Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91747E1/CE3472DE4CC811EAA058EC14C4F9AE02/4FFE73F04CC911EA814E0B15C4F9AE02.roa
File: 4FFE73F04CC911EA814E0B15C4F9AE02.roa (raw, json)
Hash identifier: mLWMkCI+RhTkvQRH4nWKlJzFt3GKDTzYzXSE+HTflB0=
Subject key identifier: 03:69:0C:6D:56:F8:83:6F:D8:BE:D3:2C:38:6D:3F:04:FF:CE:48:0E
Certificate issuer: /CN=A91747E1/serialNumber=7AC6EFFB04C2B580F5A56B6A746CDFE053AF6A9E
Certificate serial: 08E8
Authority key identifier: 7A:C6:EF:FB:04:C2:B5:80:F5:A5:6B:6A:74:6C:DF:E0:53:AF:6A:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esbv-wTCtYD1pWtqdGzf4FOvap4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91747E1/CE3472DE4CC811EAA058EC14C4F9AE02/4FFE73F04CC911EA814E0B15C4F9AE02.roa
Signing time: Sat 22 Oct 2022 13:07:28 +0000
ROA not before: Sat 22 Oct 2022 13:07:28 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 138362
IP address blocks: 103.131.144.0/22 maxlen: 24
2403:cc40::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2280 (0x8e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91747E1/serialNumber=7AC6EFFB04C2B580F5A56B6A746CDFE053AF6A9E
Validity
Not Before: Oct 22 13:07:28 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=6353eb0f-f79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:60:04:83:ff:b8:12:96:a7:79:f8:bd:98:19:
ee:e4:78:83:82:ea:f9:45:f6:d6:3a:46:d7:5a:5b:
0b:03:4f:17:a8:31:30:34:83:b3:79:4b:84:19:fb:
bb:dc:f7:c9:70:c1:b5:81:e7:b5:da:ad:4f:46:df:
ca:3d:39:de:bf:7d:f3:ae:77:92:f8:14:bd:fe:38:
e2:b9:e4:79:fa:d2:d8:e2:e3:e2:6b:63:04:cf:eb:
ab:21:19:b2:1f:90:72:bc:e5:fe:05:04:e6:3f:9e:
ff:a9:34:fb:2c:1e:9c:2c:c9:e2:78:7c:3e:e9:16:
35:ac:74:4c:88:5a:1e:c7:d4:6d:73:12:a3:04:85:
d6:20:e5:4e:ea:d7:c4:38:d3:e8:c0:75:81:ec:56:
a5:50:d2:5d:36:02:c7:03:e3:b3:1b:0e:80:83:cd:
46:1c:3d:29:fd:b6:98:0d:1f:6a:53:25:86:df:5e:
9e:62:2b:90:46:fc:5c:2a:c2:de:e9:27:cc:38:db:
b2:ac:16:02:56:57:1c:57:1a:80:34:17:fa:70:9c:
53:b2:a3:99:e8:2b:ea:7e:9e:2c:d6:88:a4:c1:ea:
05:8c:8c:bc:73:ab:3b:88:03:d2:b0:1b:52:93:cc:
0d:b1:0f:eb:f6:d7:19:40:b0:c5:ed:fb:cc:07:ab:
d1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:69:0C:6D:56:F8:83:6F:D8:BE:D3:2C:38:6D:3F:04:FF:CE:48:0E
X509v3 Authority Key Identifier:
keyid:7A:C6:EF:FB:04:C2:B5:80:F5:A5:6B:6A:74:6C:DF:E0:53:AF:6A:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91747E1/CE3472DE4CC811EAA058EC14C4F9AE02/esbv-wTCtYD1pWtqdGzf4FOvap4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esbv-wTCtYD1pWtqdGzf4FOvap4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91747E1/CE3472DE4CC811EAA058EC14C4F9AE02/4FFE73F04CC911EA814E0B15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.131.144.0/22
