Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/BFC01DE4B48111EB944C5957C4F9AE02.roa
File: BFC01DE4B48111EB944C5957C4F9AE02.roa (raw, json)
Hash identifier: qBC9T8k5ZlBJGQRlVRtsXHFZ4jP/sJ9LBynK/8nDKgo=
Subject key identifier: 8F:32:C9:4E:E5:C1:D9:C7:83:22:DB:29:B7:70:02:E1:00:62:56:D1
Certificate issuer: /CN=A91840A8/serialNumber=D1474C1DA439B34E487C28C24729E687E0947D73
Certificate serial: 76
Authority key identifier: D1:47:4C:1D:A4:39:B3:4E:48:7C:28:C2:47:29:E6:87:E0:94:7D:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/BFC01DE4B48111EB944C5957C4F9AE02.roa
Signing time: Wed 16 Jun 2021 13:54:42 +0000
ROA not before: Wed 16 Jun 2021 13:54:42 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 3836
IP address blocks: 203.185.96.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118 (0x76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91840A8/serialNumber=D1474C1DA439B34E487C28C24729E687E0947D73
Validity
Not Before: Jun 16 13:54:42 2021 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=60ca02a1-83ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:67:e4:eb:c6:26:06:c2:b4:d2:34:40:51:d4:
2f:71:51:c8:1d:9d:64:82:61:39:6e:11:e2:58:22:
e4:fb:7d:23:86:f0:a8:0f:cc:db:af:28:2c:43:a3:
93:64:74:4d:87:e0:54:de:a2:35:9e:18:72:41:5a:
14:e9:64:7d:3e:1d:3c:32:8b:44:39:39:49:e2:1e:
fd:ec:4f:9b:ee:2a:63:2e:56:b0:d2:3a:fb:36:ce:
50:9b:bb:a4:02:82:93:de:f6:8c:e4:49:a3:99:ee:
a2:25:e9:ef:3f:17:46:b1:d7:a7:11:87:09:2c:36:
d4:c4:7f:ee:73:40:40:61:d4:41:28:85:8b:f2:26:
79:32:04:43:69:98:08:fd:67:f4:eb:60:49:3f:ba:
e0:92:49:d7:53:65:3c:65:ab:b6:d0:3d:81:75:9a:
aa:42:e8:dd:e0:10:7d:8b:1d:6c:26:d3:87:0a:f7:
b5:cf:6b:c7:bf:43:4b:70:9a:04:68:94:17:47:ea:
8e:77:7f:7e:67:20:ef:03:b6:7f:36:e5:5f:18:d4:
85:ea:fb:36:19:b9:94:ec:66:90:25:60:1d:c4:dd:
40:99:70:0e:cd:ea:14:60:87:75:56:3f:09:93:4c:
7e:8d:09:4d:5c:33:ec:02:d6:ee:91:41:3e:67:3d:
60:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:32:C9:4E:E5:C1:D9:C7:83:22:DB:29:B7:70:02:E1:00:62:56:D1
X509v3 Authority Key Identifier:
keyid:D1:47:4C:1D:A4:39:B3:4E:48:7C:28:C2:47:29:E6:87:E0:94:7D:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/0UdMHaQ5s05IfCjCRynmh-CUfXM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0UdMHaQ5s05IfCjCRynmh-CUfXM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91840A8/70C2EB7AA19611EB8200CF09C4F9AE02/BFC01DE4B48111EB944C5957C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.185.96.0/19
