Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136592/D91531B6FEC811ECA7CD9369C4F9AE02/3266B17E04DF11ED8F71CB2BC4F9AE02.roa
File: 3266B17E04DF11ED8F71CB2BC4F9AE02.roa (raw, json)
Hash identifier: 8NLl5lZdTfBf2oM2njIv2P5FSheRgIPtHPQqrXu6FaU=
Subject key identifier: 6D:8D:05:3C:1E:26:C8:DC:F9:5B:BB:95:91:D0:7B:6C:CF:26:44:26
Certificate issuer: /CN=A9136592/serialNumber=8ECF9FAE43F7D1CD6E1202834C0F41ACC1BE1C38
Certificate serial: 18
Authority key identifier: 8E:CF:9F:AE:43:F7:D1:CD:6E:12:02:83:4C:0F:41:AC:C1:BE:1C:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/js-frkP30c1uEgKDTA9BrMG-HDg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136592/D91531B6FEC811ECA7CD9369C4F9AE02/3266B17E04DF11ED8F71CB2BC4F9AE02.roa
Signing time: Mon 18 Jul 2022 07:54:31 +0000
ROA not before: Mon 18 Jul 2022 07:54:31 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 133542
IP address blocks: 103.190.228.0/23 maxlen: 23
103.190.228.0/24 maxlen: 24
103.190.229.0/24 maxlen: 24
2001:df0:f340::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136592/serialNumber=8ECF9FAE43F7D1CD6E1202834C0F41ACC1BE1C38
Validity
Not Before: Jul 18 07:54:31 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62d511b7-35ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1c:ef:10:4b:a2:0f:8f:9b:01:8b:1b:b3:94:
5a:80:4b:4c:af:42:58:32:a2:00:35:c6:70:f6:b1:
a5:ef:62:e5:c0:c9:3d:4f:6c:17:52:f1:45:e5:be:
0d:fa:78:28:69:f2:c6:38:ca:df:60:bb:29:23:01:
43:7b:6b:a4:22:b9:b8:6d:85:8e:6c:bb:4e:6f:cf:
16:59:b3:20:33:74:9a:0d:91:24:d5:37:2b:86:bf:
f8:14:e2:31:59:f3:83:d2:e2:2e:df:47:cb:8a:63:
f4:43:dd:cd:6d:24:4c:eb:d7:ed:4d:0c:c4:80:51:
8e:3b:5a:4c:77:57:dd:37:db:5b:a0:91:a3:2f:3e:
f7:12:cc:5a:5f:c2:7c:6d:dc:83:d9:6f:cd:f7:6c:
fe:b5:3b:e9:af:63:a0:33:d1:1c:9c:88:02:b8:39:
6c:ae:b9:c4:2c:81:dc:d5:e3:69:9a:ab:55:7a:4b:
a1:ef:66:03:c0:34:c2:93:b5:b3:b2:df:fc:74:41:
b7:5e:54:a7:3d:54:57:e6:75:81:f7:e0:ef:1f:b6:
54:87:d6:27:d4:6f:70:de:5b:73:f7:5e:0d:34:86:
20:ea:32:86:ca:c4:84:64:09:a0:e1:ce:e8:01:fa:
d4:09:b4:14:64:ea:56:4f:42:62:ea:f5:0c:3d:d8:
cc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8D:05:3C:1E:26:C8:DC:F9:5B:BB:95:91:D0:7B:6C:CF:26:44:26
X509v3 Authority Key Identifier:
keyid:8E:CF:9F:AE:43:F7:D1:CD:6E:12:02:83:4C:0F:41:AC:C1:BE:1C:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136592/D91531B6FEC811ECA7CD9369C4F9AE02/js-frkP30c1uEgKDTA9BrMG-HDg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/js-frkP30c1uEgKDTA9BrMG-HDg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136592/D91531B6FEC811ECA7CD9369C4F9AE02/3266B17E04DF11ED8F71CB2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.190.228.0/23
