Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162439/30D9B77A02E311EB86D28736C4F9AE02/666ED3A602E411EBAE29B237C4F9AE02.roa
File: 666ED3A602E411EBAE29B237C4F9AE02.roa (raw, json)
Hash identifier: qWbXyD6eXzQroXBfolKT/E++ku936Kjs3eEiOhcJT28=
Subject key identifier: 10:CA:42:69:6B:3F:97:42:A6:EF:70:91:69:35:13:0E:9A:27:F9:BC
Certificate issuer: /CN=A9162439/serialNumber=4AF40F4378A2E98BEE6C784D8BDB9E82EDB66C9F
Certificate serial: 05CA
Authority key identifier: 4A:F4:0F:43:78:A2:E9:8B:EE:6C:78:4D:8B:DB:9E:82:ED:B6:6C:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SvQPQ3ii6YvubHhNi9uegu22bJ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162439/30D9B77A02E311EB86D28736C4F9AE02/666ED3A602E411EBAE29B237C4F9AE02.roa
Signing time: Wed 26 Oct 2022 23:49:27 +0000
ROA not before: Wed 26 Oct 2022 23:49:27 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 141225
IP address blocks: 103.156.196.0/23 maxlen: 24
2001:df4:f480::/48 maxlen: 48
2001:df4:f480:100::/56 maxlen: 56
2001:df4:f480:200::/56 maxlen: 56
2001:df4:f480:300::/56 maxlen: 56
2001:df4:f480:400::/56 maxlen: 56
2001:df4:f480:500::/56 maxlen: 56
2001:df4:f480:600::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1482 (0x5ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162439/serialNumber=4AF40F4378A2E98BEE6C784D8BDB9E82EDB66C9F
Validity
Not Before: Oct 26 23:49:27 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6359c787-e30e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:bd:7e:41:34:5a:ad:6d:0a:37:a8:29:36:c3:
56:21:16:c0:b4:b7:87:db:c1:d9:39:74:b3:e5:cb:
00:93:e8:f1:4b:a4:0b:1f:83:4b:80:99:22:7f:94:
02:0c:df:f3:4b:99:0c:b4:63:87:ff:06:3f:82:ef:
3d:27:07:70:25:0f:6c:a7:f1:23:c5:23:8d:6a:03:
4b:9a:3a:67:fa:31:1a:63:97:18:24:90:5b:71:e9:
70:8e:4f:f0:7b:49:a5:88:2a:33:25:07:d1:ee:37:
89:12:50:af:31:90:07:d1:da:de:75:4d:dd:81:0a:
ed:d6:ac:e3:97:3a:81:bd:8d:7a:20:af:a2:f6:30:
b4:4f:14:54:0f:58:54:b6:a1:d1:11:fb:a6:73:4d:
d0:2c:64:b5:3a:eb:18:ad:7c:4d:20:8c:8b:25:41:
55:ce:e8:b9:c6:5b:1d:78:8f:03:74:eb:3e:7d:44:
b1:08:13:90:a1:cb:2e:70:c2:64:fd:cd:1d:92:0b:
ae:80:e3:9d:b4:29:fa:d4:8b:dc:e8:45:9a:15:28:
93:7a:3e:80:f5:94:ab:81:60:d6:de:b8:2b:5a:9f:
b6:75:97:4b:f1:1f:a4:7a:d9:41:c7:5b:ac:b7:3c:
79:d9:95:4d:09:fc:b8:51:9c:39:d4:65:39:b1:06:
cc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CA:42:69:6B:3F:97:42:A6:EF:70:91:69:35:13:0E:9A:27:F9:BC
X509v3 Authority Key Identifier:
keyid:4A:F4:0F:43:78:A2:E9:8B:EE:6C:78:4D:8B:DB:9E:82:ED:B6:6C:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162439/30D9B77A02E311EB86D28736C4F9AE02/SvQPQ3ii6YvubHhNi9uegu22bJ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SvQPQ3ii6YvubHhNi9uegu22bJ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162439/30D9B77A02E311EB86D28736C4F9AE02/666ED3A602E411EBAE29B237C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.196.0/23
