Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B4E728BCC7B911ECA398E513C4F9AE02.roa
File: B4E728BCC7B911ECA398E513C4F9AE02.roa (raw, json)
Hash identifier: UyV/h0CWRiC0v/Rg46yO3JRlZQP3QuaSDU9c63ywUpc=
Subject key identifier: F9:C4:2B:57:B6:1D:C1:A4:D5:71:FC:4A:58:12:3E:93:63:AA:5C:EA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 61DA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B4E728BCC7B911ECA398E513C4F9AE02.roa
Signing time: Fri 23 Dec 2022 07:11:37 +0000
ROA not before: Fri 23 Dec 2022 07:11:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141854
IP address blocks: 103.156.206.0/23 maxlen: 24
2001:df1:a140::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25050 (0x61da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 23 07:11:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63a554a9-a881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b4:5d:ee:62:28:b9:ad:fd:22:e6:13:5a:9e:
fd:20:45:9c:83:d4:7a:0a:a7:8c:c3:54:61:9f:bb:
7c:84:78:4e:72:51:a8:ed:88:c2:d8:8c:a1:9d:75:
1a:7b:ad:73:4b:63:1e:40:a4:d8:46:cb:63:c0:5e:
22:3e:98:48:78:37:8f:b6:78:81:22:56:b1:b2:e6:
77:05:8a:5c:12:66:b7:c2:b3:b1:6f:31:5c:cf:3f:
f4:33:a4:65:8e:06:90:51:0a:a4:19:8d:a9:4b:0f:
0b:f4:67:c8:d7:88:5c:6b:af:1a:5c:c3:e4:d1:86:
df:2d:ee:e2:2b:e0:cc:2a:cf:ff:12:e5:43:a3:e8:
06:00:92:e2:d1:eb:14:8a:98:11:5a:85:f2:f3:d9:
84:01:1f:72:39:07:a1:ca:81:89:a1:e6:a0:bc:38:
f0:a5:fb:f8:23:80:c7:f3:39:f5:1c:63:d4:e7:bf:
37:36:fe:96:33:96:3b:26:51:d0:f8:29:31:a9:88:
8e:eb:da:db:5d:b1:8f:53:2c:1d:4f:56:a2:f5:da:
36:5d:bd:06:28:12:1e:6c:0a:e9:83:8c:16:30:87:
87:77:fb:d2:62:b9:6f:48:0b:d1:5f:18:af:4c:0c:
ee:ef:89:1d:ab:85:c9:94:5a:e5:cf:cf:d6:e5:6f:
75:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C4:2B:57:B6:1D:C1:A4:D5:71:FC:4A:58:12:3E:93:63:AA:5C:EA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B4E728BCC7B911ECA398E513C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.206.0/23
IPv6:
2001:df1:a140::/48
Signature Algorithm: sha256WithRSAEncryption
94:52:61:e8:62:b8:5b:d4:cf:4f:ac:51:3d:66:fb:51:b5:a0:
36:1b:90:6c:30:28:29:b4:b3:f9:ea:22:62:eb:1c:8e:c4:36:
b1:9f:a3:ab:9d:55:d7:9b:56:60:5a:1e:3e:9c:88:1e:2a:20:
4b:84:f9:0b:f2:31:7b:93:9c:d9:5e:6b:82:8c:82:f0:f5:e7:
15:a3:cd:9f:f6:e1:c5:21:92:60:fe:bf:fa:ef:95:33:17:85:
41:3b:36:7e:3a:50:3a:e7:71:2d:eb:ba:fc:98:6d:3e:ef:0a:
b4:f1:a2:fd:b5:bf:31:90:f0:27:82:20:51:7a:15:69:4f:d2:
99:f6:d6:dc:bf:3c:41:4f:21:6e:12:0b:e7:c1:e5:0c:93:d3:
fd:f2:e4:03:a3:15:9c:cc:24:90:d4:65:ae:86:74:31:f7:df:
2f:50:98:84:54:9c:cf:b3:8d:99:30:f1:1a:04:3d:8b:80:2d:
82:04:1b:45:75:b4:73:ae:4a:9c:d3:99:95:64:f6:9b:a2:8d:
d5:29:db:dd:88:33:88:36:d8:52:57:3a:82:42:80:aa:71:b7:
57:74:85:5b:17:c0:26:60:37:f7:76:4e:35:8a:9e:fc:aa:5b:
35:fe:89:ef:48:4e:77:ae:be:8c:3d:1f:53:17:38:60:49:a0:
fd:7d:85:de
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICYdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMjIzMDcxMTM3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E1NTRhOS1hODgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApLRd7mIoua39IuYTWp79IEWcg9R6CqeMw1Rhn7t8hHhOclGo7YjC2IyhnXUa
e61zS2MeQKTYRstjwF4iPphIeDePtniBIlaxsuZ3BYpcEma3wrOxbzFczz/0M6Rl
jgaQUQqkGY2pSw8L9GfI14hca68aXMPk0YbfLe7iK+DMKs//EuVDo+gGAJLi0esU
ipgRWoXy89mEAR9yOQehyoGJoeagvDjwpfv4I4DH8zn1HGPU5783Nv6WM5Y7JlHQ
+CkxqYiO69rbXbGPUywdT1ai9do2Xb0GKBIebArpg4wWMIeHd/vSYrlvSAvRXxiv
TAzu74kdq4XJlFrlz8/W5W91owIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPnEK1e2
HcGk1XH8SlgSPpNjqlzqMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjRFNzI4QkND
N0I5MTFFQ0EzOThFNTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnnM4wDwQCAAIwCQMHACABDfGhQDANBgkqhkiG9w0BAQsF
AAOCAQEAlFJh6GK4W9TPT6xRPWb7UbWgNhuQbDAoKbSz+eoiYuscjsQ2sZ+jq51V
15tWYFoePpyIHiogS4T5C/Ixe5Oc2V5rgoyC8PXnFaPNn/bhxSGSYP6/+u+VMxeF
QTs2fjpQOudxLeu6/JhtPu8KtPGi/bW/MZDwJ4IgUXoVaU/SmfbW3L88QU8hbhIL
58HlDJPT/fLkA6MVnMwkkNRlroZ0MfffL1CYhFScz7ONmTDxGgQ9i4AtggQbRXW0
c65KnNOZlWT2m6KN1Snb3YgziDbYUlc6gkKAqnG3V3SFWxfAJmA393ZONYqe/Kpb
Nf6J70hOd66+jD0fUxc4YEmg/X2F3g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org