Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/CE5E90DA726011EDA8A30E34C4F9AE02.roa
File: CE5E90DA726011EDA8A30E34C4F9AE02.roa (raw, json)
Hash identifier: 74mVASaroZtb8tzqFX7QKLJvco/0lQDU58LTvEs1LcY=
Subject key identifier: 68:3F:99:00:55:6C:CE:0C:3B:7A:A0:E4:86:52:F2:5E:A6:4B:01:BB
Certificate issuer: /CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Certificate serial: 0B1F
Authority key identifier: FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/CE5E90DA726011EDA8A30E34C4F9AE02.roa
Signing time: Fri 02 Dec 2022 16:46:03 +0000
ROA not before: Fri 02 Dec 2022 16:46:03 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 150178
IP address blocks: 103.109.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2847 (0xb1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188F6D/serialNumber=FD06B1508557F65F68CCBA3C203ECAAD075DD19B
Validity
Not Before: Dec 2 16:46:03 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=638a2bca-0486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ed:20:fa:75:44:2a:b6:d9:74:e0:7d:cd:3d:
f7:7c:b4:d0:2f:09:21:2d:d6:3b:88:10:c9:5e:25:
61:19:8b:37:d5:98:9f:91:91:d5:44:55:90:b7:90:
3b:6e:01:f2:da:17:3b:7b:cb:1d:75:86:88:c8:9d:
e9:3e:81:87:25:d4:8f:42:a7:16:a9:c1:5c:6e:02:
76:af:c2:ed:a2:d5:db:11:34:33:ad:38:77:49:6d:
98:c8:f9:14:a4:45:c1:64:b4:7c:33:69:5d:8f:88:
54:2b:08:f2:d0:47:9b:6a:1c:60:81:03:1d:99:53:
84:2a:d3:84:0f:05:e8:88:e5:d8:a5:47:4a:f9:f1:
6a:13:84:f5:cd:c0:16:df:78:ca:4b:21:e7:52:47:
85:bc:1b:0e:a6:8d:d8:ce:a9:aa:ab:23:2d:08:cc:
46:22:a6:43:bd:36:e5:37:2d:a0:8d:10:1e:5a:a1:
05:e9:b5:ab:72:e6:0b:54:96:37:e5:af:d3:25:25:
6e:5e:83:1d:1c:d5:09:b4:b1:0f:25:5a:6e:9f:12:
66:23:ac:d3:6d:9d:02:d5:60:fc:6e:09:2b:ef:19:
f5:dc:c3:10:3b:8e:48:90:8d:55:e5:96:56:be:90:
41:a6:d1:24:bc:d2:0f:03:7a:a2:85:63:2d:75:6c:
5b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3F:99:00:55:6C:CE:0C:3B:7A:A0:E4:86:52:F2:5E:A6:4B:01:BB
X509v3 Authority Key Identifier:
keyid:FD:06:B1:50:85:57:F6:5F:68:CC:BA:3C:20:3E:CA:AD:07:5D:D1:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_QaxUIVX9l9ozLo8ID7KrQdd0Zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188F6D/9A5B1A9EF66A11E9BF50697AC4F9AE02/CE5E90DA726011EDA8A30E34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.94.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:7b:ad:45:08:02:46:79:bd:a0:e9:18:b3:15:b6:e7:fd:da:
c5:fa:ac:6e:5a:2f:0b:0c:98:ec:9e:e4:b4:83:c2:05:b5:b9:
14:a4:9e:11:9f:28:c1:a1:be:6b:ab:ec:0a:2a:62:f8:32:13:
f6:02:a7:1f:44:dc:1d:11:cb:60:eb:00:fb:af:6d:7b:5c:d7:
44:3c:0a:ca:40:32:70:fe:06:f4:6f:9c:5b:d4:f9:8d:17:07:
63:14:50:3e:0e:31:56:58:fe:d4:b9:65:cc:2f:c8:24:2a:8a:
72:b1:7a:a8:cb:ce:83:c4:2d:4f:0f:b4:bf:e6:b5:e5:e8:e5:
40:f8:83:10:8d:07:bd:38:1e:8c:63:42:b2:55:81:fd:ab:a0:
12:f0:0f:80:f7:bf:9f:10:17:c3:e5:7c:78:92:13:47:c6:02:
07:cf:ab:91:29:cd:b7:1c:d6:03:b1:f1:61:bb:ca:40:2e:d2:
2e:74:e4:19:2d:23:3b:37:9a:28:8b:9e:56:be:d9:f7:0f:02:
5b:81:95:aa:af:b1:4e:66:5d:af:f6:25:71:cc:c5:bd:af:20:
21:47:5c:fe:f8:50:df:00:c5:cd:b5:df:00:17:ea:69:73:d3:
cc:06:80:a8:15:e9:64:e0:65:d2:39:ee:1a:a7:50:62:95:aa:
ad:af:92:b0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCx8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODhGNkQxMTAvBgNVBAUTKEZEMDZCMTUwODU1N0Y2NUY2OENDQkEzQzIwM0VDQUFE
MDc1REQxOUIwHhcNMjIxMjAyMTY0NjAzWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhMmJjYS0wNDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAye0g+nVEKrbZdOB9zT33fLTQLwkhLdY7iBDJXiVhGYs31ZifkZHVRFWQt5A7
bgHy2hc7e8sddYaIyJ3pPoGHJdSPQqcWqcFcbgJ2r8LtotXbETQzrTh3SW2YyPkU
pEXBZLR8M2ldj4hUKwjy0EebahxggQMdmVOEKtOEDwXoiOXYpUdK+fFqE4T1zcAW
33jKSyHnUkeFvBsOpo3YzqmqqyMtCMxGIqZDvTblNy2gjRAeWqEF6bWrcuYLVJY3
5a/TJSVuXoMdHNUJtLEPJVpunxJmI6zTbZ0C1WD8bgkr7xn13MMQO45IkI1V5ZZW
vpBBptEkvNIPA3qihWMtdWxbAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGg/mQBV
bM4MO3qg5IZS8l6mSwG7MB8GA1UdIwQYMBaAFP0GsVCFV/ZfaMy6PCA+yq0HXdGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OEY2RC85QTVCMUE5RUY2
NkExMUU5QkY1MDY5N0FDNEY5QUUwMi9fUWF4VUlWWDlsOW96TG84SUQ3S3JRZGQw
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19RYXhVSVZYOWw5b3pMbzhJRDdLclFkZDBacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODhGNkQvOUE1QjFBOUVGNjZBMTFFOUJGNTA2OTdBQzRGOUFFMDIvQ0U1RTkwREE3
MjYwMTFFREE4QTMwRTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnbV4wDQYJKoZIhvcNAQELBQADggEBAKt7rUUIAkZ5vaDp
GLMVtuf92sX6rG5aLwsMmOye5LSDwgW1uRSknhGfKMGhvmur7AoqYvgyE/YCpx9E
3B0Ry2DrAPuvbXtc10Q8CspAMnD+BvRvnFvU+Y0XB2MUUD4OMVZY/tS5ZcwvyCQq
inKxeqjLzoPELU8PtL/mteXo5UD4gxCNB704HoxjQrJVgf2roBLwD4D3v58QF8Pl
fHiSE0fGAgfPq5Epzbcc1gOx8WG7ykAu0i505BktIzs3miiLnla+2fcPAluBlaqv
sU5mXa/2JXHMxb2vICFHXP74UN8Axc213wAX6mlz08wGgKgV6WTgZdI57hqnUGKV
qq2vkrA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:49 2023 by rpki-client on console-fra.rpki-client.org