Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/40EE170AF33711ECB31B9420C4F9AE02.roa
File: 40EE170AF33711ECB31B9420C4F9AE02.roa (raw, json)
Hash identifier: tSS0MRrC2JXOvaO0P/7pWZGxMiVLx608RjNO3sXJobU=
Subject key identifier: 60:5A:10:98:77:C9:35:D3:C3:BB:0A:1D:6D:14:12:23:E6:D2:E3:30
Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial: 0A50
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/40EE170AF33711ECB31B9420C4F9AE02.roa
Signing time: Tue 12 Jul 2022 15:26:04 +0000
ROA not before: Tue 12 Jul 2022 15:26:04 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 135341
IP address blocks: 103.109.93.0/24 maxlen: 24
103.214.200.0/24 maxlen: 24
144.48.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2640 (0xa50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Validity
Not Before: Jul 12 15:26:04 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62cd928b-80cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a6:a9:bb:f7:54:c2:57:fa:91:b7:41:c6:49:
90:fb:42:f9:39:36:15:0b:53:50:64:6c:4f:8b:fb:
08:80:eb:17:f3:ed:bb:34:06:82:ee:8d:7c:7e:c3:
97:61:75:97:f7:90:d5:8d:cb:63:dd:59:68:71:d4:
7d:ff:04:64:be:22:5e:45:a5:6d:19:05:a1:5c:4a:
29:4a:d6:03:e9:72:38:e8:fe:87:d4:58:00:dd:14:
bf:03:83:bf:95:ab:9a:4b:5e:0d:a2:b4:ae:08:1d:
40:a0:41:b9:e4:25:e6:cd:2f:ca:72:e2:48:65:9b:
8c:b4:4e:a2:3d:d5:d1:c1:0a:ca:33:e6:51:54:d1:
03:89:d4:ca:c0:2e:b0:02:38:ab:be:a4:f4:d8:77:
cf:ec:65:43:3b:f6:a6:a5:55:65:81:e0:cd:fc:51:
3e:42:de:86:9a:e5:68:6c:ce:d9:f5:d4:06:51:5b:
fa:7c:33:94:56:91:dd:69:eb:f8:0d:53:b8:dd:22:
ca:29:4e:5e:67:de:ca:ca:40:38:62:0b:f6:eb:38:
51:0a:1b:3a:34:39:e8:61:b3:ba:3e:a1:5f:b5:44:
f6:40:cc:f4:32:fc:bb:b3:16:f0:ff:ff:82:b0:84:
38:0c:55:be:95:12:2d:f2:0b:f9:48:a9:10:8f:67:
d4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5A:10:98:77:C9:35:D3:C3:BB:0A:1D:6D:14:12:23:E6:D2:E3:30
X509v3 Authority Key Identifier:
keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/40EE170AF33711ECB31B9420C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.93.0/24
103.214.200.0/24
144.48.150.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:1b:1f:2d:bd:48:97:6a:bc:4f:79:36:85:ec:9c:aa:f0:ba:
d0:07:9e:fd:5d:ed:4a:ef:c6:c9:bb:41:c4:63:35:e4:31:64:
19:94:51:e5:b2:ac:da:58:ea:38:fb:32:e8:aa:85:18:23:18:
00:ae:30:8e:50:84:04:b5:a2:79:e1:c9:a1:9b:e1:5c:bb:b1:
42:d8:1e:77:6c:9b:ee:91:70:f0:d3:72:59:d9:8a:78:7a:23:
fb:6b:dc:1f:38:ee:1b:54:9d:f1:47:bf:4b:07:4a:53:19:0a:
9b:ae:7a:f0:84:58:bf:6a:8c:1d:88:4d:54:55:65:25:b6:ef:
39:e5:d2:ca:85:28:27:ab:e5:7e:f1:d3:ed:45:0b:26:db:21:
67:b9:82:22:88:93:8f:55:0f:48:ae:b3:ba:c8:62:09:36:79:
9b:35:d6:37:fc:f7:35:08:74:37:0f:8c:9f:81:f0:81:93:7a:
67:72:4f:3e:35:ea:99:39:dd:10:be:f1:f9:f5:77:bc:b4:f3:
b0:fa:b1:b9:5c:4c:2b:03:20:79:2b:1d:de:b7:90:3e:dd:8b:
50:37:3b:c0:fe:bd:b3:eb:aa:60:58:e4:22:46:53:9d:e2:95:
5a:98:a1:28:66:9a:88:95:d7:6a:8a:30:1f:ee:01:41:23:8b:
ea:bd:b4:7e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICClAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjIwNzEyMTUyNjA0WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmNkOTI4Yi04MGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmqapu/dUwlf6kbdBxkmQ+0L5OTYVC1NQZGxPi/sIgOsX8+27NAaC7o18fsOX
YXWX95DVjctj3VlocdR9/wRkviJeRaVtGQWhXEopStYD6XI46P6H1FgA3RS/A4O/
lauaS14NorSuCB1AoEG55CXmzS/KcuJIZZuMtE6iPdXRwQrKM+ZRVNEDidTKwC6w
AjirvqT02HfP7GVDO/ampVVlgeDN/FE+Qt6GmuVobM7Z9dQGUVv6fDOUVpHdaev4
DVO43SLKKU5eZ97KykA4Ygv26zhRChs6NDnoYbO6PqFftUT2QMz0Mvy7sxbw//+C
sIQ4DFW+lRIt8gv5SKkQj2fUeQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGBaEJh3
yTXTw7sKHW0UEiPm0uMwMB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvNDBFRTE3MEFG
MzM3MTFFQ0IzMUI5NDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnbV0DBABn1sgDBACQMJYwDQYJKoZIhvcNAQELBQADggEB
AK0bHy29SJdqvE95NoXsnKrwutAHnv1d7Urvxsm7QcRjNeQxZBmUUeWyrNpY6jj7
MuiqhRgjGACuMI5QhAS1onnhyaGb4Vy7sULYHndsm+6RcPDTclnZinh6I/tr3B84
7htUnfFHv0sHSlMZCpuuevCEWL9qjB2ITVRVZSW27znl0sqFKCer5X7x0+1FCybb
IWe5giKIk49VD0ius7rIYgk2eZs11jf89zUIdDcPjJ+B8IGTemdyTz416pk53RC+
8fn1d7y087D6sblcTCsDIHkrHd63kD7di1A3O8D+vbPrqmBY5CJGU53ilVqYoShm
moiV12qKMB/uAUEji+q9tH4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org