Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/56DAC99EFD0711EC8301DB0AC4F9AE02.roa
File: 56DAC99EFD0711EC8301DB0AC4F9AE02.roa (raw, json)
Hash identifier: 8GhCdw9XTnlqXdn/KfX2IpU8CbXv/3DVQy5DcLOOzG4=
Subject key identifier: 54:3C:27:A7:78:4F:65:4D:5B:81:52:12:57:63:D9:ED:24:B7:4F:DB
Certificate issuer: /CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Certificate serial: 31F3
Authority key identifier: 63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/56DAC99EFD0711EC8301DB0AC4F9AE02.roa
Signing time: Wed 06 Jul 2022 08:40:51 +0000
ROA not before: Wed 06 Jul 2022 08:40:51 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 136557
IP address blocks: 103.21.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12787 (0x31f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Validity
Not Before: Jul 6 08:40:51 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62c54a92-e6c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9d:8d:f1:0e:92:4f:c0:b5:d8:00:eb:b9:58:
0f:af:aa:be:fa:1a:1e:96:f1:1e:14:d1:c4:a2:87:
36:c5:0c:56:b3:8e:50:47:b8:a7:a0:6a:95:f7:38:
0d:83:fd:a8:db:f6:92:88:86:76:f6:2c:2d:31:f1:
03:f5:01:02:e0:23:3b:15:47:4a:81:ba:79:34:e4:
41:26:d5:6c:b0:49:a2:81:a3:68:b3:0b:58:6b:ca:
b1:04:f3:f8:3c:6d:9c:4c:c0:c7:d5:4c:11:fd:b6:
01:51:07:52:24:a0:e3:82:d9:61:28:4a:b3:6e:75:
9d:ce:81:89:42:c7:e3:5e:e0:32:49:8c:ac:1b:ef:
95:38:16:9b:ec:a1:11:84:cb:b5:7a:d6:d3:20:94:
57:f9:18:41:72:98:fa:b8:87:5c:08:db:58:4e:86:
7d:0f:72:5e:7c:c0:25:2d:95:76:88:98:60:21:6b:
8f:b9:e1:ea:74:68:9f:da:51:fc:4b:fa:29:33:f3:
9d:e5:90:da:60:72:2f:fe:d3:fb:5f:fb:2a:e7:14:
6e:7f:5b:a1:4e:c8:a3:88:1e:20:58:b5:c7:4d:49:
a1:ee:db:50:93:3c:60:5a:3b:7d:6b:ff:f8:93:38:
d8:af:8e:f7:43:e6:f5:b3:15:a8:69:76:17:6d:3f:
59:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3C:27:A7:78:4F:65:4D:5B:81:52:12:57:63:D9:ED:24:B7:4F:DB
X509v3 Authority Key Identifier:
keyid:63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/56DAC99EFD0711EC8301DB0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.138.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:d4:1d:c9:85:21:26:18:3b:4c:33:71:6a:8e:9f:1d:39:6c:
c5:95:09:d7:48:fd:d8:73:28:b7:90:65:4c:72:94:79:b8:cd:
3a:a3:f0:ae:ce:7a:61:73:da:25:8b:27:69:ef:88:d7:24:5b:
3c:ff:4b:77:52:09:59:b0:31:26:a8:34:98:bb:ca:d1:62:d8:
b0:05:2a:4a:48:f1:c8:68:ea:95:7a:8c:80:d9:18:16:33:cc:
7e:20:53:6e:8f:f6:cc:02:c2:59:8e:6d:80:fc:e4:d6:e9:0e:
46:71:d2:de:08:dc:0c:b1:97:1a:db:4f:b8:43:e3:fd:f7:07:
f2:e3:c5:49:a7:79:95:2d:78:08:b3:13:7c:b6:3c:63:88:14:
a7:d3:30:f5:4c:16:12:f5:95:f9:77:99:2f:d8:b4:03:2f:40:
be:f7:9d:57:4f:00:33:41:2f:41:3e:2a:91:cf:3f:0f:eb:18:
24:f8:20:95:ed:c9:c2:64:73:19:46:0b:bf:14:65:1a:9c:a0:
df:2c:21:ca:79:33:7e:e3:14:e0:a3:64:2f:28:69:58:09:92:
a5:70:1b:7f:53:b6:fc:d2:ee:c6:1d:94:75:d0:75:8a:04:36:
dd:54:77:61:e6:bd:f5:7a:d5:0c:62:df:fc:2a:17:ae:9a:9b:
c7:b6:07:ab
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNzYxMTAvBgNVBAUTKDYzRUM0RTYzODBGQUFFQTUxMTA3RTlDNDBDMkYxMDU4
RTA4Rjg1NkUwHhcNMjIwNzA2MDg0MDUxWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM1NGE5Mi1lNmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvp2N8Q6ST8C12ADruVgPr6q++hoelvEeFNHEooc2xQxWs45QR7inoGqV9zgN
g/2o2/aSiIZ29iwtMfED9QEC4CM7FUdKgbp5NORBJtVssEmigaNoswtYa8qxBPP4
PG2cTMDH1UwR/bYBUQdSJKDjgtlhKEqzbnWdzoGJQsfjXuAySYysG++VOBab7KER
hMu1etbTIJRX+RhBcpj6uIdcCNtYToZ9D3JefMAlLZV2iJhgIWuPueHqdGif2lH8
S/opM/Od5ZDaYHIv/tP7X/sq5xRuf1uhTsijiB4gWLXHTUmh7ttQkzxgWjt9a//4
kzjYr473Q+b1sxWoaXYXbT9ZnwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFQ8J6d4
T2VNW4FSEldj2e0kt0/bMB8GA1UdIwQYMBaAFGPsTmOA+q6lEQfpxAwvEFjgj4Vu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY3Ni85NDRFMzg5MjFE
QUIxMUUyQkIzMENBQTkwOEIwMkNEMi9ZLXhPWTRENnJxVVJCLW5FREM4UVdPQ1Bo
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1kteE9ZNEQ2cnFVUkItbkVEQzhRV09DUGhXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNzYvOTQ0RTM4OTIxREFCMTFFMkJCMzBDQUE5MDhCMDJDRDIvNTZEQUM5OUVG
RDA3MTFFQzgzMDFEQjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnFYowDQYJKoZIhvcNAQELBQADggEBAE3UHcmFISYYO0wz
cWqOnx05bMWVCddI/dhzKLeQZUxylHm4zTqj8K7OemFz2iWLJ2nviNckWzz/S3dS
CVmwMSaoNJi7ytFi2LAFKkpI8cho6pV6jIDZGBYzzH4gU26P9swCwlmObYD85Nbp
DkZx0t4I3AyxlxrbT7hD4/33B/LjxUmneZUteAizE3y2PGOIFKfTMPVMFhL1lfl3
mS/YtAMvQL73nVdPADNBL0E+KpHPPw/rGCT4IJXtycJkcxlGC78UZRqcoN8sIcp5
M37jFOCjZC8oaVgJkqVwG39TtvzS7sYdlHXQdYoENt1Ud2HmvfV61Qxi3/wqF66a
m8e2B6s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:43 2023 by rpki-client on console-fra.rpki-client.org