Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BDDF/A212768C760B11ED8C6CF24EC4F9AE02/9DDA4866760F11EDBE48EB51C4F9AE02.roa
File: 9DDA4866760F11EDBE48EB51C4F9AE02.roa (raw, json)
Hash identifier: +vPFyV2pu9T65BCOZKqQvv5NeZ0OxNXiAFV85Dmnde0=
Subject key identifier: B9:2B:B8:C7:07:63:F4:13:57:0B:92:E7:3D:0A:56:39:BC:F8:D1:25
Certificate issuer: /CN=A911BDDF/serialNumber=E3E1CCCF83D52CB8A3C987A811E1F807F3393E7F
Certificate serial: 02
Authority key identifier: E3:E1:CC:CF:83:D5:2C:B8:A3:C9:87:A8:11:E1:F8:07:F3:39:3E:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4-HMz4PVLLijyYeoEeH4B_M5Pn8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BDDF/A212768C760B11ED8C6CF24EC4F9AE02/9DDA4866760F11EDBE48EB51C4F9AE02.roa
Signing time: Wed 07 Dec 2022 09:14:56 +0000
ROA not before: Wed 07 Dec 2022 09:14:56 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 150661
IP address blocks: 103.48.162.0/23 maxlen: 23
103.48.162.0/24 maxlen: 24
103.48.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BDDF/serialNumber=E3E1CCCF83D52CB8A3C987A811E1F807F3393E7F
Validity
Not Before: Dec 7 09:14:56 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63905990-6a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:05:90:b7:41:52:8d:a2:40:75:31:58:a0:03:
37:08:dc:72:54:60:b5:30:69:fc:20:d0:e8:cb:a4:
d3:54:c4:75:24:6a:23:6c:74:2f:b6:f3:59:9f:be:
c8:af:24:64:c5:0c:1a:90:a1:d5:a7:54:c7:58:5e:
a6:e3:ee:28:db:1c:48:4c:89:35:50:10:4d:53:6b:
b5:b9:b1:7c:9d:57:09:5e:9c:6f:4f:79:6f:84:42:
67:c1:57:32:ff:70:79:4d:07:03:af:34:e4:54:df:
b9:76:46:68:6b:59:45:d1:92:a8:c8:54:86:ce:b8:
a0:1e:2f:df:7a:ad:0a:cf:0e:e2:a3:6b:ed:cd:d3:
22:84:18:45:bf:18:44:8b:65:22:fa:b1:a8:62:71:
7d:7a:d9:cd:cb:05:c2:df:d3:6c:ba:90:60:5d:9c:
11:bd:76:71:f0:9b:cc:53:05:e4:9a:ed:52:30:87:
80:db:9b:58:07:c3:d2:b3:c2:1b:43:c5:ad:8e:db:
92:47:b4:33:91:f8:8d:90:9d:65:64:2e:b5:ec:c6:
d7:e5:a3:e9:8f:f1:e2:ec:bc:21:61:5e:52:21:de:
34:05:45:59:17:c7:9f:19:bf:ba:f6:55:26:16:68:
26:3f:6d:d2:8f:0e:20:f9:56:5c:ac:68:7b:e1:eb:
28:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2B:B8:C7:07:63:F4:13:57:0B:92:E7:3D:0A:56:39:BC:F8:D1:25
X509v3 Authority Key Identifier:
keyid:E3:E1:CC:CF:83:D5:2C:B8:A3:C9:87:A8:11:E1:F8:07:F3:39:3E:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BDDF/A212768C760B11ED8C6CF24EC4F9AE02/4-HMz4PVLLijyYeoEeH4B_M5Pn8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4-HMz4PVLLijyYeoEeH4B_M5Pn8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BDDF/A212768C760B11ED8C6CF24EC4F9AE02/9DDA4866760F11EDBE48EB51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.162.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:39:96:f9:1c:ac:5d:f0:86:07:2d:45:11:72:2b:fd:a8:77:
