Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D7023C9E7B8111ED9C4EDD3BC4F9AE02.roa
File: D7023C9E7B8111ED9C4EDD3BC4F9AE02.roa (raw, json)
Hash identifier: lN1u34Wq44tZp/39fCgwa+EV8wPeL1UVsunG0fhxnlQ=
Subject key identifier: AD:AF:E1:FE:28:84:C8:03:94:EB:DE:14:66:F6:A4:6A:B3:FC:0C:75
Certificate issuer: /CN=A918D3A9/serialNumber=1968423ED6D2495880A56A6DB02BC67298C5E686
Certificate serial: 0E8A
Authority key identifier: 19:68:42:3E:D6:D2:49:58:80:A5:6A:6D:B0:2B:C6:72:98:C5:E6:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWhCPtbSSViApWptsCvGcpjF5oY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D7023C9E7B8111ED9C4EDD3BC4F9AE02.roa
Signing time: Wed 14 Dec 2022 07:35:11 +0000
ROA not before: Wed 14 Dec 2022 07:35:11 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 9654
IP address blocks: 103.103.194.0/24 maxlen: 24
103.116.193.0/24 maxlen: 24
2405:1340::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3722 (0xe8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D3A9/serialNumber=1968423ED6D2495880A56A6DB02BC67298C5E686
Validity
Not Before: Dec 14 07:35:11 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=63997cae-faaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c9:ab:d0:c8:82:58:81:36:2f:94:ca:09:21:
05:28:dc:97:eb:76:51:68:ac:dd:d5:a1:18:6f:4d:
61:d7:df:39:05:ed:54:c1:38:7b:b1:34:11:39:84:
cb:78:13:2b:a4:e0:f4:56:42:7f:96:60:49:15:01:
4e:2c:1d:80:06:93:fc:d3:bd:0c:fa:3e:ca:e4:d5:
da:b6:70:36:cd:79:2b:31:9e:89:19:11:4a:cf:dd:
9a:39:c5:dc:79:56:81:2c:28:9b:85:83:bf:7d:37:
88:fc:24:05:5a:e1:58:28:bf:33:19:a3:09:a3:67:
f7:2d:1e:3c:86:e7:63:d4:63:95:69:41:e1:bd:88:
f3:e3:e7:f4:23:f5:67:83:cf:79:4a:5c:b6:ac:07:
9c:b5:9c:72:ee:da:8b:10:1e:7b:fd:a0:44:e6:32:
4e:d8:91:30:09:60:38:0a:3b:d3:39:4b:80:1d:e5:
83:4a:a5:21:75:29:13:7b:7d:55:a1:53:2f:4e:35:
4e:eb:db:5e:f2:2a:6c:f8:76:8f:dc:8c:01:70:b3:
93:e3:59:11:98:2e:ce:3b:de:aa:59:29:3a:ec:ea:
9b:50:a6:26:82:3f:9b:e1:9b:5d:72:bc:ae:5c:67:
6e:cb:df:5e:3c:34:80:6d:a0:21:6b:22:86:91:28:
9c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AF:E1:FE:28:84:C8:03:94:EB:DE:14:66:F6:A4:6A:B3:FC:0C:75
X509v3 Authority Key Identifier:
keyid:19:68:42:3E:D6:D2:49:58:80:A5:6A:6D:B0:2B:C6:72:98:C5:E6:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/GWhCPtbSSViApWptsCvGcpjF5oY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWhCPtbSSViApWptsCvGcpjF5oY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/D7023C9E7B8111ED9C4EDD3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.194.0/24
