Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9193E80/1C97E8188A2C11E8AA7B8B1BC4F9AE02/BA5BD65EA2FF11EDA19DA837C4F9AE02.roa
File: BA5BD65EA2FF11EDA19DA837C4F9AE02.roa (raw, json)
Hash identifier: wyeWGIeXn3x1SEixmGkpqdqCuYa4nP6E85+JN9ziSIg=
Subject key identifier: DB:EE:14:DE:B3:0A:F2:72:42:F1:B1:30:D9:74:CE:FE:A5:28:92:09
Certificate issuer: /CN=A9193E80/serialNumber=249A2D6CAB3E9DC3BE869E22D858DF61560E412F
Certificate serial: 1221
Authority key identifier: 24:9A:2D:6C:AB:3E:9D:C3:BE:86:9E:22:D8:58:DF:61:56:0E:41:2F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JJotbKs-ncO-hp4i2FjfYVYOQS8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9193E80/1C97E8188A2C11E8AA7B8B1BC4F9AE02/BA5BD65EA2FF11EDA19DA837C4F9AE02.roa
Signing time: Thu 02 Feb 2023 13:44:35 +0000
ROA not before: Thu 02 Feb 2023 13:44:35 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 134090
IP address blocks: 103.51.112.0/22 maxlen: 24
103.95.112.0/22 maxlen: 24
123.253.188.0/22 maxlen: 24
202.179.128.0/22 maxlen: 24
2402:2c80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4641 (0x1221)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9193E80/serialNumber=249A2D6CAB3E9DC3BE869E22D858DF61560E412F
Validity
Not Before: Feb 2 13:44:35 2023 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63dbbe42-68f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e6:4f:6a:95:cf:8e:05:83:01:4f:cd:65:23:
a8:d8:b6:8c:0d:34:ab:31:d3:fa:98:0f:bb:d2:f4:
39:c7:86:6f:6a:41:bf:c9:10:99:6e:82:e0:23:38:
22:1a:cc:0b:e7:d3:6d:cf:2c:64:87:ae:53:8f:6b:
29:56:62:44:e2:93:e0:4d:85:c2:3e:d5:1e:73:78:
d1:86:85:0a:49:fe:8d:56:04:94:7d:a2:65:4f:3a:
66:5a:71:21:7f:89:17:9e:c3:85:ef:20:f6:68:7f:
2b:1b:0c:e7:e9:61:f2:a5:be:61:28:b7:0e:0b:7b:
b1:8e:50:f8:17:6b:15:1b:7d:aa:c6:9b:89:24:b3:
a1:49:84:12:f7:85:4d:df:2a:b0:67:6a:74:15:bf:
91:bc:d9:25:b8:31:33:1e:57:21:67:d2:d7:2f:e7:
96:ea:f5:2a:e5:74:b8:0a:54:2a:98:8d:d1:07:31:
a8:86:b2:f6:2a:89:ef:c9:48:2a:c3:27:4d:7b:1c:
c3:d8:f0:0b:70:0d:55:9d:67:fb:4b:01:fd:9f:ad:
9d:9b:71:8a:a7:4e:9a:20:58:39:b0:ff:db:16:70:
3f:04:19:4d:36:00:70:f8:b3:4c:6c:29:ca:6b:09:
3d:79:bf:f0:27:a6:3e:28:e4:33:ce:3b:f7:42:d4:
bc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EE:14:DE:B3:0A:F2:72:42:F1:B1:30:D9:74:CE:FE:A5:28:92:09
X509v3 Authority Key Identifier:
keyid:24:9A:2D:6C:AB:3E:9D:C3:BE:86:9E:22:D8:58:DF:61:56:0E:41:2F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9193E80/1C97E8188A2C11E8AA7B8B1BC4F9AE02/JJotbKs-ncO-hp4i2FjfYVYOQS8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JJotbKs-ncO-hp4i2FjfYVYOQS8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193E80/1C97E8188A2C11E8AA7B8B1BC4F9AE02/BA5BD65EA2FF11EDA19DA837C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.51.112.0/22
