Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/8A046AC6F65711EB8988A924C4F9AE02.roa
File: 8A046AC6F65711EB8988A924C4F9AE02.roa (raw, json)
Hash identifier: L60Dy1jLG9qhuEIZAiBNfeOVfOpjwqdNlcYye1tZN0I=
Subject key identifier: EA:E6:6B:4A:39:51:82:CF:3F:1B:96:F0:95:95:8B:4F:A4:09:BF:97
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0310
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/8A046AC6F65711EB8988A924C4F9AE02.roa
Signing time: Thu 01 Sep 2022 15:02:09 +0000
ROA not before: Thu 01 Sep 2022 15:02:09 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 42960
IP address blocks: 103.171.34.0/23 maxlen: 23
103.171.34.0/24 maxlen: 24
103.171.35.0/24 maxlen: 24
2001:df7:3480::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 784 (0x310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 1 15:02:09 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6310c970-f6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:c8:e9:48:e9:0b:58:3d:98:d2:5e:6f:81:
23:4c:51:bd:b6:67:04:ae:77:95:18:85:14:85:3b:
2c:e7:7a:8e:fb:07:ce:66:56:c1:12:9a:1f:9e:f3:
1f:ca:13:83:36:10:84:e9:a7:39:a8:64:dd:b1:5d:
af:94:00:1c:29:d0:bf:30:86:9c:a5:86:c3:6b:fd:
c2:86:b9:63:e7:3d:5b:6d:8e:47:b5:d9:cf:33:5e:
9d:33:a5:68:a8:95:d7:8d:2b:b4:54:d7:03:d5:dc:
14:aa:b6:f0:d0:37:60:0a:d0:1e:34:f9:30:07:0f:
86:41:79:e3:ba:d8:9b:ba:46:0f:c8:3a:26:55:c1:
b7:e0:f3:00:5b:3b:d6:24:63:9e:3b:44:fe:86:5a:
91:6e:51:5b:f2:6b:41:35:55:ca:06:2c:83:bd:fe:
ea:7d:ec:20:94:7b:68:dc:6e:22:a3:7e:a6:25:07:
7c:ef:fa:22:ee:1a:16:3c:a9:78:93:5c:98:43:86:
0b:5e:af:e9:8b:ce:68:71:1d:4d:bc:84:b3:bc:60:
67:1b:8f:05:ff:30:76:f7:84:b5:71:47:41:ba:ca:
37:56:6a:a8:9c:7c:54:91:56:29:9e:77:e6:3d:df:
25:a2:8e:b0:fa:32:64:71:16:c3:16:39:f8:cf:1c:
5f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:E6:6B:4A:39:51:82:CF:3F:1B:96:F0:95:95:8B:4F:A4:09:BF:97
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/8A046AC6F65711EB8988A924C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.34.0/23
IPv6:
2001:df7:3480::/48
Signature Algorithm: sha256WithRSAEncryption
33:c3:fa:60:f8:f5:b5:59:a5:3a:b3:c4:e2:e6:7a:8f:cf:92:
b3:1d:01:5f:7d:77:92:8d:e8:22:3f:8b:7b:97:8b:88:bd:9e:
a4:27:bf:16:26:c1:d4:e2:32:69:9a:29:c9:ad:c1:dc:f6:3c:
98:f9:06:dc:03:ca:40:0c:43:44:80:9c:55:8c:1e:d1:b9:54:
e1:db:e3:8f:fb:0d:cf:da:05:a4:d4:2e:de:63:cc:cf:60:06:
61:79:4f:37:cc:61:11:e2:38:71:8d:1f:ed:9c:a0:c8:16:d3:
9a:13:cc:fa:30:21:b2:6d:ab:8a:5f:44:1d:c2:24:bd:75:49:
fa:49:65:67:4d:22:a0:06:e1:55:f4:83:b5:9c:60:9b:8d:a5:
e0:6f:c3:02:6d:f0:6b:5d:11:a5:73:4b:f2:8b:b0:87:99:8a:
76:48:63:a1:dd:d8:87:46:25:fb:78:68:29:24:78:71:6f:6d:
c9:d7:77:34:0d:18:e3:70:b8:21:ff:84:83:62:84:2e:f4:16:
d1:7c:e7:c6:f4:8e:75:39:f9:72:f1:81:bb:a4:d7:f8:28:26:
ea:e2:8a:04:e6:46:c7:2d:74:aa:c1:6f:0e:7f:be:e2:8c:22:
bf:40:e5:ba:1f:8d:2d:af:a4:2e:b3:a5:c0:ee:84:3d:9b:67:
e6:16:52:46
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAxAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjIwOTAxMTUwMjA5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzEwYzk3MC1mNmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwS/I6UjpC1g9mNJeb4EjTFG9tmcErneVGIUUhTss53qO+wfOZlbBEpofnvMf
yhODNhCE6ac5qGTdsV2vlAAcKdC/MIacpYbDa/3Chrlj5z1bbY5HtdnPM16dM6Vo
qJXXjSu0VNcD1dwUqrbw0DdgCtAeNPkwBw+GQXnjutibukYPyDomVcG34PMAWzvW
JGOeO0T+hlqRblFb8mtBNVXKBiyDvf7qfewglHto3G4io36mJQd87/oi7hoWPKl4
k1yYQ4YLXq/pi85ocR1NvISzvGBnG48F/zB294S1cUdBuso3VmqonHxUkVYpnnfm
Pd8loo6w+jJkcRbDFjn4zxxfSQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOrma0o5
UYLPPxuW8JWVi0+kCb+XMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvOEEwNDZBQzZG
NjU3MTFFQjg5ODhBOTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnqyIwDwQCAAIwCQMHACABDfc0gDANBgkqhkiG9w0BAQsF
AAOCAQEAM8P6YPj1tVmlOrPE4uZ6j8+Ssx0BX313ko3oIj+Le5eLiL2epCe/FibB
1OIyaZopya3B3PY8mPkG3APKQAxDRICcVYwe0blU4dvjj/sNz9oFpNQu3mPMz2AG
YXlPN8xhEeI4cY0f7ZygyBbTmhPM+jAhsm2ril9EHcIkvXVJ+kllZ00ioAbhVfSD
tZxgm42l4G/DAm3wa10RpXNL8ouwh5mKdkhjod3Yh0Yl+3hoKSR4cW9tydd3NA0Y
43C4If+Eg2KELvQW0XznxvSOdTn5cvGBu6TX+Cgm6uKKBOZGxy10qsFvDn++4owi
v0Dluh+NLa+kLrOlwO6EPZtn5hZSRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org