Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/F9751A48212811EDA2397348C4F9AE02.roa
File: F9751A48212811EDA2397348C4F9AE02.roa (raw, json)
Hash identifier: WtlaO8Ck6yxMRZT70+wG8mP6LlAdN+SBk8fc2djI4bA=
Subject key identifier: 8F:5E:93:BB:17:45:F4:00:4C:2C:22:5B:75:DF:7C:77:93:26:3A:CF
Certificate issuer: /CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Certificate serial: 23DA
Authority key identifier: 9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/F9751A48212811EDA2397348C4F9AE02.roa
Signing time: Sun 21 Aug 2022 08:12:19 +0000
ROA not before: Sun 21 Aug 2022 08:12:19 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 133439
IP address blocks: 103.228.201.0/24 maxlen: 24
150.107.50.0/24 maxlen: 24
2001:df4:3800::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9178 (0x23da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143DB0/serialNumber=9BC7651AC4BABF8C4478534FADA610ACDA746BD4
Validity
Not Before: Aug 21 08:12:19 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=6301e8e2-3ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:00:a9:68:32:58:23:f2:d9:94:06:a4:16:97:
0c:37:ca:6a:48:81:86:2e:82:73:ac:1e:29:c2:f3:
ec:80:4c:7b:94:75:59:6e:39:00:95:dd:48:93:b9:
f4:56:0d:15:1c:3b:53:c1:37:9c:fe:db:01:0d:c6:
18:5a:f2:49:ae:af:87:bf:77:28:b8:e0:18:df:8e:
c7:ed:8b:89:60:03:e8:40:05:3a:81:d2:95:22:8e:
91:bc:1b:7b:71:b0:c9:17:a2:16:0e:b0:3a:c9:d4:
9e:14:a1:e3:8b:6a:d7:01:a1:2d:f3:22:bb:d4:6e:
95:b5:d2:cf:d8:43:2d:e7:9c:8f:d6:ac:c7:d3:66:
a7:75:c8:c3:93:03:78:f3:47:98:e9:67:5f:3c:d5:
08:8d:78:37:c8:4e:88:f7:a7:53:dd:fd:8e:a1:c0:
ee:74:0d:37:0e:41:78:3c:8c:ea:a6:a5:4f:a1:eb:
05:9d:cd:59:de:78:3c:54:e4:d6:b0:48:76:81:e9:
a4:8b:0c:e3:d2:d5:34:8f:41:75:73:43:d8:77:cc:
7a:48:7b:03:97:38:5b:9c:80:68:00:96:8d:90:33:
96:a5:3f:4f:a0:19:f5:98:f3:24:f4:2d:c0:85:61:
e8:4a:12:e5:71:9a:6f:4c:70:8b:d8:aa:0e:d1:2a:
22:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:5E:93:BB:17:45:F4:00:4C:2C:22:5B:75:DF:7C:77:93:26:3A:CF
X509v3 Authority Key Identifier:
keyid:9B:C7:65:1A:C4:BA:BF:8C:44:78:53:4F:AD:A6:10:AC:DA:74:6B:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/m8dlGsS6v4xEeFNPraYQrNp0a9Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8dlGsS6v4xEeFNPraYQrNp0a9Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DB0/B895AF74051511E58D49AE42C4F9AE02/F9751A48212811EDA2397348C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.228.201.0/24
150.107.50.0/24
IPv6:
2001:df4:3800::/48
Signature Algorithm: sha256WithRSAEncryption
