Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156CFE/B39031708AB211EAB022193CC4F9AE02/73567072755311EDAC64516BC4F9AE02.roa
File: 73567072755311EDAC64516BC4F9AE02.roa (raw, json)
Hash identifier: f/jnebOcln1WVw0lQyzostVYmUTmuZbLjCnSeQLqXjY=
Subject key identifier: A9:B0:7C:8A:84:37:45:DB:14:C3:50:15:6E:0D:D3:4F:1D:9D:D4:D0
Certificate issuer: /CN=A9156CFE/serialNumber=03C7FFEE0CAF4925849E286EC0EFBB0C8B2A8E4F
Certificate serial: 0806
Authority key identifier: 03:C7:FF:EE:0C:AF:49:25:84:9E:28:6E:C0:EF:BB:0C:8B:2A:8E:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A8f_7gyvSSWEnihuwO-7DIsqjk8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156CFE/B39031708AB211EAB022193CC4F9AE02/73567072755311EDAC64516BC4F9AE02.roa
Signing time: Wed 08 Mar 2023 21:08:48 +0000
ROA not before: Wed 08 Mar 2023 21:08:48 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 136969
IP address blocks: 103.82.120.0/24 maxlen: 24
103.82.121.0/24 maxlen: 24
103.82.122.0/24 maxlen: 24
103.82.123.0/24 maxlen: 24
202.59.12.0/24 maxlen: 24
202.59.13.0/24 maxlen: 24
202.59.14.0/24 maxlen: 24
202.59.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2054 (0x806)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156CFE/serialNumber=03C7FFEE0CAF4925849E286EC0EFBB0C8B2A8E4F
Validity
Not Before: Mar 8 21:08:48 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6408f960-e370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4a:b1:0f:21:4c:55:93:00:62:da:38:37:73:
65:3c:01:7c:1b:80:16:4f:72:1b:c3:f0:04:32:04:
e7:3b:ab:e3:8c:1d:05:e9:66:93:2e:7b:5e:93:0e:
a6:b2:db:d7:5e:31:0a:c2:b6:ec:36:7b:8d:23:ab:
8b:14:5d:62:44:11:3b:77:bb:db:66:01:dc:71:20:
75:1f:a9:8c:a2:ac:93:75:12:01:68:e6:34:32:c4:
02:0f:19:f5:70:3a:62:ec:e8:6f:50:3b:88:e0:a8:
5b:64:0b:f3:52:a5:6d:b1:97:ce:9d:d1:ba:06:e9:
88:88:95:09:1d:fe:24:ab:9c:71:be:16:f1:af:8b:
fd:3b:91:d4:d9:87:f1:39:be:22:d2:9a:43:db:b7:
aa:b1:37:15:f7:0f:61:b9:7d:f7:2d:f5:50:d1:c2:
9f:7c:8e:71:f0:22:32:a9:0f:49:3b:c7:db:da:9c:
b2:66:09:71:12:a7:d4:79:07:be:92:42:c4:46:3b:
0d:91:64:6d:4d:a7:cd:7b:d7:c6:c3:3d:5c:ef:e7:
d7:51:c0:de:c6:12:2e:d7:62:c9:b2:9d:ff:26:2e:
71:20:c5:70:51:66:29:e3:fe:66:77:b5:4b:1e:7b:
27:7a:2e:f8:53:c1:c3:dd:29:f8:57:84:5c:d5:51:
f9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B0:7C:8A:84:37:45:DB:14:C3:50:15:6E:0D:D3:4F:1D:9D:D4:D0
X509v3 Authority Key Identifier:
keyid:03:C7:FF:EE:0C:AF:49:25:84:9E:28:6E:C0:EF:BB:0C:8B:2A:8E:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156CFE/B39031708AB211EAB022193CC4F9AE02/A8f_7gyvSSWEnihuwO-7DIsqjk8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A8f_7gyvSSWEnihuwO-7DIsqjk8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156CFE/B39031708AB211EAB022193CC4F9AE02/73567072755311EDAC64516BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.120.0/22
