Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176190/C37300E8AE1811EAA5090072C4F9AE02/173F4D700C3911EB828BDC25C4F9AE02.roa
File: 173F4D700C3911EB828BDC25C4F9AE02.roa (raw, json)
Hash identifier: O7Jc5mqlPQ2UG98HI6fIG2uqZ030PBrCLsc811F2bVQ=
Subject key identifier: 85:8A:26:46:48:16:EB:4E:8C:6A:47:75:0D:58:48:C4:C9:B3:C7:04
Certificate issuer: /CN=A9176190/serialNumber=3DE7EFC046A67B9925BBBBDC6132B12975DB4A6D
Certificate serial: 03DE
Authority key identifier: 3D:E7:EF:C0:46:A6:7B:99:25:BB:BB:DC:61:32:B1:29:75:DB:4A:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PefvwEame5klu7vcYTKxKXXbSm0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176190/C37300E8AE1811EAA5090072C4F9AE02/173F4D700C3911EB828BDC25C4F9AE02.roa
Signing time: Tue 17 Aug 2021 22:37:37 +0000
ROA not before: Tue 17 Aug 2021 22:37:37 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 137443
IP address blocks: 103.119.128.0/22 maxlen: 22
103.119.128.0/24 maxlen: 24
103.119.129.0/24 maxlen: 24
103.119.130.0/24 maxlen: 24
103.119.131.0/24 maxlen: 24
202.43.225.0/24 maxlen: 24
202.43.226.0/24 maxlen: 24
202.43.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 990 (0x3de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176190/serialNumber=3DE7EFC046A67B9925BBBBDC6132B12975DB4A6D
Validity
Not Before: Aug 17 22:37:37 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=611c3a31-52fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:54:4c:cb:12:ab:cb:fa:c3:ff:10:97:6d:f9:
b8:9c:0b:84:1c:42:a5:e0:15:3e:95:0d:26:6c:17:
fe:bb:68:dc:ff:13:af:0f:7a:47:8e:db:1a:12:66:
94:a8:d6:c0:ea:3f:32:99:8b:56:3f:6b:43:47:e4:
e0:d2:42:fd:9e:b1:5c:bf:ab:1e:06:03:90:75:2f:
4b:af:86:55:66:a9:a2:fe:e6:93:d3:25:09:80:bd:
d1:9d:e5:3b:cc:55:55:54:07:a2:e4:98:10:ca:c3:
c8:1a:30:df:af:d0:5b:55:55:e2:f0:f9:f4:16:0e:
e0:e3:e5:36:e3:9d:10:42:86:f9:f1:f0:11:da:e6:
a7:0d:ef:56:f5:cd:d0:1a:ea:99:11:5d:84:32:86:
88:ba:27:45:6c:13:8b:11:af:e5:ef:2c:12:fe:03:
0d:98:09:7a:1d:ad:65:55:a3:f1:83:5f:ad:55:1b:
3f:c6:00:20:49:f7:90:35:08:fe:97:f9:d8:3d:a3:
eb:d9:de:85:84:ec:8e:59:d1:32:70:53:8f:04:a4:
18:a7:32:85:b4:6d:71:1d:cb:60:90:a7:06:a1:15:
b3:66:09:56:d5:09:90:7c:7e:8c:39:5f:a5:4d:6e:
eb:09:ae:0f:76:13:5c:47:68:2a:ff:a6:b5:92:62:
8d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8A:26:46:48:16:EB:4E:8C:6A:47:75:0D:58:48:C4:C9:B3:C7:04
X509v3 Authority Key Identifier:
keyid:3D:E7:EF:C0:46:A6:7B:99:25:BB:BB:DC:61:32:B1:29:75:DB:4A:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176190/C37300E8AE1811EAA5090072C4F9AE02/PefvwEame5klu7vcYTKxKXXbSm0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PefvwEame5klu7vcYTKxKXXbSm0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176190/C37300E8AE1811EAA5090072C4F9AE02/173F4D700C3911EB828BDC25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.128.0/22
