Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9147609/632C30AE440E11E8903D3A5BC4F9AE02/29F086EE859E11EB9F647646C4F9AE02.roa
File: 29F086EE859E11EB9F647646C4F9AE02.roa (raw, json)
Hash identifier: SflNvDC5mNXYuHkKlgPj0V7KSDGnuvoLi53jcnEDQ1U=
Subject key identifier: CD:E4:BF:40:67:99:46:05:28:5E:1E:86:A7:90:9A:89:12:BE:70:A2
Certificate issuer: /CN=A9147609/serialNumber=4509689966D37927569CF2CBB44FFE93ACA8E681
Certificate serial: 05EC
Authority key identifier: 45:09:68:99:66:D3:79:27:56:9C:F2:CB:B4:4F:FE:93:AC:A8:E6:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RQlomWbTeSdWnPLLtE_-k6yo5oE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9147609/632C30AE440E11E8903D3A5BC4F9AE02/29F086EE859E11EB9F647646C4F9AE02.roa
Signing time: Sun 30 Oct 2022 19:04:29 +0000
ROA not before: Sun 30 Oct 2022 19:04:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137578
IP address blocks: 103.114.10.0/23 maxlen: 23
103.114.10.0/24 maxlen: 24
103.114.11.0/24 maxlen: 24
2405:4440::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1516 (0x5ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9147609/serialNumber=4509689966D37927569CF2CBB44FFE93ACA8E681
Validity
Not Before: Oct 30 19:04:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=635ecabc-42b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:99:e5:d6:c4:48:c2:de:f9:73:c4:74:ca:e8:
06:0f:37:db:01:9a:6d:32:d7:37:94:2e:76:b2:f5:
9d:c4:b5:b2:88:44:f9:20:3e:a0:38:a1:59:40:17:
36:5a:a3:0f:9b:25:be:2a:e2:25:61:6b:a3:bb:74:
13:94:80:74:66:8d:ff:be:7d:bc:70:f9:17:e0:d8:
ef:a1:11:02:06:d0:b8:64:26:76:66:7d:09:67:4f:
bb:78:60:8d:aa:0e:5f:2a:3c:f1:fa:b1:f8:c8:9b:
73:47:84:42:b0:2c:93:9a:1a:da:84:d3:2d:48:53:
0c:a5:7e:1a:65:7e:57:9f:36:e1:6f:0e:06:c7:55:
3a:3b:b9:b5:ab:57:85:7e:a6:71:a6:4e:4a:19:d2:
5b:81:e6:8d:32:3f:a2:f8:70:38:26:7e:20:76:ad:
8a:a0:90:74:26:d9:bb:df:74:cb:5f:2f:a9:3e:b5:
df:3d:60:48:ed:f9:61:51:b0:b7:76:76:62:1a:0a:
01:8a:2e:c1:f5:21:02:b4:55:d4:a8:ee:2c:ee:f9:
cd:45:b7:68:76:79:03:00:be:df:60:a6:50:4e:88:
ef:f9:23:31:16:fc:71:89:ec:7a:ef:2e:28:e1:51:
7b:ce:ac:84:56:01:8e:81:06:d1:77:51:99:fa:1f:
17:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E4:BF:40:67:99:46:05:28:5E:1E:86:A7:90:9A:89:12:BE:70:A2
X509v3 Authority Key Identifier:
keyid:45:09:68:99:66:D3:79:27:56:9C:F2:CB:B4:4F:FE:93:AC:A8:E6:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9147609/632C30AE440E11E8903D3A5BC4F9AE02/RQlomWbTeSdWnPLLtE_-k6yo5oE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RQlomWbTeSdWnPLLtE_-k6yo5oE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147609/632C30AE440E11E8903D3A5BC4F9AE02/29F086EE859E11EB9F647646C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.10.0/23