Signature Algorithm: sha256WithRSAEncryption
5f:42:25:10:a3:e7:ff:01:57:e3:55:86:b1:26:76:73:a1:ce:
6e:4d:bb:f1:7f:f8:2c:b0:61:56:e2:82:ef:5c:cb:b3:9a:14:
64:38:a9:f0:12:4c:e8:5b:e1:be:cf:61:c4:90:84:84:67:b7:
ad:ff:ad:75:9c:10:43:6c:00:fb:0a:db:2b:2a:ac:2b:c2:ed:
1c:80:8e:19:b3:7d:98:5f:76:f7:a2:05:b7:cb:dc:b6:a9:15:
48:a5:77:e7:20:88:1f:ea:b5:2f:c2:9f:38:cf:61:3c:37:07:
0e:b1:c7:5c:26:a1:80:0a:68:44:19:a5:e9:80:44:27:1f:0d:
85:1b:86:4a:f5:b8:03:df:7a:d8:2c:c0:cb:f7:77:b2:c4:86:
54:f3:8d:f5:d8:d7:15:d5:23:f2:5a:6a:c4:36:a8:94:d4:f5:
50:0b:0b:93:1e:e1:15:79:a4:e0:5a:40:c4:f9:ba:b5:b9:bf:
eb:03:10:0c:77:69:13:33:f6:6d:a2:35:53:39:bd:fa:a3:7e:
8d:e8:b6:b3:16:ee:5c:fa:09:0d:1d:98:73:21:7c:89:f2:9f:
ce:73:36:2b:49:60:88:dc:17:bd:85:2c:3c:4d:ef:0a:96:f2:
15:df:ca:36:97:72:78:b2:04:49:28:fd:73:03:70:5c:fd:97:
dd:c2:0e:d4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NDBBODExMC8GA1UEBRMoRDE0NzRDMURBNDM5QjM0RTQ4N0MyOEMyNDcyOUU2ODdF
MDk0N0Q3MzAeFw0yMTA2MTYxMzU0NDJaFw0yMjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYwY2EwMmExLTgzZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnZ+TrxiYGwrTSNEBR1C9xUcgdnWSCYTluEeJYIuT7fSOG8KgPzNuvKCxDo5Nk
dE2H4FTeojWeGHJBWhTpZH0+HTwyi0Q5OUniHv3sT5vuKmMuVrDSOvs2zlCbu6QC
gpPe9ozkSaOZ7qIl6e8/F0ax16cRhwksNtTEf+5zQEBh1EEohYvyJnkyBENpmAj9
Z/TrYEk/uuCSSddTZTxlq7bQPYF1mqpC6N3gEH2LHWwm04cK97XPa8e/Q0twmgRo
lBdH6o53f35nIO8Dtn825V8Y1IXq+zYZuZTsZpAlYB3E3UCZcA7N6hRgh3VWPwmT
TH6NCU1cM+wC1u6RQT5nPWCXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUjzLJTuXB
2ceDItspt3AC4QBiVtEwHwYDVR0jBBgwFoAU0UdMHaQ5s05IfCjCRynmh+CUfXMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg0MEE4LzcwQzJFQjdBQTE5
NjExRUI4MjAwQ0YwOUM0RjlBRTAyLzBVZE1IYVE1czA1SWZDakNSeW5taC1DVWZY
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMFVkTUhhUTVzMDVJZkNqQ1J5bm1oLUNVZlhNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NDBBOC83MEMyRUI3QUExOTYxMUVCODIwMENGMDlDNEY5QUUwMi9CRkMwMURFNEI0
ODExMUVCOTQ0QzU5NTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBcu5YDANBgkqhkiG9w0BAQsFAAOCAQEAX0IlEKPn/wFX41WG
sSZ2c6HObk278X/4LLBhVuKC71zLs5oUZDip8BJM6Fvhvs9hxJCEhGe3rf+tdZwQ
Q2wA+wrbKyqsK8LtHICOGbN9mF9296IFt8vctqkVSKV35yCIH+q1L8KfOM9hPDcH
DrHHXCahgApoRBml6YBEJx8NhRuGSvW4A9962CzAy/d3ssSGVPON9djXFdUj8lpq
xDaolNT1UAsLkx7hFXmk4FpAxPm6tbm/6wMQDHdpEzP2baI1Uzm9+qN+jei2sxbu
XPoJDR2YcyF8ifKfznM2K0lgiNwXvYUsPE3vCpbyFd/KNpdyeLIESSj9cwNwXP2X
3cIO1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org