Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C7BB/8CE59DA4645F11EABC69297AC4F9AE02/8FBF25D88B5711ECB078821AC4F9AE02.roa
File: 8FBF25D88B5711ECB078821AC4F9AE02.roa (raw, json)
Hash identifier: 7+sKVvtvwjIM2KgLE279+kv6Ru1ZD5izRghtLfjfpak=
Subject key identifier: 08:96:C9:44:74:86:53:2A:18:C9:7F:2C:A3:DC:6D:67:54:93:C9:1B
Certificate issuer: /CN=A919C7BB/serialNumber=BB7875E4C6E544B5747A115FE8CDF6898C8DE733
Certificate serial: 0698
Authority key identifier: BB:78:75:E4:C6:E5:44:B5:74:7A:11:5F:E8:CD:F6:89:8C:8D:E7:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3h15MblRLV0ehFf6M32iYyN5zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C7BB/8CE59DA4645F11EABC69297AC4F9AE02/8FBF25D88B5711ECB078821AC4F9AE02.roa
Signing time: Fri 11 Feb 2022 16:27:53 +0000
ROA not before: Fri 11 Feb 2022 16:27:53 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 139907
IP address blocks: 103.146.218.0/24 maxlen: 24
2405:a1c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1688 (0x698)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C7BB/serialNumber=BB7875E4C6E544B5747A115FE8CDF6898C8DE733
Validity
Not Before: Feb 11 16:27:53 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=62068e89-da71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a8:1d:6b:16:09:6e:a8:db:99:29:2f:74:d2:
5c:34:53:eb:26:b5:b4:4c:17:80:9c:e2:3c:3e:86:
5c:43:55:44:e0:60:37:e4:f8:65:fb:62:2d:52:4e:
46:b4:e3:63:4c:75:16:73:1f:62:29:a7:0a:38:51:
85:4b:06:3e:49:5d:05:c1:94:65:5a:c2:74:2b:16:
60:12:7a:60:22:cc:ff:95:0e:eb:17:ab:a3:c9:c5:
90:22:ac:62:4a:75:66:f9:c2:93:f6:ac:d6:29:19:
83:ab:f5:a8:e2:93:9a:00:c9:c1:f1:b0:e0:1f:1a:
94:7a:a1:f0:5c:81:f1:c1:2b:b9:04:21:ad:0a:ec:
3f:18:2f:73:49:9e:f0:34:ce:a5:4a:75:1e:06:a3:
d9:75:72:1c:ea:3f:a8:57:f4:57:dd:6c:a0:cf:66:
42:59:a6:d7:8c:e6:31:1b:b9:86:39:0b:de:74:30:
75:ec:15:0e:e9:21:c1:0a:fd:3e:3b:32:d5:6e:43:
ee:bb:a3:74:21:45:a4:ad:00:b4:a9:31:d7:ed:ad:
62:4d:8f:a7:f8:da:e2:21:61:81:11:22:39:5a:5e:
ce:dd:70:7f:0e:01:ed:14:c7:49:aa:be:0c:23:8b:
32:01:f8:78:9e:65:39:67:b9:87:aa:79:79:80:d2:
94:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:96:C9:44:74:86:53:2A:18:C9:7F:2C:A3:DC:6D:67:54:93:C9:1B
X509v3 Authority Key Identifier:
keyid:BB:78:75:E4:C6:E5:44:B5:74:7A:11:5F:E8:CD:F6:89:8C:8D:E7:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C7BB/8CE59DA4645F11EABC69297AC4F9AE02/u3h15MblRLV0ehFf6M32iYyN5zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u3h15MblRLV0ehFf6M32iYyN5zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C7BB/8CE59DA4645F11EABC69297AC4F9AE02/8FBF25D88B5711ECB078821AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.218.0/24
