Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919631C/A9C317048C2311E99F845D72C4F9AE02/B25511666A2D11ECA7B25787C4F9AE02.roa
File: B25511666A2D11ECA7B25787C4F9AE02.roa (raw, json)
Hash identifier: kjU7LWv4bdSjqcLortBZXp9OCvqhp/yrmM5YIXAEO/0=
Subject key identifier: 2A:83:7E:C7:0A:B3:B6:74:80:2D:CA:C4:4B:D8:0B:9B:47:6D:C5:05
Certificate issuer: /CN=A919631C/serialNumber=F72E7D5E1BB4542AB7FF777365883C1601034DE9
Certificate serial: 0A92
Authority key identifier: F7:2E:7D:5E:1B:B4:54:2A:B7:FF:77:73:65:88:3C:16:01:03:4D:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9y59Xhu0VCq3_3dzZYg8FgEDTek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919631C/A9C317048C2311E99F845D72C4F9AE02/B25511666A2D11ECA7B25787C4F9AE02.roa
Signing time: Fri 31 Dec 2021 11:35:04 +0000
ROA not before: Fri 31 Dec 2021 11:35:04 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 134715
IP address blocks: 103.197.176.0/22 maxlen: 23
220.158.236.0/22 maxlen: 23
2403:580::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2706 (0xa92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919631C/serialNumber=F72E7D5E1BB4542AB7FF777365883C1601034DE9
Validity
Not Before: Dec 31 11:35:04 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61ceeae8-f989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5c:26:56:fc:a9:eb:99:f1:b2:d7:4d:9d:e9:
59:a7:d8:c0:57:78:cc:60:0b:0f:aa:31:af:f3:6d:
73:fd:32:31:42:bb:fc:97:2e:ec:b0:ff:11:66:f1:
45:34:a2:1d:9f:69:03:5b:4f:6f:cd:1d:43:dd:0c:
d6:44:8f:7f:6c:d7:98:4f:a3:77:12:60:5a:56:c7:
c0:c9:96:06:23:25:b9:15:76:c7:da:dc:69:b1:1c:
34:ef:b7:a9:90:84:ed:72:c4:8c:a7:bf:45:6d:42:
86:d7:b5:4c:bd:4f:e5:ee:22:41:21:90:c0:b3:21:
5f:30:dd:26:de:86:7e:37:9d:f4:71:f3:3b:65:01:
57:7d:97:87:c5:f5:c7:cc:6a:a8:89:47:a5:fc:93:
1b:af:a8:a0:95:e5:03:06:8f:6a:1d:cb:f8:0b:dc:
85:62:6d:fc:97:09:82:08:2f:ad:92:c4:cb:49:db:
1f:33:ac:fd:4d:68:2c:c0:c9:fb:c3:98:59:9d:16:
59:e6:21:94:c0:40:85:c3:fc:c3:7b:41:8e:83:68:
77:58:7d:54:d8:e8:87:0b:38:42:df:44:98:47:a6:
78:94:83:6f:92:36:ba:0a:60:63:13:f7:a7:a8:e7:
17:0e:df:a7:84:e6:18:27:cb:2c:dd:95:3f:e3:3d:
13:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:83:7E:C7:0A:B3:B6:74:80:2D:CA:C4:4B:D8:0B:9B:47:6D:C5:05
X509v3 Authority Key Identifier:
keyid:F7:2E:7D:5E:1B:B4:54:2A:B7:FF:77:73:65:88:3C:16:01:03:4D:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919631C/A9C317048C2311E99F845D72C4F9AE02/9y59Xhu0VCq3_3dzZYg8FgEDTek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9y59Xhu0VCq3_3dzZYg8FgEDTek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919631C/A9C317048C2311E99F845D72C4F9AE02/B25511666A2D11ECA7B25787C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.176.0/22
