Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C7BB/8CE59DA4645F11EABC69297AC4F9AE02/37ECB570F8A311EAB61C0845C4F9AE02.roa
File: 37ECB570F8A311EAB61C0845C4F9AE02.roa (raw, json)
Hash identifier: UdKtnSfkp1WgjwMk92t6G7K7GfvUxxtlZsGhDImB4eg=
Subject key identifier: 42:78:4B:99:4C:3F:EC:61:B8:28:65:6E:9A:AE:BC:88:90:DC:0A:E7
Certificate issuer: /CN=A919C7BB/serialNumber=BB7875E4C6E544B5747A115FE8CDF6898C8DE733
Certificate serial: 03A3
Authority key identifier: BB:78:75:E4:C6:E5:44:B5:74:7A:11:5F:E8:CD:F6:89:8C:8D:E7:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3h15MblRLV0ehFf6M32iYyN5zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C7BB/8CE59DA4645F11EABC69297AC4F9AE02/37ECB570F8A311EAB61C0845C4F9AE02.roa
Signing time: Fri 29 Jan 2021 09:54:49 +0000
ROA not before: Fri 29 Jan 2021 09:54:49 +0000
ROA not after: Thu 31 Mar 2022 00:00:00 +0000
asID: 139907
IP address blocks: 103.146.218.0/23 maxlen: 24
2405:a1c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 931 (0x3a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C7BB/serialNumber=BB7875E4C6E544B5747A115FE8CDF6898C8DE733
Validity
Not Before: Jan 29 09:54:49 2021 GMT
Not After : Mar 31 00:00:00 2022 GMT
Subject: CN=6013db68-aa8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bd:66:4e:dc:a2:0d:c3:9d:5e:55:f3:49:2d:
dd:20:af:ea:9c:0f:24:97:ca:64:9b:51:d1:78:5b:
07:2d:47:e4:93:23:3f:28:f9:c6:0a:da:5a:81:13:
8a:2c:3c:61:2f:31:93:4d:1a:bb:d7:6d:95:b6:dc:
6a:45:16:1c:99:24:19:29:b9:40:d7:6f:35:06:8a:
f5:c2:47:b9:4b:ca:31:5e:a7:35:87:88:ef:23:18:
92:20:e9:d1:9d:90:12:53:15:ad:ed:2b:3b:7c:02:
6c:95:4a:a1:9c:8a:5b:d0:3a:c6:b7:63:41:60:eb:
ef:06:23:81:08:b4:ae:9a:c4:23:4c:d2:c5:e9:06:
cd:55:7e:f5:08:89:4b:95:c1:dd:59:b3:1c:81:46:
6e:13:31:f7:53:4f:14:2c:22:61:40:ad:4d:b1:c5:
61:0d:bf:81:4f:a3:52:f0:a1:d4:a4:55:f7:7d:62:
d1:aa:86:ba:18:cf:e2:7c:32:b9:c8:0b:1a:aa:1c:
43:ad:a2:0d:67:6b:43:bc:0e:9c:cd:bf:61:1f:5d:
1a:c3:4d:d6:63:e9:57:e5:6e:61:6b:b6:93:de:3d:
3d:79:1c:d7:eb:3f:e7:c7:48:4b:2b:19:4c:b6:ea:
ae:de:cb:c8:e9:4b:af:32:46:a4:98:f7:fb:9b:ba:
d2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:78:4B:99:4C:3F:EC:61:B8:28:65:6E:9A:AE:BC:88:90:DC:0A:E7
X509v3 Authority Key Identifier:
keyid:BB:78:75:E4:C6:E5:44:B5:74:7A:11:5F:E8:CD:F6:89:8C:8D:E7:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C7BB/8CE59DA4645F11EABC69297AC4F9AE02/u3h15MblRLV0ehFf6M32iYyN5zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3h15MblRLV0ehFf6M32iYyN5zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C7BB/8CE59DA4645F11EABC69297AC4F9AE02/37ECB570F8A311EAB61C0845C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.218.0/23
