Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0F9/4EC2CD74CF4F11EBAAB4084EC4F9AE02/D61D51F2CF5111EB8849DC4FC4F9AE02.roa
File: D61D51F2CF5111EB8849DC4FC4F9AE02.roa (raw, json)
Hash identifier: J3OzLB3m9A0vfFIwAfn67R3rGUclZcM79noURHLdPgI=
Subject key identifier: EC:12:6C:F3:C8:C5:53:BD:BA:3D:FA:E5:4E:DF:E2:51:BA:05:43:B8
Certificate issuer: /CN=A915A0F9/serialNumber=7448C730A1054D7F1E29DC11951585DD11DE1787
Certificate serial: 02A4
Authority key identifier: 74:48:C7:30:A1:05:4D:7F:1E:29:DC:11:95:15:85:DD:11:DE:17:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dEjHMKEFTX8eKdwRlRWF3RHeF4c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0F9/4EC2CD74CF4F11EBAAB4084EC4F9AE02/D61D51F2CF5111EB8849DC4FC4F9AE02.roa
Signing time: Sun 22 May 2022 02:48:29 +0000
ROA not before: Sun 22 May 2022 02:48:29 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 142436
IP address blocks: 103.168.90.0/23 maxlen: 23
103.168.90.0/24 maxlen: 24
103.168.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 676 (0x2a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0F9/serialNumber=7448C730A1054D7F1E29DC11951585DD11DE1787
Validity
Not Before: May 22 02:48:29 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6289a47d-48ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:29:a8:bd:a2:f7:77:31:ed:ff:aa:34:a1:56:
52:66:b3:a1:07:bd:c6:f6:a2:22:44:96:75:e8:c2:
c7:93:75:60:2c:4c:03:7b:e9:99:51:4b:ea:9e:02:
69:97:bd:9a:7e:90:11:22:89:0f:9d:59:5c:46:d0:
86:88:28:7e:9b:17:62:87:7d:4e:be:36:ad:5c:93:
9b:9d:21:d6:b5:fa:af:3f:a0:56:83:46:6e:83:cd:
30:22:0c:1d:6c:34:cd:8d:60:46:d0:08:be:c8:2c:
4a:0e:1c:ee:a3:7f:2c:da:ed:55:d0:b3:ce:57:7c:
08:6c:c1:92:2b:79:44:80:c5:22:5b:88:f0:f3:ec:
a1:85:4c:99:70:e0:88:43:52:78:dc:7f:35:c8:01:
d6:d9:68:33:69:f9:c8:cf:c4:42:0e:1b:91:82:3d:
15:9d:c8:df:00:cc:ae:d6:61:6e:74:e0:04:f4:71:
b7:46:5c:f1:88:a4:69:77:bd:18:8d:f6:7f:88:26:
69:f0:27:d3:ba:70:33:44:8d:20:e2:c7:7f:45:45:
dd:53:08:00:05:8b:dd:94:09:07:d6:8a:2e:89:a5:
dc:5e:2b:cb:9c:98:cb:06:86:d3:3b:5f:46:a3:88:
92:53:6a:09:16:3b:42:01:5f:dc:b2:b2:03:f1:c4:
a2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:12:6C:F3:C8:C5:53:BD:BA:3D:FA:E5:4E:DF:E2:51:BA:05:43:B8
X509v3 Authority Key Identifier:
keyid:74:48:C7:30:A1:05:4D:7F:1E:29:DC:11:95:15:85:DD:11:DE:17:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0F9/4EC2CD74CF4F11EBAAB4084EC4F9AE02/dEjHMKEFTX8eKdwRlRWF3RHeF4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dEjHMKEFTX8eKdwRlRWF3RHeF4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0F9/4EC2CD74CF4F11EBAAB4084EC4F9AE02/D61D51F2CF5111EB8849DC4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.168.90.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:89:7d:f5:5d:ff:fa:92:63:38:23:fb:60:07:ba:92:aa:44:
34:4d:1b:e6:42:20:14:cb:66:aa:38:0e:55:cd:bd:66:c7:b1:
0a:19:03:d9:44:ee:0e:3e:e5:15:ad:ac:b9:65:ef:d1:9c:08:
52:e3:e5:24:60:8f:98:63:07:b9:b9:e5:ac:ba:d3:cb:56:da:
72:95:b6:cf:6f:c0:40:b5:38:11:f4:45:85:1b:48:36:70:b4:
1a:4c:6e:e8:78:a6:d0:f0:64:56:d8:90:23:27:3e:ec:9b:fe:
71:40:e1:f0:96:25:23:ea:53:28:45:6d:61:19:7c:b6:1a:fa:
8b:31:ba:3d:f0:38:c0:0b:9a:7f:e4:35:0a:df:36:14:b6:7a:
da:cf:88:0b:05:e4:94:79:cd:c5:f7:01:f4:05:aa:88:14:20:
61:4a:e0:cb:77:dd:3a:30:b8:b4:31:85:96:17:eb:5e:32:14:
c6:ef:6f:01:e8:b8:09:dd:d7:ef:6f:d1:7d:c6:5a:1f:cf:0b:
fe:f8:94:26:e3:81:d8:bd:eb:f2:4a:9b:25:d3:55:63:94:e2:
f3:66:40:86:75:3e:b4:8c:da:7d:2d:d2:5b:3d:0d:b7:9c:60:
10:a7:a1:f3:e0:c1:27:cc:64:fc:16:c7:3a:0b:36:9c:95:21:
0f:7e:e8:e1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAqQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwRjkxMTAvBgNVBAUTKDc0NDhDNzMwQTEwNTREN0YxRTI5REMxMTk1MTU4NURE
MTFERTE3ODcwHhcNMjIwNTIyMDI0ODI5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg5YTQ3ZC00OGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzymovaL3dzHt/6o0oVZSZrOhB73G9qIiRJZ16MLHk3VgLEwDe+mZUUvqngJp
l72afpARIokPnVlcRtCGiCh+mxdih31OvjatXJObnSHWtfqvP6BWg0Zug80wIgwd
bDTNjWBG0Ai+yCxKDhzuo38s2u1V0LPOV3wIbMGSK3lEgMUiW4jw8+yhhUyZcOCI
Q1J43H81yAHW2WgzafnIz8RCDhuRgj0VncjfAMyu1mFudOAE9HG3RlzxiKRpd70Y
jfZ/iCZp8CfTunAzRI0g4sd/RUXdUwgABYvdlAkH1oouiaXcXivLnJjLBobTO19G
o4iSU2oJFjtCAV/csrID8cSijwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOwSbPPI
xVO9uj365U7f4lG6BUO4MB8GA1UdIwQYMBaAFHRIxzChBU1/HincEZUVhd0R3heH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBGOS80RUMyQ0Q3NENG
NEYxMUVCQUFCNDA4NEVDNEY5QUUwMi9kRWpITUtFRlRYOGVLZHdSbFJXRjNSSGVG
NGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RFakhNS0VGVFg4ZUtkd1JsUldGM1JIZUY0Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwRjkvNEVDMkNENzRDRjRGMTFFQkFBQjQwODRFQzRGOUFFMDIvRDYxRDUxRjJD
RjUxMTFFQjg4NDlEQzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnqFowDQYJKoZIhvcNAQELBQADggEBALiJffVd//qSYzgj
+2AHupKqRDRNG+ZCIBTLZqo4DlXNvWbHsQoZA9lE7g4+5RWtrLll79GcCFLj5SRg
j5hjB7m55ay608tW2nKVts9vwEC1OBH0RYUbSDZwtBpMbuh4ptDwZFbYkCMnPuyb
/nFA4fCWJSPqUyhFbWEZfLYa+osxuj3wOMALmn/kNQrfNhS2etrPiAsF5JR5zcX3
AfQFqogUIGFK4Mt33TowuLQxhZYX614yFMbvbwHouAnd1+9v0X3GWh/PC/74lCbj
gdi96/JKmyXTVWOU4vNmQIZ1PrSM2n0t0ls9DbecYBCnofPgwSfMZPwWxzoLNpyV
IQ9+6OE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org