Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/BAD7134C5D7711EC8FD5622BC4F9AE02.roa
File: BAD7134C5D7711EC8FD5622BC4F9AE02.roa (raw, json)
Hash identifier: JiotxPitMQ8MWwJQNkYNo9GtYnU03gY6lRiIsRTp+Qg=
Subject key identifier: 97:47:40:5D:E3:7A:E5:59:5A:04:76:8D:10:5C:4E:49:24:69:7D:71
Certificate issuer: /CN=A917357E/serialNumber=3FC170E8DF5ADBFA1B6370B7450F28FAE0B35A18
Certificate serial: 01CF
Authority key identifier: 3F:C1:70:E8:DF:5A:DB:FA:1B:63:70:B7:45:0F:28:FA:E0:B3:5A:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8Fw6N9a2_obY3C3RQ8o-uCzWhg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/BAD7134C5D7711EC8FD5622BC4F9AE02.roa
Signing time: Sun 31 Jul 2022 15:51:55 +0000
ROA not before: Sun 31 Jul 2022 15:51:55 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 136969
IP address blocks: 103.151.46.0/24 maxlen: 24
103.151.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463 (0x1cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917357E/serialNumber=3FC170E8DF5ADBFA1B6370B7450F28FAE0B35A18
Validity
Not Before: Jul 31 15:51:55 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62e6a51b-fa0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:91:23:6b:56:35:6e:8e:16:b8:a3:61:f3:84:
e6:63:37:f0:08:4f:ea:a3:29:90:58:0b:ac:4c:7c:
61:84:aa:d3:5c:53:85:21:03:58:a2:be:cf:35:cf:
77:ee:26:8e:b0:f5:6d:10:f2:6d:d4:bc:0c:98:9d:
30:29:5b:8b:ad:c6:b8:4b:26:54:c4:17:e4:78:22:
ae:6a:21:1f:23:45:a4:c4:cc:26:4e:ef:19:37:64:
35:22:ba:46:e3:ce:5f:db:52:91:40:82:8f:0d:f9:
d8:ff:3a:e3:ec:6d:6b:28:28:ae:ca:ec:d3:3f:ac:
a6:c6:d3:23:18:84:63:2f:ae:e4:47:ca:f0:9a:2a:
f8:57:f5:6e:ae:c1:7e:e8:c7:df:61:e7:df:94:6b:
dd:fc:14:48:f4:ae:36:53:f7:a3:cc:8a:7b:04:33:
c9:e8:66:b6:de:ca:20:d0:88:3f:f8:4f:58:8e:b8:
2b:f0:fa:99:d9:69:57:84:2e:d1:66:2f:96:20:23:
c1:8a:18:9a:b1:86:80:ce:7d:5b:15:e5:5a:3f:a6:
a3:85:bb:b9:25:ed:49:07:d1:b1:f3:95:b8:4f:a0:
ab:50:d0:43:15:7c:03:51:c3:8a:97:60:b5:28:dd:
64:b4:3f:24:94:06:f8:b0:c6:46:ce:29:4e:de:91:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:47:40:5D:E3:7A:E5:59:5A:04:76:8D:10:5C:4E:49:24:69:7D:71
X509v3 Authority Key Identifier:
keyid:3F:C1:70:E8:DF:5A:DB:FA:1B:63:70:B7:45:0F:28:FA:E0:B3:5A:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/P8Fw6N9a2_obY3C3RQ8o-uCzWhg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8Fw6N9a2_obY3C3RQ8o-uCzWhg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917357E/602D76D85D7311ECA3248853C4F9AE02/BAD7134C5D7711EC8FD5622BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.46.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:f1:76:89:3d:dc:fc:40:f4:b2:36:b0:dc:38:53:67:54:c0:
