Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156B77/A75EE2B8AA6B11EC9C546121C4F9AE02/9078BFB8AA6D11EC9B8E8521C4F9AE02.roa
File: 9078BFB8AA6D11EC9B8E8521C4F9AE02.roa (raw, json)
Hash identifier: rkB/MhCp5wCdkqAXtOr9vbnfdRru+5Zx4UpWNwCw6ig=
Subject key identifier: 59:07:23:50:45:5D:9F:A9:AD:6E:2C:29:FF:08:23:AA:AA:CD:B6:C1
Certificate issuer: /CN=A9156B77/serialNumber=BD1DA91DCF58D08C15C9451ACAF62F8AB3BE2420
Certificate serial: 02
Authority key identifier: BD:1D:A9:1D:CF:58:D0:8C:15:C9:45:1A:CA:F6:2F:8A:B3:BE:24:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vR2pHc9Y0IwVyUUayvYvirO-JCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156B77/A75EE2B8AA6B11EC9C546121C4F9AE02/9078BFB8AA6D11EC9B8E8521C4F9AE02.roa
Signing time: Wed 23 Mar 2022 05:53:29 +0000
ROA not before: Wed 23 Mar 2022 05:53:29 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 132827
IP address blocks: 103.225.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156B77/serialNumber=BD1DA91DCF58D08C15C9451ACAF62F8AB3BE2420
Validity
Not Before: Mar 23 05:53:29 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=623ab5d9-37cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ac:a9:7b:53:a5:22:82:4d:7c:cb:8a:fa:f1:
4b:96:73:59:e2:a8:6a:cc:4e:de:dd:fa:c1:7d:bb:
b4:c7:ac:60:5b:91:91:2f:85:b6:89:43:27:95:2d:
53:de:c5:b7:ec:f4:d0:4b:cc:18:db:d1:1c:5e:8e:
c1:3d:9c:54:a7:c3:a6:e0:66:28:d5:e8:cd:c9:e3:
cb:5d:a8:3e:56:d8:22:b1:e5:71:36:5e:3b:aa:38:
20:d7:bc:34:e3:e5:15:53:30:cb:e8:3c:58:3b:07:
8b:9c:c3:14:28:33:4a:7e:26:8f:17:6a:a4:b3:d0:
6e:95:52:12:29:bc:e9:e2:9e:fa:c3:22:0f:83:56:
ed:8d:b4:6d:a3:b5:80:77:34:a7:41:09:4a:b1:12:
14:a5:9b:66:8d:47:d8:09:79:24:09:ee:32:0b:bd:
a8:fa:1a:cb:6b:63:24:d5:43:48:08:a6:ad:9c:40:
80:da:3e:ba:75:bf:af:c2:e9:00:7c:de:2a:f4:21:
5a:89:94:88:b6:27:55:f1:5e:0b:03:ff:91:0a:cd:
6c:8e:03:c8:cc:b5:cf:34:59:cb:57:25:ad:60:46:
ab:a8:f9:ec:7b:a7:84:c9:2b:d5:65:ba:09:28:74:
76:ba:4e:79:61:71:5c:75:50:10:8d:3b:95:33:17:
be:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:07:23:50:45:5D:9F:A9:AD:6E:2C:29:FF:08:23:AA:AA:CD:B6:C1
X509v3 Authority Key Identifier:
keyid:BD:1D:A9:1D:CF:58:D0:8C:15:C9:45:1A:CA:F6:2F:8A:B3:BE:24:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156B77/A75EE2B8AA6B11EC9C546121C4F9AE02/vR2pHc9Y0IwVyUUayvYvirO-JCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vR2pHc9Y0IwVyUUayvYvirO-JCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156B77/A75EE2B8AA6B11EC9C546121C4F9AE02/9078BFB8AA6D11EC9B8E8521C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.225.192.0/22