IPv6:
2405:4440::/32
Signature Algorithm: sha256WithRSAEncryption
5d:4b:29:d9:74:51:92:c1:38:8e:ed:df:65:f4:85:1f:e1:3d:
56:3e:88:ad:ea:37:fa:04:4b:37:61:99:ef:c0:a6:30:4f:9e:
86:69:5a:ec:3c:4c:dc:99:53:c5:02:ac:bc:70:1d:27:8d:99:
03:96:98:b8:7a:fd:2c:f7:bf:84:27:33:24:bb:6c:d0:5c:be:
4f:dd:70:f4:b9:1b:32:8e:d5:ac:3f:b9:10:0a:7e:0f:c4:ec:
d4:97:ff:46:fa:cb:90:6c:c3:c4:40:06:2a:82:6a:f2:58:2a:
48:59:3f:3a:67:eb:6b:ed:f7:7b:a3:74:de:68:77:14:50:8b:
ae:43:79:b6:89:7e:e7:fe:71:d9:45:77:70:e1:9d:9f:80:c7:
36:9b:91:f0:d4:a0:db:8c:49:d9:71:5a:b9:78:33:31:10:28:
4a:0c:5e:aa:64:35:b7:a0:f8:44:f5:1f:be:99:d7:29:35:30:
e5:41:6a:75:cf:d4:44:8f:6e:ea:70:1e:29:73:93:93:66:74:
28:7a:85:6a:65:1e:ca:52:53:59:99:0e:6c:b2:e3:90:e4:2c:
9f:e9:2d:20:98:bd:36:1e:da:36:49:c0:7d:d9:00:7e:54:98:
84:55:07:ac:8f:fa:5b:23:d1:b1:8a:53:58:fb:64:e6:bd:b4:
e9:c7:4c:f1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc2MDkxMTAvBgNVBAUTKDQ1MDk2ODk5NjZEMzc5Mjc1NjlDRjJDQkI0NEZGRTkz
QUNBOEU2ODEwHhcNMjIxMDMwMTkwNDI5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVlY2FiYy00MmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx5nl1sRIwt75c8R0yugGDzfbAZptMtc3lC52svWdxLWyiET5ID6gOKFZQBc2
WqMPmyW+KuIlYWuju3QTlIB0Zo3/vn28cPkX4NjvoRECBtC4ZCZ2Zn0JZ0+7eGCN
qg5fKjzx+rH4yJtzR4RCsCyTmhrahNMtSFMMpX4aZX5Xnzbhbw4Gx1U6O7m1q1eF
fqZxpk5KGdJbgeaNMj+i+HA4Jn4gdq2KoJB0Jtm733TLXy+pPrXfPWBI7flhUbC3
dnZiGgoBii7B9SECtFXUqO4s7vnNRbdodnkDAL7fYKZQTojv+SMxFvxxiex67y4o
4VF7zqyEVgGOgQbRd1GZ+h8XbQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFM3kv0Bn
mUYFKF4ehqeQmokSvnCiMB8GA1UdIwQYMBaAFEUJaJlm03knVpzyy7RP/pOsqOaB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzYwOS82MzJDMzBBRTQ0
MEUxMUU4OTAzRDNBNUJDNEY5QUUwMi9SUWxvbVdiVGVTZFduUExMdEVfLWs2eW81
b0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JRbG9tV2JUZVNkV25QTEx0RV8tazZ5bzVvRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc2MDkvNjMyQzMwQUU0NDBFMTFFODkwM0QzQTVCQzRGOUFFMDIvMjlGMDg2RUU4
NTlFMTFFQjlGNjQ3NjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFncgowDQQCAAIwBwMFACQFREAwDQYJKoZIhvcNAQELBQAD
ggEBAF1LKdl0UZLBOI7t32X0hR/hPVY+iK3qN/oESzdhme/ApjBPnoZpWuw8TNyZ
U8UCrLxwHSeNmQOWmLh6/Sz3v4QnMyS7bNBcvk/dcPS5GzKO1aw/uRAKfg/E7NSX
/0b6y5Bsw8RABiqCavJYKkhZPzpn62vt93ujdN5odxRQi65DebaJfuf+cdlFd3Dh
nZ+AxzabkfDUoNuMSdlxWrl4MzEQKEoMXqpkNbeg+ET1H76Z1yk1MOVBanXP1ESP
bupwHilzk5NmdCh6hWplHspSU1mZDmyy45DkLJ/pLSCYvTYe2jZJwH3ZAH5UmIRV
B6yP+lsj0bGKU1j7ZOa9tOnHTPE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-fra.rpki-client.org