82:9b:d1:20:3a:ea:12:07:96:d0:13:e2:34:d9:04:a5:77:46:
26:3b:c5:09:fe:21:a9:e5:99:9d:f5:48:a5:09:88:cb:c2:34:
11:7f:ec:ba:7a:da:f4:5c:38:27:e0:42:a2:08:27:c9:5c:e0:
81:dd:2f:bf:ef:9d:2a:59:e8:a9:0b:3e:e8:d8:4f:1c:a0:20:
26:08:a2:23:4d:ef:4d:5f:37:24:59:bc:c5:32:26:fc:4d:04:
ef:b2:1b:a1:38:4f:24:90:f5:16:c6:66:e7:99:dc:a3:15:b4:
a8:b4:6c:9d:ec:d0:68:60:92:a4:10:e3:fc:93:a4:26:f0:73:
f2:b6:47:c9:6a:6e:3f:73:25:50:2b:61:e5:29:53:0f:b7:a1:
f7:6c:bb:59:91:f2:84:ec:a6:45:54:ee:24:c4:23:51:6f:24:
6b:a7:c6:af:fe:b4:67:3c:d1:13:25:9e:a5:6e:05:25:4e:57:
7c:3a:ae:9a:fe:ff:0b:68:c0:b0:f3:68:c8:9b:a0:26:45:71:
87:c1:7e:73:d0:bd:2f:74:e9:ac:b1:aa:5e:21:7a:e7:af:91:
dc:48:0b:1b:50:25:47:09:15:0c:39:33:ff:fe:9f:1c:4d:19:
bc:56:b6:a5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
QkRERjExMC8GA1UEBRMoRTNFMUNDQ0Y4M0Q1MkNCOEEzQzk4N0E4MTFFMUY4MDdG
MzM5M0U3RjAeFw0yMjEyMDcwOTE0NTZaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTA1OTkwLTZhOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDzBZC3QVKNokB1MVigAzcI3HJUYLUwafwg0OjLpNNUxHUkaiNsdC+281mfvsiv
JGTFDBqQodWnVMdYXqbj7ijbHEhMiTVQEE1Ta7W5sXydVwlenG9PeW+EQmfBVzL/
cHlNBwOvNORU37l2RmhrWUXRkqjIVIbOuKAeL996rQrPDuKja+3N0yKEGEW/GESL
ZSL6sahicX162c3LBcLf02y6kGBdnBG9dnHwm8xTBeSa7VIwh4Dbm1gHw9KzwhtD
xa2O25JHtDOR+I2QnWVkLrXsxtflo+mP8eLsvCFhXlIh3jQFRVkXx58Zv7r2VSYW
aCY/bdKPDiD5VlysaHvh6ygtAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUuSu4xwdj
9BNXC5LnPQpWObz40SUwHwYDVR0jBBgwFoAU4+HMz4PVLLijyYeoEeH4B/M5Pn8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFCRERGL0EyMTI3NjhDNzYw
QjExRUQ4QzZDRjI0RUM0RjlBRTAyLzQtSE16NFBWTExpanlZZW9FZUg0Ql9NNVBu
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNC1ITXo0UFZMTGlqeVllb0VlSDRCX001UG44LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QkRERi9BMjEyNzY4Qzc2MEIxMUVEOEM2Q0YyNEVDNEY5QUUwMi85RERBNDg2Njc2
MEYxMUVEQkU0OEVCNTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcwojANBgkqhkiG9w0BAQsFAAOCAQEAOjmW+RysXfCGBy1F
EXIr/ah3gpvRIDrqEgeW0BPiNNkEpXdGJjvFCf4hqeWZnfVIpQmIy8I0EX/sunra
9Fw4J+BCoggnyVzggd0vv++dKlnoqQs+6NhPHKAgJgiiI03vTV83JFm8xTIm/E0E
77IboThPJJD1FsZm55ncoxW0qLRsnezQaGCSpBDj/JOkJvBz8rZHyWpuP3MlUCth
5SlTD7eh92y7WZHyhOymRVTuJMQjUW8ka6fGr/60ZzzREyWepW4FJU5XfDqumv7/
C2jAsPNoyJugJkVxh8F+c9C9L3TprLGqXiF656+R3EgLG1AlRwkVDDkz//6fHE0Z
vFa2pQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org