Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9140C62/6482C370D42B11ED847A1938C4F9AE02/D45E90FCDF5711ED9A28231AC4F9AE02.roa
File: D45E90FCDF5711ED9A28231AC4F9AE02.roa (raw, json)
Hash identifier: kM2SlsTo4Acvt3n6xeevdKxoz7hV1b6JVmI+01tNjzc=
Subject key identifier: BD:24:97:0F:87:3D:86:2A:3F:FD:0F:6D:50:87:A6:71:1A:D3:4D:E3
Certificate issuer: /CN=A9140C62/serialNumber=48B1E8E3F2BC5429F8C679955D64D2249445E365
Certificate serial: 0A
Authority key identifier: 48:B1:E8:E3:F2:BC:54:29:F8:C6:79:95:5D:64:D2:24:94:45:E3:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLHo4_K8VCn4xnmVXWTSJJRF42U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9140C62/6482C370D42B11ED847A1938C4F9AE02/D45E90FCDF5711ED9A28231AC4F9AE02.roa
Signing time: Thu 20 Apr 2023 08:46:24 +0000
ROA not before: Thu 20 Apr 2023 08:46:24 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 206090
IP address blocks: 103.209.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9140C62/serialNumber=48B1E8E3F2BC5429F8C679955D64D2249445E365
Validity
Not Before: Apr 20 08:46:24 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6440fbe0-2c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:37:f2:c0:22:42:03:b9:88:e2:95:f1:3a:95:
a1:5e:5e:1f:af:7a:76:15:fb:a4:0b:de:85:32:f7:
e5:2e:f1:23:b4:ae:b2:cd:5c:c6:c4:15:98:f5:3a:
78:f7:e1:9b:9e:61:8b:91:87:16:33:df:3c:ee:a9:
91:24:48:b1:bd:a9:07:5b:eb:55:9d:da:b8:c7:bf:
55:b9:cf:62:f5:b8:42:a3:0f:0f:e1:f2:4e:f1:f0:
3f:4f:e9:5c:d9:48:74:54:0c:48:dc:6b:e2:8e:98:
63:c5:a1:e5:ef:56:e0:3e:a0:f8:b9:09:b1:98:c5:
7b:b0:c4:ea:6a:e6:8f:fd:3e:63:2a:3c:60:8b:7a:
23:76:d5:39:8c:a0:d4:44:d6:a4:10:81:4a:5d:5c:
4d:10:c0:1e:2c:e5:68:2d:8e:36:b5:cc:e5:f0:e9:
4e:86:d8:3b:a7:07:e7:4b:13:70:0c:a9:82:f3:a7:
aa:47:d5:4a:f2:a0:c3:f6:92:bc:1c:1c:28:a3:f8:
7a:b9:ea:ba:c4:e7:d6:41:a8:46:cf:c4:b0:67:93:
02:10:20:88:92:ca:f0:66:13:89:c7:51:b6:e7:9a:
cf:d9:cd:35:a0:58:e5:08:f1:c3:8a:4a:34:04:5c:
fe:81:4a:04:1d:56:25:0f:e3:bc:3b:d6:72:1d:d7:
a3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:24:97:0F:87:3D:86:2A:3F:FD:0F:6D:50:87:A6:71:1A:D3:4D:E3
X509v3 Authority Key Identifier:
keyid:48:B1:E8:E3:F2:BC:54:29:F8:C6:79:95:5D:64:D2:24:94:45:E3:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9140C62/6482C370D42B11ED847A1938C4F9AE02/SLHo4_K8VCn4xnmVXWTSJJRF42U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLHo4_K8VCn4xnmVXWTSJJRF42U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140C62/6482C370D42B11ED847A1938C4F9AE02/D45E90FCDF5711ED9A28231AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.209.128.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:8c:d7:fa:ea:fe:e0:0d:0e:a1:20:c0:6d:1a:41:f4:91:a3:
