Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91843C6/0236164A7B8911ED9DE15283C4F9AE02/049AAB54D1FF11EDBEED4470C4F9AE02.roa
File: 049AAB54D1FF11EDBEED4470C4F9AE02.roa (raw, json)
Hash identifier: X+a4ZjasQgmuukzfbs+u2FtNR3T1REPUJS/f5Hp34E8=
Subject key identifier: 3D:5A:28:E3:3E:38:56:13:35:1B:E7:8C:72:7F:A0:35:EE:18:DC:F2
Certificate issuer: /CN=A91843C6/serialNumber=C2E1F76743D5EF7A346A3732EAF90DAD582877DD
Certificate serial: 3D
Authority key identifier: C2:E1:F7:67:43:D5:EF:7A:34:6A:37:32:EA:F9:0D:AD:58:28:77:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wuH3Z0PV73o0ajcy6vkNrVgod90.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91843C6/0236164A7B8911ED9DE15283C4F9AE02/049AAB54D1FF11EDBEED4470C4F9AE02.roa
Signing time: Mon 03 Apr 2023 09:07:55 +0000
ROA not before: Mon 03 Apr 2023 09:07:55 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 132080
IP address blocks: 103.24.18.0/23 maxlen: 23
103.24.18.0/24 maxlen: 24
103.24.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61 (0x3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91843C6/serialNumber=C2E1F76743D5EF7A346A3732EAF90DAD582877DD
Validity
Not Before: Apr 3 09:07:55 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=642a976a-4f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:51:b0:52:e3:5d:3c:32:a4:d2:5f:dd:78:f1:
78:a9:7c:51:5a:fa:b5:88:78:f4:93:f5:0b:e0:81:
88:63:07:b9:6d:37:51:e0:ec:8d:3e:98:b2:d0:d5:
c2:cc:aa:ed:00:92:cc:43:12:b0:40:60:a9:7a:e7:
45:e0:e3:ad:85:8b:db:5e:c3:e3:05:52:f2:59:dd:
d9:cc:48:3f:08:41:ee:54:3e:01:cc:37:42:01:86:
39:5a:11:28:60:b7:ad:2d:c2:3e:b2:8b:5c:c3:aa:
01:57:2a:53:75:61:07:f6:91:75:c7:5d:36:5c:95:
5f:8c:63:d2:c5:6c:49:04:fc:6a:48:66:aa:84:57:
3c:78:d4:47:35:22:da:51:3f:c8:55:48:18:74:70:
a1:26:77:d0:db:77:df:5c:fc:29:01:14:ae:26:3d:
5b:32:37:3c:f9:5a:7f:ab:2e:9b:d1:fb:e6:9f:49:
74:84:4a:89:f2:3b:3f:ac:14:c3:49:58:24:49:7d:
b1:89:48:f7:62:5c:33:04:2c:ce:ce:00:d2:ee:48:
65:cf:31:c8:3d:ee:d3:c3:ee:28:ad:5d:fa:7b:85:
4a:f0:f8:ac:28:07:fe:be:f4:95:fd:3d:b0:19:e7:
71:06:65:0c:1e:2e:94:88:fd:03:46:6b:1c:9d:a7:
73:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:5A:28:E3:3E:38:56:13:35:1B:E7:8C:72:7F:A0:35:EE:18:DC:F2
X509v3 Authority Key Identifier:
keyid:C2:E1:F7:67:43:D5:EF:7A:34:6A:37:32:EA:F9:0D:AD:58:28:77:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91843C6/0236164A7B8911ED9DE15283C4F9AE02/wuH3Z0PV73o0ajcy6vkNrVgod90.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wuH3Z0PV73o0ajcy6vkNrVgod90.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91843C6/0236164A7B8911ED9DE15283C4F9AE02/049AAB54D1FF11EDBEED4470C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.18.0/23
