Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/B1BFD606E18711EC8BF19C5FC4F9AE02.roa
File: B1BFD606E18711EC8BF19C5FC4F9AE02.roa (raw, json)
Hash identifier: apMAk4wqoiLqW3Ewc8m+Fd8YPy/CVmiE3R6KCL8Ve6c=
Subject key identifier: CA:A2:92:4F:E9:8C:AB:46:C8:81:2E:07:7B:ED:5C:C1:9A:EA:09:22
Certificate issuer: /CN=A917A17B/serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5
Certificate serial: 095C
Authority key identifier: 83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/B1BFD606E18711EC8BF19C5FC4F9AE02.roa
Signing time: Thu 02 Jun 2022 20:19:28 +0000
ROA not before: Thu 02 Jun 2022 20:19:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138692
IP address blocks: 103.136.200.0/22 maxlen: 22
103.136.200.0/23 maxlen: 23
103.136.200.0/24 maxlen: 24
103.136.201.0/24 maxlen: 24
103.136.202.0/23 maxlen: 23
103.136.202.0/24 maxlen: 24
103.136.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2396 (0x95c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A17B/serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5
Validity
Not Before: Jun 2 20:19:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62991b50-3fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:88:84:e7:82:0b:d1:61:8c:e5:27:82:2b:c5:
fe:00:cf:00:be:5e:82:21:a2:59:2e:d7:93:90:ea:
ca:23:59:63:66:56:c7:a9:c3:6d:7e:b3:d2:21:cd:
3c:51:85:a3:21:6e:9b:c6:7d:b2:89:1e:2d:e9:24:
3b:66:1c:83:1c:de:33:6d:1b:e9:ad:82:82:30:e3:
36:46:54:df:a0:d6:95:e6:f8:9c:1f:2a:cb:3a:a6:
83:a9:d4:61:8d:1e:e9:84:82:57:6a:0f:ee:20:5f:
38:d9:e7:b4:f0:52:e6:53:a9:50:a5:e9:cb:fe:29:
e4:b3:3c:ff:76:47:a8:b2:48:47:dd:23:a2:4d:b2:
8d:94:fb:89:6b:37:66:b8:74:26:6b:bc:9c:bb:7b:
ae:f6:9a:5d:8f:ce:5d:ce:39:bb:15:43:f9:3e:b3:
e4:69:75:98:99:fc:5c:43:46:e9:ea:46:55:1a:96:
f1:02:27:5d:26:eb:99:f3:57:85:3c:db:a7:67:83:
e4:27:9c:c4:22:54:7d:c7:9f:0c:7a:0f:ff:6d:91:
1b:b1:ae:6b:2c:ea:5c:9d:a6:e8:8e:40:d0:30:84:
9c:cc:11:ad:6a:e8:0b:f5:76:df:c2:9e:24:95:40:
55:94:f2:df:53:f6:9b:87:87:83:c9:fe:fb:36:69:
d4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A2:92:4F:E9:8C:AB:46:C8:81:2E:07:7B:ED:5C:C1:9A:EA:09:22
X509v3 Authority Key Identifier:
keyid:83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/B1BFD606E18711EC8BF19C5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.200.0/22
Signature Algorithm: sha256WithRSAEncryption
79:5d:8a:10:3e:c4:60:ad:54:b4:2f:d7:c8:f1:d7:8a:67:78:
8e:bf:79:ed:bc:ee:89:2c:f9:0e:a8:8e:cf:dc:86:d4:e5:1a:
d1:65:a7:c7:4d:55:34:12:8f:c6:b5:26:21:a1:a7:fe:9f:42:
b0:3e:eb:80:e3:93:66:d0:0b:28:1b:1b:61:6f:f7:3b:92:31:
72:19:7e:3f:1b:28:61:e8:81:4a:4e:37:bf:40:c6:32:4e:fb:
ef:48:83:2e:07:41:e0:4b:18:f2:2e:1b:cb:f2:f1:9e:4a:47:
29:2e:ad:6f:7f:ec:ad:c7:9e:76:ff:6d:c4:5a:d6:cf:9b:3b:
d5:75:c3:f0:36:04:d8:02:b4:a5:0a:27:d4:f1:6e:30:e2:c7:
0a:ff:3c:25:be:0d:93:a5:36:9f:9d:2f:87:ff:a8:a5:98:60:
ef:82:fd:8c:fd:24:a8:f3:06:70:78:82:fd:9d:d4:b9:2a:fd:
d6:c0:76:16:de:41:0c:32:40:8f:fe:7d:1f:3f:8b:62:de:44:
5b:c1:d9:5b:d9:02:62:f9:65:4c:ed:84:50:08:6a:e8:ba:09:
08:65:bd:e7:41:92:7a:7f:24:03:93:85:a6:b7:9d:3d:d4:bc:
fa:16:e4:ad:d1:89:b0:d5:38:a9:37:26:36:5c:ae:56:20:3e:
10:65:b0:d7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0ExN0IxMTAvBgNVBAUTKDgzNzE4RTlFRDRBMUIyMjkyNzlFM0NBNTU1RDQ0RDZF
MUZDQThDQzUwHhcNMjIwNjAyMjAxOTI4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk5MWI1MC0zZmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuIiE54IL0WGM5SeCK8X+AM8Avl6CIaJZLteTkOrKI1ljZlbHqcNtfrPSIc08
UYWjIW6bxn2yiR4t6SQ7ZhyDHN4zbRvprYKCMOM2RlTfoNaV5vicHyrLOqaDqdRh
jR7phIJXag/uIF842ee08FLmU6lQpenL/inkszz/dkeoskhH3SOiTbKNlPuJazdm
uHQma7ycu3uu9ppdj85dzjm7FUP5PrPkaXWYmfxcQ0bp6kZVGpbxAiddJuuZ81eF
PNunZ4PkJ5zEIlR9x58Meg//bZEbsa5rLOpcnabojkDQMISczBGtaugL9Xbfwp4k
lUBVlPLfU/abh4eDyf77NmnU7wIDAQABo4IClTCCApEwHQYDVR0OBBYEFMqikk/p
jKtGyIEuB3vtXMGa6gkiMB8GA1UdIwQYMBaAFINxjp7UobIpJ548pVXUTW4fyozF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTE3Qi84NTM5NUQ2RTA2
RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNpa25uanlsVmRSTmJoX0tq
TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2czR09udFNoc2lrbm5qeWxWZFJOYmhfS2pNVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0ExN0IvODUzOTVENkUwNkQzMTFFQUJBNUQ1QTQ5QzRGOUFFMDIvQjFCRkQ2MDZF
MTg3MTFFQzhCRjE5QzVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJniMgwDQYJKoZIhvcNAQELBQADggEBAHldihA+xGCtVLQv
18jx14pneI6/ee287oks+Q6ojs/chtTlGtFlp8dNVTQSj8a1JiGhp/6fQrA+64Dj
k2bQCygbG2Fv9zuSMXIZfj8bKGHogUpON79AxjJO++9Igy4HQeBLGPIuG8vy8Z5K
RykurW9/7K3Hnnb/bcRa1s+bO9V1w/A2BNgCtKUKJ9TxbjDixwr/PCW+DZOlNp+d
L4f/qKWYYO+C/Yz9JKjzBnB4gv2d1Lkq/dbAdhbeQQwyQI/+fR8/i2LeRFvB2VvZ
AmL5ZUzthFAIaui6CQhlvedBknp/JAOThaa3nT3UvPoW5K3RibDVOKk3JjZcrlYg
PhBlsNc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org