Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/676BFFB0313411EDB2D3463BC4F9AE02.roa
File: 676BFFB0313411EDB2D3463BC4F9AE02.roa (raw, json)
Hash identifier: orXbjmmceTwxaHDNdtGLZl+9oQa0XqdqXoLlKVsgEog=
Subject key identifier: C9:ED:BA:A5:74:69:D1:D2:D7:0B:A4:57:33:A0:C0:58:C5:73:8B:26
Certificate issuer: /CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Certificate serial: 12E7
Authority key identifier: 12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/676BFFB0313411EDB2D3463BC4F9AE02.roa
Signing time: Sat 10 Sep 2022 20:14:24 +0000
ROA not before: Sat 10 Sep 2022 20:14:24 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 53340
IP address blocks: 103.114.191.0/24 maxlen: 24
2402:d240:1776::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4839 (0x12e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F59FC/serialNumber=12EA82AE0A943109B1F4F34984E9C36D4C6D571F
Validity
Not Before: Sep 10 20:14:24 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=631cf020-8ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:96:de:13:5a:03:51:5f:8a:1a:8b:04:06:b6:
16:4d:46:8d:cc:11:25:71:76:7b:80:cf:70:9f:84:
ce:93:58:36:58:79:4d:00:07:b1:67:a1:e0:79:40:
dc:2a:62:c9:52:88:32:d8:32:aa:4f:e4:1a:95:22:
72:bd:4d:c6:c7:1d:b4:96:b2:a6:34:4b:2a:27:fb:
ab:67:6b:f7:a8:51:8c:92:53:80:0f:64:07:cd:78:
03:03:8a:7b:32:3e:72:78:ec:d0:20:10:92:ec:24:
38:f9:d6:d7:e9:3c:61:78:77:ed:5d:5e:dd:04:05:
76:81:e0:d9:b6:c0:a4:10:76:12:a2:69:a2:7d:91:
b0:e7:53:5d:0b:77:3a:4a:af:7a:f6:bd:94:9d:c2:
df:be:97:d7:69:4a:85:0c:ad:cc:72:15:5b:31:0d:
33:8f:42:db:54:9c:5e:32:3d:9f:d0:ac:6d:83:38:
d1:77:da:de:bd:9b:52:16:ba:e4:86:bf:f0:9c:ff:
db:61:94:19:a5:ef:4b:8b:ea:fd:2b:ca:1d:6f:dd:
4a:82:4a:ed:83:89:b1:3e:d9:eb:a8:27:9b:ab:01:
d0:75:8b:5b:2e:73:d7:37:92:17:0b:f7:29:72:ee:
af:2b:f2:0f:32:09:0b:ee:5d:0f:02:2e:77:42:6f:
96:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:ED:BA:A5:74:69:D1:D2:D7:0B:A4:57:33:A0:C0:58:C5:73:8B:26
X509v3 Authority Key Identifier:
keyid:12:EA:82:AE:0A:94:31:09:B1:F4:F3:49:84:E9:C3:6D:4C:6D:57:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/EuqCrgqUMQmx9PNJhOnDbUxtVx8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EuqCrgqUMQmx9PNJhOnDbUxtVx8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F59FC/81045E3A566011E8BF3FD527C4F9AE02/676BFFB0313411EDB2D3463BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.191.0/24
IPv6:
2402:d240:1776::/48
Signature Algorithm: sha256WithRSAEncryption
