEncryption
23:66:e1:bc:19:09:ef:82:eb:8f:a6:ff:e6:8f:2c:c4:57:83:
de:97:fd:fa:f6:50:89:30:de:11:aa:23:d6:c2:6c:25:d0:7b:
60:55:51:fd:99:1b:d2:73:22:f7:9f:f6:fd:41:95:bb:81:fc:
12:e5:53:8d:70:2b:80:4f:65:f0:4c:47:a6:da:d9:b8:49:04:
5e:b9:0d:1f:9d:64:01:4d:ea:09:dc:39:e6:4e:13:e2:b3:4a:
3a:c4:2f:ca:16:0b:18:32:3a:12:78:f3:66:1b:df:76:fc:d7:
46:1e:94:e2:7a:a0:a3:a4:38:be:e9:a6:fd:30:1a:ae:ca:7e:
75:6d:55:60:72:3f:8e:35:4e:1e:17:e9:1c:5f:4c:b1:d3:26:
da:b4:42:f4:c2:3b:f4:14:2f:3e:ce:e4:97:3d:5b:0c:38:cf:
9b:4e:f1:c1:4d:4f:91:4b:d1:e5:f4:1d:69:63:38:dd:34:76:
0e:e9:ce:06:92:54:80:6c:95:32:85:dc:5a:4b:53:ff:c0:73:
05:d5:d9:86:c7:5c:e6:84:57:3e:37:e2:e0:c3:aa:42:cc:62:
75:63:98:59:3b:43:a5:cd:0a:51:0e:d5:cc:b0:27:b6:d9:06:
1a:78:5a:8c:99:e5:9b:2a:e0:e2:e7:3f:79:4c:f5:b3:f2:63:
d4:a3:f4:7b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBxcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ2ODUxMTAvBgNVBAUTKEE1RjA2NUZDQzlFREExMURDQTREMERGQzZEN0M5OTA3
NTI5OEQ3RkYwHhcNMjIxMDAyMjIxODU0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNhMGU0ZS1iYThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAroiMB58waReA5hWCQM08QvLN6isvGZASqGJ18DrkX5bdmcBlbtmMr0eBxn+q
wLruo3f1TGN8GJAHlwPgE5t8eeSJ0lk0VKeWRbtPukruCXDFyGm4IzYEn9jMMAYI
wAfl44ib+W4S9pvOWPVIBKWlApVQzEBacVfWCAaDZsKMZpjynLiDCodWY22Uxvp5
IoeohEYPIdgHI17MJ8z6+0jmGF/fg90YQGbf/TjI/c7MtxTVF4DkutT9VqiAOpcb
oSPZ7Ik39VVekbvFBNkOPAVd18UveRhaWMwVhNWEL85i548pfbO1vP02asuxdkUk
XCOxubLK2q3wKoguoPKWv/ezlQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG3RSnSQ
cqn7xQ/ucZv6vHhTHy/DMB8GA1UdIwQYMBaAFKXwZfzJ7aEdyk0N/G18mQdSmNf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDY4NS8yRDE1OTE4MkE5
NzMxMUVBOUFBQkU5MjNDNEY5QUUwMi9wZkJsX01udG9SM0tUUTM4Ylh5WkIxS1kx
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BmQmxfTW50b1IzS1RRMzhiWHlaQjFLWTFfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ2ODUvMkQxNTkxODJBOTczMTFFQTlBQUJFOTIzQzRGOUFFMDIvN0JFNDQzRUVG
NkJCMTFFQjg2NUM0MjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnJhADBALKOvwwDQYJKoZIhvcNAQELBQADggEBACNm4bwZ
Ce+C64+m/+aPLMRXg96X/fr2UIkw3hGqI9bCbCXQe2BVUf2ZG9JzIvef9v1BlbuB
/BLlU41wK4BPZfBMR6ba2bhJBF65DR+dZAFN6gncOeZOE+KzSjrEL8oWCxgyOhJ4
82Yb33b810YelOJ6oKOkOL7ppv0wGq7KfnVtVWByP441Th4X6RxfTLHTJtq0QvTC
O/QULz7O5Jc9Www4z5tO8cFNT5FL0eX0HWljON00dg7pzgaSVIBslTKF3FpLU//A
cwXV2YbHXOaEVz434uDDqkLMYnVjmFk7Q6XNClEO1cywJ7bZBhp4WoyZ5Zsq4OLn
P3lM9bPyY9Sj9Hs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org