Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9138C14/3E4C46305BC411EC96279354C4F9AE02/AC2C96F85BC611EC9099F456C4F9AE02.roa
File: AC2C96F85BC611EC9099F456C4F9AE02.roa (raw, json)
Hash identifier: y3ImBBYUEVbJsHUVuYDAQNwJ3/QoMXImwFKEuPNmg0A=
Subject key identifier: E9:C3:F6:5F:03:11:0A:F1:41:F3:4A:45:6F:C8:07:83:2B:A1:00:BC
Certificate issuer: /CN=A9138C14/serialNumber=BB0E550379FEA281A881A67479B77C8602D01314
Certificate serial: 02
Authority key identifier: BB:0E:55:03:79:FE:A2:81:A8:81:A6:74:79:B7:7C:86:02:D0:13:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uw5VA3n-ooGogaZ0ebd8hgLQExQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9138C14/3E4C46305BC411EC96279354C4F9AE02/AC2C96F85BC611EC9099F456C4F9AE02.roa
Signing time: Mon 13 Dec 2021 03:42:19 +0000
ROA not before: Mon 13 Dec 2021 03:42:19 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 58411
IP address blocks: 103.172.106.0/24 maxlen: 24
103.172.107.0/24 maxlen: 24
2407:d040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9138C14/serialNumber=BB0E550379FEA281A881A67479B77C8602D01314
Validity
Not Before: Dec 13 03:42:19 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61b6c11b-fd2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:65:76:32:66:c3:17:30:35:d5:50:65:d2:c8:
a1:38:3c:c6:b6:78:b4:0b:65:60:26:2e:22:08:01:
4a:d9:27:db:7e:4a:d3:f5:0e:05:ae:a9:8d:c4:31:
d9:2e:15:b6:f7:37:f4:b1:b7:67:37:0f:89:7a:32:
5d:41:c1:56:b8:2c:c0:a5:32:ee:c4:dc:bc:82:fd:
75:98:93:e5:9c:e1:6d:52:2a:d2:0b:3e:92:d5:cb:
e0:83:6d:c2:f4:1c:e8:f7:0d:7f:23:06:3c:e6:ca:
b2:05:31:76:d2:f4:fe:b1:6c:4b:71:ab:ab:14:8a:
f6:3c:88:22:7b:75:d9:f4:85:d0:f5:a4:53:b3:0c:
1e:bd:2a:62:a7:fb:55:67:6e:d6:14:e1:7a:70:48:
7b:3f:e6:c8:b0:72:f0:e5:9b:08:67:29:60:5f:45:
ef:0a:50:f3:ae:33:73:d6:47:2d:20:60:f6:88:43:
0d:1a:d6:24:73:d8:cd:e7:5e:5f:60:30:6a:0b:51:
ce:01:c0:ad:0f:e6:c2:9b:7c:c5:f1:b7:84:a7:0e:
e4:ef:53:45:e8:75:37:c7:be:81:72:7e:7b:15:fb:
ce:3d:70:7d:85:45:dc:64:67:30:03:01:0f:84:2f:
1c:42:e9:e7:5b:06:cd:99:44:24:e3:00:fb:6c:4d:
bb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C3:F6:5F:03:11:0A:F1:41:F3:4A:45:6F:C8:07:83:2B:A1:00:BC
X509v3 Authority Key Identifier:
keyid:BB:0E:55:03:79:FE:A2:81:A8:81:A6:74:79:B7:7C:86:02:D0:13:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9138C14/3E4C46305BC411EC96279354C4F9AE02/uw5VA3n-ooGogaZ0ebd8hgLQExQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uw5VA3n-ooGogaZ0ebd8hgLQExQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138C14/3E4C46305BC411EC96279354C4F9AE02/AC2C96F85BC611EC9099F456C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.106.0/23
