Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9154961/FEBBFA801BE211EDAF17A558C4F9AE02/876A3CFE1BE611ED80631B5EC4F9AE02.roa
File: 876A3CFE1BE611ED80631B5EC4F9AE02.roa (raw, json)
Hash identifier: 4Ra33gEb/ned7WxURcg5muhwlGPLvLOYOGvVbLldvf0=
Subject key identifier: A6:D1:E2:02:9B:AB:7C:21:46:4F:8D:7B:5E:28:1F:03:B3:57:48:3D
Certificate issuer: /CN=A9154961/serialNumber=33B0D5689504836C11E9ECDD0D119C058D3F760B
Certificate serial: 02
Authority key identifier: 33:B0:D5:68:95:04:83:6C:11:E9:EC:DD:0D:11:9C:05:8D:3F:76:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7DVaJUEg2wR6ezdDRGcBY0_dgs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9154961/FEBBFA801BE211EDAF17A558C4F9AE02/876A3CFE1BE611ED80631B5EC4F9AE02.roa
Signing time: Sun 14 Aug 2022 15:34:05 +0000
ROA not before: Sun 14 Aug 2022 15:34:05 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 150156
IP address blocks: 103.112.62.0/23 maxlen: 23
2001:df1:1940::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9154961/serialNumber=33B0D5689504836C11E9ECDD0D119C058D3F760B
Validity
Not Before: Aug 14 15:34:05 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=62f915ed-2594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ef:c1:d3:e2:9f:60:01:c8:6d:77:0b:50:7e:
74:d0:9b:fc:e1:de:72:50:17:cc:d0:67:ae:4b:a7:
17:18:76:00:18:9b:9d:77:16:b3:37:dd:ec:59:49:
a0:24:de:4d:4e:6d:10:24:89:3f:be:58:d0:35:be:
87:96:e3:dc:5e:3e:74:fb:e9:d3:fb:1f:95:3a:9e:
c4:a4:09:16:d6:7c:8a:01:15:2c:5a:cb:df:c4:6c:
5a:6c:fe:ff:23:43:fd:6b:5d:65:ab:31:09:54:76:
e0:9b:3e:d2:35:93:29:48:c4:bb:a6:d4:9a:db:3d:
76:84:37:25:45:87:5f:b4:b0:50:6a:3c:91:cd:63:
fe:b9:a3:53:5f:a2:4f:f2:cb:88:fe:c9:a9:6c:c1:
53:8b:02:d2:c3:69:08:0e:f8:49:b7:b9:96:35:02:
df:8a:41:1f:df:d5:07:b1:ef:2c:5c:9f:47:cb:d4:
db:dd:53:02:ef:1c:58:3a:c3:25:42:ab:5f:28:37:
9d:2f:11:e8:f1:02:da:4b:4a:6b:b6:fe:4c:9a:1f:
0a:08:ff:99:cb:8d:d2:19:24:d3:9c:b3:ca:c5:43:
87:c9:df:1f:e6:9d:bb:10:0a:08:cc:35:0b:07:24:
db:b5:dd:93:05:3e:1e:83:8a:48:60:68:93:fe:38:
78:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D1:E2:02:9B:AB:7C:21:46:4F:8D:7B:5E:28:1F:03:B3:57:48:3D
X509v3 Authority Key Identifier:
keyid:33:B0:D5:68:95:04:83:6C:11:E9:EC:DD:0D:11:9C:05:8D:3F:76:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9154961/FEBBFA801BE211EDAF17A558C4F9AE02/M7DVaJUEg2wR6ezdDRGcBY0_dgs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7DVaJUEg2wR6ezdDRGcBY0_dgs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154961/FEBBFA801BE211EDAF17A558C4F9AE02/876A3CFE1BE611ED80631B5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.62.0/23
