Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/BCF2B6C6B76811ED8A503224C4F9AE02.roa
File: BCF2B6C6B76811ED8A503224C4F9AE02.roa (raw, json)
Hash identifier: LqpsHAnk8BDnMELhIAGVV85IvkZWkgOb3ZSGI2TVw8o=
Subject key identifier: C8:9E:C6:27:8B:70:E5:68:F5:0B:0D:5F:E0:FC:B8:AA:E9:CF:AE:7E
Certificate issuer: /CN=A9176AFD/serialNumber=0A422A6397D8EB6CB35775297CEB55A5E18FE1E2
Certificate serial: 171A
Authority key identifier: 0A:42:2A:63:97:D8:EB:6C:B3:57:75:29:7C:EB:55:A5:E1:8F:E1:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/BCF2B6C6B76811ED8A503224C4F9AE02.roa
Signing time: Tue 28 Feb 2023 13:06:39 +0000
ROA not before: Tue 28 Feb 2023 13:06:39 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 9934
IP address blocks: 103.242.44.0/22 maxlen: 22
202.179.0.0/19 maxlen: 19
202.179.0.0/24 maxlen: 24
202.179.1.0/24 maxlen: 24
202.179.2.0/24 maxlen: 24
202.179.3.0/24 maxlen: 24
202.179.4.0/24 maxlen: 24
202.179.5.0/24 maxlen: 24
202.179.6.0/24 maxlen: 24
202.179.7.0/24 maxlen: 24
202.179.8.0/24 maxlen: 24
202.179.9.0/24 maxlen: 24
202.179.10.0/24 maxlen: 24
202.179.11.0/24 maxlen: 24
202.179.12.0/24 maxlen: 24
202.179.13.0/24 maxlen: 24
202.179.14.0/23 maxlen: 23
202.179.16.0/24 maxlen: 24
202.179.17.0/24 maxlen: 24
202.179.18.0/24 maxlen: 24
202.179.19.0/24 maxlen: 24
202.179.20.0/23 maxlen: 23
202.179.22.0/24 maxlen: 24
202.179.23.0/24 maxlen: 24
202.179.24.0/24 maxlen: 24
202.179.25.0/24 maxlen: 24
202.179.26.0/24 maxlen: 24
202.179.27.0/24 maxlen: 24
202.179.28.0/24 maxlen: 24
202.179.29.0/24 maxlen: 24
202.179.30.0/24 maxlen: 24
202.179.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5914 (0x171a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176AFD/serialNumber=0A422A6397D8EB6CB35775297CEB55A5E18FE1E2
Validity
Not Before: Feb 28 13:06:39 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63fdfc5f-5046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:31:2c:d9:03:e3:30:6c:17:61:93:ea:7a:3b:
71:b8:1c:b8:e3:5e:f0:7e:2c:55:40:b3:3c:01:7b:
8d:b8:86:fd:8e:1d:bc:f6:51:6d:42:38:a9:ac:8a:
91:fe:4d:ef:d2:df:bc:68:47:68:a1:a3:7f:43:3e:
14:d4:aa:32:c6:59:5b:3a:c0:a5:a3:5e:de:b7:e0:
0f:a4:91:50:9c:a5:a2:aa:af:12:50:ce:b2:3f:8a:
17:cf:bb:53:94:6b:66:2e:5a:fd:e5:4e:27:b4:7a:
21:0c:f8:44:7c:c1:1b:d3:50:90:e8:fc:d3:0a:97:
14:e6:f5:d7:44:0d:66:83:4c:eb:3e:77:6d:f7:b5:
bf:8d:0c:63:de:37:bc:d7:b1:13:d5:9b:19:ca:f2:
19:04:3e:3e:3a:e0:54:c0:88:73:42:b4:68:cc:ab:
bf:4b:ee:60:ff:61:d3:e3:59:51:3d:53:fb:63:bc:
2d:72:cf:65:47:b8:43:cd:36:46:06:ef:9a:b0:24:
8d:3d:df:da:45:85:78:4d:c1:7d:d2:b2:f8:38:36:
d6:2b:36:dd:43:1e:f1:07:22:8f:19:c3:36:24:32:
a4:53:c7:a7:ce:00:83:d1:f5:d6:bd:d4:3e:9f:e7:
46:67:01:e3:11:04:4e:f6:cd:68:4c:99:51:40:af:
cd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9E:C6:27:8B:70:E5:68:F5:0B:0D:5F:E0:FC:B8:AA:E9:CF:AE:7E
