Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/BBF5086EA65A11EEBEA0EC5FC4F9AE02.roa
File: BBF5086EA65A11EEBEA0EC5FC4F9AE02.roa (raw, json)
Hash identifier: feZmrItbR0fHJQhRm1SFII0lF7zMSvVslr1p6ft5CZA=
Subject key identifier: A7:20:F1:23:12:D9:30:4A:DB:82:55:C5:40:82:9C:F6:01:AA:28:0C
Certificate issuer: /CN=A9124731/serialNumber=801702BC9CDEF73DF739BFB7D4BD2F7B8885E077
Certificate serial: 0341
Authority key identifier: 80:17:02:BC:9C:DE:F7:3D:F7:39:BF:B7:D4:BD:2F:7B:88:85:E0:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gBcCvJze9z33Ob-31L0ve4iF4Hc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/BBF5086EA65A11EEBEA0EC5FC4F9AE02.roa
Signing time: Fri 29 Dec 2023 14:58:32 +0000
ROA not before: Fri 29 Dec 2023 14:58:32 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 24499
IP address blocks: 103.162.136.0/24 maxlen: 24
103.162.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 833 (0x341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124731/serialNumber=801702BC9CDEF73DF739BFB7D4BD2F7B8885E077
Validity
Not Before: Dec 29 14:58:32 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=658ede98-a9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bc:d7:b4:69:78:0b:71:9f:28:e4:9b:ff:0d:
69:c1:c7:e2:c1:62:6b:18:9b:c6:ac:cc:3f:7e:bf:
46:18:9c:0e:c9:51:2c:97:dd:62:30:96:df:90:66:
91:d5:c0:87:3f:06:75:6f:ae:ac:1d:38:5c:ff:29:
36:18:05:09:6f:b1:84:bf:56:69:8f:18:68:23:33:
12:4e:60:b9:20:48:67:59:4c:8f:3b:2b:2e:af:7a:
54:e2:63:8e:82:0c:4c:cf:0c:3d:54:82:c3:85:2a:
76:67:ec:c9:38:2c:a1:70:fe:57:2d:a7:86:9a:9c:
42:06:7f:bf:cf:19:60:84:e9:95:27:3c:46:1c:0f:
09:c5:b3:23:9c:d1:10:5f:92:a6:53:7d:b2:0d:6b:
de:09:29:ce:f0:b3:b4:5a:57:1c:e5:43:61:a4:76:
26:86:fc:f6:dd:9f:84:93:e7:36:06:db:ee:86:ad:
67:3d:02:19:00:b7:0c:b1:84:5b:64:32:68:9c:ee:
5d:c5:7a:e9:e7:b2:bb:28:1d:67:02:19:a9:b0:f4:
3f:30:29:a7:3d:3e:45:af:89:aa:00:ec:38:a8:88:
01:4d:3d:e0:25:28:13:e8:75:fa:e1:b5:3d:4a:59:
73:46:aa:ca:6e:94:05:55:87:d8:22:13:ac:a9:9b:
8c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:20:F1:23:12:D9:30:4A:DB:82:55:C5:40:82:9C:F6:01:AA:28:0C
X509v3 Authority Key Identifier:
keyid:80:17:02:BC:9C:DE:F7:3D:F7:39:BF:B7:D4:BD:2F:7B:88:85:E0:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/gBcCvJze9z33Ob-31L0ve4iF4Hc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gBcCvJze9z33Ob-31L0ve4iF4Hc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124731/B6B014B25D6D11EC8FF6131EC4F9AE02/BBF5086EA65A11EEBEA0EC5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.162.136.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:28:28:10:c4:be:30:35:9f:f5:ab:9a:87:7f:21:a6:4c:ec:
