Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/D484B96CBFE011ED9AB9C33BC4F9AE02.roa
File: D484B96CBFE011ED9AB9C33BC4F9AE02.roa (raw, json)
Hash identifier: c4ps9O3rEjbVtvSyczF8XA9k02hLNpR/bfGYe96QEh4=
Subject key identifier: 69:73:EB:D6:9A:A3:0B:3C:4B:E4:5F:1D:76:DC:B8:8A:D5:E0:58:BC
Certificate issuer: /CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Certificate serial: 052E
Authority key identifier: 34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/D484B96CBFE011ED9AB9C33BC4F9AE02.roa
Signing time: Sat 11 Mar 2023 10:46:22 +0000
ROA not before: Sat 11 Mar 2023 10:46:22 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 141731
IP address blocks: 103.203.177.0/24 maxlen: 24
103.203.178.0/24 maxlen: 24
223.29.214.0/24 maxlen: 24
2401:b8c0:a::/48 maxlen: 48
2401:b8c0:d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1326 (0x52e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Validity
Not Before: Mar 11 10:46:22 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=640c5bfd-3cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:63:3d:66:c0:2f:4d:a2:af:f4:30:7b:81:18:
28:18:af:55:07:f1:a7:4a:79:30:5f:76:65:27:60:
71:92:18:06:b4:74:2a:04:84:8c:9e:81:4c:1d:64:
1d:38:c5:01:4b:08:76:ea:31:f9:e6:e0:4a:e8:27:
fc:1c:80:28:f0:06:b3:b9:d1:89:1c:d8:e0:8c:ae:
38:47:76:05:56:0a:a8:9c:a0:16:41:d4:26:28:3e:
31:f7:fb:18:01:b5:29:f6:9e:e5:38:03:27:dc:82:
0f:2c:46:20:12:80:17:20:f8:02:19:fd:c1:e7:25:
6b:41:ee:f5:fd:18:46:d3:c3:53:a4:38:38:1d:dc:
37:62:d0:4a:28:44:4a:e8:08:8b:82:a5:13:42:13:
e8:68:14:ad:17:75:d0:ed:7e:6e:d3:95:af:af:70:
36:c8:ac:07:29:90:69:d9:d8:7b:64:bc:25:b2:f8:
91:55:60:38:52:24:2a:72:1d:ee:22:83:91:d0:13:
bb:79:57:66:f7:43:8a:1f:67:ed:a3:bd:c6:2e:03:
ba:a7:8b:7a:74:a9:6e:30:48:02:6d:d9:f1:05:87:
5e:06:93:3f:02:e8:dc:27:e2:26:53:7f:34:bb:23:
ab:2f:84:b7:1b:0f:08:59:a9:07:75:6e:c3:cb:8f:
46:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:73:EB:D6:9A:A3:0B:3C:4B:E4:5F:1D:76:DC:B8:8A:D5:E0:58:BC
X509v3 Authority Key Identifier:
keyid:34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/D484B96CBFE011ED9AB9C33BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.177.0-103.203.178.255
223.29.214.0/24
IPv6:
2401:b8c0:a::/48
2401:b8c0:d::/48
Signature Algorithm: sha256WithRSAEncryption
78:70:83:10:95:eb:f1:8a:4f:50:df:24:34:7d:5a:5e:34:ce:
06:d3:d5:e9:40:0d:31:ed:dc:7d:4a:c7:b9:29:57:59:78:5b:
