Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/BFE5A656F0F611EC8B1EB281C4F9AE02.roa
File: BFE5A656F0F611EC8B1EB281C4F9AE02.roa (raw, json)
Hash identifier: xCB7Itl1E6vsmOgorFeG2/5xMH7y+of37dfrTv4ts5Q=
Subject key identifier: 48:E6:08:0D:EB:A9:92:1D:4B:52:F3:93:8C:41:81:E8:84:51:7A:5C
Certificate issuer: /CN=A9113BE5/serialNumber=3646EB1F370B7E63D1F36DEB36C2476C96E6BAE8
Certificate serial: 02
Authority key identifier: 36:46:EB:1F:37:0B:7E:63:D1:F3:6D:EB:36:C2:47:6C:96:E6:BA:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkbrHzcLfmPR823rNsJHbJbmuug.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/BFE5A656F0F611EC8B1EB281C4F9AE02.roa
Signing time: Tue 21 Jun 2022 00:11:52 +0000
ROA not before: Tue 21 Jun 2022 00:11:52 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 56264
IP address blocks: 103.189.236.0/24 maxlen: 24
103.189.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9113BE5/serialNumber=3646EB1F370B7E63D1F36DEB36C2476C96E6BAE8
Validity
Not Before: Jun 21 00:11:52 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62b10cc7-2b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:0c:44:d5:d1:08:0e:e5:f7:f4:1c:f0:15:
19:b3:c2:49:80:70:00:cb:07:ed:96:20:22:bc:38:
a5:dc:fe:6c:ad:24:6e:91:f8:0a:15:eb:44:cc:0b:
93:53:c9:49:38:54:ee:0f:6d:22:7b:fa:a2:7b:3d:
f0:3e:88:22:3d:70:a9:33:c7:d8:0e:0d:47:35:34:
6c:1e:6d:18:7a:26:f7:ac:b0:78:a3:dd:6b:4f:cd:
1d:d2:80:81:46:44:0e:54:fc:00:16:5c:9c:2b:aa:
4a:d7:48:c5:d0:7d:ed:b4:60:a2:69:68:e2:34:2f:
fe:31:6a:27:20:96:f5:90:93:25:8d:b0:6e:7a:ec:
a0:16:54:5d:90:c8:0f:47:9d:c1:9c:3a:63:b0:b1:
38:8f:f3:ea:d5:0f:32:25:c0:27:93:93:6a:7b:32:
12:8b:d2:35:ef:ef:4c:cf:d2:e1:f5:44:48:f5:ac:
e5:bf:fa:07:6e:2f:7d:65:b8:f4:f5:b1:8b:4c:ed:
17:52:a3:12:52:77:6d:37:1b:80:ec:46:c7:93:88:
3e:3a:95:c1:82:9c:68:a7:be:8f:ca:42:1f:ca:d0:
3e:28:c2:3a:3e:78:f1:01:ef:73:20:a9:ae:9a:59:
f2:ed:ac:f0:6c:7a:bb:55:8b:73:36:80:06:37:44:
0d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E6:08:0D:EB:A9:92:1D:4B:52:F3:93:8C:41:81:E8:84:51:7A:5C
X509v3 Authority Key Identifier:
keyid:36:46:EB:1F:37:0B:7E:63:D1:F3:6D:EB:36:C2:47:6C:96:E6:BA:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/NkbrHzcLfmPR823rNsJHbJbmuug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NkbrHzcLfmPR823rNsJHbJbmuug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9113BE5/611C512CF0F311EC84B29C80C4F9AE02/BFE5A656F0F611EC8B1EB281C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.236.0/23
