Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DD48D596419A11EAA5E2BA6EC4F9AE02.roa
File: DD48D596419A11EAA5E2BA6EC4F9AE02.roa (raw, json)
Hash identifier: MeOs20kPvFd8Tin5G93crYRFYW7iBVpzDG3Rqe+n08A=
Subject key identifier: 29:4A:C4:81:DE:DC:05:AD:72:E4:0F:CB:94:FB:3A:60:D3:6A:36:7A
Certificate issuer: /CN=A918FC40/serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571
Certificate serial: 0946
Authority key identifier: 16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DD48D596419A11EAA5E2BA6EC4F9AE02.roa
Signing time: Fri 02 Dec 2022 21:07:23 +0000
ROA not before: Fri 02 Dec 2022 21:07:23 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 9311
IP address blocks: 103.23.73.0/24 maxlen: 24
103.23.75.0/24 maxlen: 24
103.246.252.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2374 (0x946)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC40/serialNumber=1601D8650DD556B2AFB083B233FF65AE3DAD1571
Validity
Not Before: Dec 2 21:07:23 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=638a690b-9dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:71:7d:b8:82:80:d8:41:05:df:0a:2d:68:14:
d3:59:46:d7:c1:20:b8:3b:fd:68:50:80:9b:6c:d5:
35:55:f8:01:3c:60:b0:8b:73:78:14:06:b2:04:1a:
e0:65:be:23:a7:5f:2c:05:37:22:18:ca:8e:61:c8:
53:d3:c4:99:8f:26:b9:23:70:ad:7d:96:49:94:ee:
f5:25:0b:f2:bd:23:6e:20:3f:96:f0:dd:49:3f:51:
33:7f:5f:03:79:44:36:c1:33:ba:52:83:b7:df:9a:
03:33:0a:55:f7:89:e8:62:f3:23:57:f8:c0:7c:8e:
7e:8e:11:84:5d:2c:67:67:a7:2e:36:0e:16:5f:44:
2a:ab:f1:d4:a1:02:ff:0c:dc:99:41:34:01:ba:f4:
8c:64:30:ec:75:bf:c2:63:b7:c8:ba:9f:08:a7:48:
69:c3:9c:b8:d1:c7:0b:28:1d:63:a2:b4:33:ee:c6:
c4:c6:94:d3:2d:06:67:9a:fe:dd:e3:01:a3:e1:e1:
c9:48:4e:e8:52:b7:a5:0c:9b:15:dc:ef:a7:af:f7:
02:95:d7:47:f6:a8:a5:b2:57:76:3f:74:5a:1b:70:
a0:e8:d1:3b:4b:71:de:ae:ae:7b:a2:84:dd:3a:53:
fd:65:fc:6f:97:9f:ea:d6:91:54:d2:98:9a:8c:7f:
81:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4A:C4:81:DE:DC:05:AD:72:E4:0F:CB:94:FB:3A:60:D3:6A:36:7A
X509v3 Authority Key Identifier:
keyid:16:01:D8:65:0D:D5:56:B2:AF:B0:83:B2:33:FF:65:AE:3D:AD:15:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgHYZQ3VVrKvsIOyM_9lrj2tFXE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC40/617F353640E111EABC62DB26C4F9AE02/DD48D596419A11EAA5E2BA6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.73.0/24
103.23.75.0/24
103.246.252.0/23
Signature Algorithm: sha256WithRSAEncryption