c5:83:89:b3:16:be:5c:6e:31:81:df:7b:4c:f8:a7:7a:9b:59:
67:7c:b0:42:a5:bf:94:44:19:dc:1b:ee:31:b6:4f:07:2f:a8:
b8:13:61:25:48:ec:36:c8:47:61:67:41:ac:96:ad:d9:d6:e7:
81:b4:87:c9:29:ad:4f:07:50:9e:87:f4:b6:66:29:0c:26:c7:
a7:bf:bf:be:b6:21:e6:73:65:fb:73:dc:fd:9b:a3:69:1d:08:
1b:2f:b0:ea:fe:df:a2:ce:c7:7c:31:46:8f:05:12:13:c1:78:
ac:f4:cb:70:f5:cb:ff:c8:14:79:df:6a:fc:d9:75:8c:a6:fc:
44:bb:d5:1c:df:e1:ff:67:d2:f2:ad:9d:c5:b2:bf:0d:fc:09:
c0:e7:bd:cd:95:7a:4d:ba:fd:e0:8a:60:80:8c:c7:d1:c3:3c:
23:61:35:06:0d:fb:00:eb:c2:f5:62:12:7d:c4:39:9b:d5:4f:
7e:01:0e:3a:aa:42:ea:d5:36:cc:29:fb:92:c8:85:cd:32:fe:
b4:c4:c0:98:67:42:f1:1a:8c:cd:53:96:d1:a2:40:0d:05:77:
95:c8:27:33
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICBS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2NDYxMTAvBgNVBAUTKDM0OTJFRkZFOTYyMkIxRkZGODgxNTk3MDAzNzYzQzFC
QTI0QTFFMDYwHhcNMjMwMzExMTA0NjIyWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBjNWJmZC0zY2MxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxmM9ZsAvTaKv9DB7gRgoGK9VB/GnSnkwX3ZlJ2BxkhgGtHQqBISMnoFMHWQd
OMUBSwh26jH55uBK6Cf8HIAo8AazudGJHNjgjK44R3YFVgqonKAWQdQmKD4x9/sY
AbUp9p7lOAMn3IIPLEYgEoAXIPgCGf3B5yVrQe71/RhG08NTpDg4Hdw3YtBKKERK
6AiLgqUTQhPoaBStF3XQ7X5u05Wvr3A2yKwHKZBp2dh7ZLwlsviRVWA4UiQqch3u
IoOR0BO7eVdm90OKH2fto73GLgO6p4t6dKluMEgCbdnxBYdeBpM/AujcJ+ImU380
uyOrL4S3Gw8IWakHdW7Dy49GSQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFGlz69aa
ows8S+RfHXbcuIrV4Fi8MB8GA1UdIwQYMBaAFDSS7/6WIrH/+IFZcAN2PBuiSh4G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzY0Ni82QjhFRkE1QUZG
OTgxMUU5ODdDODBBNkFDNEY5QUUwMi9OSkx2X3BZaXNmXzRnVmx3QTNZOEc2SktI
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05KTHZfcFlpc2ZfNGdWbHdBM1k4RzZKS0hnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2NDYvNkI4RUZBNUFGRjk4MTFFOTg3QzgwQTZBQzRGOUFFMDIvRDQ4NEI5NkNC
RkUwMTFFRDlBQjlDMzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MBoEAgABMBQwDAMEAGfLsQMEAGfLsgMEAN8d1jAYBAIAAjASAwcAJAG4wAAK
AwcAJAG4wAANMA0GCSqGSIb3DQEBCwUAA4IBAQB4cIMQlevxik9Q3yQ0fVpeNM4G
09XpQA0x7dx9Sse5KVdZeFvFg4mzFr5cbjGB33tM+Kd6m1lnfLBCpb+URBncG+4x
tk8HL6i4E2ElSOw2yEdhZ0Gslq3Z1ueBtIfJKa1PB1Ceh/S2ZikMJsenv7++tiHm
c2X7c9z9m6NpHQgbL7Dq/t+izsd8MUaPBRITwXis9Mtw9cv/yBR532r82XWMpvxE
u9Uc3+H/Z9LyrZ3Fsr8N/AnA573NlXpNuv3gimCAjMfRwzwjYTUGDfsA68L1YhJ9
xDmb1U9+AQ46qkLq1TbMKfuSyIXNMv60xMCYZ0LxGozNU5bRokANBXeVyCcz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org