Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/BCA5586C80CC11EE94777C52C4F9AE02.roa
File: BCA5586C80CC11EE94777C52C4F9AE02.roa (raw, json)
Hash identifier: ZxrNw6Gn8xCY/j9iN0Ew7lyO3HEn+rOntQlDIIOJaIE=
Subject key identifier: 07:35:43:DB:66:20:78:A7:AB:E3:76:4F:07:F9:98:3F:43:10:65:46
Certificate issuer: /CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586
Certificate serial: 0A44
Authority key identifier: A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/BCA5586C80CC11EE94777C52C4F9AE02.roa
Signing time: Sat 11 Nov 2023 19:58:52 +0000
ROA not before: Sat 11 Nov 2023 19:58:52 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 138023
IP address blocks: 103.133.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2628 (0xa44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1A4E/serialNumber=A921635C7493F21CD26093D5903510802F4E3586
Validity
Not Before: Nov 11 19:58:52 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=654fdcfc-0bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:85:24:15:b0:84:7a:0f:e8:f9:20:07:08:b1:
90:a3:aa:14:13:7b:ba:a6:51:f7:9a:1d:b4:7c:80:
eb:f1:44:70:50:f2:c9:d9:fa:b0:a2:83:1a:71:8d:
0d:12:32:8a:8f:5d:23:10:7d:ff:22:e5:63:2b:46:
71:e6:82:43:1d:2e:19:4f:55:55:41:02:cf:24:c0:
bf:4c:73:c0:30:43:e2:70:c4:8f:0a:2a:d9:85:02:
b7:71:96:95:d1:b4:74:85:8d:72:a3:2c:ba:a5:37:
13:35:3a:85:5f:6b:4c:98:1e:56:62:e3:e1:80:b4:
7b:f6:69:aa:89:50:9d:36:ee:18:0d:a5:15:11:c0:
b2:c1:9d:95:9b:7c:3e:c9:00:97:57:6e:6e:56:c1:
97:ca:90:68:b3:05:08:80:c1:c5:bf:03:68:b5:87:
d0:6a:3c:0f:74:2f:5c:cf:90:7e:74:48:b6:5c:bf:
6a:16:f3:2a:4e:8d:01:31:31:0d:f4:eb:ed:80:15:
64:61:dc:d5:11:4d:75:5b:5c:fa:88:b6:34:e6:5b:
71:26:41:05:7a:1b:04:fe:54:9c:83:e6:96:c8:19:
45:b4:bc:87:b0:f2:a5:38:fb:fe:c3:33:58:8e:02:
bd:82:f2:11:f2:a3:1c:6e:30:47:55:c6:3b:90:0d:
e0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:35:43:DB:66:20:78:A7:AB:E3:76:4F:07:F9:98:3F:43:10:65:46
X509v3 Authority Key Identifier:
keyid:A9:21:63:5C:74:93:F2:1C:D2:60:93:D5:90:35:10:80:2F:4E:35:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/qSFjXHST8hzSYJPVkDUQgC9ONYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qSFjXHST8hzSYJPVkDUQgC9ONYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A4E/A49B4D7437C611EA9D96AE51C4F9AE02/BCA5586C80CC11EE94777C52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.211.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:97:0b:33:a8:ef:39:4b:17:6e:96:ad:57:ec:2d:47:b8:f5:
ca:6a:31:bb:60:da:5e:61:6c:65:58:c2:dd:e0:a5:30:39:20:
4b:42:8e:a0:d8:e9:4e:f2:9a:b7:2a:36:d8:5d:ab:c8:d5:e2:
3a:48:35:b5:bc:96:ca:fb:9d:11:f8:fb:06:04:9f:6b:d4:45:
0c:1a:05:b6:3e:81:a0:5c:de:71:cc:1a:fe:4b:94:b5:16:13:
a5:34:79:3b:59:ce:38:96:75:4b:1a:e9:f2:77:d7:a4:73:72:
a5:03:3c:04:d3:e6:1e:ed:d0:8c:11:c2:04:bc:4d:51:ac:e5:
e5:96:57:b1:00:76:cd:2c:af:9c:00:bf:e8:14:90:79:fa:ae:
7d:dd:48:76:86:39:d4:91:42:be:6a:7d:36:65:85:7c:da:e3:
39:20:c9:6e:35:57:69:7f:6c:4d:88:dc:fa:b6:32:00:43:fc:
18:1e:2d:d6:c1:4f:fd:e7:95:54:25:6a:b3:66:8a:3a:36:79:
77:f9:05:b4:4c:30:5c:54:27:d0:42:1c:f7:d7:65:a3:ec:8a:
ba:14:f2:12:05:f4:b6:5e:9c:18:b2:0b:cd:4f:c0:83:c8:45:
6b:28:37:88:02:48:18:15:c1:5f:0f:00:5a:29:4c:87:b5:26:
f6:50:54:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFBNEUxMTAvBgNVBAUTKEE5MjE2MzVDNzQ5M0YyMUNEMjYwOTNENTkwMzUxMDgw
MkY0RTM1ODYwHhcNMjMxMTExMTk1ODUyWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRmZGNmYy0wYmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoUkFbCEeg/o+SAHCLGQo6oUE3u6plH3mh20fIDr8URwUPLJ2fqwooMacY0N
EjKKj10jEH3/IuVjK0Zx5oJDHS4ZT1VVQQLPJMC/THPAMEPicMSPCirZhQK3cZaV
0bR0hY1yoyy6pTcTNTqFX2tMmB5WYuPhgLR79mmqiVCdNu4YDaUVEcCywZ2Vm3w+
yQCXV25uVsGXypBoswUIgMHFvwNotYfQajwPdC9cz5B+dEi2XL9qFvMqTo0BMTEN
9OvtgBVkYdzVEU11W1z6iLY05ltxJkEFehsE/lScg+aWyBlFtLyHsPKlOPv+wzNY
jgK9gvIR8qMcbjBHVcY7kA3gvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAc1Q9tm
IHinq+N2Twf5mD9DEGVGMB8GA1UdIwQYMBaAFKkhY1x0k/Ic0mCT1ZA1EIAvTjWG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUE0RS9BNDlCNEQ3NDM3
QzYxMUVBOUQ5NkFFNTFDNEY5QUUwMi9xU0ZqWEhTVDhoelNZSlBWa0RVUWdDOU9O
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FTRmpYSFNUOGh6U1lKUFZrRFVRZ0M5T05ZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFBNEUvQTQ5QjRENzQzN0M2MTFFQTlEOTZBRTUxQzRGOUFFMDIvQkNBNTU4NkM4
MENDMTFFRTk0Nzc3QzUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnhdMwDQYJKoZIhvcNAQELBQADggEBAL2XCzOo7zlLF26W
rVfsLUe49cpqMbtg2l5hbGVYwt3gpTA5IEtCjqDY6U7ymrcqNthdq8jV4jpINbW8
lsr7nRH4+wYEn2vURQwaBbY+gaBc3nHMGv5LlLUWE6U0eTtZzjiWdUsa6fJ316Rz
cqUDPATT5h7t0IwRwgS8TVGs5eWWV7EAds0sr5wAv+gUkHn6rn3dSHaGOdSRQr5q
fTZlhXza4zkgyW41V2l/bE2I3Pq2MgBD/BgeLdbBT/3nlVQlarNmijo2eXf5BbRM
MFxUJ9BCHPfXZaPsiroU8hIF9LZenBiyC81PwIPIRWsoN4gCSBgVwV8PAFopTIe1
JvZQVLk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org