IPv6:
2405:a1c0::/32
Signature Algorithm: sha256WithRSAEncryption
67:4e:35:14:e0:8e:2c:09:6b:54:3c:6f:b1:0e:03:78:94:58:
d2:27:2c:e8:b2:d7:91:94:03:09:a0:c0:50:13:f9:62:b1:9b:
5c:f5:1b:4b:d5:dd:58:25:06:fb:0f:c9:4e:9d:c5:ec:e4:90:
dd:1a:42:11:b4:40:ed:3c:a0:33:c3:d4:a8:8f:26:74:d8:48:
58:08:af:97:0a:3f:1c:67:63:31:06:78:4d:ac:b9:7e:43:3b:
09:2f:f3:7e:6f:87:08:4d:37:f2:8a:97:22:f8:b3:c1:27:ad:
23:d7:92:b1:48:4d:40:c7:cf:72:04:0c:89:51:9d:62:1b:a8:
17:09:aa:4b:6f:e0:e5:d1:ad:6e:11:52:0c:d8:32:70:0d:71:
a6:9d:ec:c3:34:5f:e6:a8:09:3a:39:20:72:e3:a9:ff:02:df:
bb:35:81:5e:45:76:0f:97:0f:94:70:b8:91:0f:bd:a6:2a:2d:
d2:67:1c:a0:13:ba:4d:a5:74:64:32:65:ec:d7:c9:bb:47:1e:
d8:3e:67:e5:74:2e:e6:4c:68:19:a1:52:d9:0b:8a:b7:1f:f0:
e9:e6:17:cd:90:0d:4d:96:28:4f:5d:78:34:e6:59:d4:ad:fc:
48:86:ec:97:a6:d7:8f:46:86:3e:20:ca:fc:e8:94:5c:db:12:
a3:1b:58:f7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM3QkIxMTAvBgNVBAUTKEJCNzg3NUU0QzZFNTQ0QjU3NDdBMTE1RkU4Q0RGNjg5
OEM4REU3MzMwHhcNMjEwMTI5MDk1NDQ5WhcNMjIwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDEzZGI2OC1hYThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwL1mTtyiDcOdXlXzSS3dIK/qnA8kl8pkm1HReFsHLUfkkyM/KPnGCtpagROK
LDxhLzGTTRq7122VttxqRRYcmSQZKblA1281Bor1wke5S8oxXqc1h4jvIxiSIOnR
nZASUxWt7Ss7fAJslUqhnIpb0DrGt2NBYOvvBiOBCLSumsQjTNLF6QbNVX71CIlL
lcHdWbMcgUZuEzH3U08ULCJhQK1NscVhDb+BT6NS8KHUpFX3fWLRqoa6GM/ifDK5
yAsaqhxDraINZ2tDvA6czb9hH10aw03WY+lX5W5ha7aT3j09eRzX6z/nx0hLKxlM
tuqu3svI6UuvMkakmPf7m7rSyQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEJ4S5lM
P+xhuChlbpquvIiQ3ArnMB8GA1UdIwQYMBaAFLt4deTG5US1dHoRX+jN9omMjecz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzdCQi84Q0U1OURBNDY0
NUYxMUVBQkM2OTI5N0FDNEY5QUUwMi91M2gxNU1ibFJMVjBlaEZmNk0zMmlZeU41
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UzaDE1TWJsUkxWMGVoRmY2TTMyaVl5TjV6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM3QkIvOENFNTlEQTQ2NDVGMTFFQUJDNjkyOTdBQzRGOUFFMDIvMzdFQ0I1NzBG
OEEzMTFFQUI2MUMwODQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnktowDQQCAAIwBwMFACQFocAwDQYJKoZIhvcNAQELBQAD
ggEBAGdONRTgjiwJa1Q8b7EOA3iUWNInLOiy15GUAwmgwFAT+WKxm1z1G0vV3Vgl
BvsPyU6dxezkkN0aQhG0QO08oDPD1KiPJnTYSFgIr5cKPxxnYzEGeE2suX5DOwkv
835vhwhNN/KKlyL4s8EnrSPXkrFITUDHz3IEDIlRnWIbqBcJqktv4OXRrW4RUgzY
MnANcaad7MM0X+aoCTo5IHLjqf8C37s1gV5Fdg+XD5RwuJEPvaYqLdJnHKATuk2l
dGQyZezXybtHHtg+Z+V0LuZMaBmhUtkLircf8OnmF82QDU2WKE9deDTmWdSt/EiG
7Jem149Ghj4gyvzolFzbEqMbWPc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org