Signature Algorithm: sha256WithRSAEncryption
56:74:15:26:20:a6:ff:c4:61:a3:0f:3a:31:80:83:66:ad:42:
b3:db:24:7c:b0:a1:38:e9:af:b6:58:54:01:63:32:60:ee:ad:
cb:10:d7:a7:8f:12:b0:00:21:1b:95:d1:20:15:9c:dc:58:7e:
8b:a6:15:b7:09:b1:ef:e2:77:09:d7:a2:67:af:0d:1a:6e:a4:
c9:56:a6:32:12:44:8b:de:cf:0f:2e:ab:b7:40:fc:a4:05:7f:
f8:2d:39:68:c6:5e:61:51:06:8b:d5:70:4e:21:81:1d:03:f9:
6c:f6:89:74:c8:de:02:27:ed:0b:a9:ba:ef:30:b6:47:6c:4d:
0a:d7:30:c5:60:16:ae:b2:a8:d3:2e:f1:a6:70:b7:bd:be:46:
d7:ea:46:5e:5b:8c:0f:4d:ae:74:c5:e0:e1:75:66:10:5a:1b:
5b:75:67:b0:28:20:62:cf:df:7e:b4:6c:8a:07:4a:c8:f5:6a:
04:18:3f:3d:b0:3f:af:d0:92:a3:45:76:26:c5:dd:aa:46:05:
38:ce:60:95:dd:59:7b:3c:5c:45:1b:ac:76:d9:9b:35:32:d8:
44:fd:7a:67:07:82:c0:d6:20:28:78:de:bb:bd:ec:36:05:4e:
48:2c:11:a6:a1:0e:66:76:1f:4f:5c:1b:26:2c:50:8d:c2:e7:
17:08:17:b5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
M0JFNTExMC8GA1UEBRMoMzY0NkVCMUYzNzBCN0U2M0QxRjM2REVCMzZDMjQ3NkM5
NkU2QkFFODAeFw0yMjA2MjEwMDExNTJaFw0yMzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyYjEwY2M3LTJiOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqAAxE1dEIDuX39BzwFRmzwkmAcADLB+2WICK8OKXc/mytJG6R+AoV60TMC5NT
yUk4VO4PbSJ7+qJ7PfA+iCI9cKkzx9gODUc1NGwebRh6JvessHij3WtPzR3SgIFG
RA5U/AAWXJwrqkrXSMXQfe20YKJpaOI0L/4xaicglvWQkyWNsG567KAWVF2QyA9H
ncGcOmOwsTiP8+rVDzIlwCeTk2p7MhKL0jXv70zP0uH1REj1rOW/+gduL31luPT1
sYtM7RdSoxJSd203G4DsRseTiD46lcGCnGinvo/KQh/K0D4owjo+ePEB73Mgqa6a
WfLtrPBsertVi3M2gAY3RA21AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUSOYIDeup
kh1LUvOTjEGB6IRRelwwHwYDVR0jBBgwFoAUNkbrHzcLfmPR823rNsJHbJbmuugw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEzQkU1LzYxMUM1MTJDRjBG
MzExRUM4NEIyOUM4MEM0RjlBRTAyL05rYnJIemNMZm1QUjgyM3JOc0pIYkpibXV1
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTmtickh6Y0xmbVBSODIzck5zSkhiSmJtdXVnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
M0JFNS82MTFDNTEyQ0YwRjMxMUVDODRCMjlDODBDNEY5QUUwMi9CRkU1QTY1NkYw
RjYxMUVDOEIxRUIyODFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWe97DANBgkqhkiG9w0BAQsFAAOCAQEAVnQVJiCm/8Rhow86
MYCDZq1Cs9skfLChOOmvtlhUAWMyYO6tyxDXp48SsAAhG5XRIBWc3Fh+i6YVtwmx
7+J3CdeiZ68NGm6kyVamMhJEi97PDy6rt0D8pAV/+C05aMZeYVEGi9VwTiGBHQP5
bPaJdMjeAiftC6m67zC2R2xNCtcwxWAWrrKo0y7xpnC3vb5G1+pGXluMD02udMXg
4XVmEFobW3VnsCggYs/ffrRsigdKyPVqBBg/PbA/r9CSo0V2JsXdqkYFOM5gld1Z
ezxcRRusdtmbNTLYRP16ZweCwNYgKHjeu73sNgVOSCwRpqEOZnYfT1wbJixQjcLn
FwgXtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:54 2024 by rpki-client on console-fra.rpki-client.org