Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/1FDC5014464C11ED81CF4275C4F9AE02.roa
File: 1FDC5014464C11ED81CF4275C4F9AE02.roa (raw, json)
Hash identifier: rfUyIDV1PgIZdfQjGA5IeaGhNZpxWH0zmEZlkFLqVNs=
Subject key identifier: 87:73:C7:F5:4D:43:13:FD:9D:31:40:AB:D5:C8:59:4A:16:79:20:E3
Certificate issuer: /CN=A91F7E85/serialNumber=596852D52994FBB67A6379AB1E0AF514553EE886
Certificate serial: 0A08
Authority key identifier: 59:68:52:D5:29:94:FB:B6:7A:63:79:AB:1E:0A:F5:14:55:3E:E8:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/1FDC5014464C11ED81CF4275C4F9AE02.roa
Signing time: Fri 07 Oct 2022 16:07:09 +0000
ROA not before: Fri 07 Oct 2022 16:07:09 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 139026
IP address blocks: 103.138.164.0/23 maxlen: 23
103.138.164.0/24 maxlen: 24
103.138.165.0/24 maxlen: 24
2001:df0:4480::/48 maxlen: 48
2400:a7e0::/32 maxlen: 32
2400:a7e0::/33 maxlen: 33
2400:a7e0:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2568 (0xa08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F7E85/serialNumber=596852D52994FBB67A6379AB1E0AF514553EE886
Validity
Not Before: Oct 7 16:07:09 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63404ead-a7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e8:f6:02:c5:3e:2c:3a:a7:8f:7f:c7:c5:6c:
1f:ea:cf:85:18:26:30:bc:09:09:34:d1:03:2c:25:
ab:9f:c5:31:a0:76:ab:fa:75:fb:69:cd:38:39:66:
2e:40:f4:1d:ab:1a:7e:08:65:2b:56:6a:77:70:6e:
c6:a5:6d:a4:74:59:3d:12:0a:12:5e:ed:b3:9b:35:
f5:c4:ee:93:01:26:b5:6b:eb:53:63:d0:9e:e8:54:
f0:76:04:53:91:5a:6b:d6:9b:41:c1:c0:6e:ca:4a:
47:d9:e4:10:d7:b5:6d:6d:ec:d6:24:6b:62:8f:97:
d6:f9:8f:22:64:be:3c:90:89:d1:6f:98:19:47:9f:
fd:33:4b:f7:8e:c6:14:7c:87:5a:9a:2e:e5:34:bf:
bc:07:db:b4:2e:d4:01:ba:22:34:e0:07:b3:17:28:
da:3b:26:b7:76:7d:b3:d2:02:8a:7e:6a:39:19:d5:
b6:08:71:8e:30:f5:f8:53:db:33:f8:46:cc:1d:03:
46:27:6e:0a:d6:cc:a4:5e:d7:e9:0a:0b:db:fa:72:
12:63:84:07:99:9e:44:de:75:a0:8c:d6:e3:be:35:
cf:ed:0c:e1:c6:6f:6d:dc:85:aa:b1:fa:0b:3f:fb:
0f:0d:d6:c3:79:07:6d:e6:bd:d5:aa:6d:62:d6:eb:
9c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:73:C7:F5:4D:43:13:FD:9D:31:40:AB:D5:C8:59:4A:16:79:20:E3
X509v3 Authority Key Identifier:
keyid:59:68:52:D5:29:94:FB:B6:7A:63:79:AB:1E:0A:F5:14:55:3E:E8:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WWhS1SmU-7Z6Y3mrHgr1FFU-6IY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7E85/B2E0E5AE1C3411EAA8E25A5CC4F9AE02/1FDC5014464C11ED81CF4275C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.164.0/23
IPv6:
2001:df0:4480::/48
