Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/B2867BD0B91311ED8C525361C4F9AE02.roa
File: B2867BD0B91311ED8C525361C4F9AE02.roa (raw, json)
Hash identifier: fUukeBqeO3WwI3JV1N2nkvMduIxqLDmp4a6klDI7oSE=
Subject key identifier: 6B:84:42:09:94:0D:9F:27:27:24:43:69:84:09:16:18:6C:D4:8A:12
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 25BB
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/B2867BD0B91311ED8C525361C4F9AE02.roa
Signing time: Fri 03 Mar 2023 14:02:53 +0000
ROA not before: Fri 03 Mar 2023 14:02:53 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 18013
IP address blocks: 103.192.179.0/24 maxlen: 24
103.196.20.0/23 maxlen: 24
103.217.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9659 (0x25bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Mar 3 14:02:53 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=6401fe0d-0420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4a:37:da:df:86:93:b0:cb:de:12:5c:f7:08:
1c:8b:28:46:8c:32:83:25:5d:6d:74:28:a3:75:f9:
b0:8c:58:6c:bc:85:7a:02:c2:ba:f5:fc:d6:44:88:
a0:fb:14:43:c8:1c:8c:9f:3b:68:b0:96:21:49:5f:
f1:4b:d2:57:b3:52:64:ba:bf:5c:a4:1f:f1:04:5a:
a9:97:72:fb:c1:77:11:71:cf:19:ea:fb:0f:e7:94:
e5:eb:9c:c6:93:8f:cb:2b:67:b0:8b:e1:d2:1f:4d:
65:cb:0e:e6:22:b7:b7:86:a0:96:6d:2f:d9:8d:16:
e7:35:d1:02:40:56:dc:38:6b:1b:b4:c0:2d:03:5f:
89:e8:cc:83:d2:90:b7:e8:0b:cc:b6:b2:43:31:46:
5a:73:e6:6d:86:cf:46:3e:54:f5:3b:1d:87:67:16:
12:ac:de:e5:b5:48:31:c2:1c:23:9f:24:ff:f4:85:
71:4e:c8:f1:e5:95:2b:01:e5:61:73:36:69:fa:1e:
96:be:ed:c5:28:5b:28:bc:d0:d4:c6:50:b3:8c:4f:
06:39:1f:61:81:6b:04:c3:55:b5:d6:ab:d7:a3:45:
c8:0f:27:5b:8f:47:21:63:9a:ad:43:03:63:8e:ee:
0c:7a:c8:52:31:fe:1b:5a:de:63:59:ca:5b:33:01:
f1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:84:42:09:94:0D:9F:27:27:24:43:69:84:09:16:18:6C:D4:8A:12
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/B2867BD0B91311ED8C525361C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.192.179.0/24
103.196.20.0/23
103.217.253.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:93:59:8a:f2:2d:81:38:75:28:bd:3b:1a:cb:11:ce:80:43:
82:a0:b8:07:28:55:af:34:6a:89:63:71:6e:8c:ca:57:02:7a:
6b:30:c5:11:dd:6a:7e:0e:95:96:8c:a7:aa:27:82:06:7d:c6:
54:bf:52:42:a0:8e:7b:d0:b7:eb:87:70:d0:27:bf:c7:c6:ea:
01:15:05:70:fc:d5:b1:e5:df:27:b3:36:64:e5:12:f9:fc:b0:
be:20:8a:31:e1:6d:2a:d8:cc:2d:18:e1:25:9d:ff:89:1f:38:
e7:e4:9c:89:27:0e:03:81:98:82:6d:4f:c1:b5:94:17:d4:5a:
5b:4a:9b:fb:bf:19:66:5e:c8:18:6d:07:73:40:ab:8c:6f:61:
75:ab:42:39:84:53:73:2c:e8:a2:19:45:07:3a:64:8a:fe:7a:
86:84:99:d9:67:68:43:47:af:74:f0:eb:fc:ed:7c:d3:41:93:
8e:46:87:61:d8:6c:3f:12:2f:a5:53:f6:7f:6b:a7:25:cf:fa:
6a:99:e3:35:c5:ad:2b:be:37:df:f7:86:f4:bb:be:d4:db:5b:
b8:6f:6a:ec:90:a5:87:76:6c:bb:7b:f2:2f:1d:2f:fe:ff:48:
a4:1c:54:4a:25:29:65:91:a7:76:14:ba:d1:03:c6:8b:7a:5b:
bc:fb:44:21
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjMwMzAzMTQwMjUzWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDAxZmUwZC0wNDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtUo32t+Gk7DL3hJc9wgciyhGjDKDJV1tdCijdfmwjFhsvIV6AsK69fzWRIig
+xRDyByMnztosJYhSV/xS9JXs1Jkur9cpB/xBFqpl3L7wXcRcc8Z6vsP55Tl65zG
k4/LK2ewi+HSH01lyw7mIre3hqCWbS/ZjRbnNdECQFbcOGsbtMAtA1+J6MyD0pC3
6AvMtrJDMUZac+Zths9GPlT1Ox2HZxYSrN7ltUgxwhwjnyT/9IVxTsjx5ZUrAeVh
czZp+h6Wvu3FKFsovNDUxlCzjE8GOR9hgWsEw1W11qvXo0XIDydbj0chY5qtQwNj
ju4MeshSMf4bWt5jWcpbMwHxMwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGuEQgmU
DZ8nJyRDaYQJFhhs1IoSMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvQjI4NjdCRDBC
OTEzMTFFRDhDNTI1MzYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnwLMDBAFnxBQDBABn2f0wDQYJKoZIhvcNAQELBQADggEB
ADqTWYryLYE4dSi9OxrLEc6AQ4KguAcoVa80aoljcW6MylcCemswxRHdan4OlZaM
p6onggZ9xlS/UkKgjnvQt+uHcNAnv8fG6gEVBXD81bHl3yezNmTlEvn8sL4gijHh
bSrYzC0Y4SWd/4kfOOfknIknDgOBmIJtT8G1lBfUWltKm/u/GWZeyBhtB3NAq4xv
YXWrQjmEU3Ms6KIZRQc6ZIr+eoaEmdlnaENHr3Tw6/ztfNNBk45Gh2HYbD8SL6VT
9n9rpyXP+mqZ4zXFrSu+N9/3hvS7vtTbW7hvauyQpYd2bLt78i8dL/7/SKQcVEol
KWWRp3YUutEDxot6W7z7RCE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org