1a:eb:6d:bc:3b:d1:42:f4:81:e0:35:17:d6:5a:23:c7:66:76:
d8:27:cc:2f:e0:8f:de:43:fa:eb:34:57:3f:1e:d8:83:7d:5b:
c6:06:a9:1c:98:16:25:45:65:e0:22:57:56:9a:45:7c:f4:c2:
ba:61:3b:e9:91:7e:b5:f5:8e:a7:15:2d:a6:93:bf:b0:5e:65:
6c:a9:00:74:87:f4:62:91:7f:10:56:ff:2c:3e:83:c6:84:61:
1d:98:ed:9d:2a:59:fd:ca:7f:ea:e3:60:ea:51:97:3c:34:fd:
fb:d5:af:f2:b1:8d:7f:cc:eb:86:81:46:1c:4f:a6:71:37:51:
91:32:8b:58:67:6d:27:f3:10:90:7e:3e:56:14:2e:13:03:64:
6c:b7:fe:cb:3a:cc:8c:25:c0:15:b0:c4:b4:28:cc:75:e2:5e:
5e:c0:12:f2:74:f8:02:69:bf:44:da:25:95:04:4b:d2:cc:56:
17:d0:ef:fd:c2:73:8a:61:27:b8:3c:3b:96:b6:86:d5:b6:5a:
2d:4f:32:d6:4a:da:ce:eb:cb:3d:83:2e:17:eb:97:e9:21:8f:
a6:23:82:d0:10:7b:87:04:e4:50:f2:fc:87:f2:1b:64:ba:fa:
92:f4:71:29
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzM1N0UxMTAvBgNVBAUTKDNGQzE3MEU4REY1QURCRkExQjYzNzBCNzQ1MEYyOEZB
RTBCMzVBMTgwHhcNMjIwNzMxMTU1MTU1WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU2YTUxYi1mYTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5Eja1Y1bo4WuKNh84TmYzfwCE/qoymQWAusTHxhhKrTXFOFIQNYor7PNc93
7iaOsPVtEPJt1LwMmJ0wKVuLrca4SyZUxBfkeCKuaiEfI0WkxMwmTu8ZN2Q1IrpG
485f21KRQIKPDfnY/zrj7G1rKCiuyuzTP6ymxtMjGIRjL67kR8rwmir4V/VursF+
6MffYefflGvd/BRI9K42U/ejzIp7BDPJ6Ga23sog0Ig/+E9Yjrgr8PqZ2WlXhC7R
Zi+WICPBihiasYaAzn1bFeVaP6ajhbu5Je1JB9Gx85W4T6CrUNBDFXwDUcOKl2C1
KN1ktD8klAb4sMZGzilO3pHEeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJdHQF3j
euVZWgR2jRBcTkkkaX1xMB8GA1UdIwQYMBaAFD/BcOjfWtv6G2Nwt0UPKPrgs1oY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MzU3RS82MDJENzZEODVE
NzMxMUVDQTMyNDg4NTNDNEY5QUUwMi9QOEZ3Nk45YTJfb2JZM0MzUlE4by11Q3pX
aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A4Rnc2TjlhMl9vYlkzQzNSUThvLXVDeldoZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzM1N0UvNjAyRDc2RDg1RDczMTFFQ0EzMjQ4ODUzQzRGOUFFMDIvQkFENzEzNEM1
RDc3MTFFQzhGRDU2MjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnly4wDQYJKoZIhvcNAQELBQADggEBAG/xdok93PxA9LI2
sNw4U2dUwBrrbbw70UL0geA1F9ZaI8dmdtgnzC/gj95D+us0Vz8e2IN9W8YGqRyY
FiVFZeAiV1aaRXz0wrphO+mRfrX1jqcVLaaTv7BeZWypAHSH9GKRfxBW/yw+g8aE
YR2Y7Z0qWf3Kf+rjYOpRlzw0/fvVr/KxjX/M64aBRhxPpnE3UZEyi1hnbSfzEJB+
PlYULhMDZGy3/ss6zIwlwBWwxLQozHXiXl7AEvJ0+AJpv0TaJZUES9LMVhfQ7/3C
c4phJ7g8O5a2htW2Wi1PMtZK2s7ryz2DLhfrl+khj6YjgtAQe4cE5FDy/IfyG2S6
+pL0cSk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org