e9:f1:4a:9d:59:88:5a:1a:66:c7:29:d1:84:b2:ee:12:56:3c:
8c:a0:5c:07:fe:87:02:2e:78:4d:d5:e7:b4:c7:af:a8:c4:01:
77:6a:c5:2e:a2:78:4c:c3:b8:f5:87:ed:a4:cd:e5:26:d6:19:
25:6c:31:f4:00:11:2d:28:fc:9e:3a:65:ee:72:d4:db:ad:b3:
a5:1d:6f:c4:ae:4d:c8:da:3d:4c:33:fa:7d:1e:ea:b4:09:11:
18:a6:d1:c8:a8:30:7e:95:55:af:b8:4b:4c:e7:34:e0:c0:1b:
fc:6c:7d:7e:90:54:a8:a5:d9:e2:ec:de:b3:dd:3d:34:90:15:
b0:93:57:42:9b:3d:fa:e5:6d:ff:de:d6:23:c8:72:9c:8c:c3:
82:fa:58:86:c9:00:66:36:cf:12:79:36:88:5e:c7:75:c7:fc:
4a:cf:bb:5a:79:96:05:d0:bd:08:3b:e6:fa:a8:7e:4d:b8:dd:
1d:9e:0e:df:9f:cc:a3:6d:64:27:a9:bf:82:54:66:e3:a9:33:
b7:ae:b1:49:ad:6b:48:84:e9:9e:30:86:d9:e8:94:65:82:f1:
dd:84:5a:0d:0e:90:9b:a9:0f:4e:ab:3f:37:06:64:b0:05:f1:
d5:ff:37:64
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MEM2MjExMC8GA1UEBRMoNDhCMUU4RTNGMkJDNTQyOUY4QzY3OTk1NUQ2NEQyMjQ5
NDQ1RTM2NTAeFw0yMzA0MjAwODQ2MjRaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NDBmYmUwLTJjMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNN/LAIkIDuYjilfE6laFeXh+venYV+6QL3oUy9+Uu8SO0rrLNXMbEFZj1Onj3
4ZueYYuRhxYz3zzuqZEkSLG9qQdb61Wd2rjHv1W5z2L1uEKjDw/h8k7x8D9P6VzZ
SHRUDEjca+KOmGPFoeXvVuA+oPi5CbGYxXuwxOpq5o/9PmMqPGCLeiN21TmMoNRE
1qQQgUpdXE0QwB4s5Wgtjja1zOXw6U6G2DunB+dLE3AMqYLzp6pH1UryoMP2krwc
HCij+Hq56rrE59ZBqEbPxLBnkwIQIIiSyvBmE4nHUbbnms/ZzTWgWOUI8cOKSjQE
XP6BSgQdViUP47w71nId16ORAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUvSSXD4c9
hio//Q9tUIemcRrTTeMwHwYDVR0jBBgwFoAUSLHo4/K8VCn4xnmVXWTSJJRF42Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQwQzYyLzY0ODJDMzcwRDQy
QjExRUQ4NDdBMTkzOEM0RjlBRTAyL1NMSG80X0s4VkNuNHhubVZYV1RTSkpSRjQy
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU0xIbzRfSzhWQ240eG5tVlhXVFNKSlJGNDJVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MEM2Mi82NDgyQzM3MEQ0MkIxMUVEODQ3QTE5MzhDNEY5QUUwMi9ENDVFOTBGQ0RG
NTcxMUVEOUEyODIzMUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGfRgDANBgkqhkiG9w0BAQsFAAOCAQEAi4zX+ur+4A0OoSDA
bRpB9JGj6fFKnVmIWhpmxynRhLLuElY8jKBcB/6HAi54TdXntMevqMQBd2rFLqJ4
TMO49YftpM3lJtYZJWwx9AARLSj8njpl7nLU262zpR1vxK5NyNo9TDP6fR7qtAkR
GKbRyKgwfpVVr7hLTOc04MAb/Gx9fpBUqKXZ4uzes909NJAVsJNXQps9+uVt/97W
I8hynIzDgvpYhskAZjbPEnk2iF7Hdcf8Ss+7WnmWBdC9CDvm+qh+TbjdHZ4O35/M
o21kJ6m/glRm46kzt66xSa1rSITpnjCG2eiUZYLx3YRaDQ6Qm6kPTqs/NwZksAXx
1f83ZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org