Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E2AC/64171316CA3211E98BFCD352C4F9AE02/072FBE2699E611EAB3C00943C4F9AE02.roa
File: 072FBE2699E611EAB3C00943C4F9AE02.roa (raw, json)
Hash identifier: BocXGxsVqBGu0eRmQgXpzT/HRYVTYDKgjOTwWdeSpsA=
Subject key identifier: 29:54:A4:64:CE:D8:F9:61:59:87:F9:42:05:97:87:EE:33:B0:73:51
Certificate issuer: /CN=A918E2AC/serialNumber=F47D0FBB6E8B64ECD991168D8F730F7891E4F44E
Certificate serial: 09E8
Authority key identifier: F4:7D:0F:BB:6E:8B:64:EC:D9:91:16:8D:8F:73:0F:78:91:E4:F4:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9H0Pu26LZOzZkRaNj3MPeJHk9E4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E2AC/64171316CA3211E98BFCD352C4F9AE02/072FBE2699E611EAB3C00943C4F9AE02.roa
Signing time: Wed 09 Mar 2022 19:45:30 +0000
ROA not before: Wed 09 Mar 2022 19:45:30 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 134371
IP address blocks: 103.133.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2536 (0x9e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E2AC/serialNumber=F47D0FBB6E8B64ECD991168D8F730F7891E4F44E
Validity
Not Before: Mar 9 19:45:30 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=622903da-b199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:30:a7:17:b7:46:a8:e3:9d:e7:5a:94:bd:fa:
0a:81:8a:93:b0:6d:17:e5:6c:fe:12:23:0d:6b:07:
2e:1b:91:99:37:f5:d5:1c:15:83:5f:c6:e4:a4:c7:
3e:80:82:5d:55:06:32:91:50:fc:76:81:a5:5c:a1:
70:cf:35:a1:f9:24:fa:87:73:e7:74:0c:05:18:f4:
6f:35:2e:c7:b4:29:28:12:88:e6:8b:fc:ad:9e:62:
31:42:43:1d:4f:f3:f9:8b:f6:e9:43:a0:49:31:f0:
52:5e:de:68:b0:85:59:b5:73:90:6f:00:be:fa:6a:
ba:bd:cc:e9:b7:d3:2c:27:3f:18:54:d5:ae:03:c9:
f8:c8:c2:41:4a:5b:bc:47:d7:4a:c4:0c:4e:61:bb:
50:4e:97:de:ba:fc:13:fc:5d:d5:31:4b:51:d9:13:
e2:c2:0a:90:2b:4a:8b:63:31:b6:c8:cd:09:18:0e:
e1:b9:ed:1a:01:53:2a:b8:49:99:62:79:41:5b:72:
77:e0:ad:86:29:cf:14:dd:57:7c:cf:93:a2:ea:6a:
b7:af:e4:be:83:66:41:b5:16:06:f7:8d:95:69:c0:
8e:70:a9:17:a9:7f:c4:11:a0:cd:71:af:83:af:f6:
18:10:6e:8c:59:21:5f:20:4f:bb:aa:c4:16:cd:77:
34:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:54:A4:64:CE:D8:F9:61:59:87:F9:42:05:97:87:EE:33:B0:73:51
X509v3 Authority Key Identifier:
keyid:F4:7D:0F:BB:6E:8B:64:EC:D9:91:16:8D:8F:73:0F:78:91:E4:F4:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E2AC/64171316CA3211E98BFCD352C4F9AE02/9H0Pu26LZOzZkRaNj3MPeJHk9E4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9H0Pu26LZOzZkRaNj3MPeJHk9E4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E2AC/64171316CA3211E98BFCD352C4F9AE02/072FBE2699E611EAB3C00943C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.206.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:51:94:0c:13:41:54:00:e5:00:c6:f0:5e:04:ab:c6:03:66:
eb:a0:09:47:d0:41:17:ca:21:8a:8d:0b:68:dc:89:bc:0e:ec:
d4:f8:20:0d:30:e0:c5:4e:99:41:91:20:cb:d1:44:2a:bc:57:
6c:f0:ce:1c:d6:cb:98:df:ea:f1:8f:6f:35:60:6d:22:ed:5b:
8e:d7:b8:16:26:13:6e:2c:2a:d7:11:73:6e:41:c2:23:c0:d5:
96:d6:1c:08:8b:e7:6c:b4:83:ee:42:13:d0:7b:a4:de:d8:67:
ef:f4:fc:78:95:c9:bc:70:f1:cc:f9:b1:9e:8d:60:b2:1a:d2:
68:7c:ca:86:b9:e9:02:ed:d2:ee:7d:9b:d8:b8:6e:ac:63:93:
9a:e3:f6:5d:78:32:9f:66:df:af:4c:68:f6:17:a5:f1:b6:81:
5a:30:e3:f6:32:4c:4b:10:dc:46:07:9f:69:51:29:e5:d4:75:
3a:45:fe:d9:2b:89:a3:c0:a2:a0:0c:64:0a:f4:15:ea:54:f2:
18:50:96:1e:67:9d:ef:21:a6:73:cd:84:e6:ac:3b:9a:7f:e9:
76:9b:24:f9:27:e1:ef:0b:08:43:95:40:42:35:fa:b4:12:4d:
e9:bf:27:e0:64:59:06:3f:9e:6a:65:fa:da:08:0d:ab:72:32:
69:ce:63:0f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEUyQUMxMTAvBgNVBAUTKEY0N0QwRkJCNkU4QjY0RUNEOTkxMTY4RDhGNzMwRjc4
OTFFNEY0NEUwHhcNMjIwMzA5MTk0NTMwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI5MDNkYS1iMTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvTCnF7dGqOOd51qUvfoKgYqTsG0X5Wz+EiMNawcuG5GZN/XVHBWDX8bkpMc+
gIJdVQYykVD8doGlXKFwzzWh+ST6h3PndAwFGPRvNS7HtCkoEojmi/ytnmIxQkMd
T/P5i/bpQ6BJMfBSXt5osIVZtXOQbwC++mq6vczpt9MsJz8YVNWuA8n4yMJBSlu8
R9dKxAxOYbtQTpfeuvwT/F3VMUtR2RPiwgqQK0qLYzG2yM0JGA7hue0aAVMquEmZ
YnlBW3J34K2GKc8U3Vd8z5Oi6mq3r+S+g2ZBtRYG942VacCOcKkXqX/EEaDNca+D
r/YYEG6MWSFfIE+7qsQWzXc0TwIDAQABo4IClTCCApEwHQYDVR0OBBYEFClUpGTO
2PlhWYf5QgWXh+4zsHNRMB8GA1UdIwQYMBaAFPR9D7tui2Ts2ZEWjY9zD3iR5PRO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTJBQy82NDE3MTMxNkNB
MzIxMUU5OEJGQ0QzNTJDNEY5QUUwMi85SDBQdTI2TFpPelprUmFOajNNUGVKSGs5
RTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlIMFB1MjZMWk96WmtSYU5qM01QZUpIazlFNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEUyQUMvNjQxNzEzMTZDQTMyMTFFOThCRkNEMzUyQzRGOUFFMDIvMDcyRkJFMjY5
OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnhc4wDQYJKoZIhvcNAQELBQADggEBAIpRlAwTQVQA5QDG
8F4Eq8YDZuugCUfQQRfKIYqNC2jcibwO7NT4IA0w4MVOmUGRIMvRRCq8V2zwzhzW
y5jf6vGPbzVgbSLtW47XuBYmE24sKtcRc25BwiPA1ZbWHAiL52y0g+5CE9B7pN7Y
Z+/0/HiVybxw8cz5sZ6NYLIa0mh8yoa56QLt0u59m9i4bqxjk5rj9l14Mp9m369M
aPYXpfG2gVow4/YyTEsQ3EYHn2lRKeXUdTpF/tkriaPAoqAMZAr0FepU8hhQlh5n
ne8hpnPNhOasO5p/6XabJPkn4e8LCEOVQEI1+rQSTem/J+BkWQY/nmpl+toIDaty
MmnOYw8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org