Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/BC2F3B3CAC4811ECB3E5B937C4F9AE02.roa
File: BC2F3B3CAC4811ECB3E5B937C4F9AE02.roa (raw, json)
Hash identifier: PTlcKLNSlBnBYbA9mCNknu55wT7gC8cVSGQVFCABW5M=
Subject key identifier: 14:3F:BE:45:50:00:F0:2D:68:E4:22:DE:A6:58:0D:71:FA:D3:37:A8
Certificate issuer: /CN=A912AC33/serialNumber=C95CE9D1B6B31081C025D46A3A167FCFDFA72634
Certificate serial: 9C
Authority key identifier: C9:5C:E9:D1:B6:B3:10:81:C0:25:D4:6A:3A:16:7F:CF:DF:A7:26:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/BC2F3B3CAC4811ECB3E5B937C4F9AE02.roa
Signing time: Fri 25 Mar 2022 14:54:26 +0000
ROA not before: Fri 25 Mar 2022 14:54:26 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 132198
IP address blocks: 103.47.154.0/24 maxlen: 24
103.241.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156 (0x9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912AC33/serialNumber=C95CE9D1B6B31081C025D46A3A167FCFDFA72634
Validity
Not Before: Mar 25 14:54:26 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=623dd7a1-8c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:58:7e:e2:1d:3b:62:62:43:54:f1:82:47:ca:
3f:55:c8:cc:35:e3:cd:b4:1a:1e:23:94:51:5c:98:
4f:ac:1d:71:7a:f1:ec:27:20:25:c0:b2:dc:04:2f:
ce:7b:45:69:ad:72:23:99:24:df:38:da:e3:de:13:
a9:95:df:b2:4f:74:60:dc:db:fd:7c:cb:3a:63:f8:
5b:ac:f5:6f:0c:d9:8a:3d:a1:f2:c4:55:e0:9f:a2:
8b:25:bf:2a:f2:b0:62:ca:c1:99:9d:79:53:49:eb:
ae:1c:e0:2a:69:62:45:8f:9b:78:24:93:65:07:e4:
ca:29:90:33:62:85:14:3d:93:dd:a3:de:e2:c1:d6:
05:af:fe:53:f1:80:89:34:2a:34:43:93:30:80:5d:
5d:55:81:06:9f:8c:4c:70:98:97:a7:bc:e2:f2:62:
c5:42:40:07:66:d4:ee:3b:00:75:39:d6:74:9c:ec:
6d:54:2b:4f:5f:05:3a:8b:6b:37:e7:28:8e:4a:14:
d6:db:9b:7b:49:6d:28:96:57:43:c4:72:11:4c:83:
ef:5c:9b:b3:41:5e:3e:71:6c:d8:ec:cf:fd:0f:23:
db:c0:03:5e:71:85:66:7d:fd:b8:ad:53:55:ce:19:
c4:fd:dc:cd:e8:36:7c:57:cb:41:74:bb:93:7e:ee:
73:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3F:BE:45:50:00:F0:2D:68:E4:22:DE:A6:58:0D:71:FA:D3:37:A8
X509v3 Authority Key Identifier:
keyid:C9:5C:E9:D1:B6:B3:10:81:C0:25:D4:6A:3A:16:7F:CF:DF:A7:26:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yVzp0bazEIHAJdRqOhZ_z9-nJjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AC33/04B3348872BC11EC86116D5EC4F9AE02/BC2F3B3CAC4811ECB3E5B937C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.47.154.0/24