103.116.193.0/24
IPv6:
2405:1340::/32
Signature Algorithm: sha256WithRSAEncryption
3a:8c:dd:0c:97:3f:6a:b0:b5:f3:04:ff:8e:ab:6b:70:37:36:
d7:cd:4e:5f:94:5e:85:d4:11:3d:cd:04:1c:68:98:72:b2:5c:
1f:56:e5:73:1a:6d:7d:99:8d:3f:bf:40:aa:f7:d3:3d:e3:ea:
c4:d0:aa:2f:1a:c8:22:47:53:30:56:20:c5:d1:84:c4:7f:e4:
45:6c:ef:c1:ea:e6:14:44:a6:0f:3e:dd:fd:55:de:6d:9e:2c:
c3:b8:5c:1a:e8:6e:0f:b6:12:b9:e1:b8:ae:49:35:c2:11:68:
f3:18:b6:52:dd:e8:e2:47:03:1b:81:b7:2d:a4:21:a8:68:67:
98:8e:1e:64:78:09:6a:1e:34:c3:0f:4e:d3:73:d5:8b:36:54:
6d:8e:fe:fe:76:c2:e5:0b:53:af:b8:d6:fb:d0:92:3e:9a:bd:
6b:bd:dc:3c:04:2b:21:cf:34:e5:84:d6:3f:3e:ef:0c:0a:31:
44:33:38:4b:2c:32:fa:a9:12:32:e4:a0:d4:9a:ef:5b:1f:46:
6d:fb:da:49:3d:36:c1:96:c8:82:53:ff:44:b8:c9:ad:79:bc:
dd:34:32:e9:13:81:8e:38:02:9b:d3:40:1b:88:f1:5e:ab:35:
12:ef:6a:a1:d7:83:49:e2:79:f5:59:11:fa:96:c2:33:3c:af:
1d:87:a3:47
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQzQTkxMTAvBgNVBAUTKDE5Njg0MjNFRDZEMjQ5NTg4MEE1NkE2REIwMkJDNjcy
OThDNUU2ODYwHhcNMjIxMjE0MDczNTExWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzk5N2NhZS1mYWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA58mr0MiCWIE2L5TKCSEFKNyX63ZRaKzd1aEYb01h1985Be1UwTh7sTQROYTL
eBMrpOD0VkJ/lmBJFQFOLB2ABpP8070M+j7K5NXatnA2zXkrMZ6JGRFKz92aOcXc
eVaBLCibhYO/fTeI/CQFWuFYKL8zGaMJo2f3LR48hudj1GOVaUHhvYjz4+f0I/Vn
g895Sly2rAectZxy7tqLEB57/aBE5jJO2JEwCWA4CjvTOUuAHeWDSqUhdSkTe31V
oVMvTjVO69te8ips+HaP3IwBcLOT41kRmC7OO96qWSk67OqbUKYmgj+b4Ztdcryu
XGduy99ePDSAbaAhayKGkSicXQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFK2v4f4o
hMgDlOveFGb2pGqz/Ax1MB8GA1UdIwQYMBaAFBloQj7W0klYgKVqbbArxnKYxeaG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDNBOS9CQjdGRkI4RTNB
OTIxMUU5QjUyRENGNTNDNEY5QUUwMi9HV2hDUHRiU1NWaUFwV3B0c0N2R2NwakY1
b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dXaENQdGJTU1ZpQXBXcHRzQ3ZHY3BqRjVvWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQzQTkvQkI3RkZCOEUzQTkyMTFFOUI1MkRDRjUzQzRGOUFFMDIvRDcwMjNDOUU3
QjgxMTFFRDlDNEVERDNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnZ8IDBABndMEwDQQCAAIwBwMFACQFE0AwDQYJKoZIhvcN
AQELBQADggEBADqM3QyXP2qwtfME/46ra3A3NtfNTl+UXoXUET3NBBxomHKyXB9W
5XMabX2ZjT+/QKr30z3j6sTQqi8ayCJHUzBWIMXRhMR/5EVs78Hq5hREpg8+3f1V
3m2eLMO4XBrobg+2ErnhuK5JNcIRaPMYtlLd6OJHAxuBty2kIahoZ5iOHmR4CWoe
NMMPTtNz1Ys2VG2O/v52wuULU6+41vvQkj6avWu93DwEKyHPNOWE1j8+7wwKMUQz
OEssMvqpEjLkoNSa71sfRm372kk9NsGWyIJT/0S4ya15vN00MukTgY44ApvTQBuI
8V6rNRLvaqHXg0niefVZEfqWwjM8rx2Ho0c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org