2400:a7e0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:d4:04:4f:84:70:20:42:c3:98:f5:72:3a:37:15:03:1d:0f:
c7:96:47:4a:a3:e1:db:96:46:80:d9:55:e9:33:2a:de:d9:f8:
d7:e1:b2:ff:51:f9:4a:ab:01:90:fb:6b:7c:47:9d:01:60:34:
38:4b:e4:05:09:ff:e6:7e:37:13:d3:f8:9a:72:95:fc:ab:19:
ee:eb:98:03:b5:2a:64:fc:6f:22:b8:58:87:74:78:25:73:18:
f2:d3:f0:ca:7a:fc:d8:8b:3d:b1:29:c2:14:84:12:31:a5:e4:
87:8a:62:71:65:ea:ac:e6:84:18:15:e5:8e:d4:09:d5:77:38:
19:a2:68:76:f9:1b:ea:03:ae:5b:44:42:95:58:3f:b6:69:0f:
f0:99:8d:8a:01:be:27:fe:82:16:f2:e4:92:89:ed:be:64:fb:
46:7e:3b:66:4a:05:f8:31:5d:12:17:32:00:19:41:63:22:f9:
7a:59:70:e9:7f:2e:54:48:75:60:b7:df:ee:39:d6:83:98:8d:
20:d9:2e:11:33:4a:74:e7:92:da:e1:46:45:3f:7c:6f:a3:58:
f6:24:72:a1:99:f5:cb:56:72:d2:5d:b6:12:3f:76:b2:a2:a4:
5e:2b:d5:33:bb:a9:83:f2:b3:bf:f2:57:98:dc:bf:c6:af:c2:
e6:68:41:ef
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICCggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjdFODUxMTAvBgNVBAUTKDU5Njg1MkQ1Mjk5NEZCQjY3QTYzNzlBQjFFMEFGNTE0
NTUzRUU4ODYwHhcNMjIxMDA3MTYwNzA5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQwNGVhZC1hN2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv+j2AsU+LDqnj3/HxWwf6s+FGCYwvAkJNNEDLCWrn8UxoHar+nX7ac04OWYu
QPQdqxp+CGUrVmp3cG7GpW2kdFk9EgoSXu2zmzX1xO6TASa1a+tTY9Ce6FTwdgRT
kVpr1ptBwcBuykpH2eQQ17VtbezWJGtij5fW+Y8iZL48kInRb5gZR5/9M0v3jsYU
fIdami7lNL+8B9u0LtQBuiI04AezFyjaOya3dn2z0gKKfmo5GdW2CHGOMPX4U9sz
+EbMHQNGJ24K1sykXtfpCgvb+nISY4QHmZ5E3nWgjNbjvjXP7Qzhxm9t3IWqsfoL
P/sPDdbDeQdt5r3Vqm1i1uuc6wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFIdzx/VN
QxP9nTFAq9XIWUoWeSDjMB8GA1UdIwQYMBaAFFloUtUplPu2emN5qx4K9RRVPuiG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGN0U4NS9CMkUwRTVBRTFD
MzQxMUVBQThFMjVBNUNDNEY5QUUwMi9XV2hTMVNtVS03WjZZM21ySGdyMUZGVS02
SVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dXaFMxU21VLTdaNlkzbXJIZ3IxRkZVLTZJWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjdFODUvQjJFMEU1QUUxQzM0MTFFQUE4RTI1QTVDQzRGOUFFMDIvMUZEQzUwMTQ0
NjRDMTFFRDgxQ0Y0Mjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMAwEAgABMAYDBAFniqQwFgQCAAIwEAMHACABDfBEgAMFACQAp+AwDQYJKoZI
hvcNAQELBQADggEBAGzUBE+EcCBCw5j1cjo3FQMdD8eWR0qj4duWRoDZVekzKt7Z
+Nfhsv9R+UqrAZD7a3xHnQFgNDhL5AUJ/+Z+NxPT+JpylfyrGe7rmAO1KmT8byK4
WId0eCVzGPLT8Mp6/NiLPbEpwhSEEjGl5IeKYnFl6qzmhBgV5Y7UCdV3OBmiaHb5
G+oDrltEQpVYP7ZpD/CZjYoBvif+ghby5JKJ7b5k+0Z+O2ZKBfgxXRIXMgAZQWMi
+XpZcOl/LlRIdWC33+451oOYjSDZLhEzSnTnktrhRkU/fG+jWPYkcqGZ9ctWctJd
thI/drKipF4r1TO7qYPys7/yV5jcv8avwuZoQe8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:51 2024 by rpki-client on console-fra.rpki-client.org