Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/333A4504828311EC9A7C1D34C4F9AE02.roa
File: 333A4504828311EC9A7C1D34C4F9AE02.roa (raw, json)
Hash identifier: gzMFKzjVJs5lmgE6DSa2d8S6BWRcrbn2y9npqigEqXw=
Subject key identifier: 1C:F1:DD:0A:B8:4F:10:E5:46:50:92:B8:B3:CF:D8:E1:3C:D9:14:4A
Certificate issuer: /CN=A91409DC/serialNumber=14A6CABC302EC1E3DCE74DE98BF558A042BEAC56
Certificate serial: 047B
Authority key identifier: 14:A6:CA:BC:30:2E:C1:E3:DC:E7:4D:E9:8B:F5:58:A0:42:BE:AC:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FKbKvDAuwePc503pi_VYoEK-rFY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/333A4504828311EC9A7C1D34C4F9AE02.roa
Signing time: Fri 11 Feb 2022 16:46:19 +0000
ROA not before: Fri 11 Feb 2022 16:46:19 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 138917
IP address blocks: 103.137.40.0/24 maxlen: 24
103.143.148.0/24 maxlen: 24
2001:df0:1880::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1147 (0x47b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91409DC/serialNumber=14A6CABC302EC1E3DCE74DE98BF558A042BEAC56
Validity
Not Before: Feb 11 16:46:19 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=620692da-90aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:69:26:69:af:ef:2f:5f:9f:47:30:06:cb:28:
66:1e:be:6c:b1:4f:41:12:4f:1b:e3:eb:1f:4a:7d:
e7:30:57:18:cb:e7:c3:9e:83:22:08:c9:d9:e1:60:
2f:2e:93:4c:17:0b:80:ee:7b:f0:2e:55:af:ae:4c:
03:78:76:ee:85:a5:2b:8a:f3:f3:ac:77:55:4f:19:
91:e7:f8:36:47:63:65:53:98:70:2f:52:ef:a2:15:
23:08:41:a5:9e:73:18:f1:c9:06:86:f1:21:0a:67:
86:e0:b2:4f:3b:98:3a:1f:9d:45:57:ad:2c:45:25:
a2:d5:9d:b2:32:5d:85:61:a7:4f:d0:e6:19:6c:1f:
db:49:9d:66:3e:dc:ff:64:06:29:f0:a4:37:31:75:
05:f3:ca:dc:89:c3:f9:65:53:73:13:48:e9:91:34:
ff:08:b3:86:08:c9:15:b5:17:82:41:39:4d:ff:81:
0d:db:b9:17:5c:b5:81:2e:52:03:f4:7c:09:8d:aa:
1f:bb:8a:d8:87:40:c6:3a:4c:65:05:ad:60:a4:68:
8d:e7:f8:ea:76:ec:e3:6f:40:de:fc:f2:a7:7a:24:
19:70:80:c1:2e:a6:49:53:b3:e7:92:1d:27:bc:4b:
e6:d5:b5:cb:3d:31:40:a9:02:79:0f:d3:25:5c:3e:
36:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F1:DD:0A:B8:4F:10:E5:46:50:92:B8:B3:CF:D8:E1:3C:D9:14:4A
X509v3 Authority Key Identifier:
keyid:14:A6:CA:BC:30:2E:C1:E3:DC:E7:4D:E9:8B:F5:58:A0:42:BE:AC:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/FKbKvDAuwePc503pi_VYoEK-rFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FKbKvDAuwePc503pi_VYoEK-rFY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91409DC/A5BBFAA6093511EAAB10C91FC4F9AE02/333A4504828311EC9A7C1D34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.40.0/24