Signature Algorithm: sha256WithRSAEncryption
53:4b:31:a8:94:f2:be:e5:f2:df:19:94:07:96:2a:3e:22:96:
a0:7f:68:a0:dd:f7:5a:cb:f6:be:b3:3c:22:31:cf:fb:9c:49:
2d:4c:ea:71:19:b7:12:df:1e:5e:1f:a6:f3:1c:a9:c1:33:51:
d9:b8:2e:b5:51:83:51:02:11:d4:96:82:4c:ef:ff:d0:85:ed:
ec:19:d1:ca:7a:1e:bf:6c:d1:43:38:22:35:08:e5:a3:14:0b:
9e:9c:4d:5d:dc:17:1a:05:88:dd:54:5c:f3:a1:cc:a6:03:4f:
0e:6d:02:d6:25:89:ff:ba:08:51:eb:b3:db:9b:2c:aa:85:57:
e6:f8:65:3c:22:2b:c1:b9:08:73:13:a8:58:95:ac:73:8d:38:
b4:7a:bb:3d:0e:64:e2:78:d9:f0:eb:b2:ef:27:dc:73:36:25:
44:49:16:6a:2b:0d:8c:62:7f:c4:16:2f:e7:08:be:5a:cc:47:
56:36:81:c2:2f:06:c4:a3:b2:20:56:10:24:6a:32:6f:fa:ad:
39:5f:dd:e2:2f:9b:47:d1:a9:93:88:70:4d:4a:c9:8e:d5:32:
ea:da:54:a4:8f:bc:8d:a7:92:73:86:3c:66:4f:6c:c1:ea:10:
00:e0:38:25:6e:06:ea:3b:f4:eb:b7:99:79:66:6a:93:66:60:
5a:81:18:80
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NkI3NzExMC8GA1UEBRMoQkQxREE5MURDRjU4RDA4QzE1Qzk0NTFBQ0FGNjJGOEFC
M0JFMjQyMDAeFw0yMjAzMjMwNTUzMjlaFw0yMzA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyM2FiNWQ5LTM3Y2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjrKl7U6Uigk18y4r68UuWc1niqGrMTt7d+sF9u7THrGBbkZEvhbaJQyeVLVPe
xbfs9NBLzBjb0RxejsE9nFSnw6bgZijV6M3J48tdqD5W2CKx5XE2XjuqOCDXvDTj
5RVTMMvoPFg7B4ucwxQoM0p+Jo8XaqSz0G6VUhIpvOninvrDIg+DVu2NtG2jtYB3
NKdBCUqxEhSlm2aNR9gJeSQJ7jILvaj6GstrYyTVQ0gIpq2cQIDaPrp1v6/C6QB8
3ir0IVqJlIi2J1XxXgsD/5EKzWyOA8jMtc80WctXJa1gRquo+ex7p4TJK9Vlugko
dHa6TnlhcVx1UBCNO5UzF74zAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWQcjUEVd
n6mtbiwp/wgjqqrNtsEwHwYDVR0jBBgwFoAUvR2pHc9Y0IwVyUUayvYvirO+JCAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU2Qjc3L0E3NUVFMkI4QUE2
QjExRUM5QzU0NjEyMUM0RjlBRTAyL3ZSMnBIYzlZMEl3VnlVVWF5dll2aXJPLUpD
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdlIycEhjOVkwSXdWeVVVYXl2WXZpck8tSkNBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NkI3Ny9BNzVFRTJCOEFBNkIxMUVDOUM1NDYxMjFDNEY5QUUwMi85MDc4QkZCOEFB
NkQxMUVDOUI4RTg1MjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmfhwDANBgkqhkiG9w0BAQsFAAOCAQEAU0sxqJTyvuXy3xmU
B5YqPiKWoH9ooN33Wsv2vrM8IjHP+5xJLUzqcRm3Et8eXh+m8xypwTNR2bgutVGD
UQIR1JaCTO//0IXt7BnRynoev2zRQzgiNQjloxQLnpxNXdwXGgWI3VRc86HMpgNP
Dm0C1iWJ/7oIUeuz25ssqoVX5vhlPCIrwbkIcxOoWJWsc404tHq7PQ5k4njZ8Ouy
7yfcczYlREkWaisNjGJ/xBYv5wi+WsxHVjaBwi8GxKOyIFYQJGoyb/qtOV/d4i+b
R9Gpk4hwTUrJjtUy6tpUpI+8jaeSc4Y8Zk9sweoQAOA4JW4G6jv067eZeWZqk2Zg
WoEYgA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-fra.rpki-client.org