Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143C5C/F652EFF894E811EAB0C01668C4F9AE02/BBF06B9A94EA11EAABCE566BC4F9AE02.roa
File: BBF06B9A94EA11EAABCE566BC4F9AE02.roa (raw, json)
Hash identifier: FHqLreoGStWrusGOoQAPK6aGh21Y9gFa/W0Gyl62yMg=
Subject key identifier: DB:1C:12:9E:97:B4:F5:52:8E:D5:C5:BB:A7:8D:FB:47:BB:0D:AA:93
Certificate issuer: /CN=A9143C5C/serialNumber=72F2CB33D77C163899E5350D8E801E7170E484DE
Certificate serial: 0396
Authority key identifier: 72:F2:CB:33:D7:7C:16:38:99:E5:35:0D:8E:80:1E:71:70:E4:84:DE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cvLLM9d8FjiZ5TUNjoAecXDkhN4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143C5C/F652EFF894E811EAB0C01668C4F9AE02/BBF06B9A94EA11EAABCE566BC4F9AE02.roa
Signing time: Thu 27 May 2021 22:50:52 +0000
ROA not before: Thu 27 May 2021 22:50:52 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 140624
IP address blocks: 103.151.58.0/23 maxlen: 23
103.151.58.0/24 maxlen: 24
103.151.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 918 (0x396)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143C5C/serialNumber=72F2CB33D77C163899E5350D8E801E7170E484DE
Validity
Not Before: May 27 22:50:52 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60b0224c-29d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:11:f3:0e:36:56:8b:38:79:22:ca:94:8e:6c:
48:1b:5b:a4:01:96:68:33:3b:42:15:ac:43:9d:e7:
65:e1:7e:60:38:cc:f3:09:c0:24:c5:5f:9e:53:f6:
27:76:6d:ee:96:42:a7:7f:0d:c8:2e:5d:df:79:c2:
29:49:0e:1e:5c:eb:b9:71:e9:04:28:a9:84:98:ba:
12:a4:10:9b:47:cc:97:91:fe:58:bd:fc:f6:9c:56:
d9:67:1f:6d:28:6a:88:91:c7:b9:54:d5:bc:ae:87:
f8:be:8a:b0:cc:eb:f2:c3:d2:16:69:16:16:7f:84:
21:19:91:39:13:08:2b:45:78:89:43:da:29:4b:55:
26:f3:76:da:18:a7:f0:1d:21:28:37:8e:33:33:6a:
0a:42:1a:86:31:a3:81:05:0d:7d:25:66:37:da:f1:
9c:2e:d0:e3:29:94:08:3c:99:bf:75:ea:1e:19:ae:
45:6f:f4:36:64:f9:34:d6:a7:2a:a0:32:23:66:b4:
d9:19:63:da:db:59:b5:d3:03:80:fa:93:8e:b3:a8:
58:6f:69:b8:52:91:d6:3b:ad:ab:d8:f5:53:e2:fb:
16:10:07:7f:d0:d5:b8:fd:d9:36:e6:e2:86:e9:6c:
06:55:81:a5:0a:ab:3c:10:02:12:3b:46:4d:84:5b:
9e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1C:12:9E:97:B4:F5:52:8E:D5:C5:BB:A7:8D:FB:47:BB:0D:AA:93
X509v3 Authority Key Identifier:
keyid:72:F2:CB:33:D7:7C:16:38:99:E5:35:0D:8E:80:1E:71:70:E4:84:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143C5C/F652EFF894E811EAB0C01668C4F9AE02/cvLLM9d8FjiZ5TUNjoAecXDkhN4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cvLLM9d8FjiZ5TUNjoAecXDkhN4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143C5C/F652EFF894E811EAB0C01668C4F9AE02/BBF06B9A94EA11EAABCE566BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.58.0/23