103.143.148.0/24
IPv6:
2001:df0:1880::/48
Signature Algorithm: sha256WithRSAEncryption
01:f1:32:2b:4f:5c:30:13:a6:7d:f6:86:52:fb:15:4b:38:09:
25:6a:0d:e4:8d:1b:a3:93:4e:f1:24:5b:ee:cc:25:dc:a7:89:
ab:e9:f3:4e:a6:32:41:46:27:b3:45:0f:86:17:4f:cb:b2:9d:
c1:90:03:1a:3c:0c:7f:7b:e9:6f:74:35:36:3c:12:70:9b:36:
10:d0:b3:3f:ce:27:83:2c:a7:62:e4:5b:9b:01:a5:1c:60:e7:
bf:9a:15:d7:6c:32:46:bf:bf:90:79:2e:f1:d0:7a:11:bc:a7:
99:b7:56:d1:3f:e7:36:21:9e:0d:00:8b:b8:c4:56:a6:d1:1c:
4b:38:82:0a:1e:72:8c:74:35:83:52:4c:c1:83:b9:01:8f:75:
d8:9b:91:0f:fc:01:e5:b9:d7:7e:b1:fe:16:c4:67:c0:ec:3f:
45:d0:0c:43:2f:eb:12:5d:88:c7:a1:9b:1a:ab:1f:55:88:dc:
07:2c:74:41:d8:fb:6d:f8:ec:88:79:e5:4e:b1:73:56:23:f7:
38:ea:eb:2a:31:70:56:51:ea:e4:20:61:38:97:9b:d4:08:da:
85:c2:cf:60:13:11:0e:6f:cf:f4:ff:53:db:b9:9a:ea:86:09:
42:4a:b5:bb:4b:fb:e9:22:0f:f4:4e:18:fe:ba:cb:56:e9:3c:
ca:43:55:b8
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA5REMxMTAvBgNVBAUTKDE0QTZDQUJDMzAyRUMxRTNEQ0U3NERFOThCRjU1OEEw
NDJCRUFDNTYwHhcNMjIwMjExMTY0NjE5WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA2OTJkYS05MGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw2kmaa/vL1+fRzAGyyhmHr5ssU9BEk8b4+sfSn3nMFcYy+fDnoMiCMnZ4WAv
LpNMFwuA7nvwLlWvrkwDeHbuhaUrivPzrHdVTxmR5/g2R2NlU5hwL1LvohUjCEGl
nnMY8ckGhvEhCmeG4LJPO5g6H51FV60sRSWi1Z2yMl2FYadP0OYZbB/bSZ1mPtz/
ZAYp8KQ3MXUF88rcicP5ZVNzE0jpkTT/CLOGCMkVtReCQTlN/4EN27kXXLWBLlID
9HwJjaofu4rYh0DGOkxlBa1gpGiN5/jqduzjb0De/PKneiQZcIDBLqZJU7Pnkh0n
vEvm1bXLPTFAqQJ5D9MlXD42cwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFBzx3Qq4
TxDlRlCSuLPP2OE82RRKMB8GA1UdIwQYMBaAFBSmyrwwLsHj3OdN6Yv1WKBCvqxW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDlEQy9BNUJCRkFBNjA5
MzUxMUVBQUIxMEM5MUZDNEY5QUUwMi9GS2JLdkRBdXdlUGM1MDNwaV9WWW9FSy1y
RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZLYkt2REF1d2VQYzUwM3BpX1ZZb0VLLXJGWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA5REMvQTVCQkZBQTYwOTM1MTFFQUFCMTBDOTFGQzRGOUFFMDIvMzMzQTQ1MDQ4
MjgzMTFFQzlBN0MxRDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABniSgDBABnj5QwDwQCAAIwCQMHACABDfAYgDANBgkqhkiG
9w0BAQsFAAOCAQEAAfEyK09cMBOmffaGUvsVSzgJJWoN5I0bo5NO8SRb7swl3KeJ
q+nzTqYyQUYns0UPhhdPy7KdwZADGjwMf3vpb3Q1NjwScJs2ENCzP84ngyynYuRb
mwGlHGDnv5oV12wyRr+/kHku8dB6EbynmbdW0T/nNiGeDQCLuMRWptEcSziCCh5y
jHQ1g1JMwYO5AY912JuRD/wB5bnXfrH+FsRnwOw/RdAMQy/rEl2Ix6GbGqsfVYjc
Byx0Qdj7bfjsiHnlTrFzViP3OOrrKjFwVlHq5CBhOJeb1AjahcLPYBMRDm/P9P9T
27ma6oYJQkq1u0v76SIP9E4Y/rrLVuk8ykNVuA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-ams.rpki-client.org