Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913E23F/C64CAAA43E5211EDAAD4B64FC4F9AE02/1896C6603E5711ED9C4B8E49C4F9AE02.roa
File: 1896C6603E5711ED9C4B8E49C4F9AE02.roa (raw, json)
Hash identifier: Gidx8XVmUcKomg2KuA3tygjrqMVHinRVCEr8tgJCaIE=
Subject key identifier: 64:2A:F5:78:01:88:CF:C5:53:3E:9C:C4:7A:24:6E:80:8B:8F:4D:FD
Certificate issuer: /CN=A913E23F/serialNumber=020B606DD9E8898A7D5DF5EA1CA3D996028E75D9
Certificate serial: 02
Authority key identifier: 02:0B:60:6D:D9:E8:89:8A:7D:5D:F5:EA:1C:A3:D9:96:02:8E:75:D9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AgtgbdnoiYp9XfXqHKPZlgKOddk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913E23F/C64CAAA43E5211EDAAD4B64FC4F9AE02/1896C6603E5711ED9C4B8E49C4F9AE02.roa
Signing time: Tue 27 Sep 2022 11:25:32 +0000
ROA not before: Tue 27 Sep 2022 11:25:32 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 136141
IP address blocks: 103.13.192.0/24 maxlen: 24
103.13.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913E23F/serialNumber=020B606DD9E8898A7D5DF5EA1CA3D996028E75D9
Validity
Not Before: Sep 27 11:25:32 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6332ddab-6c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1d:17:3e:73:ad:c9:93:e6:75:3f:07:28:9e:
5b:8a:7a:82:d8:0f:6d:51:89:a7:fa:6d:f8:58:42:
16:e1:7a:9a:bf:4a:31:29:f7:4a:d0:4a:aa:ab:4d:
2f:d9:7f:1e:91:6a:c9:72:c7:8e:0c:b9:60:6c:1f:
44:23:ac:d2:98:77:6f:03:11:ed:c0:60:f0:02:b8:
88:ae:b8:94:0a:e3:41:43:18:70:6d:dc:d9:30:96:
a9:4b:cd:ed:a4:91:33:9c:7d:78:4a:d3:d4:f0:61:
62:d8:1b:cc:22:40:e0:28:32:01:6b:d1:b1:c0:13:
6b:10:12:2c:d2:2c:c1:bd:6d:da:b2:ea:5e:11:05:
54:8e:ea:5f:19:20:4a:56:c5:99:fc:bf:c7:52:43:
72:ee:21:fe:62:97:0f:39:19:97:06:0e:cf:1b:71:
57:1c:7b:8c:6a:84:ce:63:c9:e2:18:28:f0:58:3b:
b7:76:79:39:c0:9d:e0:b4:9d:a0:91:40:5c:12:d5:
7d:87:90:63:6d:86:31:aa:a0:80:43:72:55:3a:5b:
10:98:a1:4c:60:d6:7d:15:49:ac:4b:2f:d8:d1:42:
65:03:c0:ba:37:86:2b:f0:a7:97:98:e6:fe:64:9d:
2b:30:47:41:cc:ba:85:11:89:68:41:b5:ed:cb:4d:
84:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2A:F5:78:01:88:CF:C5:53:3E:9C:C4:7A:24:6E:80:8B:8F:4D:FD
X509v3 Authority Key Identifier:
keyid:02:0B:60:6D:D9:E8:89:8A:7D:5D:F5:EA:1C:A3:D9:96:02:8E:75:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913E23F/C64CAAA43E5211EDAAD4B64FC4F9AE02/AgtgbdnoiYp9XfXqHKPZlgKOddk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AgtgbdnoiYp9XfXqHKPZlgKOddk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E23F/C64CAAA43E5211EDAAD4B64FC4F9AE02/1896C6603E5711ED9C4B8E49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.13.192.0/23