Signature Algorithm: sha256WithRSAEncryption
70:b8:ce:bf:51:ed:c7:bd:c8:f8:20:5c:df:6a:c2:81:bb:37:
c7:4e:cf:b1:89:e4:7e:ec:36:05:02:68:57:b7:c5:b4:b0:16:
fd:94:f7:f5:dc:17:12:66:e3:25:bf:70:f1:c4:b0:eb:74:9f:
4d:e6:76:e1:42:fc:b7:7e:d7:fb:86:58:22:da:3b:b2:a9:2a:
7c:b8:50:9f:3b:36:ff:58:56:77:52:3c:1d:dd:3a:c7:81:98:
fe:70:09:6c:d2:1d:83:85:b4:65:13:fa:51:ee:a9:9c:92:63:
9e:56:de:47:4a:4f:49:38:a4:39:1f:27:5d:1f:98:bb:9c:e5:
d9:b9:9b:ac:28:8b:31:67:13:f8:fd:0e:9d:da:63:c4:fa:ad:
9a:34:cc:e6:f6:d5:69:45:78:59:56:45:da:10:17:0d:d5:38:
2a:c6:8d:9d:5e:53:77:c0:11:13:37:9a:fa:3b:68:23:c5:de:
aa:99:b3:25:75:75:0f:6e:0b:cd:6e:80:7b:04:b4:9e:7e:98:
5c:0e:48:80:dc:f3:12:70:5b:68:d6:47:c5:8c:1b:b8:75:f8:
3f:c7:b6:23:4c:44:7b:e9:1b:ad:e3:90:0b:66:30:b0:81:c3:
26:fd:0c:15:dd:8d:d0:d2:ba:c4:84:72:21:c3:f5:05:82:e7:
8d:ae:67:95
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDNUMxMTAvBgNVBAUTKDcyRjJDQjMzRDc3QzE2Mzg5OUU1MzUwRDhFODAxRTcx
NzBFNDg0REUwHhcNMjEwNTI3MjI1MDUyWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGIwMjI0Yy0yOWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzhHzDjZWizh5IsqUjmxIG1ukAZZoMztCFaxDnedl4X5gOMzzCcAkxV+eU/Yn
dm3ulkKnfw3ILl3fecIpSQ4eXOu5cekEKKmEmLoSpBCbR8yXkf5Yvfz2nFbZZx9t
KGqIkce5VNW8rof4voqwzOvyw9IWaRYWf4QhGZE5EwgrRXiJQ9opS1Um83baGKfw
HSEoN44zM2oKQhqGMaOBBQ19JWY32vGcLtDjKZQIPJm/deoeGa5Fb/Q2ZPk01qcq
oDIjZrTZGWPa21m10wOA+pOOs6hYb2m4UpHWO62r2PVT4vsWEAd/0NW4/dk25uKG
6WwGVYGlCqs8EAISO0ZNhFueWQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNscEp6X
tPVSjtXFu6eN+0e7DaqTMB8GA1UdIwQYMBaAFHLyyzPXfBY4meU1DY6AHnFw5ITe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0M1Qy9GNjUyRUZGODk0
RTgxMUVBQjBDMDE2NjhDNEY5QUUwMi9jdkxMTTlkOEZqaVo1VFVOam9BZWNYRGto
TjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2N2TExNOWQ4RmppWjVUVU5qb0FlY1hEa2hONC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDNUMvRjY1MkVGRjg5NEU4MTFFQUIwQzAxNjY4QzRGOUFFMDIvQkJGMDZCOUE5
NEVBMTFFQUFCQ0U1NjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlzowDQYJKoZIhvcNAQELBQADggEBAHC4zr9R7ce9yPgg
XN9qwoG7N8dOz7GJ5H7sNgUCaFe3xbSwFv2U9/XcFxJm4yW/cPHEsOt0n03mduFC
/Ld+1/uGWCLaO7KpKny4UJ87Nv9YVndSPB3dOseBmP5wCWzSHYOFtGUT+lHuqZyS
Y55W3kdKT0k4pDkfJ10fmLuc5dm5m6woizFnE/j9Dp3aY8T6rZo0zOb21WlFeFlW
RdoQFw3VOCrGjZ1eU3fAERM3mvo7aCPF3qqZsyV1dQ9uC81ugHsEtJ5+mFwOSIDc
8xJwW2jWR8WMG7h1+D/HtiNMRHvpG63jkAtmMLCBwyb9DBXdjdDSusSEciHD9QWC
542uZ5U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-fra.rpki-client.org