Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C29E/045122A8011C11EEB2684F4BC4F9AE02/B2A1A1D0012011EE9CC7A14CC4F9AE02.roa
File: B2A1A1D0012011EE9CC7A14CC4F9AE02.roa (raw, json)
Hash identifier: 7l59ysztJU/Kuw/UVX+wnj6hCUE3U5L1b6R10C8rI1M=
Subject key identifier: F3:A2:D7:B3:12:87:F5:3A:F4:09:E7:F6:63:24:CC:D4:49:04:9E:40
Certificate issuer: /CN=A917C29E/serialNumber=B293489E3ACF28F0D1571437CDF0BCC2CA54545A
Certificate serial: 02
Authority key identifier: B2:93:48:9E:3A:CF:28:F0:D1:57:14:37:CD:F0:BC:C2:CA:54:54:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/spNInjrPKPDRVxQ3zfC8wspUVFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C29E/045122A8011C11EEB2684F4BC4F9AE02/B2A1A1D0012011EE9CC7A14CC4F9AE02.roa
Signing time: Fri 02 Jun 2023 08:37:24 +0000
ROA not before: Fri 02 Jun 2023 08:37:24 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 136180
IP address blocks: 103.203.56.0/22 maxlen: 24
116.213.44.0/22 maxlen: 24
2400:87c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C29E/serialNumber=B293489E3ACF28F0D1571437CDF0BCC2CA54545A
Validity
Not Before: Jun 2 08:37:24 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6479aa44-325b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7c:78:62:24:8b:96:19:91:a3:ca:d6:27:d8:
ff:40:eb:82:9a:8c:24:cd:e7:12:d0:59:c7:9b:6c:
a7:e8:be:c0:ac:f8:c8:c3:7c:d3:58:1e:98:1f:80:
47:b1:78:1f:48:fd:a5:91:c5:02:ea:de:15:dc:6f:
b3:f2:00:8b:51:98:4b:31:0a:8c:a8:bf:1b:2f:fc:
50:2f:a2:ba:72:ff:00:ba:b8:94:e3:62:60:eb:15:
59:c6:81:4b:b6:d5:b0:49:6c:e8:58:cf:cc:07:a1:
ee:c1:c8:be:fd:54:b0:c9:91:a5:96:56:28:85:be:
2b:2f:26:33:ce:79:ba:26:53:c3:fe:86:51:fc:d9:
20:55:8b:5a:cd:9b:99:0e:1c:2b:61:4f:75:61:31:
96:89:5a:70:f5:9f:31:b4:63:1a:4a:3c:09:92:6b:
db:58:e4:ed:b3:33:77:93:f0:eb:07:51:0a:76:58:
b7:28:bc:61:0d:d5:a9:5f:79:84:36:ba:48:c8:9e:
a8:ed:ae:93:20:7a:91:3c:92:ff:d2:ea:07:c5:42:
45:d8:59:86:cb:7b:11:ee:5e:e8:c2:77:d9:dc:f6:
84:b7:9c:12:c1:48:be:05:6e:03:ed:9b:83:df:d8:
39:11:a7:72:f0:6d:eb:07:8a:4a:75:9d:c9:03:49:
2c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A2:D7:B3:12:87:F5:3A:F4:09:E7:F6:63:24:CC:D4:49:04:9E:40
X509v3 Authority Key Identifier:
keyid:B2:93:48:9E:3A:CF:28:F0:D1:57:14:37:CD:F0:BC:C2:CA:54:54:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C29E/045122A8011C11EEB2684F4BC4F9AE02/spNInjrPKPDRVxQ3zfC8wspUVFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/spNInjrPKPDRVxQ3zfC8wspUVFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C29E/045122A8011C11EEB2684F4BC4F9AE02/B2A1A1D0012011EE9CC7A14CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.56.0/22