103.95.112.0/22
123.253.188.0/22
202.179.128.0/22
IPv6:
2402:2c80::/32
Signature Algorithm: sha256WithRSAEncryption
07:64:8f:7b:f8:e6:c3:5b:c3:25:66:02:38:f1:64:59:f1:96:
d7:ac:eb:d6:39:b3:23:98:a0:a2:9a:74:7f:12:37:42:79:75:
d0:46:aa:9c:a7:67:75:aa:e9:57:ea:64:f0:09:b6:ad:38:88:
b3:ed:35:80:62:b4:f0:8b:64:b1:95:c9:b1:5f:ba:f9:75:f3:
b6:63:f8:72:c0:6a:f9:58:11:be:e9:13:6a:f8:a5:0c:26:d3:
ec:a2:17:ca:48:9b:07:8a:c1:5d:cc:e1:82:a5:8a:45:c2:42:
79:d8:88:9b:60:d7:f5:04:c6:3d:67:43:0e:55:31:00:99:90:
cd:a5:09:18:8c:e0:02:96:19:4d:d6:18:1b:19:c0:92:76:e1:
88:b4:34:30:44:c6:e2:1b:7b:40:eb:ad:a4:5a:58:4b:a4:8f:
fc:95:82:89:45:ef:3b:5f:dc:a7:68:d8:9c:b5:d8:38:a0:ed:
0a:3a:a1:e1:09:10:7f:47:bb:62:da:e1:c2:40:d8:8a:e4:94:
70:b9:fc:ff:4d:ab:c0:e9:50:74:0a:60:a9:f3:ae:e0:9c:eb:
d9:f9:33:8b:71:83:f0:c6:0b:1f:34:35:6f:07:a2:b0:9b:4c:
a3:d3:38:a8:20:c3:66:4e:0b:85:b0:93:fb:0f:7e:1e:f0:3d:
f1:82:3f:91
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICEiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTNFODAxMTAvBgNVBAUTKDI0OUEyRDZDQUIzRTlEQzNCRTg2OUUyMkQ4NThERjYx
NTYwRTQxMkYwHhcNMjMwMjAyMTM0NDM1WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RiYmU0Mi02OGY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs+ZPapXPjgWDAU/NZSOo2LaMDTSrMdP6mA+70vQ5x4ZvakG/yRCZboLgIzgi
GswL59Ntzyxkh65Tj2spVmJE4pPgTYXCPtUec3jRhoUKSf6NVgSUfaJlTzpmWnEh
f4kXnsOF7yD2aH8rGwzn6WHypb5hKLcOC3uxjlD4F2sVG32qxpuJJLOhSYQS94VN
3yqwZ2p0Fb+RvNkluDEzHlchZ9LXL+eW6vUq5XS4ClQqmI3RBzGohrL2KonvyUgq
wydNexzD2PALcA1VnWf7SwH9n62dm3GKp06aIFg5sP/bFnA/BBlNNgBw+LNMbCnK
awk9eb/wJ6Y+KOQzzjv3QtS8JwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNvuFN6z
CvJyQvGxMNl0zv6lKJIJMB8GA1UdIwQYMBaAFCSaLWyrPp3DvoaeIthY32FWDkEv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5M0U4MC8xQzk3RTgxODhB
MkMxMUU4QUE3QjhCMUJDNEY5QUUwMi9KSm90YktzLW5jTy1ocDRpMkZqZllWWU9R
UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pKb3RiS3MtbmNPLWhwNGkyRmpmWVZZT1FTOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTNFODAvMUM5N0U4MTg4QTJDMTFFOEFBN0I4QjFCQzRGOUFFMDIvQkE1QkQ2NUVB
MkZGMTFFREExOURBODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnM3ADBAJnX3ADBAJ7/bwDBALKs4AwDQQCAAIwBwMFACQC
LIAwDQYJKoZIhvcNAQELBQADggEBAAdkj3v45sNbwyVmAjjxZFnxltes69Y5syOY
oKKadH8SN0J5ddBGqpynZ3Wq6VfqZPAJtq04iLPtNYBitPCLZLGVybFfuvl187Zj
+HLAavlYEb7pE2r4pQwm0+yiF8pImweKwV3M4YKlikXCQnnYiJtg1/UExj1nQw5V
MQCZkM2lCRiM4AKWGU3WGBsZwJJ24Yi0NDBExuIbe0DrraRaWEukj/yVgolF7ztf
3Kdo2Jy12Dig7Qo6oeEJEH9Hu2La4cJA2IrklHC5/P9Nq8DpUHQKYKnzruCc69n5
M4txg/DGCx80NW8HorCbTKPTOKggw2ZOC4Wwk/sPfh7wPfGCP5E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:59 2023 by rpki-client on console-fra.rpki-client.org