Signature Algorithm: sha256WithRSAEncryption
26:9e:e8:31:ac:48:5c:e7:ba:7e:a9:88:57:e8:54:cb:76:0b:
88:70:bd:5e:32:ba:92:4d:92:20:e3:c6:30:6f:77:70:21:eb:
8c:b2:94:1b:f1:08:29:aa:d3:94:e8:29:01:60:0e:c0:9a:bd:
77:88:92:0e:cb:80:04:f8:06:f3:07:b9:61:36:fa:3f:66:6b:
67:f8:ab:e8:08:57:62:44:f6:ed:34:3e:47:c5:7f:2d:51:07:
de:de:e2:ee:1b:38:32:d0:b2:bf:b0:c1:18:b0:91:47:c4:1a:
4a:77:35:cd:67:5e:0e:ba:d8:ac:8e:7c:2f:46:84:91:c0:6e:
d4:e7:ca:66:38:dc:f8:a6:d9:78:c2:96:60:14:2a:91:c6:31:
77:30:da:e5:df:e3:8e:86:9a:93:d0:22:c9:7f:19:b7:c6:85:
af:41:f9:5b:2a:80:a0:bd:0d:10:05:9b:bf:b3:90:2b:29:e7:
f1:17:11:54:b0:f2:57:73:d1:6f:1b:3b:60:33:47:d5:b2:d7:
60:a8:a5:f3:8d:dd:f6:c0:d9:d1:3d:a7:de:3f:15:6e:c9:85:
89:c7:d7:cf:7b:f3:15:d7:d9:df:a2:76:9b:28:e6:3f:e1:ac:
c0:5d:71:fa:33:3b:64:f3:73:29:68:cd:6f:d1:01:1e:f7:bc:
ec:47:cc:91
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
RTIzRjExMC8GA1UEBRMoMDIwQjYwNkREOUU4ODk4QTdENURGNUVBMUNBM0Q5OTYw
MjhFNzVEOTAeFw0yMjA5MjcxMTI1MzJaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMzJkZGFiLTZjNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvHRc+c63Jk+Z1PwconluKeoLYD21Riaf6bfhYQhbhepq/SjEp90rQSqqrTS/Z
fx6Raslyx44MuWBsH0QjrNKYd28DEe3AYPACuIiuuJQK40FDGHBt3NkwlqlLze2k
kTOcfXhK09TwYWLYG8wiQOAoMgFr0bHAE2sQEizSLMG9bdqy6l4RBVSO6l8ZIEpW
xZn8v8dSQ3LuIf5ilw85GZcGDs8bcVcce4xqhM5jyeIYKPBYO7d2eTnAneC0naCR
QFwS1X2HkGNthjGqoIBDclU6WxCYoUxg1n0VSaxLL9jRQmUDwLo3hivwp5eY5v5k
nSswR0HMuoURiWhBte3LTYT7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZCr1eAGI
z8VTPpzEeiRugIuPTf0wHwYDVR0jBBgwFoAUAgtgbdnoiYp9XfXqHKPZlgKOddkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNFMjNGL0M2NENBQUE0M0U1
MjExRURBQUQ0QjY0RkM0RjlBRTAyL0FndGdiZG5vaVlwOVhmWHFIS1BabGdLT2Rk
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQWd0Z2Jkbm9pWXA5WGZYcUhLUFpsZ0tPZGRrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
RTIzRi9DNjRDQUFBNDNFNTIxMUVEQUFENEI2NEZDNEY5QUUwMi8xODk2QzY2MDNF
NTcxMUVEOUM0QjhFNDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcNwDANBgkqhkiG9w0BAQsFAAOCAQEAJp7oMaxIXOe6fqmI
V+hUy3YLiHC9XjK6kk2SIOPGMG93cCHrjLKUG/EIKarTlOgpAWAOwJq9d4iSDsuA
BPgG8we5YTb6P2ZrZ/ir6AhXYkT27TQ+R8V/LVEH3t7i7hs4MtCyv7DBGLCRR8Qa
Snc1zWdeDrrYrI58L0aEkcBu1OfKZjjc+KbZeMKWYBQqkcYxdzDa5d/jjoaak9Ai
yX8Zt8aFr0H5WyqAoL0NEAWbv7OQKynn8RcRVLDyV3PRbxs7YDNH1bLXYKil843d
9sDZ0T2n3j8VbsmFicfXz3vzFdfZ36J2myjmP+GswF1x+jM7ZPNzKWjNb9EBHve8
7EfMkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org