X509v3 Authority Key Identifier:
keyid:0A:42:2A:63:97:D8:EB:6C:B3:57:75:29:7C:EB:55:A5:E1:8F:E1:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/BCF2B6C6B76811ED8A503224C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.242.44.0/22
202.179.0.0/19
Signature Algorithm: sha256WithRSAEncryption
61:01:12:db:a9:7c:a1:46:c3:ec:8e:62:b1:50:d5:a7:de:8c:
0d:d6:8d:72:dd:45:1b:dd:3c:6d:9e:2e:ac:7c:01:8d:1d:81:
b2:9d:25:8c:47:bb:c0:b0:20:b4:a7:52:59:f7:a4:ae:21:b0:
db:65:19:e0:8d:70:ae:37:f9:d8:c1:30:f4:e4:84:a0:0c:84:
57:8a:01:b2:80:ed:aa:68:a3:18:3e:2d:cd:bf:ca:4c:a0:58:
5f:3f:62:80:bd:a8:ab:0c:ff:de:0f:46:45:fc:d7:87:7e:eb:
9d:67:95:f1:0b:e0:4a:c2:51:a5:d6:de:cf:6f:30:a6:9d:73:
ce:91:b1:cc:56:c2:5d:12:a5:45:38:0c:6f:e4:70:c5:4d:b9:
e6:62:dc:b6:23:5e:0e:30:fa:cf:04:ca:4d:5b:61:fe:0b:76:
62:b5:c2:ca:05:0f:c0:73:b4:ed:c4:fd:d0:d4:d4:24:72:dd:
22:9f:32:7d:05:34:f8:98:be:5c:13:1f:7d:39:9a:07:40:fc:
2f:4b:d4:c5:b6:e2:df:de:ab:5b:c3:a2:dd:8b:58:64:38:a5:
77:39:61:6e:b7:11:fd:70:aa:4c:b3:49:bd:bc:00:23:d7:78:
81:f9:a5:20:d2:f9:8d:58:d8:f6:84:63:2e:d7:f4:93:cd:96:
8f:c9:8e:cb
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFxowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzZBRkQxMTAvBgNVBAUTKDBBNDIyQTYzOTdEOEVCNkNCMzU3NzUyOTdDRUI1NUE1
RTE4RkUxRTIwHhcNMjMwMjI4MTMwNjM5WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZkZmM1Zi01MDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwzEs2QPjMGwXYZPqejtxuBy4417wfixVQLM8AXuNuIb9jh289lFtQjiprIqR
/k3v0t+8aEdooaN/Qz4U1KoyxllbOsClo17et+APpJFQnKWiqq8SUM6yP4oXz7tT
lGtmLlr95U4ntHohDPhEfMEb01CQ6PzTCpcU5vXXRA1mg0zrPndt97W/jQxj3je8
17ET1ZsZyvIZBD4+OuBUwIhzQrRozKu/S+5g/2HT41lRPVP7Y7wtcs9lR7hDzTZG
Bu+asCSNPd/aRYV4TcF90rL4ODbWKzbdQx7xByKPGcM2JDKkU8enzgCD0fXWvdQ+
n+dGZwHjEQRO9s1oTJlRQK/N9wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMiexieL
cOVo9QsNX+D8uKrpz65+MB8GA1UdIwQYMBaAFApCKmOX2Otss1d1KXzrVaXhj+Hi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkFGRC81QkIyMjMwQTky
RjgxMUU3ODRDQTBFNUNDNEY5QUUwMi9Da0lxWTVmWTYyeXpWM1VwZk90VnBlR1A0
ZUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrSXFZNWZZNjJ5elYzVXBmT3RWcGVHUDRlSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzZBRkQvNUJCMjIzMEE5MkY4MTFFNzg0Q0EwRTVDQzRGOUFFMDIvQkNGMkI2QzZC
NzY4MTFFRDhBNTAzMjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJn8iwDBAXKswAwDQYJKoZIhvcNAQELBQADggEBAGEBEtup
fKFGw+yOYrFQ1afejA3WjXLdRRvdPG2eLqx8AY0dgbKdJYxHu8CwILSnUln3pK4h
sNtlGeCNcK43+djBMPTkhKAMhFeKAbKA7apooxg+Lc2/ykygWF8/YoC9qKsM/94P
RkX814d+651nlfEL4ErCUaXW3s9vMKadc86RscxWwl0SpUU4DG/kcMVNueZi3LYj
Xg4w+s8Eyk1bYf4LdmK1wsoFD8BztO3E/dDU1CRy3SKfMn0FNPiYvlwTH305mgdA
/C9L1MW24t/eq1vDot2LWGQ4pXc5YW63Ef1wqkyzSb28ACPXeIH5pSDS+Y1Y2PaE
Yy7X9JPNlo/Jjss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org