cc:72:63:7f:ce:d5:76:4e:10:c6:e3:4e:01:5b:81:61:10:ed:
38:bb:72:e0:48:1c:bd:cd:eb:43:3e:de:4d:ca:53:97:93:9c:
ec:21:66:8a:ef:63:ef:25:51:86:57:da:b7:85:c9:59:e5:a3:
b4:97:03:04:62:d9:20:db:e6:89:ec:82:83:da:17:22:32:68:
04:84:49:25:6f:a1:0a:ed:57:59:84:6a:44:9a:40:ca:8e:b7:
b8:b2:22:19:12:5e:ff:25:b4:cd:cb:87:67:2b:e0:88:f0:1f:
6c:c1:30:ce:43:09:d8:15:8a:0d:1f:24:72:d4:73:58:25:db:
0a:7a:3b:16:4a:c2:48:d5:ae:89:02:d5:a8:b9:f7:5a:fb:7f:
81:0b:b8:2d:fb:84:a8:9c:3e:fe:a7:b5:06:79:5e:42:13:da:
43:3b:de:d3:f2:d3:14:81:8a:99:df:b1:7d:f1:00:4b:0c:9f:
d4:4f:63:f2:cc:64:b1:7b:cf:cb:97:b3:8d:4b:a6:21:e1:3e:
4b:47:af:21:c4:42:25:c1:94:b6:52:bb:e9:0c:25:40:4c:88:
a2:5b:85:9a:4d:20:2b:e6:f0:52:1d:d4:48:93:1d:6d:06:b4:
44:eb:67:2a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ3MzExMTAvBgNVBAUTKDgwMTcwMkJDOUNERUY3M0RGNzM5QkZCN0Q0QkQyRjdC
ODg4NUUwNzcwHhcNMjMxMjI5MTQ1ODMyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlZGU5OC1hOWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqrzXtGl4C3GfKOSb/w1pwcfiwWJrGJvGrMw/fr9GGJwOyVEsl91iMJbfkGaR
1cCHPwZ1b66sHThc/yk2GAUJb7GEv1ZpjxhoIzMSTmC5IEhnWUyPOysur3pU4mOO
ggxMzww9VILDhSp2Z+zJOCyhcP5XLaeGmpxCBn+/zxlghOmVJzxGHA8JxbMjnNEQ
X5KmU32yDWveCSnO8LO0Wlcc5UNhpHYmhvz23Z+Ek+c2Btvuhq1nPQIZALcMsYRb
ZDJonO5dxXrp57K7KB1nAhmpsPQ/MCmnPT5Fr4mqAOw4qIgBTT3gJSgT6HX64bU9
SllzRqrKbpQFVYfYIhOsqZuM9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFKcg8SMS
2TBK24JVxUCCnPYBqigMMB8GA1UdIwQYMBaAFIAXAryc3vc99zm/t9S9L3uIheB3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDczMS9CNkIwMTRCMjVE
NkQxMUVDOEZGNjEzMUVDNEY5QUUwMi9nQmNDdkp6ZTl6MzNPYi0zMUwwdmU0aUY0
SGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dCY0N2SnplOXozM09iLTMxTDB2ZTRpRjRIYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ3MzEvQjZCMDE0QjI1RDZEMTFFQzhGRjYxMzFFQzRGOUFFMDIvQkJGNTA4NkVB
NjVBMTFFRUJFQTBFQzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoogwDQYJKoZIhvcNAQELBQADggEBAJ0oKBDEvjA1n/Wr
mod/IaZM7MxyY3/O1XZOEMbjTgFbgWEQ7Ti7cuBIHL3N60M+3k3KU5eTnOwhZorv
Y+8lUYZX2reFyVnlo7SXAwRi2SDb5onsgoPaFyIyaASESSVvoQrtV1mEakSaQMqO
t7iyIhkSXv8ltM3Lh2cr4IjwH2zBMM5DCdgVig0fJHLUc1gl2wp6OxZKwkjVrokC
1ai591r7f4ELuC37hKicPv6ntQZ5XkIT2kM73tPy0xSBipnfsX3xAEsMn9RPY/LM
ZLF7z8uXs41LpiHhPktHryHEQiXBlLZSu+kMJUBMiKJbhZpNICvm8FId1EiTHW0G
tETrZyo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org