IPv6:
2001:df1:1940::/48
Signature Algorithm: sha256WithRSAEncryption
90:94:34:c0:32:3e:0f:06:99:39:6c:da:0f:d9:14:19:75:d5:
44:63:3c:07:79:8c:20:31:ff:fa:db:76:51:cb:94:0a:1d:f3:
b7:4a:0d:28:97:4d:7a:42:05:fe:78:85:ab:4a:82:11:af:cb:
51:d4:ae:37:df:12:09:7a:62:1c:30:31:b5:94:f3:82:ee:4a:
8e:9f:2b:63:22:e4:d4:7a:b5:cb:d5:b5:53:bc:92:13:e0:b7:
96:f3:39:2f:a0:58:ea:7d:eb:8a:4c:4c:88:90:c6:97:ff:4a:
11:89:78:b3:a7:dc:9c:5c:35:70:10:b0:35:d0:02:a8:06:2e:
55:c8:3c:ae:86:80:3c:2a:be:fe:2f:c1:ff:65:17:02:14:f3:
be:c9:c5:aa:1d:f0:39:86:60:fb:01:d3:5e:52:81:77:72:cc:
5a:a9:eb:15:a5:46:5e:58:9d:20:08:7e:cc:0e:a0:9b:04:e8:
f7:de:9f:b8:26:bb:ee:fd:fc:9a:8c:56:32:e4:94:dc:93:c1:
ed:da:33:12:55:2e:8f:2a:98:02:c5:8f:b8:44:7f:1d:12:e9:
db:e9:bc:17:bb:ec:6f:f5:33:fa:cc:34:01:cd:79:7c:b7:0d:
39:17:94:26:cd:a6:0c:4f:70:33:54:51:5b:cf:f6:23:af:96:
0e:c4:05:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NDk2MTExMC8GA1UEBRMoMzNCMEQ1Njg5NTA0ODM2QzExRTlFQ0REMEQxMTlDMDU4
RDNGNzYwQjAeFw0yMjA4MTQxNTM0MDVaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZjkxNWVkLTI1OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQ78HT4p9gAchtdwtQfnTQm/zh3nJQF8zQZ65LpxcYdgAYm513FrM33exZSaAk
3k1ObRAkiT++WNA1voeW49xePnT76dP7H5U6nsSkCRbWfIoBFSxay9/EbFps/v8j
Q/1rXWWrMQlUduCbPtI1kylIxLum1JrbPXaENyVFh1+0sFBqPJHNY/65o1Nfok/y
y4j+yalswVOLAtLDaQgO+Em3uZY1At+KQR/f1Qex7yxcn0fL1NvdUwLvHFg6wyVC
q18oN50vEejxAtpLSmu2/kyaHwoI/5nLjdIZJNOcs8rFQ4fJ3x/mnbsQCgjMNQsH
JNu13ZMFPh6DikhgaJP+OHhrAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUptHiApur
fCFGT417XigfA7NXSD0wHwYDVR0jBBgwFoAUM7DVaJUEg2wR6ezdDRGcBY0/dgsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU0OTYxL0ZFQkJGQTgwMUJF
MjExRURBRjE3QTU1OEM0RjlBRTAyL003RFZhSlVFZzJ3UjZlemREUkdjQlkwX2Rn
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTTdEVmFKVUVnMndSNmV6ZERSR2NCWTBfZGdzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NDk2MS9GRUJCRkE4MDFCRTIxMUVEQUYxN0E1NThDNEY5QUUwMi84NzZBM0NGRTFC
RTYxMUVEODA2MzFCNUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdwPjAPBAIAAjAJAwcAIAEN8RlAMA0GCSqGSIb3DQEBCwUA
A4IBAQCQlDTAMj4PBpk5bNoP2RQZddVEYzwHeYwgMf/623ZRy5QKHfO3Sg0ol016
QgX+eIWrSoIRr8tR1K433xIJemIcMDG1lPOC7kqOnytjIuTUerXL1bVTvJIT4LeW
8zkvoFjqfeuKTEyIkMaX/0oRiXizp9ycXDVwELA10AKoBi5VyDyuhoA8Kr7+L8H/
ZRcCFPO+ycWqHfA5hmD7AdNeUoF3csxaqesVpUZeWJ0gCH7MDqCbBOj33p+4Jrvu
/fyajFYy5JTck8Ht2jMSVS6PKpgCxY+4RH8dEunb6bwXu+xv9TP6zDQBzXl8tw05
F5QmzaYMT3AzVFFbz/Yjr5YOxAVv
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org