Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/EAA596A4BA2711ECAB6F3251C4F9AE02.roa
File: EAA596A4BA2711ECAB6F3251C4F9AE02.roa (raw, json)
Hash identifier: VYLfkbpWysVBNga46Osz0gvByE9D68RRL3IMN1GhloM=
Subject key identifier: 27:B1:3D:28:B6:1F:DF:86:3C:02:3F:E5:3F:EE:F2:D4:BD:45:49:C2
Certificate issuer: /CN=A9129F42/serialNumber=DBAFFC0C002D43DC47346BC4E19FEB3EBF3BB4D5
Certificate serial: 02
Authority key identifier: DB:AF:FC:0C:00:2D:43:DC:47:34:6B:C4:E1:9F:EB:3E:BF:3B:B4:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/26_8DAAtQ9xHNGvE4Z_rPr87tNU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/EAA596A4BA2711ECAB6F3251C4F9AE02.roa
Signing time: Tue 12 Apr 2022 06:15:15 +0000
ROA not before: Tue 12 Apr 2022 06:15:14 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 59239
IP address blocks: 103.186.56.0/23 maxlen: 23
103.186.56.0/24 maxlen: 24
103.186.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129F42/serialNumber=DBAFFC0C002D43DC47346BC4E19FEB3EBF3BB4D5
Validity
Not Before: Apr 12 06:15:14 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=625518f2-e34d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ac:cd:b7:2e:cd:f2:a5:8b:16:b0:8f:dd:2e:
7b:3f:d1:25:bd:5b:a8:91:a8:25:5b:df:6f:b1:f5:
98:4f:cc:52:67:33:56:65:66:84:42:8e:a5:b4:0f:
c9:ed:3d:e5:37:08:17:04:95:a4:75:a8:7c:c7:c1:
1d:c3:52:77:6f:de:ac:5b:44:07:06:bb:6b:2d:cc:
64:1a:ae:27:31:6a:b5:c0:bd:a3:53:95:aa:6c:8f:
49:45:f4:b6:2b:0c:1b:27:b1:d2:be:e2:09:f1:ad:
68:d0:ee:b6:c5:c2:fa:87:1f:b6:33:4c:1c:0b:4c:
5c:1a:35:08:7d:53:8e:41:d4:7c:96:2a:00:c1:c9:
57:ff:aa:27:b0:53:52:4b:a4:c2:00:7e:24:37:ab:
8b:02:8b:c3:3e:3d:47:bf:33:a7:bc:fd:74:c7:24:
e7:14:3a:8f:fd:2d:11:6b:1b:03:09:e3:f3:c3:d2:
a6:86:f9:3a:fc:f0:83:0c:55:14:5c:82:3d:7c:46:
38:c4:51:b9:0b:9b:32:94:04:45:e4:18:13:f7:9e:
66:53:0f:f4:25:33:db:d7:36:95:4f:37:23:d7:36:
c2:f0:0e:be:14:45:8b:1f:34:6e:41:7f:cb:0d:57:
72:65:63:60:77:e3:1c:da:73:be:14:d8:c0:bc:24:
16:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B1:3D:28:B6:1F:DF:86:3C:02:3F:E5:3F:EE:F2:D4:BD:45:49:C2
X509v3 Authority Key Identifier:
keyid:DB:AF:FC:0C:00:2D:43:DC:47:34:6B:C4:E1:9F:EB:3E:BF:3B:B4:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/26_8DAAtQ9xHNGvE4Z_rPr87tNU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/26_8DAAtQ9xHNGvE4Z_rPr87tNU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129F42/61F601FCBA2411EC9750B94AC4F9AE02/EAA596A4BA2711ECAB6F3251C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.56.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:67:ca:a8:dd:19:64:b8:b0:51:a5:6f:dc:b6:3a:bd:b3:ea:
