Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/BC4A26C49A0D11EC92AD8580C4F9AE02.roa
File: BC4A26C49A0D11EC92AD8580C4F9AE02.roa (raw, json)
Hash identifier: NDLj0JmcWIQh8YpMuoEuHoVY0SnbPXx+VsWQkh17yvg=
Subject key identifier: 39:E6:E2:41:4D:DA:28:74:59:65:6D:6C:72:24:29:31:D4:9B:08:54
Certificate issuer: /CN=A91E3D04/serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13
Certificate serial: 0AB0
Authority key identifier: DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/BC4A26C49A0D11EC92AD8580C4F9AE02.roa
Signing time: Wed 06 Apr 2022 03:45:58 +0000
ROA not before: Wed 06 Apr 2022 03:45:58 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 142129
IP address blocks: 103.137.222.0/24 maxlen: 24
103.137.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2736 (0xab0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3D04/serialNumber=DFC23E3D905D0E83681219596D08229A694FAF13
Validity
Not Before: Apr 6 03:45:58 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=624d0cf6-752c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d0:60:6c:16:b2:84:5e:d7:e3:07:b4:a8:27:
6b:45:20:f9:4f:6f:65:3d:99:9f:92:d1:2d:2a:b0:
2d:7a:e2:f5:a0:8f:af:41:ff:81:24:4b:ae:43:8d:
e6:29:32:16:6d:c2:6b:e7:82:10:13:c1:6c:de:29:
f7:ba:9b:32:b4:03:38:89:de:82:e0:21:c7:a0:96:
5a:cb:7d:2d:88:5a:dc:8a:83:8e:c9:5c:c1:99:0e:
99:4d:04:c4:1b:7a:f1:da:38:f3:5f:78:8e:9b:7f:
4d:f1:8c:2b:7a:39:66:b5:66:74:82:24:4d:c3:41:
6e:f9:a1:36:db:a7:e0:bf:99:17:1a:e8:62:8b:5a:
6b:2b:5d:0a:f2:94:d1:1f:3e:36:98:e8:77:9b:4c:
ae:32:86:b6:fa:45:2d:2d:00:aa:43:c9:28:74:f1:
73:d1:67:e6:57:78:e6:a2:6f:e1:79:79:6e:97:cf:
4c:bc:27:07:cd:4f:5e:89:72:a1:1a:34:2f:f9:a6:
7e:ee:0a:af:db:2d:d4:e3:5e:36:4b:89:26:e0:69:
35:e3:72:c4:7b:26:65:68:93:cf:c6:1d:c9:f5:f5:
a2:17:83:12:51:7f:2a:01:c0:49:ee:d8:cc:23:ce:
16:6b:3e:1e:8d:fd:fd:d9:28:e4:6d:d8:5e:77:37:
22:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E6:E2:41:4D:DA:28:74:59:65:6D:6C:72:24:29:31:D4:9B:08:54
X509v3 Authority Key Identifier:
keyid:DF:C2:3E:3D:90:5D:0E:83:68:12:19:59:6D:08:22:9A:69:4F:AF:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/38I-PZBdDoNoEhlZbQgimmlPrxM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/38I-PZBdDoNoEhlZbQgimmlPrxM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3D04/7A17FE8EADD911E9B7409A72C4F9AE02/BC4A26C49A0D11EC92AD8580C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.222.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:39:5d:91:5c:d2:e5:ef:20:a6:92:82:46:52:d2:43:ae:9e:
20:6a:97:f5:b4:cf:2c:bd:21:e9:f4:fa:c2:11:c1:dd:26:23:
96:7c:2a:86:bd:07:ff:f9:59:a7:f0:9f:5a:84:cf:96:df:29:
ce:91:8f:d4:17:36:bd:2e:ab:70:4f:51:54:80:34:53:0e:4c:
d3:2c:ec:4d:8e:42:61:09:aa:cc:aa:e9:9f:63:ad:6c:e3:70:
d4:c5:64:66:eb:ef:c2:38:8e:60:41:6b:05:13:c4:8f:6c:78:
83:f1:7c:40:02:fa:f3:ab:d1:1c:f2:fe:f7:36:0e:08:06:36:
39:80:3e:55:56:bf:a1:42:bd:36:b7:f9:61:34:a0:c7:f2:46:
fa:d7:a3:0c:46:93:22:4f:93:e5:1d:27:cc:2b:33:0f:71:e5:
89:5d:49:5c:ff:3c:36:75:a2:62:06:c6:82:bf:90:94:b1:07:
c1:a0:12:2f:79:b9:25:09:90:af:44:01:38:bb:ab:48:f6:39:
de:dc:d7:20:b2:af:40:77:77:fb:ac:88:fa:8d:2c:c4:81:91:
c4:9a:40:1a:0c:b7:88:c6:97:12:00:b5:14:e3:9d:7d:61:7c:
39:f4:b7:5a:86:52:84:3b:00:07:7f:4a:cb:a3:21:90:89:b8:
5b:6c:ed:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCrAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNEMDQxMTAvBgNVBAUTKERGQzIzRTNEOTA1RDBFODM2ODEyMTk1OTZEMDgyMjlB
Njk0RkFGMTMwHhcNMjIwNDA2MDM0NTU4WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRkMGNmNi03NTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo9BgbBayhF7X4we0qCdrRSD5T29lPZmfktEtKrAteuL1oI+vQf+BJEuuQ43m
KTIWbcJr54IQE8Fs3in3upsytAM4id6C4CHHoJZay30tiFrcioOOyVzBmQ6ZTQTE
G3rx2jjzX3iOm39N8YwrejlmtWZ0giRNw0Fu+aE226fgv5kXGuhii1prK10K8pTR
Hz42mOh3m0yuMoa2+kUtLQCqQ8kodPFz0WfmV3jmom/heXlul89MvCcHzU9eiXKh
GjQv+aZ+7gqv2y3U4142S4km4Gk143LEeyZlaJPPxh3J9fWiF4MSUX8qAcBJ7tjM
I84Waz4ejf392SjkbdhedzciKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDnm4kFN
2ih0WWVtbHIkKTHUmwhUMB8GA1UdIwQYMBaAFN/CPj2QXQ6DaBIZWW0IIpppT68T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0QwNC83QTE3RkU4RUFE
RDkxMUU5Qjc0MDlBNzJDNEY5QUUwMi8zOEktUFpCZERvTm9FaGxaYlFnaW1tbFBy
eE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzM4SS1QWkJkRG9Ob0VobFpiUWdpbW1sUHJ4TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNEMDQvN0ExN0ZFOEVBREQ5MTFFOUI3NDA5QTcyQzRGOUFFMDIvQkM0QTI2QzQ5
QTBEMTFFQzkyQUQ4NTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnid4wDQYJKoZIhvcNAQELBQADggEBAH85XZFc0uXvIKaS
gkZS0kOuniBql/W0zyy9Ien0+sIRwd0mI5Z8Koa9B//5Wafwn1qEz5bfKc6Rj9QX
Nr0uq3BPUVSANFMOTNMs7E2OQmEJqsyq6Z9jrWzjcNTFZGbr78I4jmBBawUTxI9s
eIPxfEAC+vOr0Rzy/vc2DggGNjmAPlVWv6FCvTa3+WE0oMfyRvrXowxGkyJPk+Ud
J8wrMw9x5YldSVz/PDZ1omIGxoK/kJSxB8GgEi95uSUJkK9EATi7q0j2Od7c1yCy
r0B3d/usiPqNLMSBkcSaQBoMt4jGlxIAtRTjnX1hfDn0t1qGUoQ7AAd/SsujIZCJ
uFts7cQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:32 2024 by rpki-client on console-ams.rpki-client.org