202.59.12.0/22
Signature Algorithm: sha256WithRSAEncryption
06:5f:92:a8:2a:d5:37:62:bb:6c:eb:76:d3:01:2a:f7:2c:f6:
ba:5f:12:6c:93:45:f9:a8:05:71:45:c7:a1:e5:80:78:cd:46:
6e:2e:41:d6:e4:60:39:97:4a:c2:07:9f:07:71:e9:43:f3:da:
57:6d:87:a4:cd:86:c0:24:62:26:95:9d:c0:fa:30:76:e5:4a:
c5:a0:2f:27:fa:1b:3c:80:ca:59:7f:31:9f:0d:6e:d6:5f:88:
db:a8:02:83:39:46:6e:6b:9b:23:76:f9:e9:1f:00:fc:8a:c7:
12:7a:3a:01:ca:b1:24:08:00:b9:c8:5f:38:01:47:37:56:ec:
23:32:53:48:4f:19:be:92:aa:7e:0a:7e:7c:10:a5:fc:b8:65:
6b:bb:99:83:26:5a:d8:0a:4a:2b:97:0e:26:6d:17:05:23:66:
cc:fc:95:83:fb:e8:be:36:74:22:b6:3b:78:15:44:35:62:ae:
b9:94:d1:ef:e4:48:dc:56:a8:33:39:61:3f:2e:0c:b6:55:ff:
fb:27:1c:19:af:84:f9:c9:50:82:37:b6:4e:e1:c8:9b:b4:d2:
d9:22:0b:89:4d:4f:3f:37:3b:a4:19:7b:88:ab:a2:d7:7b:5b:
f7:c0:50:f4:91:88:04:90:41:91:38:16:f8:fc:fa:ae:39:7e:
35:58:ec:e0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCAYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTZDRkUxMTAvBgNVBAUTKDAzQzdGRkVFMENBRjQ5MjU4NDlFMjg2RUMwRUZCQjBD
OEIyQThFNEYwHhcNMjMwMzA4MjEwODQ4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA4Zjk2MC1lMzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAukqxDyFMVZMAYto4N3NlPAF8G4AWT3Ibw/AEMgTnO6vjjB0F6WaTLntekw6m
stvXXjEKwrbsNnuNI6uLFF1iRBE7d7vbZgHccSB1H6mMoqyTdRIBaOY0MsQCDxn1
cDpi7OhvUDuI4KhbZAvzUqVtsZfOndG6BumIiJUJHf4kq5xxvhbxr4v9O5HU2Yfx
Ob4i0ppD27eqsTcV9w9huX33LfVQ0cKffI5x8CIyqQ9JO8fb2pyyZglxEqfUeQe+
kkLERjsNkWRtTafNe9fGwz1c7+fXUcDexhIu12LJsp3/Ji5xIMVwUWYp4/5md7VL
Hnsnei74U8HD3Sn4V4Rc1VH5FwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKmwfIqE
N0XbFMNQFW4N008dndTQMB8GA1UdIwQYMBaAFAPH/+4Mr0klhJ4obsDvuwyLKo5P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NkNGRS9CMzkwMzE3MDhB
QjIxMUVBQjAyMjE5M0NDNEY5QUUwMi9BOGZfN2d5dlNTV0VuaWh1d08tN0RJc3Fq
azguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0E4Zl83Z3l2U1NXRW5paHV3Ty03RElzcWprOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTZDRkUvQjM5MDMxNzA4QUIyMTFFQUIwMjIxOTNDQzRGOUFFMDIvNzM1NjcwNzI3
NTUzMTFFREFDNjQ1MTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUngDBALKOwwwDQYJKoZIhvcNAQELBQADggEBAAZfkqgq
1Tdiu2zrdtMBKvcs9rpfEmyTRfmoBXFFx6HlgHjNRm4uQdbkYDmXSsIHnwdx6UPz
2ldth6TNhsAkYiaVncD6MHblSsWgLyf6GzyAyll/MZ8NbtZfiNuoAoM5Rm5rmyN2
+ekfAPyKxxJ6OgHKsSQIALnIXzgBRzdW7CMyU0hPGb6Sqn4KfnwQpfy4ZWu7mYMm
WtgKSiuXDiZtFwUjZsz8lYP76L42dCK2O3gVRDVirrmU0e/kSNxWqDM5YT8uDLZV
//snHBmvhPnJUII3tk7hyJu00tkiC4lNTz83O6QZe4irotd7W/fAUPSRiASQQZE4
Fvj8+q45fjVY7OA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org