116.213.44.0/22
IPv6:
2400:87c0::/32
Signature Algorithm: sha256WithRSAEncryption
31:82:0e:dd:f8:54:05:ee:03:15:7d:7b:46:99:a8:66:4a:21:
39:29:a8:0c:5b:d5:98:c0:db:a6:00:2f:8b:a5:c2:a9:c4:42:
5b:09:a0:3a:c9:2e:d0:ec:c3:ef:d9:3b:ec:c6:57:5d:14:ed:
8d:4a:f7:6f:12:d2:f2:b9:2c:2c:44:bb:8d:47:8c:c0:74:52:
39:3a:95:b3:44:b3:4b:7a:64:df:a5:72:d4:a3:01:90:95:7f:
71:54:c1:c5:06:e1:19:a0:16:14:5b:9a:53:4d:08:14:c5:5a:
bb:2c:85:b7:d2:7c:25:4c:84:2f:48:35:9b:2c:07:ab:f1:53:
55:a4:d7:b4:84:27:85:21:25:09:b0:f9:a6:5e:76:a1:ab:55:
33:da:10:c7:4a:6f:ef:6f:c7:fa:e9:f5:c1:65:dc:65:92:45:
70:9b:46:8d:5f:3e:b8:2a:97:ea:ed:0f:c0:99:26:c5:6d:0d:
b3:23:29:ff:20:02:4c:4d:a2:19:a3:a9:7a:82:cc:03:96:9a:
a2:f8:bf:0a:0c:88:7a:65:d3:e5:59:a6:12:1d:0c:23:47:00:
7e:aa:0b:29:f6:fa:0b:69:16:53:d9:a3:5c:4a:ab:37:15:d8:
e8:aa:97:ee:07:8f:c9:34:71:7a:ef:fb:bf:70:f3:39:29:c5:
23:66:43:5c
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QzI5RTExMC8GA1UEBRMoQjI5MzQ4OUUzQUNGMjhGMEQxNTcxNDM3Q0RGMEJDQzJD
QTU0NTQ1QTAeFw0yMzA2MDIwODM3MjRaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NzlhYTQ0LTMyNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClfHhiJIuWGZGjytYn2P9A64KajCTN5xLQWcebbKfovsCs+MjDfNNYHpgfgEex
eB9I/aWRxQLq3hXcb7PyAItRmEsxCoyovxsv/FAvorpy/wC6uJTjYmDrFVnGgUu2
1bBJbOhYz8wHoe7ByL79VLDJkaWWViiFvisvJjPOebomU8P+hlH82SBVi1rNm5kO
HCthT3VhMZaJWnD1nzG0YxpKPAmSa9tY5O2zM3eT8OsHUQp2WLcovGEN1alfeYQ2
ukjInqjtrpMgepE8kv/S6gfFQkXYWYbLexHuXujCd9nc9oS3nBLBSL4FbgPtm4Pf
2DkRp3LwbesHikp1nckDSSx9AgMBAAGjggKqMIICpjAdBgNVHQ4EFgQU86LXsxKH
9Tr0Cef2YyTM1EkEnkAwHwYDVR0jBBgwFoAUspNInjrPKPDRVxQ3zfC8wspUVFow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDMjlFLzA0NTEyMkE4MDEx
QzExRUVCMjY4NEY0QkM0RjlBRTAyL3NwTkluanJQS1BEUlZ4UTN6ZkM4d3NwVVZG
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvc3BOSW5qclBLUERSVnhRM3pmQzh3c3BVVkZvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QzI5RS8wNDUxMjJBODAxMUMxMUVFQjI2ODRGNEJDNEY5QUUwMi9CMkExQTFEMDAx
MjAxMUVFOUNDN0ExNENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAmfLOAMEAnTVLDANBAIAAjAHAwUAJACHwDANBgkqhkiG9w0B
AQsFAAOCAQEAMYIO3fhUBe4DFX17RpmoZkohOSmoDFvVmMDbpgAvi6XCqcRCWwmg
Osku0OzD79k77MZXXRTtjUr3bxLS8rksLES7jUeMwHRSOTqVs0SzS3pk36Vy1KMB
kJV/cVTBxQbhGaAWFFuaU00IFMVauyyFt9J8JUyEL0g1mywHq/FTVaTXtIQnhSEl
CbD5pl52oatVM9oQx0pv72/H+un1wWXcZZJFcJtGjV8+uCqX6u0PwJkmxW0NsyMp
/yACTE2iGaOpeoLMA5aaovi/CgyIemXT5VmmEh0MI0cAfqoLKfb6C2kWU9mjXEqr
NxXY6KqX7gePyTRxeu/7v3DzOSnFI2ZDXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org