202.43.225.0-202.43.227.255
Signature Algorithm: sha256WithRSAEncryption
35:12:2b:01:2f:80:d2:2c:7b:db:94:0e:f5:5d:21:6a:5b:f8:
cf:a2:aa:ee:df:6c:4b:14:43:51:c5:ad:f7:37:02:27:58:80:
3c:ae:0e:e5:e3:5d:e6:8e:58:d0:0a:fb:47:4b:51:a1:3c:7a:
a4:28:a8:53:cb:f9:d9:31:1d:e1:93:71:8c:bf:8d:a9:4e:00:
ed:c7:5c:1e:18:04:fd:40:9f:4f:52:22:8d:83:68:e2:85:e9:
19:70:c9:63:80:7b:76:e5:92:e7:12:9a:da:52:cc:6a:6f:a9:
29:74:46:2f:b5:94:dd:ea:5f:47:71:a8:5d:57:48:5e:af:b2:
b0:61:4d:ff:f4:16:21:5e:9d:5c:6e:53:93:82:4d:4c:85:31:
6d:0f:2b:4c:07:f6:64:b5:d6:97:de:be:2b:f1:ef:54:9a:67:
7c:e1:17:64:ba:56:da:ea:30:68:9e:49:8c:39:6f:c7:5e:14:
08:ae:e6:1f:5b:d9:60:76:ff:00:bd:f2:25:28:77:27:00:29:
ce:24:f3:9e:fb:8a:eb:bd:9e:37:0d:e5:64:85:a9:3a:05:46:
65:68:43:4a:9e:ae:d3:58:a5:d1:f9:37:50:1b:30:a0:c5:7b:
09:6d:6d:50:d3:09:a6:96:06:b9:a1:e7:82:38:ad:73:5b:38:
f4:53:60:f8
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICA94wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzYxOTAxMTAvBgNVBAUTKDNERTdFRkMwNDZBNjdCOTkyNUJCQkJEQzYxMzJCMTI5
NzVEQjRBNkQwHhcNMjEwODE3MjIzNzM3WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTFjM2EzMS01MmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA01RMyxKry/rD/xCXbfm4nAuEHEKl4BU+lQ0mbBf+u2jc/xOvD3pHjtsaEmaU
qNbA6j8ymYtWP2tDR+Tg0kL9nrFcv6seBgOQdS9Lr4ZVZqmi/uaT0yUJgL3RneU7
zFVVVAei5JgQysPIGjDfr9BbVVXi8Pn0Fg7g4+U2450QQob58fAR2uanDe9W9c3Q
GuqZEV2EMoaIuidFbBOLEa/l7ywS/gMNmAl6Ha1lVaPxg1+tVRs/xgAgSfeQNQj+
l/nYPaPr2d6FhOyOWdEycFOPBKQYpzKFtG1xHctgkKcGoRWzZglW1QmQfH6MOV+l
TW7rCa4PdhNcR2gq/6a1kmKNVQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFIWKJkZI
FutOjGpHdQ1YSMTJs8cEMB8GA1UdIwQYMBaAFD3n78BGpnuZJbu73GEysSl120pt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjE5MC9DMzczMDBFOEFF
MTgxMUVBQTUwOTAwNzJDNEY5QUUwMi9QZWZ2d0VhbWU1a2x1N3ZjWVRLeEtYWGJT
bTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlZnZ3RWFtZTVrbHU3dmNZVEt4S1hYYlNtMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzYxOTAvQzM3MzAwRThBRTE4MTFFQUE1MDkwMDcyQzRGOUFFMDIvMTczRjRENzAw
QzM5MTFFQjgyOEJEQzI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAJnd4AwDAMEAMor4QMEAsor4DANBgkqhkiG9w0BAQsFAAOC
AQEANRIrAS+A0ix725QO9V0halv4z6Kq7t9sSxRDUcWt9zcCJ1iAPK4O5eNd5o5Y
0Ar7R0tRoTx6pCioU8v52TEd4ZNxjL+NqU4A7cdcHhgE/UCfT1IijYNo4oXpGXDJ
Y4B7duWS5xKa2lLMam+pKXRGL7WU3epfR3GoXVdIXq+ysGFN//QWIV6dXG5Tk4JN
TIUxbQ8rTAf2ZLXWl96+K/HvVJpnfOEXZLpW2uowaJ5JjDlvx14UCK7mH1vZYHb/
AL3yJSh3JwApziTznvuK672eNw3lZIWpOgVGZWhDSp6u01il0fk3UBswoMV7CW1t
UNMJppYGuaHngjitc1s49FNg+A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:44 2023 by rpki-client on console-ams.rpki-client.org