9f:c5:54:ba:a1:ae:05:99:b8:c9:b2:f4:0d:bf:a5:bc:cd:e9:
62:6f:fc:70:ba:81:b6:0f:af:d3:d7:ec:48:e2:68:7d:77:9c:
ee:35:3c:3b:91:a6:36:e1:07:b3:c8:df:e9:3e:52:6e:29:03:
92:a9:4a:2a:ab:7a:42:46:da:a4:ab:18:27:47:e3:ea:d9:2a:
d0:6f:fd:28:37:02:72:f4:30:7d:e5:b9:c8:89:83:be:63:92:
7f:ad:f2:31:71:6d:18:a7:c5:38:01:33:1e:c6:e7:81:17:cf:
ec:33:d4:a5:81:10:2c:e0:a3:c6:7d:80:20:7a:b7:b0:3b:62:
3a:ec:20:2a:a8:23:4d:00:7f:2e:39:ba:35:ab:6c:6d:81:79:
42:44:26:cf:16:32:ed:fb:a1:a1:18:e9:08:38:6c:63:ef:81:
5a:76:2f:f8:6e:2a:73:1d:38:29:98:1d:d3:98:6a:5a:10:34:
26:62:0d:a9:70:40:42:d9:20:43:60:d4:1d:15:76:5b:dd:69:
4b:8d:d3:a2:30:50:bd:99:bc:c1:8a:b6:fd:f4:19:f5:ec:c8:
81:33:ed:10:d8:fc:64:b6:77:14:48:16:68:6f:bd:9c:6d:46:
e5:a6:ff:91:70:8b:48:d9:02:dd:9b:23:b5:65:88:98:1d:55:
e6:64:e7:72
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICEucwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjU5RkMxMTAvBgNVBAUTKDEyRUE4MkFFMEE5NDMxMDlCMUY0RjM0OTg0RTlDMzZE
NEM2RDU3MUYwHhcNMjIwOTEwMjAxNDI0WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzFjZjAyMC04YWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtZbeE1oDUV+KGosEBrYWTUaNzBElcXZ7gM9wn4TOk1g2WHlNAAexZ6HgeUDc
KmLJUogy2DKqT+QalSJyvU3Gxx20lrKmNEsqJ/urZ2v3qFGMklOAD2QHzXgDA4p7
Mj5yeOzQIBCS7CQ4+dbX6TxheHftXV7dBAV2geDZtsCkEHYSommifZGw51NdC3c6
Sq969r2UncLfvpfXaUqFDK3MchVbMQ0zj0LbVJxeMj2f0KxtgzjRd9revZtSFrrk
hr/wnP/bYZQZpe9Li+r9K8odb91Kgkrtg4mxPtnrqCebqwHQdYtbLnPXN5IXC/cp
cu6vK/IPMgkL7l0PAi53Qm+WawIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMntuqV0
adHS1wukVzOgwFjFc4smMB8GA1UdIwQYMBaAFBLqgq4KlDEJsfTzSYTpw21MbVcf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTlGQy84MTA0NUUzQTU2
NjAxMUU4QkYzRkQ1MjdDNEY5QUUwMi9FdXFDcmdxVU1RbXg5UE5KaE9uRGJVeHRW
eDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0V1cUNyZ3FVTVFteDlQTkpoT25EYlV4dFZ4OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjU5RkMvODEwNDVFM0E1NjYwMTFFOEJGM0ZENTI3QzRGOUFFMDIvNjc2QkZGQjAz
MTM0MTFFREIyRDM0NjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABncr8wDwQCAAIwCQMHACQC0kAXdjANBgkqhkiG9w0BAQsF
AAOCAQEAn8VUuqGuBZm4ybL0Db+lvM3pYm/8cLqBtg+v09fsSOJofXec7jU8O5Gm
NuEHs8jf6T5SbikDkqlKKqt6QkbapKsYJ0fj6tkq0G/9KDcCcvQwfeW5yImDvmOS
f63yMXFtGKfFOAEzHsbngRfP7DPUpYEQLOCjxn2AIHq3sDtiOuwgKqgjTQB/Ljm6
NatsbYF5QkQmzxYy7fuhoRjpCDhsY++BWnYv+G4qcx04KZgd05hqWhA0JmINqXBA
QtkgQ2DUHRV2W91pS43TojBQvZm8wYq2/fQZ9ezIgTPtENj8ZLZ3FEgWaG+9nG1G
5ab/kXCLSNkC3ZsjtWWImB1V5mTncg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org