Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC52603AFE7411EBB944157CC4F9AE02.roa
File: BC52603AFE7411EBB944157CC4F9AE02.roa (raw, json)
Hash identifier: aMcpESRMjJcXLOirOguRQYz283f8xZ8KZuaC5nw6z9Y=
Subject key identifier: BC:FE:DC:2F:68:EC:3E:B8:26:B7:86:0D:AC:3A:BE:53:E6:40:13:D3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5010
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC52603AFE7411EBB944157CC4F9AE02.roa
Signing time: Mon 16 May 2022 04:09:14 +0000
ROA not before: Mon 16 May 2022 04:09:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134942
IP address blocks: 103.88.132.0/24 maxlen: 24
103.88.133.0/24 maxlen: 24
103.88.134.0/24 maxlen: 24
103.88.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20496 (0x5010)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:09:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281ce69-2d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:88:35:be:6e:e3:8d:0a:17:70:75:7b:e9:
65:98:c0:25:d8:60:87:59:e5:ad:17:90:bf:0c:48:
b2:e5:33:db:d5:22:59:43:83:f9:01:32:a4:d4:e0:
99:5d:8f:28:82:64:72:ec:d4:19:04:52:81:4c:0e:
d8:e5:08:a1:b8:fd:97:07:9f:a0:ca:be:82:30:d6:
ad:ff:50:69:21:0d:19:01:9a:b5:68:49:b5:fb:b9:
5e:db:39:0b:bb:5d:9f:4e:5e:03:d7:5a:67:6a:48:
4f:6c:ee:83:80:de:fa:46:ab:7c:86:f0:9a:e8:3d:
ed:30:e9:f7:09:66:91:18:ee:f3:35:f3:e3:58:27:
ec:23:26:e0:43:09:50:cf:ef:66:a8:82:4f:fc:06:
c5:12:90:5d:ef:26:cb:23:20:8b:dc:97:54:7d:48:
88:ea:04:ce:8f:df:cf:cd:65:06:ac:07:7d:92:53:
fb:6e:97:b0:9a:1a:ee:be:51:c4:92:42:e6:eb:16:
b4:62:d8:54:3a:11:2a:3b:fa:c4:6b:59:e3:37:09:
60:f4:ba:ca:d2:6d:12:fb:bc:7b:2d:69:c1:c1:dc:
e0:34:c4:41:8c:8e:28:50:5a:b1:c3:ac:2a:39:d0:
e7:b3:d5:52:bf:91:03:e6:1e:7d:95:1a:de:b8:62:
82:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:FE:DC:2F:68:EC:3E:B8:26:B7:86:0D:AC:3A:BE:53:E6:40:13:D3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC52603AFE7411EBB944157CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.132.0/22
Signature Algorithm: sha256WithRSAEncryption
78:1b:79:60:1f:67:91:2c:77:49:11:8a:4e:8c:cc:77:a2:b8:
2b:d9:30:fa:0b:a8:b7:f4:10:4e:b2:1e:8c:6b:04:ff:65:cf:
dd:95:e9:ff:33:0f:c9:2b:bb:1e:07:40:38:04:f1:5e:88:8e:
a2:74:cd:79:3c:fa:89:7d:95:47:1e:cd:72:a5:9d:66:a1:8c:
da:2f:6a:aa:5e:9d:ac:29:5b:ea:73:e6:2a:89:76:07:c2:59:
93:8c:ba:0f:9d:0a:be:35:a3:d8:1c:51:b2:d5:3c:50:a2:14:
8c:21:42:6c:27:bb:c4:2e:37:b2:1a:bd:16:81:05:f0:32:f7:
73:5e:0f:cc:e5:8c:55:76:26:27:28:7f:94:d7:f0:c1:e1:a7:
5f:b8:38:2c:a6:70:6e:78:44:ec:df:46:8a:10:62:b8:d6:12:
c7:61:85:74:61:76:5c:7e:57:7a:2e:7b:7b:de:dc:01:2d:d5:
f7:f9:19:af:9b:7b:11:c5:9d:e9:44:e0:f7:32:c5:19:10:bf:
73:d7:46:5b:a5:b6:56:0e:84:6a:38:06:2d:fa:80:db:c7:86:
25:c9:50:ce:4e:b6:77:20:89:42:2c:dd:c4:07:6f:a3:5f:cd:
5c:31:0a:ab:44:9a:e7:67:fc:b1:96:99:50:eb:ae:40:52:86:
09:95:10:e6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICUBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQwOTE0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2U2OS0yZDkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn+eINb5u440KF3B1e+llmMAl2GCHWeWtF5C/DEiy5TPb1SJZQ4P5ATKk1OCZ
XY8ogmRy7NQZBFKBTA7Y5QihuP2XB5+gyr6CMNat/1BpIQ0ZAZq1aEm1+7le2zkL
u12fTl4D11pnakhPbO6DgN76Rqt8hvCa6D3tMOn3CWaRGO7zNfPjWCfsIybgQwlQ
z+9mqIJP/AbFEpBd7ybLIyCL3JdUfUiI6gTOj9/PzWUGrAd9klP7bpewmhruvlHE
kkLm6xa0YthUOhEqO/rEa1njNwlg9LrK0m0S+7x7LWnBwdzgNMRBjI4oUFqxw6wq
OdDns9VSv5ED5h59lRreuGKC6QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLz+3C9o
7D64JreGDaw6vlPmQBPTMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQkM1MjYwM0FG
RTc0MTFFQkI5NDQxNTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnWIQwDQYJKoZIhvcNAQELBQADggEBAHgbeWAfZ5Esd0kR
ik6MzHeiuCvZMPoLqLf0EE6yHoxrBP9lz92V6f8zD8krux4HQDgE8V6IjqJ0zXk8
+ol9lUcezXKlnWahjNovaqpenawpW+pz5iqJdgfCWZOMug+dCr41o9gcUbLVPFCi
FIwhQmwnu8QuN7IavRaBBfAy93NeD8zljFV2Jicof5TX8MHhp1+4OCymcG54ROzf
RooQYrjWEsdhhXRhdlx+V3oue3ve3AEt1ff5Ga+bexHFnelE4PcyxRkQv3PXRlul
tlYOhGo4Bi36gNvHhiXJUM5OtncgiUIs3cQHb6NfzVwxCqtEmudn/LGWmVDrrkBS
hgmVEOY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org