Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3F0CABF610E011EDA2C04A09C4F9AE02.roa
File: 3F0CABF610E011EDA2C04A09C4F9AE02.roa (raw, json)
Hash identifier: VP9lTflIqFf1ECrKioZmOp8CW+bxNloosh00L1q3rRU=
Subject key identifier: 12:3B:40:D8:ED:AF:22:08:34:72:8B:89:ED:BA:D5:CB:5D:72:C5:18
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 03D0
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3F0CABF610E011EDA2C04A09C4F9AE02.roa
Signing time: Tue 11 Oct 2022 02:32:47 +0000
ROA not before: Tue 11 Oct 2022 02:32:47 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 203786
IP address blocks: 103.228.66.0/23 maxlen: 23
103.228.66.0/24 maxlen: 24
103.228.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 976 (0x3d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Oct 11 02:32:47 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6344d5cf-6dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:50:ba:86:ca:59:7d:06:82:f6:f2:6f:3d:e1:
5f:8d:9d:77:02:8e:32:a7:84:97:8b:bf:73:ee:39:
0d:82:51:8e:c5:73:fb:82:8d:2f:c4:8a:89:df:f6:
e7:60:c2:74:52:f7:86:1e:46:d4:78:48:8e:c2:46:
d5:e6:c6:6b:9f:5c:8c:f3:a6:a0:a0:c5:2d:2f:e8:
e8:19:03:b5:61:91:cf:a7:7b:f6:04:89:c0:f3:c8:
95:31:72:37:d4:b0:1e:6a:75:1a:73:9f:0c:85:a5:
8c:ac:99:0f:d9:10:74:40:a8:ff:49:25:34:0b:7b:
7e:57:3b:34:b2:f1:8e:5f:dd:da:8a:12:c5:32:3b:
94:2f:f2:17:bc:2b:fd:ca:9b:3a:de:1a:16:22:ee:
46:da:08:3a:01:98:3d:c4:5c:56:a5:70:1f:1c:e4:
42:3d:cf:6e:22:0a:c7:c0:27:0f:6c:cf:c5:28:2c:
d1:48:18:de:c4:b4:de:64:0c:ba:e7:e6:02:2b:45:
56:1d:a5:a1:5c:bf:16:36:68:c9:8c:6f:9a:67:8d:
f4:f4:29:25:82:2c:db:dc:70:33:cc:40:4e:41:a8:
4a:af:42:39:ac:ff:0a:2d:57:0e:f9:74:c8:75:ec:
54:06:19:96:39:cd:7b:05:fb:c6:ed:90:99:0f:66:
da:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:3B:40:D8:ED:AF:22:08:34:72:8B:89:ED:BA:D5:CB:5D:72:C5:18
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/3F0CABF610E011EDA2C04A09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.228.66.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:0d:8d:b2:8e:15:71:de:f2:4f:c7:4d:dd:48:2a:9a:27:75:
12:db:e2:d6:48:1a:4f:b9:e1:4f:24:d7:b7:a3:92:9d:19:92:
7b:fc:cc:66:be:8f:f6:75:da:63:4b:d7:13:4c:45:e8:e5:78:
77:19:07:d4:5a:f7:bc:78:25:83:72:7e:1f:17:cb:d1:d9:eb:
41:ae:74:63:a2:a3:95:6b:6f:b0:93:e9:02:34:9d:79:4e:4c:
85:56:ec:2c:9a:c3:e7:2d:11:5d:08:db:00:3b:0c:38:b7:c3:
38:0b:5b:ba:4d:67:21:cf:fc:4d:ee:7f:cb:11:db:fe:28:62:
37:f4:d9:ae:f7:d7:be:3b:7b:83:8c:17:b7:38:06:67:85:95:
01:82:61:d9:76:ba:87:db:01:86:71:46:ce:ed:5b:00:bb:58:
d8:31:49:ba:11:79:a2:1d:c1:7e:d2:d1:7a:d0:fa:fe:a6:90:
4c:4a:16:48:1d:7a:c1:48:00:c9:20:80:0d:5e:e7:51:4d:30:
14:9a:69:37:b9:06:9c:f2:05:21:95:12:94:cd:7a:f6:61:c7:
8c:e6:8a:b3:64:a8:e7:4b:50:4e:43:a4:9f:b6:af:9a:19:eb:
e5:ce:5c:af:8f:1e:5e:1e:9c:cb:71:05:62:e3:9c:76:91:96:
ee:8a:92:03
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjIxMDExMDIzMjQ3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ0ZDVjZi02ZGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9FC6hspZfQaC9vJvPeFfjZ13Ao4yp4SXi79z7jkNglGOxXP7go0vxIqJ3/bn
YMJ0UveGHkbUeEiOwkbV5sZrn1yM86agoMUtL+joGQO1YZHPp3v2BInA88iVMXI3
1LAeanUac58MhaWMrJkP2RB0QKj/SSU0C3t+Vzs0svGOX93aihLFMjuUL/IXvCv9
yps63hoWIu5G2gg6AZg9xFxWpXAfHORCPc9uIgrHwCcPbM/FKCzRSBjexLTeZAy6
5+YCK0VWHaWhXL8WNmjJjG+aZ4309Cklgizb3HAzzEBOQahKr0I5rP8KLVcO+XTI
dexUBhmWOc17BfvG7ZCZD2ba3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFBI7QNjt
ryIINHKLie261ctdcsUYMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvM0YwQ0FCRjYx
MEUwMTFFREEyQzA0QTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn5EIwDQYJKoZIhvcNAQELBQADggEBAHoNjbKOFXHe8k/H
Td1IKpondRLb4tZIGk+54U8k17ejkp0Zknv8zGa+j/Z12mNL1xNMRejleHcZB9Ra
97x4JYNyfh8Xy9HZ60GudGOio5Vrb7CT6QI0nXlOTIVW7Cyaw+ctEV0I2wA7DDi3
wzgLW7pNZyHP/E3uf8sR2/4oYjf02a731747e4OMF7c4BmeFlQGCYdl2uofbAYZx
Rs7tWwC7WNgxSboReaIdwX7S0XrQ+v6mkExKFkgdesFIAMkggA1e51FNMBSaaTe5
BpzyBSGVEpTNevZhx4zmirNkqOdLUE5DpJ+2r5oZ6+XOXK+PHl4enMtxBWLjnHaR
lu6KkgM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org