IPv6:
2001:df0:f340::/48
Signature Algorithm: sha256WithRSAEncryption
2b:e5:4e:e2:aa:b2:d7:47:12:09:ea:89:69:ad:6c:4d:06:bf:
e1:11:06:d1:72:f0:99:ad:fd:ee:c6:4c:d5:72:19:80:49:f8:
69:d3:c8:c8:d6:8b:cb:09:67:f3:6e:39:1a:52:30:26:27:28:
9d:c7:49:f4:f4:d5:5e:7e:b4:ba:15:7a:6a:ef:6e:8d:42:16:
11:28:2f:ca:73:c9:5c:16:e3:3d:da:f8:db:c8:0e:45:a4:64:
7c:5f:14:95:3a:fd:f4:ea:56:26:1a:47:9a:ad:3a:89:d3:60:
1b:5d:d6:58:23:8c:67:39:b4:fa:ba:d5:e8:74:77:98:11:5a:
62:79:3e:b5:cc:f2:9e:d4:8a:b3:d0:b0:1e:b9:c8:e1:43:0c:
6f:99:53:f0:31:27:cf:48:a3:5f:64:d8:58:e2:09:9c:b5:34:
ba:54:b4:5f:21:0c:4d:3a:f3:80:3b:67:00:e4:da:a7:e9:65:
ab:ea:36:5b:f8:0e:c0:e3:54:2e:f1:4d:bb:39:17:4a:9f:74:
9c:9e:ef:7b:01:e3:fe:40:6b:5d:55:e1:e1:3d:72:81:78:30:
66:07:a6:5d:a8:26:ea:21:c3:de:ce:65:d0:17:17:97:9a:26:
76:87:6f:5d:f4:2d:47:93:18:63:e1:24:89:e2:b6:c8:f2:4b:
d0:39:6c:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
NjU5MjExMC8GA1UEBRMoOEVDRjlGQUU0M0Y3RDFDRDZFMTIwMjgzNEMwRjQxQUND
MUJFMUMzODAeFw0yMjA3MTgwNzU0MzFaFw0yMzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZDUxMWI3LTM1Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzHO8QS6IPj5sBixuzlFqAS0yvQlgyogA1xnD2saXvYuXAyT1PbBdS8UXlvg36
eChp8sY4yt9guykjAUN7a6QiubhthY5su05vzxZZsyAzdJoNkSTVNyuGv/gU4jFZ
84PS4i7fR8uKY/RD3c1tJEzr1+1NDMSAUY47Wkx3V90321ugkaMvPvcSzFpfwnxt
3IPZb833bP61O+mvY6Az0RyciAK4OWyuucQsgdzV42maq1V6S6HvZgPANMKTtbOy
3/x0QbdeVKc9VFfmdYH34O8ftlSH1ifUb3DeW3P3Xg00hiDqMobKxIRkCaDhzugB
+tQJtBRk6lZPQmLq9Qw92MwJAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUbY0FPB4m
yNz5W7uVkdB7bM8mRCYwHwYDVR0jBBgwFoAUjs+frkP30c1uEgKDTA9BrMG+HDgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2NTkyL0Q5MTUzMUI2RkVD
ODExRUNBN0NEOTM2OUM0RjlBRTAyL2pzLWZya1AzMGMxdUVnS0RUQTlCck1HLUhE
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvanMtZnJrUDMwYzF1RWdLRFRBOUJyTUctSERnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
NjU5Mi9EOTE1MzFCNkZFQzgxMUVDQTdDRDkzNjlDNEY5QUUwMi8zMjY2QjE3RTA0
REYxMUVEOEY3MUNCMkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWe+5DAPBAIAAjAJAwcAIAEN8PNAMA0GCSqGSIb3DQEBCwUA
A4IBAQAr5U7iqrLXRxIJ6olprWxNBr/hEQbRcvCZrf3uxkzVchmASfhp08jI1ovL
CWfzbjkaUjAmJyidx0n09NVefrS6FXpq726NQhYRKC/Kc8lcFuM92vjbyA5FpGR8
XxSVOv306lYmGkearTqJ02AbXdZYI4xnObT6utXodHeYEVpieT61zPKe1Iqz0LAe
ucjhQwxvmVPwMSfPSKNfZNhY4gmctTS6VLRfIQxNOvOAO2cA5Nqn6WWr6jZb+A7A
41Qu8U27ORdKn3Scnu97AeP+QGtdVeHhPXKBeDBmB6ZdqCbqIcPezmXQFxeXmiZ2
h29d9C1Hkxhj4SSJ4rbI8kvQOWyY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org