103.241.150.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:f2:14:1d:4d:67:eb:b6:70:60:bf:16:83:ef:85:2d:b6:e9:
6e:13:e4:c3:ba:af:ee:13:ee:e9:85:1d:2c:7d:60:95:66:db:
df:b0:96:83:77:f7:11:73:5c:50:ee:4a:df:45:40:8b:c0:9e:
a7:fd:e8:b9:06:93:fe:2e:b9:59:77:63:a7:79:09:3f:cd:2a:
72:c3:d8:cd:13:09:80:ee:30:ec:d4:77:a0:d8:01:a9:b1:24:
85:43:37:2d:a4:e3:e6:5b:1f:c2:35:e0:73:ec:57:91:16:c7:
8c:e2:8f:08:38:64:54:a1:73:6f:09:69:5b:34:2f:78:58:97:
36:06:54:27:75:c8:6c:8e:a3:45:89:8d:86:59:86:4e:48:eb:
f7:2c:41:cb:a1:a6:16:68:55:62:d2:fc:47:3e:8d:c2:2d:eb:
a2:92:da:36:57:ea:23:2f:2f:72:b3:fc:db:8e:57:20:fa:54:
d8:e3:0e:bc:98:c0:d2:a2:64:11:ff:71:13:a0:a2:cf:1d:29:
be:15:78:e0:f4:e3:b9:44:d1:6f:89:5d:76:d1:ba:61:92:29:
f9:a8:1e:5d:4e:95:55:ea:14:68:87:4c:03:0e:a6:e5:9b:ed:
fd:7d:a1:d0:4a:08:2b:d7:fd:f9:31:72:e8:79:10:d8:61:c8:
ac:7a:b3:b2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkFDMzMxMTAvBgNVBAUTKEM5NUNFOUQxQjZCMzEwODFDMDI1RDQ2QTNBMTY3RkNG
REZBNzI2MzQwHhcNMjIwMzI1MTQ1NDI2WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjNkZDdhMS04Yzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx1h+4h07YmJDVPGCR8o/VcjMNePNtBoeI5RRXJhPrB1xevHsJyAlwLLcBC/O
e0VprXIjmSTfONrj3hOpld+yT3Rg3Nv9fMs6Y/hbrPVvDNmKPaHyxFXgn6KLJb8q
8rBiysGZnXlTSeuuHOAqaWJFj5t4JJNlB+TKKZAzYoUUPZPdo97iwdYFr/5T8YCJ
NCo0Q5MwgF1dVYEGn4xMcJiXp7zi8mLFQkAHZtTuOwB1OdZ0nOxtVCtPXwU6i2s3
5yiOShTW25t7SW0olldDxHIRTIPvXJuzQV4+cWzY7M/9DyPbwANecYVmff24rVNV
zhnE/dzN6DZ8V8tBdLuTfu5zawIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBQ/vkVQ
APAtaOQi3qZYDXH60zeoMB8GA1UdIwQYMBaAFMlc6dG2sxCBwCXUajoWf8/fpyY0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQUMzMy8wNEIzMzQ4ODcy
QkMxMUVDODYxMTZENUVDNEY5QUUwMi95VnpwMGJhekVJSEFKZFJxT2haX3o5LW5K
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lWenAwYmF6RUlIQUpkUnFPaFpfejktbkpqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkFDMzMvMDRCMzM0ODg3MkJDMTFFQzg2MTE2RDVFQzRGOUFFMDIvQkMyRjNCM0NB
QzQ4MTFFQ0IzRTVCOTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnL5oDBABn8ZYwDQYJKoZIhvcNAQELBQADggEBAH7yFB1N
Z+u2cGC/FoPvhS226W4T5MO6r+4T7umFHSx9YJVm29+wloN39xFzXFDuSt9FQIvA
nqf96LkGk/4uuVl3Y6d5CT/NKnLD2M0TCYDuMOzUd6DYAamxJIVDNy2k4+ZbH8I1
4HPsV5EWx4zijwg4ZFShc28JaVs0L3hYlzYGVCd1yGyOo0WJjYZZhk5I6/csQcuh
phZoVWLS/Ec+jcIt66KS2jZX6iMvL3Kz/NuOVyD6VNjjDryYwNKiZBH/cROgos8d
Kb4VeOD047lE0W+JXXbRumGSKfmoHl1OlVXqFGiHTAMOpuWb7f19odBKCCvX/fkx
cuh5ENhhyKx6s7I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org