Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/34A0B246616A11ECB638836BC4F9AE02.roa
File: 34A0B246616A11ECB638836BC4F9AE02.roa (raw, json)
Hash identifier: VSd+uC6aTQY6xRtV29Yf+2O5QRIJsUyT2fvcRzHs/nU=
Subject key identifier: 8B:11:DE:8D:7D:46:62:D5:38:47:8D:3C:D2:9F:E6:DD:46:1C:27:1D
Certificate issuer: /CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Certificate serial: 04FB
Authority key identifier: 07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/34A0B246616A11ECB638836BC4F9AE02.roa
Signing time: Mon 14 Nov 2022 19:46:08 +0000
ROA not before: Mon 14 Nov 2022 19:46:08 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 137189
IP address blocks: 103.104.140.0/23 maxlen: 23
103.104.140.0/24 maxlen: 24
103.104.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1275 (0x4fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D808/serialNumber=0725F2491801505185C9069A4013635C38B56B72
Validity
Not Before: Nov 14 19:46:08 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63729b00-f4c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:61:ea:78:6a:18:db:58:eb:83:74:ad:37:9f:
4c:37:de:b7:d1:d0:a1:01:e6:f8:4a:45:ba:ed:3a:
18:b7:3d:2d:fb:64:08:01:73:c3:da:a3:f2:09:c5:
93:7d:cb:ed:19:d5:38:df:a5:6b:72:b7:99:f4:ff:
87:4d:b8:14:b0:fc:62:e5:3c:75:e0:f5:ab:1c:90:
c1:a9:21:27:b4:38:aa:eb:0b:1b:82:3f:2b:ec:7f:
52:a8:ec:00:06:6b:b5:11:d6:c6:64:74:09:3f:16:
96:62:32:c9:af:b0:50:b3:b9:d6:96:0b:0e:95:7b:
3d:31:a7:a0:e4:63:b6:9e:81:50:b4:7d:db:d6:3c:
66:7a:7d:12:9f:f8:4b:bc:47:0d:3a:8e:b4:77:17:
e0:2f:4e:1c:c7:69:7d:98:16:fc:58:ba:b6:be:f8:
52:6d:ce:63:6b:35:6a:23:73:0e:18:e0:8a:5f:95:
5f:29:ff:65:e2:d6:86:a4:63:d7:ad:17:9a:34:46:
ff:67:c1:48:fc:21:d5:98:27:95:7b:f6:f0:61:c8:
3a:06:ed:11:41:66:3a:a9:47:91:5f:4a:d1:33:dc:
52:e5:52:18:5c:9c:f3:fd:b8:ff:52:13:8a:35:2f:
44:49:62:29:e4:54:18:a0:17:f8:f5:4a:38:ce:df:
40:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:11:DE:8D:7D:46:62:D5:38:47:8D:3C:D2:9F:E6:DD:46:1C:27:1D
X509v3 Authority Key Identifier:
keyid:07:25:F2:49:18:01:50:51:85:C9:06:9A:40:13:63:5C:38:B5:6B:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/ByXySRgBUFGFyQaaQBNjXDi1a3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByXySRgBUFGFyQaaQBNjXDi1a3I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D808/E26B4642F4B211E9BF3CE563C4F9AE02/34A0B246616A11ECB638836BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.140.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:64:36:50:a3:72:ba:53:39:04:95:b0:44:c5:00:2c:17:48:
da:41:55:48:f6:96:41:8c:fe:91:69:70:ec:12:b5:f4:d1:60:
88:57:0b:28:4d:56:14:5b:d3:1b:1c:62:06:31:2d:01:36:bb:
5d:c5:98:c2:e3:8e:a1:ee:89:11:6e:25:47:ac:64:4d:33:c4:
4c:5d:f9:13:09:65:86:5c:78:6e:f6:0a:85:6f:b5:e0:fe:a1:
ff:91:81:be:b4:7b:f7:f8:8b:85:92:b7:b7:d6:b2:45:2c:69:
c0:7d:f4:8c:64:fe:bd:ab:2b:63:fa:86:f0:9b:15:08:0d:e0:
93:f5:60:a8:74:39:ba:00:68:36:77:30:8a:61:77:3a:4e:a4:
28:3b:19:ca:a1:dc:c0:47:00:60:d7:66:58:17:62:45:d4:67:
ee:4f:b7:2b:17:54:46:90:db:d2:d7:7f:b2:e7:40:65:87:b7:
03:32:bb:d5:db:04:8d:31:0f:fa:c1:d3:97:fd:bc:ef:3c:31:
f7:8e:4d:66:ba:cb:02:b0:96:60:44:fe:cb:3b:39:23:9f:59:
9d:7d:6c:7e:3f:f2:76:b5:50:e4:25:8e:41:de:f9:c8:cd:46:
d9:c6:f1:2e:c6:2f:e2:b2:30:5d:e5:5e:91:27:07:3e:60:2b:
a1:90:6a:5a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ4MDgxMTAvBgNVBAUTKDA3MjVGMjQ5MTgwMTUwNTE4NUM5MDY5QTQwMTM2MzVD
MzhCNTZCNzIwHhcNMjIxMTE0MTk0NjA4WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzcyOWIwMC1mNGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnmHqeGoY21jrg3StN59MN9630dChAeb4SkW67ToYtz0t+2QIAXPD2qPyCcWT
fcvtGdU436VrcreZ9P+HTbgUsPxi5Tx14PWrHJDBqSEntDiq6wsbgj8r7H9SqOwA
Bmu1EdbGZHQJPxaWYjLJr7BQs7nWlgsOlXs9Maeg5GO2noFQtH3b1jxmen0Sn/hL
vEcNOo60dxfgL04cx2l9mBb8WLq2vvhSbc5jazVqI3MOGOCKX5VfKf9l4taGpGPX
rReaNEb/Z8FI/CHVmCeVe/bwYcg6Bu0RQWY6qUeRX0rRM9xS5VIYXJzz/bj/UhOK
NS9ESWIp5FQYoBf49Uo4zt9AFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIsR3o19
RmLVOEeNPNKf5t1GHCcdMB8GA1UdIwQYMBaAFAcl8kkYAVBRhckGmkATY1w4tWty
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDgwOC9FMjZCNDY0MkY0
QjIxMUU5QkYzQ0U1NjNDNEY5QUUwMi9CeVh5U1JnQlVGR0Z5UWFhUUJOalhEaTFh
M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0J5WHlTUmdCVUZHRnlRYWFRQk5qWERpMWEzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ4MDgvRTI2QjQ2NDJGNEIyMTFFOUJGM0NFNTYzQzRGOUFFMDIvMzRBMEIyNDY2
MTZBMTFFQ0I2Mzg4MzZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnaIwwDQYJKoZIhvcNAQELBQADggEBALFkNlCjcrpTOQSV
sETFACwXSNpBVUj2lkGM/pFpcOwStfTRYIhXCyhNVhRb0xscYgYxLQE2u13FmMLj
jqHuiRFuJUesZE0zxExd+RMJZYZceG72CoVvteD+of+Rgb60e/f4i4WSt7fWskUs
acB99Ixk/r2rK2P6hvCbFQgN4JP1YKh0OboAaDZ3MIphdzpOpCg7Gcqh3MBHAGDX
ZlgXYkXUZ+5PtysXVEaQ29LXf7LnQGWHtwMyu9XbBI0xD/rB05f9vO88MfeOTWa6
ywKwlmBE/ss7OSOfWZ19bH4/8na1UOQljkHe+cjNRtnG8S7GL+KyMF3lXpEnBz5g
K6GQalo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org