IPv6:
2403:cc40::/32
Signature Algorithm: sha256WithRSAEncryption
0d:3d:3f:33:3f:cb:90:b7:aa:bb:5f:79:86:7c:2f:a6:fb:79:
23:e5:94:53:ba:62:fb:2b:70:13:45:9d:dc:8f:2f:4f:db:d5:
55:09:05:44:9e:c1:1e:e9:00:98:10:a7:e6:7c:89:dd:4d:d1:
a9:04:47:e8:75:f3:49:d3:c2:bd:d8:68:cf:83:c3:ec:7c:75:
78:81:dc:47:57:25:82:cb:4d:fb:57:e7:91:cd:77:e4:72:09:
0e:05:d6:2d:8f:f1:9c:31:07:9c:a6:7c:c9:0b:49:26:e1:ef:
9f:f3:6a:7c:b6:8c:41:dc:f2:18:cb:a5:b8:0f:a3:3c:f5:50:
7b:fd:dd:a6:e8:0f:da:ae:64:aa:42:f9:36:20:d1:2b:51:37:
80:71:5e:5e:ed:a2:3b:6f:4f:5a:53:94:ba:76:a1:a5:d4:b6:
dc:33:78:19:14:85:5e:1e:d1:3d:d2:9a:ed:2e:9f:9a:46:5a:
0e:fb:f8:91:e5:ec:ba:d2:2d:0d:d6:fc:d7:b6:33:a0:20:4c:
f7:4c:a8:9f:0e:cb:a3:be:c9:63:1f:ec:97:85:97:d5:50:6a:
8c:90:8d:fb:7d:27:95:1f:14:bd:a8:3d:93:b5:3f:25:3d:33:
e3:d9:47:35:f9:54:c3:cb:9b:68:ef:af:11:e6:bb:dd:c6:b7:
f2:45:60:9f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ3RTExMTAvBgNVBAUTKDdBQzZFRkZCMDRDMkI1ODBGNUE1NkI2QTc0NkNERkUw
NTNBRjZBOUUwHhcNMjIxMDIyMTMwNzI4WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzUzZWIwZi1mNzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2AEg/+4Epanefi9mBnu5HiDgur5RfbWOkbXWlsLA08XqDEwNIOzeUuEGfu7
3PfJcMG1gee12q1PRt/KPTnev33zrneS+BS9/jjiueR5+tLY4uPia2MEz+urIRmy
H5ByvOX+BQTmP57/qTT7LB6cLMnieHw+6RY1rHRMiFoex9RtcxKjBIXWIOVO6tfE
ONPowHWB7FalUNJdNgLHA+OzGw6Ag81GHD0p/baYDR9qUyWG316eYiuQRvxcKsLe
6SfMONuyrBYCVlccVxqANBf6cJxTsqOZ6Cvqfp4s1oikweoFjIy8c6s7iAPSsBtS
k8wNsQ/r9tcZQLDF7fvMB6vRTQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFANpDG1W
+INv2L7TLDhtPwT/zkgOMB8GA1UdIwQYMBaAFHrG7/sEwrWA9aVranRs3+BTr2qe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDdFMS9DRTM0NzJERTRD
QzgxMUVBQTA1OEVDMTRDNEY5QUUwMi9lc2J2LXdUQ3RZRDFwV3RxZEd6ZjRGT3Zh
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzYnYtd1RDdFlEMXBXdHFkR3pmNEZPdmFwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ3RTEvQ0UzNDcyREU0Q0M4MTFFQUEwNThFQzE0QzRGOUFFMDIvNEZGRTczRjA0
Q0M5MTFFQTgxNEUwQjE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJng5AwDQQCAAIwBwMFACQDzEAwDQYJKoZIhvcNAQELBQAD
ggEBAA09PzM/y5C3qrtfeYZ8L6b7eSPllFO6YvsrcBNFndyPL0/b1VUJBUSewR7p
AJgQp+Z8id1N0akER+h180nTwr3YaM+Dw+x8dXiB3EdXJYLLTftX55HNd+RyCQ4F
1i2P8ZwxB5ymfMkLSSbh75/zany2jEHc8hjLpbgPozz1UHv93aboD9quZKpC+TYg
0StRN4BxXl7tojtvT1pTlLp2oaXUttwzeBkUhV4e0T3Smu0un5pGWg77+JHl7LrS
LQ3W/Ne2M6AgTPdMqJ8Oy6O+yWMf7JeFl9VQaoyQjft9J5UfFL2oPZO1PyU9M+PZ
RzX5VMPLm2jvrxHmu93Gt/JFYJ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org