IPv6:
2407:d040::/32
Signature Algorithm: sha256WithRSAEncryption
50:4c:d4:0b:49:b1:36:db:3f:ae:c3:6b:6f:8e:70:b6:16:f3:
30:d7:f9:7a:a6:dc:2b:68:2b:c8:f9:4a:5c:1e:6c:09:11:1a:
a8:ec:59:32:fb:ee:08:b3:91:8c:ed:40:15:94:63:6e:51:00:
bf:e8:fa:1a:3d:60:54:f6:3f:cd:40:52:d9:5f:03:50:f1:0b:
41:4f:64:0f:2d:71:29:96:0a:49:bb:52:c9:91:2a:5f:c8:d5:
89:d2:37:ea:32:66:cc:1f:3a:c2:39:1c:55:0d:1c:8e:f6:b9:
15:47:2f:c6:71:cc:44:48:65:5b:77:4c:8e:a3:6a:34:95:0d:
ad:60:93:62:ad:e7:36:32:fa:44:6e:8b:38:10:59:3b:22:0d:
44:a0:3d:08:ac:de:21:e3:6d:b7:54:c3:68:73:15:c7:4a:3c:
e3:65:fd:7e:f1:1f:45:9b:09:57:2e:d9:77:98:14:73:f8:31:
3c:8b:a2:25:c5:b4:a4:69:29:0c:ec:b4:c0:14:7e:5f:58:36:
5a:f0:e7:eb:a6:f2:d5:74:e0:09:c1:e6:a0:82:b8:33:23:85:
f5:66:e5:78:33:4c:0e:93:6e:61:45:32:13:c5:89:58:d5:98:
3f:b1:37:5e:93:d5:3c:8d:44:d1:67:88:c3:1e:8c:5c:03:b8:
50:60:5a:3f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
OEMxNDExMC8GA1UEBRMoQkIwRTU1MDM3OUZFQTI4MUE4ODFBNjc0NzlCNzdDODYw
MkQwMTMxNDAeFw0yMTEyMTMwMzQyMTlaFw0yMjEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYxYjZjMTFiLWZkMmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDKZXYyZsMXMDXVUGXSyKE4PMa2eLQLZWAmLiIIAUrZJ9t+StP1DgWuqY3EMdku
Fbb3N/Sxt2c3D4l6Ml1BwVa4LMClMu7E3LyC/XWYk+Wc4W1SKtILPpLVy+CDbcL0
HOj3DX8jBjzmyrIFMXbS9P6xbEtxq6sUivY8iCJ7ddn0hdD1pFOzDB69KmKn+1Vn
btYU4XpwSHs/5siwcvDlmwhnKWBfRe8KUPOuM3PWRy0gYPaIQw0a1iRz2M3nXl9g
MGoLUc4BwK0P5sKbfMXxt4SnDuTvU0XodTfHvoFyfnsV+849cH2FRdxkZzADAQ+E
LxxC6edbBs2ZRCTjAPtsTbtvAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU6cP2XwMR
CvFB80pFb8gHgyuhALwwHwYDVR0jBBgwFoAUuw5VA3n+ooGogaZ0ebd8hgLQExQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4QzE0LzNFNEM0NjMwNUJD
NDExRUM5NjI3OTM1NEM0RjlBRTAyL3V3NVZBM24tb29Hb2dhWjBlYmQ4aGdMUUV4
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdXc1VkEzbi1vb0dvZ2FaMGViZDhoZ0xRRXhRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OEMxNC8zRTRDNDYzMDVCQzQxMUVDOTYyNzkzNTRDNEY5QUUwMi9BQzJDOTZGODVC
QzYxMUVDOTA5OUY0NTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAWesajANBAIAAjAHAwUAJAfQQDANBgkqhkiG9w0BAQsFAAOC
AQEAUEzUC0mxNts/rsNrb45wthbzMNf5eqbcK2gryPlKXB5sCREaqOxZMvvuCLOR
jO1AFZRjblEAv+j6Gj1gVPY/zUBS2V8DUPELQU9kDy1xKZYKSbtSyZEqX8jVidI3
6jJmzB86wjkcVQ0cjva5FUcvxnHMREhlW3dMjqNqNJUNrWCTYq3nNjL6RG6LOBBZ
OyINRKA9CKzeIeNtt1TDaHMVx0o842X9fvEfRZsJVy7Zd5gUc/gxPIuiJcW0pGkp
DOy0wBR+X1g2WvDn66by1XTgCcHmoIK4MyOF9WbleDNMDpNuYUUyE8WJWNWYP7E3
XpPVPI1E0WeIwx6MXAO4UGBaPw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:39 2023 by rpki-client on console-fra.rpki-client.org