42:d4:1d:67:ac:c9:3a:7c:f3:be:9d:31:7e:d2:fc:fd:a7:ca:
fa:97:f8:cb:72:94:13:b9:56:eb:59:fe:b2:8f:24:99:99:c3:
0c:f8:62:c6:7d:c8:e2:b3:a6:ab:37:a2:69:d6:0d:53:18:3c:
b1:84:12:70:83:b8:95:8e:d0:01:6c:5d:85:79:e1:9f:3d:03:
a6:2e:72:ef:20:1c:5a:ef:d2:22:3a:ea:6f:59:77:cb:ca:20:
f4:78:84:90:4d:de:96:10:ea:fb:8e:b3:0e:76:44:26:79:48:
2b:ce:b5:ef:78:51:41:63:4d:0e:3e:6c:f9:bf:d0:9c:6b:49:
1a:e6:e0:a2:d1:f7:72:0a:a1:8c:39:48:53:ea:da:6c:11:7f:
c4:b7:7e:4b:97:be:2d:45:e9:41:9e:98:58:ec:30:82:ca:65:
86:3a:3c:84:45:77:53:3d:29:aa:e0:83:e4:b3:0f:04:d2:01:
0c:e6:83:34:6a:02:13:0f:f3:57:a6:bc:05:12:a6:e5:26:c8:
83:a6:8f:5c:cd:27:99:67:f3:9f:e4:b1:84:c7:15:07:27:b8:
b7:60:b1:60:d5:34:fd:ec:3d:a8:d9:49:31:14:1a:8e:a3:48:
5e:1c:b7:3d:f1:3c:e4:ba:1d:15:46:86:af:bc:3b:3a:57:32:
c5:5f:0c:67
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNDAxMTAvBgNVBAUTKDE2MDFEODY1MERENTU2QjJBRkIwODNCMjMzRkY2NUFF
M0RBRDE1NzEwHhcNMjIxMjAyMjEwNzIzWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhhNjkwYi05ZGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzHF9uIKA2EEF3wotaBTTWUbXwSC4O/1oUICbbNU1VfgBPGCwi3N4FAayBBrg
Zb4jp18sBTciGMqOYchT08SZjya5I3CtfZZJlO71JQvyvSNuID+W8N1JP1Ezf18D
eUQ2wTO6UoO335oDMwpV94noYvMjV/jAfI5+jhGEXSxnZ6cuNg4WX0Qqq/HUoQL/
DNyZQTQBuvSMZDDsdb/CY7fIup8Ip0hpw5y40ccLKB1jorQz7sbExpTTLQZnmv7d
4wGj4eHJSE7oUrelDJsV3O+nr/cClddH9qilsld2P3RaG3Cg6NE7S3Herq57ooTd
OlP9Zfxvl5/q1pFU0piajH+BYwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFClKxIHe
3AWtcuQPy5T7OmDTajZ6MB8GA1UdIwQYMBaAFBYB2GUN1Vayr7CDsjP/Za49rRVx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM0MC82MTdGMzUzNjQw
RTExMUVBQkM2MkRCMjZDNEY5QUUwMi9GZ0hZWlEzVlZyS3ZzSU95TV85bHJqMnRG
WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZnSFlaUTNWVnJLdnNJT3lNXzlscmoydEZYRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNDAvNjE3RjM1MzY0MEUxMTFFQUJDNjJEQjI2QzRGOUFFMDIvREQ0OEQ1OTY0
MTlBMTFFQUE1RTJCQTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnF0kDBABnF0sDBAFn9vwwDQYJKoZIhvcNAQELBQADggEB
AELUHWesyTp8876dMX7S/P2nyvqX+MtylBO5VutZ/rKPJJmZwwz4YsZ9yOKzpqs3
omnWDVMYPLGEEnCDuJWO0AFsXYV54Z89A6Yucu8gHFrv0iI66m9Zd8vKIPR4hJBN
3pYQ6vuOsw52RCZ5SCvOte94UUFjTQ4+bPm/0JxrSRrm4KLR93IKoYw5SFPq2mwR
f8S3fkuXvi1F6UGemFjsMILKZYY6PIRFd1M9Kargg+SzDwTSAQzmgzRqAhMP81em
vAUSpuUmyIOmj1zNJ5ln85/ksYTHFQcnuLdgsWDVNP3sPajZSTEUGo6jSF4ctz3x
POS6HRVGhq+8OzpXMsVfDGc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org