220.158.236.0/22
IPv6:
2403:580::/32
Signature Algorithm: sha256WithRSAEncryption
5a:b4:27:35:30:3b:76:43:8e:ba:64:71:2e:79:bc:7b:dc:64:
37:26:23:29:92:2d:46:7d:9e:05:51:c3:d5:45:6d:d5:77:9a:
04:3d:e1:24:51:67:9d:d4:d5:34:8d:30:a3:6b:c1:f5:58:4c:
cd:2f:19:f6:10:a3:2b:c4:ca:d9:8b:99:31:d9:57:36:24:c8:
67:02:9b:91:cb:b6:c4:e9:11:11:c8:e6:3e:30:7a:45:88:b7:
d0:db:91:6d:bb:24:56:e6:27:e4:11:fb:5d:e1:3f:24:84:03:
90:5c:e2:d3:28:0b:e2:91:35:52:be:0b:a0:3e:fe:b5:4b:54:
be:11:fb:2c:76:35:19:a0:b7:d4:16:64:f5:63:33:07:0f:9e:
ff:b6:68:7d:1b:c8:04:97:7a:db:ee:4b:2d:69:41:76:b7:f5:
0d:5c:e6:23:2b:a5:42:0d:b8:b8:34:2d:72:a3:cb:b9:a6:39:
f9:25:12:82:1f:e6:5f:fa:bd:76:9d:3c:4b:32:d1:b9:9a:c8:
61:29:e7:de:0e:15:ed:ef:71:24:c0:ed:a0:9d:b6:b6:cc:ee:
cf:ff:c0:41:37:fb:b9:3d:1c:d2:78:e6:09:36:2d:03:40:9c:
ab:c5:e2:02:8e:4b:b5:f6:37:ca:72:ea:34:b0:29:1b:78:2f:
0e:69:1a:b4
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCpIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTYzMUMxMTAvBgNVBAUTKEY3MkU3RDVFMUJCNDU0MkFCN0ZGNzc3MzY1ODgzQzE2
MDEwMzRERTkwHhcNMjExMjMxMTEzNTA0WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNlZWFlOC1mOTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzFwmVvyp65nxstdNnelZp9jAV3jMYAsPqjGv821z/TIxQrv8ly7ssP8RZvFF
NKIdn2kDW09vzR1D3QzWRI9/bNeYT6N3EmBaVsfAyZYGIyW5FXbH2txpsRw077ep
kITtcsSMp79FbUKG17VMvU/l7iJBIZDAsyFfMN0m3oZ+N530cfM7ZQFXfZeHxfXH
zGqoiUel/JMbr6igleUDBo9qHcv4C9yFYm38lwmCCC+tksTLSdsfM6z9TWgswMn7
w5hZnRZZ5iGUwECFw/zDe0GOg2h3WH1U2OiHCzhC30SYR6Z4lINvkja6CmBjE/en
qOcXDt+nhOYYJ8ss3ZU/4z0T0QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCqDfscK
s7Z0gC3KxEvYC5tHbcUFMB8GA1UdIwQYMBaAFPcufV4btFQqt/93c2WIPBYBA03p
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjMxQy9BOUMzMTcwNDhD
MjMxMUU5OUY4NDVENzJDNEY5QUUwMi85eTU5WGh1MFZDcTNfM2R6WllnOEZnRURU
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzl5NTlYaHUwVkNxM18zZHpaWWc4RmdFRFRlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTYzMUMvQTlDMzE3MDQ4QzIzMTFFOTlGODQ1RDcyQzRGOUFFMDIvQjI1NTExNjY2
QTJEMTFFQ0E3QjI1Nzg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnxbADBALcnuwwDQQCAAIwBwMFACQDBYAwDQYJKoZIhvcN
AQELBQADggEBAFq0JzUwO3ZDjrpkcS55vHvcZDcmIymSLUZ9ngVRw9VFbdV3mgQ9
4SRRZ53U1TSNMKNrwfVYTM0vGfYQoyvEytmLmTHZVzYkyGcCm5HLtsTpERHI5j4w
ekWIt9DbkW27JFbmJ+QR+13hPySEA5Bc4tMoC+KRNVK+C6A+/rVLVL4R+yx2NRmg
t9QWZPVjMwcPnv+2aH0byASXetvuSy1pQXa39Q1c5iMrpUINuLg0LXKjy7mmOfkl
EoIf5l/6vXadPEsy0bmayGEp594OFe3vcSTA7aCdtrbM7s//wEE3+7k9HNJ45gk2
LQNAnKvF4gKOS7X2N8py6jSwKRt4Lw5pGrQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org