Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D6BF/E361BA20A5A111E7B3A3127DC4F9AE02/C42F74F8B0E511ED888E3717C4F9AE02.roa
File: C42F74F8B0E511ED888E3717C4F9AE02.roa (raw, json)
Hash identifier: aXrDRwkM4jIElKBsG7aJj7mIdMRbQ9kkjtRw8HFz+Gs=
Subject key identifier: 6A:E7:72:7E:BD:84:D6:25:E5:06:21:BF:68:17:D2:C3:5D:1D:B2:8E
Certificate issuer: /CN=A918D6BF/serialNumber=4E01F4FCA76DBF9295DEC61C1B32A4EE68ADFD23
Certificate serial: 16F5
Authority key identifier: 4E:01:F4:FC:A7:6D:BF:92:95:DE:C6:1C:1B:32:A4:EE:68:AD:FD:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TgH0_Kdtv5KV3sYcGzKk7mit_SM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D6BF/E361BA20A5A111E7B3A3127DC4F9AE02/C42F74F8B0E511ED888E3717C4F9AE02.roa
Signing time: Fri 31 Mar 2023 17:44:09 +0000
ROA not before: Fri 31 Mar 2023 17:44:09 +0000
ROA not after: Tue 01 Aug 2023 00:00:00 +0000
asID: 59256
IP address blocks: 103.39.238.0/24 maxlen: 24
103.39.239.0/24 maxlen: 24
103.39.248.0/24 maxlen: 24
103.243.239.0/24 maxlen: 24
175.111.176.0/24 maxlen: 24
175.111.177.0/24 maxlen: 24
175.111.179.0/24 maxlen: 24
2001:df6:9000::/48 maxlen: 48
2401:9cc0:200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5877 (0x16f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D6BF/serialNumber=4E01F4FCA76DBF9295DEC61C1B32A4EE68ADFD23
Validity
Not Before: Mar 31 17:44:09 2023 GMT
Not After : Aug 1 00:00:00 2023 GMT
Subject: CN=64271be9-9271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:86:30:61:2b:7f:50:0c:65:3e:30:e3:69:b4:
1e:1c:3f:d1:01:37:8d:0f:50:78:a5:3a:03:8b:26:
13:11:b5:c0:ac:58:2e:f7:d6:ac:f3:ba:e3:5c:39:
bc:0c:aa:8a:00:5c:39:d5:15:f8:9f:c7:c8:ab:86:
5b:0c:67:26:06:1c:33:b6:7e:8f:66:ae:fd:67:84:
91:61:dd:a7:a5:bd:ff:c5:42:4d:27:fe:72:11:b2:
53:b5:69:b0:28:9f:94:17:03:b0:36:ab:b8:61:db:
f5:e3:72:94:98:bf:b4:7c:0e:d1:ca:94:94:ea:dd:
35:e0:09:bb:85:50:1d:fd:f9:75:a1:6e:14:8f:c9:
c1:54:43:eb:73:87:57:ae:e8:9e:9a:dc:2e:e3:4e:
c8:e7:bd:23:63:10:98:88:67:e9:44:09:e5:23:01:
7c:0b:ed:ec:ae:7a:96:40:fe:30:62:c0:30:d9:6c:
4a:b2:99:9f:56:0f:0e:14:e0:cb:53:59:fa:b4:6f:
61:d8:d8:22:59:95:8b:70:eb:46:bf:a0:e8:29:91:
8e:7c:ad:62:6c:22:75:d8:16:2b:a5:76:7b:f5:78:
7c:d5:01:45:ec:03:62:ec:cf:de:cb:47:cc:3a:25:
c9:89:c1:7b:af:8d:af:3b:d1:fc:6f:fa:90:96:fc:
9c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E7:72:7E:BD:84:D6:25:E5:06:21:BF:68:17:D2:C3:5D:1D:B2:8E
X509v3 Authority Key Identifier:
keyid:4E:01:F4:FC:A7:6D:BF:92:95:DE:C6:1C:1B:32:A4:EE:68:AD:FD:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D6BF/E361BA20A5A111E7B3A3127DC4F9AE02/TgH0_Kdtv5KV3sYcGzKk7mit_SM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TgH0_Kdtv5KV3sYcGzKk7mit_SM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D6BF/E361BA20A5A111E7B3A3127DC4F9AE02/C42F74F8B0E511ED888E3717C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.39.238.0/23
