Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/DF70ECDABB0C11ECB5545844C4F9AE02.roa
File: DF70ECDABB0C11ECB5545844C4F9AE02.roa (raw, json)
Hash identifier: l1+gQkYFuOwAnqju7po3XZjc/96cCzEXkPLO+NZWTss=
Subject key identifier: 55:83:21:85:38:0B:41:BC:FD:16:00:86:1B:67:E4:AF:03:B3:D6:64
Certificate issuer: /CN=A9129F42/serialNumber=DBAFFC0C002D43DC47346BC4E19FEB3EBF3BB4D5
Certificate serial: 0C
Authority key identifier: DB:AF:FC:0C:00:2D:43:DC:47:34:6B:C4:E1:9F:EB:3E:BF:3B:B4:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/26_8DAAtQ9xHNGvE4Z_rPr87tNU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/DF70ECDABB0C11ECB5545844C4F9AE02.roa
Signing time: Wed 13 Apr 2022 09:53:47 +0000
ROA not before: Wed 13 Apr 2022 09:53:46 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 59239
IP address blocks: 103.186.56.0/23 maxlen: 23
103.186.56.0/24 maxlen: 24
103.186.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129F42/serialNumber=DBAFFC0C002D43DC47346BC4E19FEB3EBF3BB4D5
Validity
Not Before: Apr 13 09:53:46 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62569daa-20fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:72:bf:52:87:c4:b1:e2:1a:71:75:e6:9b:2e:
46:fd:14:5e:29:95:bd:8d:15:6f:80:1a:14:7a:63:
c1:56:72:f0:24:90:0f:ce:52:60:27:65:76:a4:80:
a4:97:a2:b6:e6:79:60:ba:74:6a:e3:03:9b:e1:6a:
51:82:b4:ac:13:d1:19:c2:7e:3f:1b:9f:70:fd:4e:
ac:c3:fb:fc:71:0b:eb:5a:3c:f7:9a:5f:6e:13:25:
40:6d:53:ce:16:49:31:c3:a6:98:8d:54:ec:18:6d:
1d:f1:62:c5:2a:07:a9:69:69:8a:3d:6d:42:46:e7:
92:68:37:fa:0f:ca:49:3d:f8:40:12:0d:cd:c9:2c:
c3:47:00:01:0f:fa:03:3f:39:d4:2c:b2:e2:be:3b:
1a:1d:63:18:d4:2d:c1:ba:19:fc:3e:73:e1:6c:62:
3d:52:fb:81:58:c8:16:6b:67:bb:30:56:58:06:ae:
d6:d6:8b:90:74:70:76:7b:a4:80:c7:5f:a6:f6:57:
3b:6e:a1:b6:d4:24:42:7f:fd:58:39:bc:e6:52:52:
27:d7:e3:37:95:93:5c:31:8d:f2:3c:28:5d:ab:f3:
d3:b1:51:61:16:1b:e1:c8:5c:bd:d4:82:3c:7e:40:
40:8a:5f:b5:21:0f:34:e2:97:86:94:06:d4:7e:d0:
37:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:83:21:85:38:0B:41:BC:FD:16:00:86:1B:67:E4:AF:03:B3:D6:64
X509v3 Authority Key Identifier:
keyid:DB:AF:FC:0C:00:2D:43:DC:47:34:6B:C4:E1:9F:EB:3E:BF:3B:B4:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/26_8DAAtQ9xHNGvE4Z_rPr87tNU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/26_8DAAtQ9xHNGvE4Z_rPr87tNU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/DF70ECDABB0C11ECB5545844C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.56.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:c6:80:c5:35:41:f9:9d:8b:f7:ab:f3:3a:7e:82:1f:46:49:
99:e0:ca:9b:da:d1:ba:2f:cb:be:cf:1b:8f:87:26:d5:54:77:
64:9e:28:bb:ff:fb:9b:4c:11:ac:96:aa:e8:56:0e:61:45:e6:
a4:bc:8b:c0:cc:dc:f1:58:bc:49:2e:cb:d2:0d:72:33:a8:19:
69:95:3e:75:3e:8c:09:2c:6a:87:bb:f7:8d:f7:52:c1:b3:9f:
47:e8:00:e4:d7:77:b0:8d:83:b0:b0:32:fa:43:54:f6:6b:0d:
c0:e1:e3:a8:df:8e:4e:74:49:72:5b:b5:ed:0e:54:20:44:25:
96:fa:f2:69:71:80:b4:80:f1:49:64:91:e7:d0:5d:64:e2:00:
41:d1:eb:27:fd:df:31:f0:29:7e:f8:c2:ec:e8:04:48:49:81:
9a:49:a6:aa:ae:4c:43:c2:24:23:34:e9:15:b0:71:0c:a6:d0:
62:80:f1:65:5a:38:c0:aa:5d:e0:b0:08:1c:a3:cb:44:7d:70:
b0:51:c2:96:0b:a2:34:e4:fe:9d:32:61:11:1e:84:61:d2:d6:
f5:83:ba:66:a9:b5:df:d2:f1:53:a7:ac:b9:07:db:34:fc:11:
4b:75:c9:34:f6:e7:1c:54:c6:c2:94:a6:f3:f5:a1:db:18:4f:
42:c2:bc:ff
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OUY0MjExMC8GA1UEBRMoREJBRkZDMEMwMDJENDNEQzQ3MzQ2QkM0RTE5RkVCM0VC
RjNCQjRENTAeFw0yMjA0MTMwOTUzNDZaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNTY5ZGFhLTIwZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGcr9Sh8Sx4hpxdeabLkb9FF4plb2NFW+AGhR6Y8FWcvAkkA/OUmAnZXakgKSX
orbmeWC6dGrjA5vhalGCtKwT0RnCfj8bn3D9TqzD+/xxC+taPPeaX24TJUBtU84W
STHDppiNVOwYbR3xYsUqB6lpaYo9bUJG55JoN/oPykk9+EASDc3JLMNHAAEP+gM/
OdQssuK+OxodYxjULcG6Gfw+c+FsYj1S+4FYyBZrZ7swVlgGrtbWi5B0cHZ7pIDH
X6b2VztuobbUJEJ//Vg5vOZSUifX4zeVk1wxjfI8KF2r89OxUWEWG+HIXL3Ugjx+
QECKX7UhDzTil4aUBtR+0DdNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUVYMhhTgL
Qbz9FgCGG2fkrwOz1mQwHwYDVR0jBBgwFoAU26/8DAAtQ9xHNGvE4Z/rPr87tNUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI5RjQyLzYxRjYwMUZDQkEy
NDExRUM5NzUwQjk0QUM0RjlBRTAyLzI2XzhEQUF0UTl4SE5HdkU0Wl9yUHI4N3RO
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMjZfOERBQXRROXhITkd2RTRaX3JQcjg3dE5VLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OUY0Mi82MUY2MDFGQ0JBMjQxMUVDOTc1MEI5NEFDNEY5QUUwMi9ERjcwRUNEQUJC
MEMxMUVDQjU1NDU4NDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe6ODANBgkqhkiG9w0BAQsFAAOCAQEAi8aAxTVB+Z2L96vz
On6CH0ZJmeDKm9rRui/Lvs8bj4cm1VR3ZJ4ou//7m0wRrJaq6FYOYUXmpLyLwMzc
8Vi8SS7L0g1yM6gZaZU+dT6MCSxqh7v3jfdSwbOfR+gA5Nd3sI2DsLAy+kNU9msN
wOHjqN+OTnRJclu17Q5UIEQllvryaXGAtIDxSWSR59BdZOIAQdHrJ/3fMfApfvjC
7OgESEmBmkmmqq5MQ8IkIzTpFbBxDKbQYoDxZVo4wKpd4LAIHKPLRH1wsFHClgui
NOT+nTJhER6EYdLW9YO6Zqm139LxU6esuQfbNPwRS3XJNPbnHFTGwpSm8/Wh2xhP
QsK8/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org