81:45:34:0d:45:33:24:0f:c9:2f:b8:10:5b:10:64:7d:13:66:
c8:06:5d:a1:e3:d4:09:9e:da:9a:6c:2d:61:36:aa:be:e6:5c:
21:f1:cd:4b:68:31:62:36:29:20:5c:2d:bd:0e:c2:71:24:b4:
a8:51:12:a5:2b:02:57:c8:8c:61:c7:5c:3d:c1:9f:7c:4b:0a:
d6:92:62:e4:36:80:06:4b:d9:9b:cd:a9:56:a9:4a:af:09:3d:
e9:51:00:3f:42:24:b4:e4:eb:54:15:af:6e:77:5c:56:45:4a:
7e:26:cf:61:6b:74:1b:45:00:81:ed:6f:53:03:92:56:81:5b:
9b:d8:05:97:b4:f3:81:8c:84:f2:b8:3f:40:be:d9:76:d1:fc:
3f:ad:cd:c0:b8:ba:af:05:ec:0e:16:43:d3:59:1a:6e:e7:75:
1d:e6:6d:4b:43:10:12:f0:6f:52:a7:c0:a5:be:f8:bb:6a:b1:
2f:69:53:f2:60:13:b8:58:cb:7e:15:b3:33:8e:01:27:16:bd:
66:e1:d4:54:2c:c5:29:68:59:02:d3:8d:73:47:de:8b:dc:4c:
53:6f:2f:3e:1d:47:d3:56:5c:81:fa:2c:35:7f:ec:fc:75:82:
f5:d2:68:f1:14:a0:b3:ed:4b:23:74:3d:c0:c7:7d:29:ed:cf:
b2:98:6e:7f
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICI9owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNEQjAxMTAvBgNVBAUTKDlCQzc2NTFBQzRCQUJGOEM0NDc4NTM0RkFEQTYxMEFD
REE3NDZCRDQwHhcNMjIwODIxMDgxMjE5WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MzAxZThlMi0zZWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAowCpaDJYI/LZlAakFpcMN8pqSIGGLoJzrB4pwvPsgEx7lHVZbjkAld1Ik7n0
Vg0VHDtTwTec/tsBDcYYWvJJrq+Hv3couOAY347H7YuJYAPoQAU6gdKVIo6RvBt7
cbDJF6IWDrA6ydSeFKHji2rXAaEt8yK71G6VtdLP2EMt55yP1qzH02andcjDkwN4
80eY6WdfPNUIjXg3yE6I96dT3f2OocDudA03DkF4PIzqpqVPoesFnc1Z3ng8VOTW
sEh2gemkiwzj0tU0j0F1c0PYd8x6SHsDlzhbnIBoAJaNkDOWpT9PoBn1mPMk9C3A
hWHoShLlcZpvTHCL2KoO0Soi1wIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFI9ek7sX
RfQATCwiW3XffHeTJjrPMB8GA1UdIwQYMBaAFJvHZRrEur+MRHhTT62mEKzadGvU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RCMC9CODk1QUY3NDA1
MTUxMUU1OEQ0OUFFNDJDNEY5QUUwMi9tOGRsR3NTNnY0eEVlRk5QcmFZUXJOcDBh
OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204ZGxHc1M2djR4RWVGTlByYVlRck5wMGE5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNEQjAvQjg5NUFGNzQwNTE1MTFFNThENDlBRTQyQzRGOUFFMDIvRjk3NTFBNDgy
MTI4MTFFREEyMzk3MzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABn5MkDBACWazIwDwQCAAIwCQMHACABDfQ4ADANBgkqhkiG
9w0BAQsFAAOCAQEAgUU0DUUzJA/JL7gQWxBkfRNmyAZdoePUCZ7ammwtYTaqvuZc
IfHNS2gxYjYpIFwtvQ7CcSS0qFESpSsCV8iMYcdcPcGffEsK1pJi5DaABkvZm82p
VqlKrwk96VEAP0IktOTrVBWvbndcVkVKfibPYWt0G0UAge1vUwOSVoFbm9gFl7Tz
gYyE8rg/QL7ZdtH8P63NwLi6rwXsDhZD01kabud1HeZtS0MQEvBvUqfApb74u2qx
L2lT8mATuFjLfhWzM44BJxa9ZuHUVCzFKWhZAtONc0fei9xMU28vPh1H01Zcgfos
NX/s/HWC9dJo8RSgs+1LI3Q9wMd9Ke3Psphufw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org