IPv6:
2001:df4:f480::/48
Signature Algorithm: sha256WithRSAEncryption
84:0e:bb:02:d9:b2:f1:8a:dd:e7:b2:c9:98:0a:3e:35:0c:db:
2d:43:ab:e3:af:63:c4:b7:a2:6c:e4:ca:f7:bc:73:5e:a7:45:
62:98:9d:60:cf:90:2a:c1:f1:20:33:c8:60:1f:81:78:a6:2d:
51:47:fd:9e:be:98:a5:58:66:a5:f4:1c:07:ab:24:2a:54:3e:
aa:1c:d1:b3:dc:ac:1e:43:94:c7:be:35:41:cd:a7:95:b0:59:
02:7f:6e:cb:db:6e:ea:32:59:84:f7:0a:e3:a4:2f:01:d9:c6:
23:75:ea:16:61:24:03:1d:4a:e9:63:45:42:ae:d0:b1:ea:ec:
e5:00:86:96:c7:20:0b:0f:b4:3d:d4:ec:b6:3e:47:61:9e:25:
33:ca:64:f6:15:b6:2a:84:77:34:08:4b:b6:5d:bb:fa:87:e0:
f3:a5:3a:43:06:cb:96:ae:27:29:40:d2:f8:9b:d0:cb:ab:05:
34:3d:7d:52:0a:39:54:52:52:50:7c:f3:dd:b8:cd:c9:a3:2a:
de:2f:89:1a:fc:0f:8f:79:90:01:45:97:ea:9f:e8:13:e5:b3:
cf:8b:25:a8:14:17:61:15:93:8f:58:71:71:5b:df:c2:1d:ee:
07:f4:4b:af:fb:0d:1a:9c:72:62:6d:5c:5e:90:50:57:93:95:
2e:cd:b3:01
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjI0MzkxMTAvBgNVBAUTKDRBRjQwRjQzNzhBMkU5OEJFRTZDNzg0RDhCREI5RTgy
RURCNjZDOUYwHhcNMjIxMDI2MjM0OTI3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU5Yzc4Ny1lMzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyr1+QTRarW0KN6gpNsNWIRbAtLeH28HZOXSz5csAk+jxS6QLH4NLgJkif5QC
DN/zS5kMtGOH/wY/gu89JwdwJQ9sp/EjxSONagNLmjpn+jEaY5cYJJBbcelwjk/w
e0mliCozJQfR7jeJElCvMZAH0dredU3dgQrt1qzjlzqBvY16IK+i9jC0TxRUD1hU
tqHREfumc03QLGS1OusYrXxNIIyLJUFVzui5xlsdeI8DdOs+fUSxCBOQocsucMJk
/c0dkguugOOdtCn61Ivc6EWaFSiTej6A9ZSrgWDW3rgrWp+2dZdL8R+ketlBx1us
tzx52ZVNCfy4UZw51GU5sQbMiQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBDKQmlr
P5dCpu9wkWk1Ew6aJ/m8MB8GA1UdIwQYMBaAFEr0D0N4oumL7mx4TYvbnoLttmyf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjQzOS8zMEQ5Qjc3QTAy
RTMxMUVCODZEMjg3MzZDNEY5QUUwMi9TdlFQUTNpaTZZdnViSGhOaTl1ZWd1MjJi
SjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1N2UVBRM2lpNll2dWJIaE5pOXVlZ3UyMmJKOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjI0MzkvMzBEOUI3N0EwMkUzMTFFQjg2RDI4NzM2QzRGOUFFMDIvNjY2RUQzQTYw
MkU0MTFFQkFFMjlCMjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnnMQwDwQCAAIwCQMHACABDfT0gDANBgkqhkiG9w0BAQsF
AAOCAQEAhA67Atmy8Yrd57LJmAo+NQzbLUOr469jxLeibOTK97xzXqdFYpidYM+Q
KsHxIDPIYB+BeKYtUUf9nr6YpVhmpfQcB6skKlQ+qhzRs9ysHkOUx741Qc2nlbBZ
An9uy9tu6jJZhPcK46QvAdnGI3XqFmEkAx1K6WNFQq7Qsers5QCGlscgCw+0PdTs
tj5HYZ4lM8pk9hW2KoR3NAhLtl27+ofg86U6QwbLlq4nKUDS+JvQy6sFND19Ugo5
VFJSUHzz3bjNyaMq3i+JGvwPj3mQAUWX6p/oE+Wzz4slqBQXYRWTj1hxcVvfwh3u
B/RLr/sNGpxyYm1cXpBQV5OVLs2zAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org