Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/B3343A70E97111E88B8DDD5AC4F9AE02.roa
File: B3343A70E97111E88B8DDD5AC4F9AE02.roa (raw, json)
Hash identifier: jR8fFJ6faOjtCNG7Cw5oJmrjRbZbQ49++3U4S0nsbrw=
Subject key identifier: DA:40:22:41:EB:1C:54:62:30:77:0C:84:BB:52:D0:50:10:93:0D:B9
Certificate issuer: /CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Certificate serial: 0DE6
Authority key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/B3343A70E97111E88B8DDD5AC4F9AE02.roa
Signing time: Thu 06 Jan 2022 18:34:38 +0000
ROA not before: Thu 06 Jan 2022 18:34:38 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 137074
IP address blocks: 103.104.16.0/22 maxlen: 24
116.89.246.0/23 maxlen: 24
2401:fdc0::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3558 (0xde6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Validity
Not Before: Jan 6 18:34:38 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61d7363d-e17f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:09:39:c9:d4:43:3e:bd:f7:b8:8b:f2:0f:75:
b7:49:a4:32:16:01:dd:41:28:c6:29:2c:06:e3:22:
e7:cb:35:fe:25:9f:34:31:24:c7:e7:50:ab:05:97:
eb:aa:60:a4:0e:88:04:ce:ff:77:97:80:21:e9:77:
a4:c0:02:29:d9:8f:fb:21:46:bb:bf:b8:4c:5d:ee:
f2:ec:70:4b:1c:0a:18:54:bc:c9:51:8f:c7:42:71:
62:66:f3:8e:6c:1d:91:b1:aa:06:26:87:3b:75:06:
a2:5c:33:60:f3:f3:97:1f:cf:a9:6a:9e:17:1f:8c:
eb:dd:0c:87:37:83:72:42:0b:f8:5f:0c:57:6b:84:
d7:01:f6:cd:21:e3:44:ef:1f:a8:1f:83:73:10:3f:
48:df:ca:07:35:c3:b7:f5:42:7b:ec:c3:c1:7b:d1:
8d:cb:ed:96:2f:c1:58:24:c6:e1:b5:a2:f4:ee:b7:
a1:af:a5:32:05:fa:6d:e3:9d:3f:64:2c:4d:f7:66:
c3:12:60:1f:0c:c5:62:d4:f3:97:30:54:4e:88:bd:
07:17:02:5e:32:bc:85:ab:72:23:dd:6a:5e:14:20:
8a:4f:cd:d2:d5:fa:df:60:26:b0:d4:b9:94:0a:ec:
2c:43:cc:92:f6:cb:ab:57:18:5f:f9:ce:4e:ba:97:
86:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:40:22:41:EB:1C:54:62:30:77:0C:84:BB:52:D0:50:10:93:0D:B9
X509v3 Authority Key Identifier:
keyid:BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/B3343A70E97111E88B8DDD5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.16.0/22
116.89.246.0/23
IPv6:
2401:fdc0::/32
Signature Algorithm: sha256WithRSAEncryption
a1:6c:b0:c5:e1:ee:6b:a0:7d:28:96:52:8e:5b:a3:c3:a8:20:
45:06:62:cc:e7:d3:c3:22:62:57:cf:1b:77:17:98:9e:13:9e:
cb:ee:7e:34:a0:02:3c:0f:fd:77:d4:1c:33:a7:47:49:b9:3f:
1e:86:92:b5:0b:c4:91:28:07:a9:37:24:e4:56:6f:06:20:8e:
ae:1d:6d:3f:fa:bc:52:68:49:d9:66:8c:18:70:63:c8:32:48:
c1:55:ee:f8:fb:3a:b8:76:80:d1:c3:d9:30:b1:1e:c4:77:ea:
a3:7d:91:5f:a1:64:bb:58:b5:57:2b:71:cc:82:7b:34:eb:20:
09:06:3f:cf:14:e2:14:a9:b9:c3:ad:db:01:79:ad:0a:b8:c1:
1f:4a:0a:40:ab:6f:63:c8:93:c5:58:98:3c:cf:41:ae:5f:ab:
9b:4b:f7:91:8f:b7:44:c4:bc:57:31:98:4d:c4:dd:e7:de:b8:
1d:41:5b:22:aa:5e:ff:4c:02:36:58:8d:72:cf:fd:23:60:94:
c3:8a:87:33:9f:cc:c7:ae:34:ff:6e:20:43:38:e2:07:4a:8d:
c4:a1:38:a5:1a:e9:aa:19:85:11:15:85:23:fb:d9:f1:ab:54:
20:e6:00:3f:5b:e4:fc:90:d9:3a:15:c2:99:61:55:58:ac:79:
b0:c9:d6:65
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMyOTYxRjcyMjQy
QkY2MEQ1MUUwHhcNMjIwMTA2MTgzNDM4WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWQ3MzYzZC1lMTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxwk5ydRDPr33uIvyD3W3SaQyFgHdQSjGKSwG4yLnyzX+JZ80MSTH51CrBZfr
qmCkDogEzv93l4Ah6XekwAIp2Y/7IUa7v7hMXe7y7HBLHAoYVLzJUY/HQnFiZvOO
bB2RsaoGJoc7dQaiXDNg8/OXH8+pap4XH4zr3QyHN4NyQgv4XwxXa4TXAfbNIeNE
7x+oH4NzED9I38oHNcO39UJ77MPBe9GNy+2WL8FYJMbhtaL07rehr6UyBfpt450/
ZCxN92bDEmAfDMVi1POXMFROiL0HFwJeMryFq3Ij3WpeFCCKT83S1frfYCaw1LmU
CuwsQ8yS9surVxhf+c5OupeGXwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNpAIkHr
HFRiMHcMhLtS0FAQkw25MB8GA1UdIwQYMBaAFLxTbAD4X1kEHZxMKWH3IkK/YNUe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDg2MC9CNDAxQzk4MkU5
NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBoZldRUWRuRXdwWWZjaVFyOWcx
UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZGTnNBUGhmV1FRZG5Fd3BZZmNpUXI5ZzFSNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQ4NjAvQjQwMUM5ODJFOTcwMTFFOEIwMzU5MzU5QzRGOUFFMDIvQjMzNDNBNzBF
OTcxMTFFODhCOERERDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnaBADBAF0WfYwDQQCAAIwBwMFACQB/cAwDQYJKoZIhvcN
AQELBQADggEBAKFssMXh7mugfSiWUo5bo8OoIEUGYszn08MiYlfPG3cXmJ4Tnsvu
fjSgAjwP/XfUHDOnR0m5Px6GkrULxJEoB6k3JORWbwYgjq4dbT/6vFJoSdlmjBhw
Y8gySMFV7vj7Orh2gNHD2TCxHsR36qN9kV+hZLtYtVcrccyCezTrIAkGP88U4hSp
ucOt2wF5rQq4wR9KCkCrb2PIk8VYmDzPQa5fq5tL95GPt0TEvFcxmE3E3efeuB1B
WyKqXv9MAjZYjXLP/SNglMOKhzOfzMeuNP9uIEM44gdKjcShOKUa6aoZhREVhSP7
2fGrVCDmAD9b5PyQ2ToVwplhVVisebDJ1mU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-ams.rpki-client.org