Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DE570/C2CB119C658311ED96002C2CC4F9AE02/A775003A658611ED93697230C4F9AE02.roa
File: A775003A658611ED93697230C4F9AE02.roa (raw, json)
Hash identifier: Vk+gZsdEx3xrmxsN9uDtrv+5GQ1T/jR5GpEknUpWEiw=
Subject key identifier: F8:41:90:1F:84:D3:9E:42:E6:09:22:72:0A:06:39:17:8A:AF:BC:DA
Certificate issuer: /CN=A91DE570/serialNumber=71C127D1C06AFC7C454DD1093EB2CB7E12D787C0
Certificate serial: 02
Authority key identifier: 71:C1:27:D1:C0:6A:FC:7C:45:4D:D1:09:3E:B2:CB:7E:12:D7:87:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ccEn0cBq_HxFTdEJPrLLfhLXh8A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DE570/C2CB119C658311ED96002C2CC4F9AE02/A775003A658611ED93697230C4F9AE02.roa
Signing time: Wed 16 Nov 2022 08:14:13 +0000
ROA not before: Wed 16 Nov 2022 08:14:13 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 141209
IP address blocks: 103.143.242.0/23 maxlen: 23
103.143.242.0/24 maxlen: 24
103.143.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DE570/serialNumber=71C127D1C06AFC7C454DD1093EB2CB7E12D787C0
Validity
Not Before: Nov 16 08:14:13 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63749bd5-ca8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:01:41:cb:fe:54:24:77:bf:d0:c8:67:1f:29:
41:24:95:12:be:6c:7b:2f:b8:43:b5:bd:af:ce:49:
85:f7:25:4e:30:b0:f7:0f:81:b1:98:15:44:55:af:
07:67:08:04:78:c6:c0:ec:be:b9:b7:40:22:1b:6c:
51:62:b6:2b:b3:3e:8f:f2:e6:54:b7:12:50:ba:7b:
7f:dd:9c:b4:11:da:32:7c:c3:13:cd:7c:b2:d7:90:
c0:f1:47:df:66:77:fb:f0:6f:ef:6c:11:a5:e2:47:
5d:eb:93:3c:9d:81:83:cf:11:f0:9a:e7:8d:8c:56:
00:a4:be:20:c3:ff:d8:76:09:ab:85:65:62:cb:0f:
d6:cc:06:5b:61:72:63:7f:e7:82:9a:ed:48:79:fe:
c7:ef:5c:af:3c:5e:56:92:b6:41:10:8f:58:fc:84:
8a:8f:8c:5c:35:be:83:6b:87:f8:4c:f0:66:5c:85:
46:fa:01:a2:77:51:9b:9d:05:10:e5:ad:1e:48:64:
26:05:7a:1d:3e:53:53:e9:a9:13:fc:62:26:08:5d:
16:be:15:03:f5:c8:39:9f:1d:7d:0d:72:51:64:0e:
22:13:b5:3c:d8:d4:75:27:fa:31:be:e6:0d:76:34:
31:d7:0f:5d:21:82:69:0c:08:01:1b:6c:41:5c:e1:
12:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:41:90:1F:84:D3:9E:42:E6:09:22:72:0A:06:39:17:8A:AF:BC:DA
X509v3 Authority Key Identifier:
keyid:71:C1:27:D1:C0:6A:FC:7C:45:4D:D1:09:3E:B2:CB:7E:12:D7:87:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DE570/C2CB119C658311ED96002C2CC4F9AE02/ccEn0cBq_HxFTdEJPrLLfhLXh8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ccEn0cBq_HxFTdEJPrLLfhLXh8A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DE570/C2CB119C658311ED96002C2CC4F9AE02/A775003A658611ED93697230C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.242.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:7c:6f:22:f7:ed:eb:06:4d:bd:71:ae:06:43:6f:f8:22:b9:
a9:03:16:15:e4:2f:4e:40:b5:57:a6:2f:d6:dd:2c:9b:b4:02:
37:24:5c:5f:ab:cb:27:44:e7:bf:01:d8:28:33:70:1a:16:ee:
98:a3:c6:c4:19:b5:ff:f2:76:3b:85:25:8a:4c:51:6e:0a:20:
d2:93:e7:e4:4d:7d:b9:f6:95:c9:62:aa:8c:d8:b1:77:b6:bb:
8b:e9:bf:de:e8:41:79:2c:71:f3:8b:e2:80:fa:0e:40:79:75:
23:44:87:f7:e2:e3:ca:9d:24:c5:b5:86:7c:2f:54:ea:f4:a4:
97:15:ad:ed:12:0c:29:0f:01:f5:b3:fd:92:b6:e3:48:9b:a5:
ff:4d:8c:63:37:6b:87:8f:c4:01:3c:80:a7:e8:10:9b:e3:d5:
05:4a:fa:1e:38:f7:0b:1d:60:d0:d0:e9:fb:f8:bc:3b:d6:a2:
b0:5d:25:d5:26:38:ee:5c:b1:fc:9c:e6:af:db:45:52:7f:af:
0b:26:e6:ad:71:47:54:c1:ca:ae:56:b0:8b:df:91:37:98:09:
f0:de:43:12:8d:cd:6a:62:17:a6:dc:59:a8:8c:8c:58:de:1c:
5b:ed:f8:d6:0a:01:ef:7b:65:fc:3d:0c:44:36:9a:8b:8b:83:
bb:9b:53:8e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
RTU3MDExMC8GA1UEBRMoNzFDMTI3RDFDMDZBRkM3QzQ1NEREMTA5M0VCMkNCN0Ux
MkQ3ODdDMDAeFw0yMjExMTYwODE0MTNaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNzQ5YmQ1LWNhOGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxAUHL/lQkd7/QyGcfKUEklRK+bHsvuEO1va/OSYX3JU4wsPcPgbGYFURVrwdn
CAR4xsDsvrm3QCIbbFFitiuzPo/y5lS3ElC6e3/dnLQR2jJ8wxPNfLLXkMDxR99m
d/vwb+9sEaXiR13rkzydgYPPEfCa542MVgCkviDD/9h2CauFZWLLD9bMBlthcmN/
54Ka7Uh5/sfvXK88XlaStkEQj1j8hIqPjFw1voNrh/hM8GZchUb6AaJ3UZudBRDl
rR5IZCYFeh0+U1PpqRP8YiYIXRa+FQP1yDmfHX0NclFkDiITtTzY1HUn+jG+5g12
NDHXD10hgmkMCAEbbEFc4RIrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+EGQH4TT
nkLmCSJyCgY5F4qvvNowHwYDVR0jBBgwFoAUccEn0cBq/HxFTdEJPrLLfhLXh8Aw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURFNTcwL0MyQ0IxMTlDNjU4
MzExRUQ5NjAwMkMyQ0M0RjlBRTAyL2NjRW4wY0JxX0h4RlRkRUpQckxMZmhMWGg4
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvY2NFbjBjQnFfSHhGVGRFSlByTExmaExYaDhBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RTU3MC9DMkNCMTE5QzY1ODMxMUVEOTYwMDJDMkNDNEY5QUUwMi9BNzc1MDAzQTY1
ODYxMUVEOTM2OTcyMzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWeP8jANBgkqhkiG9w0BAQsFAAOCAQEADnxvIvft6wZNvXGu
BkNv+CK5qQMWFeQvTkC1V6Yv1t0sm7QCNyRcX6vLJ0TnvwHYKDNwGhbumKPGxBm1
//J2O4UlikxRbgog0pPn5E19ufaVyWKqjNixd7a7i+m/3uhBeSxx84vigPoOQHl1
I0SH9+Ljyp0kxbWGfC9U6vSklxWt7RIMKQ8B9bP9krbjSJul/02MYzdrh4/EATyA
p+gQm+PVBUr6Hjj3Cx1g0NDp+/i8O9aisF0l1SY47lyx/Jzmr9tFUn+vCybmrXFH
VMHKrlawi9+RN5gJ8N5DEo3NamIXptxZqIyMWN4cW+341goB73tl/D0MRDaai4uD
u5tTjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org