Signature Algorithm: sha256WithRSAEncryption
43:78:98:74:05:20:25:22:25:50:1d:fa:e6:c8:8a:04:85:2a:
bc:5f:de:5d:3e:d4:c2:99:aa:35:a8:f9:b2:14:9a:a9:76:a1:
4f:f9:95:9c:06:8a:c7:fa:aa:1b:46:47:28:4d:5c:cd:55:ce:
bc:46:5d:07:43:77:89:3b:1a:c6:8f:dc:e6:ea:37:4a:e2:35:
ac:08:c8:a6:e5:13:aa:c9:1e:22:00:b3:42:1d:24:a4:cb:09:
0d:7f:db:6b:44:d9:3f:6d:91:e3:6a:ba:58:3a:74:48:ac:23:
1a:8d:cd:eb:6f:7e:fb:24:e7:3b:4c:43:72:84:73:06:c8:44:
42:e4:14:b5:aa:5f:75:99:59:7b:29:90:5e:80:db:fb:00:67:
e1:83:e4:d0:2f:6f:31:dc:58:e7:42:bb:1c:40:26:52:36:52:
12:c4:d5:9a:ea:0a:b9:03:b2:57:cf:4d:e0:d7:16:3c:07:b4:
71:84:a3:d0:cb:79:e8:18:22:d9:75:54:54:c2:4d:da:d7:10:
82:e0:10:42:b1:0c:f9:8a:ce:e2:6e:35:54:03:6c:c5:68:05:
4d:0f:b3:b7:58:7c:73:84:35:43:5f:ca:b1:31:5a:8b:b0:c8:
3b:2f:01:dd:07:85:10:6c:ac:61:0d:75:1e:a0:8b:f8:ce:7e:
98:7f:e4:7d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBPTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NDNDNjExMC8GA1UEBRMoQzJFMUY3Njc0M0Q1RUY3QTM0NkEzNzMyRUFGOTBEQUQ1
ODI4NzdERDAeFw0yMzA0MDMwOTA3NTVaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MmE5NzZhLTRmNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuUbBS4108MqTSX9148XipfFFa+rWIePST9QvggYhjB7ltN1Hg7I0+mLLQ1cLM
qu0AksxDErBAYKl650Xg462Fi9tew+MFUvJZ3dnMSD8IQe5UPgHMN0IBhjlaEShg
t60twj6yi1zDqgFXKlN1YQf2kXXHXTZclV+MY9LFbEkE/GpIZqqEVzx41Ec1ItpR
P8hVSBh0cKEmd9Dbd99c/CkBFK4mPVsyNzz5Wn+rLpvR++afSXSESonyOz+sFMNJ
WCRJfbGJSPdiXDMELM7OANLuSGXPMcg97tPD7iitXfp7hUrw+KwoB/6+9JX9PbAZ
53EGZQweLpSI/QNGaxydp3PzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUPVoo4z44
VhM1G+eMcn+gNe4Y3PIwHwYDVR0jBBgwFoAUwuH3Z0PV73o0ajcy6vkNrVgod90w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg0M0M2LzAyMzYxNjRBN0I4
OTExRUQ5REUxNTI4M0M0RjlBRTAyL3d1SDNaMFBWNzNvMGFqY3k2dmtOclZnb2Q5
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvd3VIM1owUFY3M28wYWpjeTZ2a05yVmdvZDkwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NDNDNi8wMjM2MTY0QTdCODkxMUVEOURFMTUyODNDNEY5QUUwMi8wNDlBQUI1NEQx
RkYxMUVEQkVFRDQ0NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcYEjANBgkqhkiG9w0BAQsFAAOCAQEAQ3iYdAUgJSIlUB36
5siKBIUqvF/eXT7UwpmqNaj5shSaqXahT/mVnAaKx/qqG0ZHKE1czVXOvEZdB0N3
iTsaxo/c5uo3SuI1rAjIpuUTqskeIgCzQh0kpMsJDX/ba0TZP22R42q6WDp0SKwj
Go3N629++yTnO0xDcoRzBshEQuQUtapfdZlZeymQXoDb+wBn4YPk0C9vMdxY50K7
HEAmUjZSEsTVmuoKuQOyV89N4NcWPAe0cYSj0Mt56Bgi2XVUVMJN2tcQguAQQrEM
+YrO4m41VANsxWgFTQ+zt1h8c4Q1Q1/KsTFai7DIOy8B3QeFEGysYQ11HqCL+M5+
mH/kfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org