Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/8A7B773E278311EDA12C9E44C4F9AE02.roa
File: 8A7B773E278311EDA12C9E44C4F9AE02.roa (raw, json)
Hash identifier: tNQaFU4orE2BZPvSIvCYwIbg8kqQM5EKepsfsYN5ZsI=
Subject key identifier: 0D:16:68:98:6E:8E:24:79:DF:AD:86:89:F1:2B:6F:A0:EA:0D:1C:D6
Certificate issuer: /CN=A91551D7/serialNumber=113618B0D410682AC06A901D65BB9AC955ED89E0
Certificate serial: 0C2F
Authority key identifier: 11:36:18:B0:D4:10:68:2A:C0:6A:90:1D:65:BB:9A:C9:55:ED:89:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/8A7B773E278311EDA12C9E44C4F9AE02.roa
Signing time: Mon 29 Aug 2022 10:15:44 +0000
ROA not before: Mon 29 Aug 2022 10:15:44 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 134809
IP address blocks: 43.230.96.0/22 maxlen: 22
103.7.68.0/22 maxlen: 22
103.13.74.0/24 maxlen: 24
2001:df7:6400::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3119 (0xc2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91551D7/serialNumber=113618B0D410682AC06A901D65BB9AC955ED89E0
Validity
Not Before: Aug 29 10:15:44 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=630c91cf-3fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:00:06:97:9e:8a:ee:b5:58:4a:58:fd:06:5d:
a0:cc:62:bb:2a:fc:30:fc:ec:34:0e:31:d6:2c:33:
c1:b1:44:7a:f1:34:7b:30:e2:10:9b:ab:77:8c:2f:
43:92:e9:96:30:7f:27:e5:6e:4e:61:ad:35:b0:a3:
13:f9:5d:b9:72:b7:2f:78:23:75:4c:69:b2:18:f4:
a0:f6:a2:67:a8:ed:57:9b:4a:04:8c:8d:33:02:19:
5c:e0:2f:b7:27:1f:be:31:99:38:73:bc:ea:81:94:
3f:4b:48:67:fd:1c:52:6b:45:82:15:7a:7b:a3:88:
c6:1f:54:30:c5:1a:fe:3c:dc:af:8b:da:0d:04:56:
b7:a5:52:7d:73:7f:98:5d:3b:28:d2:3f:56:88:c1:
45:f9:bc:04:a8:20:da:5b:b3:c2:35:1f:12:b6:76:
1d:94:f5:11:a6:44:df:dc:79:8f:63:52:11:ba:c9:
62:d2:56:64:0d:0c:5e:9c:5f:d3:9f:da:69:0d:e3:
c9:b6:0f:06:fa:d9:a9:ec:c3:f5:46:84:4c:62:74:
c9:61:00:78:32:15:c9:43:c5:30:d7:c2:04:f3:60:
8b:ad:04:72:72:ef:60:d0:65:6a:fe:54:67:31:aa:
2b:c9:7c:77:9b:1d:70:24:07:c5:d0:e6:6c:63:8c:
ff:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:16:68:98:6E:8E:24:79:DF:AD:86:89:F1:2B:6F:A0:EA:0D:1C:D6
X509v3 Authority Key Identifier:
keyid:11:36:18:B0:D4:10:68:2A:C0:6A:90:1D:65:BB:9A:C9:55:ED:89:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/ETYYsNQQaCrAapAdZbuayVXtieA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ETYYsNQQaCrAapAdZbuayVXtieA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91551D7/68F092929E2F11E9B2E5280AC4F9AE02/8A7B773E278311EDA12C9E44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.96.0/22
103.7.68.0/22
103.13.74.0/24
IPv6:
2001:df7:6400::/48
Signature Algorithm: sha256WithRSAEncryption
3e:3c:29:7c:6b:2d:df:0a:84:80:9d:f4:ad:b9:d3:fd:6c:e4:
55:a6:98:cb:03:d1:df:ba:de:1f:17:f1:91:1e:16:e4:cb:c9:
c6:a3:dd:1f:5d:2b:ed:16:28:dc:ff:37:8a:be:79:d5:09:c5:
1a:93:60:c8:b6:d7:e0:fb:33:a2:7e:59:b0:59:ac:9c:1c:bc:
b9:c9:a1:b2:8d:f2:f2:74:54:1e:1b:ae:1f:ad:a8:22:f6:df:
46:70:b0:df:29:ca:0f:2b:d8:e1:7c:ca:22:d6:be:d3:37:5e:
94:29:98:45:67:7b:04:57:48:7f:7f:8a:21:c2:dc:d0:6f:92:
16:8e:c4:8f:3f:75:43:1f:d6:b4:43:18:7e:2d:d2:aa:f0:ca:
01:0d:bc:04:b8:60:12:89:57:7f:c0:b9:c4:30:0c:5b:14:49:
1f:f3:94:ae:e7:11:96:5e:9e:0d:f0:4d:f3:ef:fb:2e:38:4d:
fd:b0:03:97:9a:6f:2c:a0:6d:33:b2:11:e9:58:ac:f6:bf:e5:
1e:e4:ac:b8:c3:9a:ec:7e:2b:f5:fa:7b:ea:73:2c:3f:3d:92:
b8:49:1a:ca:30:78:06:e8:92:bd:5d:bd:17:61:52:39:8d:36:
43:bd:5a:71:1b:cb:90:09:0d:5a:fa:b3:55:c7:d9:db:d5:83:
e5:ee:25:4b
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICDC8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTUxRDcxMTAvBgNVBAUTKDExMzYxOEIwRDQxMDY4MkFDMDZBOTAxRDY1QkI5QUM5
NTVFRDg5RTAwHhcNMjIwODI5MTAxNTQ0WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBjOTFjZi0zZmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyAAGl56K7rVYSlj9Bl2gzGK7Kvww/Ow0DjHWLDPBsUR68TR7MOIQm6t3jC9D
kumWMH8n5W5OYa01sKMT+V25crcveCN1TGmyGPSg9qJnqO1Xm0oEjI0zAhlc4C+3
Jx++MZk4c7zqgZQ/S0hn/RxSa0WCFXp7o4jGH1QwxRr+PNyvi9oNBFa3pVJ9c3+Y
XTso0j9WiMFF+bwEqCDaW7PCNR8StnYdlPURpkTf3HmPY1IRusli0lZkDQxenF/T
n9ppDePJtg8G+tmp7MP1RoRMYnTJYQB4MhXJQ8Uw18IE82CLrQRycu9g0GVq/lRn
MaoryXx3mx1wJAfF0OZsY4z/2wIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFA0WaJhu
jiR5362GifErb6DqDRzWMB8GA1UdIwQYMBaAFBE2GLDUEGgqwGqQHWW7mslV7Yng
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTFENy82OEYwOTI5MjlF
MkYxMUU5QjJFNTI4MEFDNEY5QUUwMi9FVFlZc05RUWFDckFhcEFkWmJ1YXlWWHRp
ZUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VUWVlzTlFRYUNyQWFwQWRaYnVheVZYdGllQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTUxRDcvNjhGMDkyOTI5RTJGMTFFOUIyRTUyODBBQzRGOUFFMDIvOEE3Qjc3M0Uy
NzgzMTFFREExMkM5RTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAIr5mADBAJnB0QDBABnDUowDwQCAAIwCQMHACABDfdkADAN
BgkqhkiG9w0BAQsFAAOCAQEAPjwpfGst3wqEgJ30rbnT/WzkVaaYywPR37reHxfx
kR4W5MvJxqPdH10r7RYo3P83ir551QnFGpNgyLbX4Pszon5ZsFmsnBy8ucmhso3y
8nRUHhuuH62oIvbfRnCw3ynKDyvY4XzKIta+0zdelCmYRWd7BFdIf3+KIcLc0G+S
Fo7Ejz91Qx/WtEMYfi3SqvDKAQ28BLhgEolXf8C5xDAMWxRJH/OUrucRll6eDfBN
8+/7LjhN/bADl5pvLKBtM7IR6Vis9r/lHuSsuMOa7H4r9fp76nMsPz2SuEkayjB4
BuiSvV29F2FSOY02Q71acRvLkAkNWvqzVcfZ29WD5e4lSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org