103.39.248.0/24
103.243.239.0/24
175.111.176.0/23
175.111.179.0/24
IPv6:
2001:df6:9000::/48
2401:9cc0:200::/48
Signature Algorithm: sha256WithRSAEncryption
57:79:10:54:61:9d:e8:29:64:c3:26:82:91:bb:40:82:d3:aa:
9f:cd:64:67:8e:9c:b5:af:aa:9c:0b:1d:b3:9a:77:66:0a:a4:
4c:f4:68:76:b1:dd:6b:a5:3b:a5:2c:53:4b:14:6c:89:9f:67:
e5:c0:11:73:20:dd:39:6f:41:12:c8:da:28:2a:5b:59:c0:b6:
fa:6f:a6:be:2c:e6:23:e8:8e:b0:17:e3:0d:73:0a:a5:ce:81:
cf:18:4a:93:b5:7f:4f:b8:c6:c5:fd:16:87:59:17:ae:19:77:
fc:ee:39:ee:06:5f:77:38:3f:4f:a4:63:96:5a:c1:48:4c:3c:
5e:5e:85:44:cf:a6:9b:e0:34:71:18:b1:36:b2:8b:c6:2f:89:
75:0b:9d:ca:84:c4:f6:3a:88:72:a8:11:f1:58:b4:35:dc:36:
ac:ee:c3:de:a1:4a:82:bd:77:46:7b:2c:0d:14:06:3d:62:8f:
c9:e9:6b:19:1c:25:7c:5c:3a:f4:03:53:b5:8d:be:93:41:e2:
dd:a1:26:fd:65:eb:0d:27:f4:b8:a7:ba:de:11:10:2a:18:da:
92:4e:1d:ae:ee:79:6a:d1:13:63:ae:65:28:1d:37:42:a5:58:
5d:80:be:11:a9:2d:68:67:b3:ab:da:43:60:10:3b:f7:b7:c6:
1d:32:40:30
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgICFvUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ2QkYxMTAvBgNVBAUTKDRFMDFGNEZDQTc2REJGOTI5NURFQzYxQzFCMzJBNEVF
NjhBREZEMjMwHhcNMjMwMzMxMTc0NDA5WhcNMjMwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI3MWJlOS05MjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA14YwYSt/UAxlPjDjabQeHD/RATeND1B4pToDiyYTEbXArFgu99as87rjXDm8
DKqKAFw51RX4n8fIq4ZbDGcmBhwztn6PZq79Z4SRYd2npb3/xUJNJ/5yEbJTtWmw
KJ+UFwOwNqu4Ydv143KUmL+0fA7RypSU6t014Am7hVAd/fl1oW4Uj8nBVEPrc4dX
ruiemtwu407I570jYxCYiGfpRAnlIwF8C+3srnqWQP4wYsAw2WxKspmfVg8OFODL
U1n6tG9h2NgiWZWLcOtGv6DoKZGOfK1ibCJ12BYrpXZ79Xh81QFF7ANi7M/ey0fM
OiXJicF7r42vO9H8b/qQlvycJQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFGrncn69
hNYl5QYhv2gX0sNdHbKOMB8GA1UdIwQYMBaAFE4B9Pynbb+Sld7GHBsypO5orf0j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDZCRi9FMzYxQkEyMEE1
QTExMUU3QjNBMzEyN0RDNEY5QUUwMi9UZ0gwX0tkdHY1S1Yzc1ljR3pLazdtaXRf
U00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RnSDBfS2R0djVLVjNzWWNHektrN21pdF9TTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ2QkYvRTM2MUJBMjBBNUExMTFFN0IzQTMxMjdEQzRGOUFFMDIvQzQyRjc0RjhC
MEU1MTFFRDg4OEUzNzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E
QjBAMCQEAgABMB4DBAFnJ+4DBABnJ/gDBABn8+8DBAGvb7ADBACvb7MwGAQCAAIw
EgMHACABDfaQAAMHACQBnMACADANBgkqhkiG9w0BAQsFAAOCAQEAV3kQVGGd6Clk
wyaCkbtAgtOqn81kZ46cta+qnAsds5p3ZgqkTPRodrHda6U7pSxTSxRsiZ9n5cAR
cyDdOW9BEsjaKCpbWcC2+m+mvizmI+iOsBfjDXMKpc6BzxhKk7V/T7jGxf0Wh1kX
rhl3/O457gZfdzg/T6RjllrBSEw8Xl6FRM+mm+A0cRixNrKLxi+JdQudyoTE9jqI
cqgR8Vi0Ndw2rO7D3qFKgr13RnssDRQGPWKPyelrGRwlfFw69ANTtY2+k0Hi3aEm
/WXrDSf0uKe63hEQKhjakk4dru55atETY65lKB03QqVYXYC+EaktaGezq9pDYBA7
97fGHTJAMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org