Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/392BF9DC0B0311ECA759C485C4F9AE02.roa
File: 392BF9DC0B0311ECA759C485C4F9AE02.roa (raw, json)
Hash identifier: CnB7qwptoV+vaBcCS+tcvwahKBoV/9lJMlUmIZB/0q4=
Subject key identifier: A0:C4:BD:00:1C:64:94:BC:16:54:B0:94:C1:9E:F7:4C:71:69:42:A0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 3C19
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/392BF9DC0B0311ECA759C485C4F9AE02.roa
Signing time: Wed 01 Sep 2021 09:01:42 +0000
ROA not before: Wed 01 Sep 2021 09:01:42 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 146943
IP address blocks: 103.172.150.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15385 (0x3c19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 1 09:01:42 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=612f4176-fa5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8b:fa:be:00:0b:98:b6:af:a5:c3:c5:2c:97:
d8:d7:6f:a3:fd:9c:53:ba:c0:e1:9e:be:40:39:af:
bc:24:f7:b4:4e:08:5b:9c:44:7e:dd:ed:35:08:fc:
be:72:d7:79:62:c8:bf:62:d5:e9:b3:e3:67:11:d9:
1d:ab:2d:77:77:99:f1:79:25:55:d8:99:36:51:80:
7a:ab:d5:eb:f5:b2:d0:24:0f:75:ef:48:31:18:8f:
57:cc:bb:1f:89:9b:d0:f7:4e:1f:17:54:21:46:a2:
b9:47:46:fe:1f:2c:d6:02:4e:6f:1b:b7:f5:94:9b:
ef:a4:ce:4f:98:4a:ea:08:c2:dd:2c:40:5e:eb:68:
8d:19:92:b6:e8:93:3b:1d:00:f4:58:c4:5c:ba:70:
eb:0d:71:ab:8d:b3:36:46:a3:cf:49:04:63:4e:d4:
85:92:96:38:fc:8f:24:81:c3:22:43:63:92:34:4d:
c9:8e:bc:57:db:fc:7f:26:16:cd:69:03:a0:91:d2:
ed:38:46:ab:3e:3d:d4:a3:f3:33:96:3d:82:54:01:
d9:f2:4e:8a:20:e7:4d:ed:50:15:bc:32:ef:8a:06:
61:00:b0:6a:cb:ad:78:02:1e:21:02:45:e9:cf:fb:
0e:11:6e:68:3e:8c:e4:73:b8:c2:a6:3e:5b:37:31:
4c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C4:BD:00:1C:64:94:BC:16:54:B0:94:C1:9E:F7:4C:71:69:42:A0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/392BF9DC0B0311ECA759C485C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.150.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:a8:24:c8:23:e6:5a:b7:5a:ec:94:fd:e9:0e:8e:f9:91:7c:
34:a6:55:1b:4e:0a:18:bc:88:3f:ed:c5:10:a3:3f:0f:37:37:
e8:27:08:17:eb:a4:87:4e:79:ad:57:24:7a:37:b6:f7:21:ad:
d1:42:84:4d:92:a6:7d:c9:50:34:2c:34:73:2a:89:cc:f8:53:
9c:87:3d:3a:25:89:27:59:9c:20:d4:e2:89:1a:c3:a0:10:f3:
89:c3:99:28:58:a3:95:73:eb:41:d6:9c:e3:92:a8:75:e9:c4:
97:04:09:f0:55:71:65:66:b0:1c:a9:95:cf:f7:dd:84:79:6f:
46:ad:3d:79:ae:28:44:de:6e:e4:be:43:aa:a2:17:86:51:8b:
bd:d6:9e:8e:1b:f1:ea:d8:af:3f:3d:32:ec:f6:2b:c3:10:2b:
50:69:00:58:d6:ad:7b:70:d7:cc:9b:02:8d:fd:c1:05:20:8e:
c4:d8:cb:c2:bd:ae:fb:0a:1d:60:00:72:ad:57:ad:32:ab:6b:
81:98:c8:9c:c4:a3:69:c4:05:db:6d:29:f2:c6:aa:b2:86:0d:
33:b6:52:af:7f:81:5e:85:0a:64:d5:db:5e:07:cc:9a:29:ef:
e8:ef:77:e3:6d:91:48:82:37:e6:31:3b:3a:f9:1e:f7:7c:0e:
c1:ff:d9:64
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICPBkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjEwOTAxMDkwMTQyWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTJmNDE3Ni1mYTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Yv6vgALmLavpcPFLJfY12+j/ZxTusDhnr5AOa+8JPe0TghbnER+3e01CPy+
ctd5Ysi/YtXps+NnEdkdqy13d5nxeSVV2Jk2UYB6q9Xr9bLQJA9170gxGI9XzLsf
iZvQ904fF1QhRqK5R0b+HyzWAk5vG7f1lJvvpM5PmErqCMLdLEBe62iNGZK26JM7
HQD0WMRcunDrDXGrjbM2RqPPSQRjTtSFkpY4/I8kgcMiQ2OSNE3JjrxX2/x/JhbN
aQOgkdLtOEarPj3Uo/Mzlj2CVAHZ8k6KIOdN7VAVvDLvigZhALBqy614Ah4hAkXp
z/sOEW5oPozkc7jCpj5bNzFMHQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKDEvQAc
ZJS8FlSwlMGe90xxaUKgMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzkyQkY5REMw
QjAzMTFFQ0E3NTlDNDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrJYwDQYJKoZIhvcNAQELBQADggEBAKGoJMgj5lq3WuyU
/ekOjvmRfDSmVRtOChi8iD/txRCjPw83N+gnCBfrpIdOea1XJHo3tvchrdFChE2S
pn3JUDQsNHMqicz4U5yHPToliSdZnCDU4okaw6AQ84nDmShYo5Vz60HWnOOSqHXp
xJcECfBVcWVmsByplc/33YR5b0atPXmuKETebuS+Q6qiF4ZRi73Wno4b8erYrz89
Muz2K8MQK1BpAFjWrXtw18ybAo39wQUgjsTYy8K9rvsKHWAAcq1XrTKra4GYyJzE
o2nEBdttKfLGqrKGDTO2Uq9/gV6FCmTV214HzJop7+jvd+NtkUiCN+YxOzr5Hvd8
DsH/2WQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-fra.rpki-client.org