c9:4c:23:74:9a:d1:a6:33:2e:58:bf:71:6d:05:26:b1:fb:ba:
a0:aa:9b:a8:e1:2f:de:b4:f1:76:f5:e7:96:73:77:a5:76:ed:
e6:86:98:b8:a7:cc:fc:90:19:9e:e9:bb:eb:30:65:00:fe:0b:
3d:cd:0d:07:2c:93:e3:36:18:98:c2:d0:a6:b2:27:dc:4f:8d:
60:b0:9a:2f:da:90:cc:62:d1:5a:dd:a2:68:4d:c1:76:4c:0c:
c3:61:65:0f:8f:fe:b3:95:c8:fd:06:88:69:bc:15:2a:61:da:
49:bf:9f:45:aa:16:5e:8e:2c:0a:7c:1d:47:d7:5f:b0:63:be:
d4:b0:7a:a9:6d:cf:74:31:98:05:b1:cc:b1:f3:43:51:6b:0e:
c8:be:88:1b:e8:90:0a:33:63:53:c3:5f:10:1e:ec:59:ca:ea:
4d:60:f1:97:55:36:03:3f:bb:e3:99:1c:c3:fc:59:bc:38:23:
a5:e2:08:32:36:49:4b:03:a7:65:76:9c:0b:75:61:a1:4b:a6:
17:67:b0:55:c1:99:45:b7:d8:aa:ca:2f:0d:bd:01:53:71:27:
01:d6:23:0e:59:be:14:fc:74:cb:12:00:2a:ec:82:a0:59:8c:
01:2d:21:bf
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OUY0MjExMC8GA1UEBRMoREJBRkZDMEMwMDJENDNEQzQ3MzQ2QkM0RTE5RkVCM0VC
RjNCQjRENTAeFw0yMjA0MTIwNjE1MTRaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNTUxOGYyLWUzNGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6rM23Ls3ypYsWsI/dLns/0SW9W6iRqCVb32+x9ZhPzFJnM1ZlZoRCjqW0D8nt
PeU3CBcElaR1qHzHwR3DUndv3qxbRAcGu2stzGQaricxarXAvaNTlapsj0lF9LYr
DBsnsdK+4gnxrWjQ7rbFwvqHH7YzTBwLTFwaNQh9U45B1HyWKgDByVf/qiewU1JL
pMIAfiQ3q4sCi8M+PUe/M6e8/XTHJOcUOo/9LRFrGwMJ4/PD0qaG+Tr88IMMVRRc
gj18RjjEUbkLmzKUBEXkGBP3nmZTD/QlM9vXNpVPNyPXNsLwDr4URYsfNG5Bf8sN
V3JlY2B34xzac74U2MC8JBZhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJ7E9KLYf
34Y8Aj/lP+7y1L1FScIwHwYDVR0jBBgwFoAU26/8DAAtQ9xHNGvE4Z/rPr87tNUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI5RjQyLzYxRjYwMUZDQkEy
NDExRUM5NzUwQjk0QUM0RjlBRTAyLzI2XzhEQUF0UTl4SE5HdkU0Wl9yUHI4N3RO
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMjZfOERBQXRROXhITkd2RTRaX3JQcjg3dE5VLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OUY0Mi82MUY2MDFGQ0JBMjQxMUVDOTc1MEI5NEFDNEY5QUUwMi9FQUE1OTZBNEJB
MjcxMUVDQUI2RjMyNTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe6ODANBgkqhkiG9w0BAQsFAAOCAQEATmfKqN0ZZLiwUaVv
3LY6vbPqyUwjdJrRpjMuWL9xbQUmsfu6oKqbqOEv3rTxdvXnlnN3pXbt5oaYuKfM
/JAZnum76zBlAP4LPc0NByyT4zYYmMLQprIn3E+NYLCaL9qQzGLRWt2iaE3BdkwM
w2FlD4/+s5XI/QaIabwVKmHaSb+fRaoWXo4sCnwdR9dfsGO+1LB6qW3PdDGYBbHM
sfNDUWsOyL6IG+iQCjNjU8NfEB7sWcrqTWDxl1U2Az+745kcw/xZvDgjpeIIMjZJ
SwOnZXacC3VhoUumF2ewVcGZRbfYqsovDb0BU3EnAdYjDlm+FPx0yxIAKuyCoFmM
AS0hvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org