IPv6:
2405:a1c0::/32
Signature Algorithm: sha256WithRSAEncryption
37:3f:79:50:7f:6e:61:28:a1:53:86:e2:84:7b:af:d8:ec:a8:
6a:62:4d:06:e0:64:7e:21:a2:53:a9:c1:33:5d:bc:a2:f0:17:
bd:48:7b:7c:51:af:12:17:89:6c:df:f2:0f:67:d2:57:e6:4e:
f1:b1:4b:92:ae:bb:71:37:18:28:bc:fb:53:2f:0f:65:c1:32:
21:91:cb:95:d2:f3:f8:24:40:c9:bc:14:75:a7:cb:70:80:b5:
18:88:b2:f3:83:0d:7c:81:64:78:27:09:63:2f:bc:09:6c:3f:
a7:f9:da:48:21:98:b5:7e:6a:4a:d1:6a:a4:a0:f4:64:f4:1a:
f8:8c:7e:0c:98:84:9f:8a:a3:e1:ca:33:d6:b9:48:b1:5f:7e:
78:82:58:90:2f:38:97:6b:4b:c1:9d:cd:5f:ce:36:c7:1b:e1:
58:b2:ed:ad:e8:7b:ea:e9:ea:21:fe:90:a3:1e:dd:97:b1:21:
28:a2:4f:c0:c5:cf:21:a6:62:41:ee:d6:bb:02:3d:ed:18:2e:
0d:05:5b:c9:fc:99:79:4f:69:83:0e:15:fd:40:60:05:62:32:
3a:e6:9e:e4:1b:0f:11:91:7a:ea:cf:01:15:ca:53:20:59:b8:
49:28:f5:f4:b6:f9:6d:a9:1e:4f:5c:6a:64:65:49:40:28:49:
94:7f:e3:41
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBpgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM3QkIxMTAvBgNVBAUTKEJCNzg3NUU0QzZFNTQ0QjU3NDdBMTE1RkU4Q0RGNjg5
OEM4REU3MzMwHhcNMjIwMjExMTYyNzUzWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA2OGU4OS1kYTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApqgdaxYJbqjbmSkvdNJcNFPrJrW0TBeAnOI8PoZcQ1VE4GA35Phl+2ItUk5G
tONjTHUWcx9iKacKOFGFSwY+SV0FwZRlWsJ0KxZgEnpgIsz/lQ7rF6ujycWQIqxi
SnVm+cKT9qzWKRmDq/Wo4pOaAMnB8bDgHxqUeqHwXIHxwSu5BCGtCuw/GC9zSZ7w
NM6lSnUeBqPZdXIc6j+oV/RX3Wygz2ZCWabXjOYxG7mGOQvedDB17BUO6SHBCv0+
OzLVbkPuu6N0IUWkrQC0qTHX7a1iTY+n+NriIWGBESI5Wl7O3XB/DgHtFMdJqr4M
I4syAfh4nmU5Z7mHqnl5gNKUfwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAiWyUR0
hlMqGMl/LKPcbWdUk8kbMB8GA1UdIwQYMBaAFLt4deTG5US1dHoRX+jN9omMjecz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzdCQi84Q0U1OURBNDY0
NUYxMUVBQkM2OTI5N0FDNEY5QUUwMi91M2gxNU1ibFJMVjBlaEZmNk0zMmlZeU41
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UzaDE1TWJsUkxWMGVoRmY2TTMyaVl5TjV6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM3QkIvOENFNTlEQTQ2NDVGMTFFQUJDNjkyOTdBQzRGOUFFMDIvOEZCRjI1RDg4
QjU3MTFFQ0IwNzg4MjFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnktowDQQCAAIwBwMFACQFocAwDQYJKoZIhvcNAQELBQAD
ggEBADc/eVB/bmEooVOG4oR7r9jsqGpiTQbgZH4holOpwTNdvKLwF71Ie3xRrxIX
iWzf8g9n0lfmTvGxS5Kuu3E3GCi8+1MvD2XBMiGRy5XS8/gkQMm8FHWny3CAtRiI
svODDXyBZHgnCWMvvAlsP6f52kghmLV+akrRaqSg9GT0GviMfgyYhJ+Ko+HKM9a5
SLFffniCWJAvOJdrS8GdzV/ONscb4Viy7a3oe+rp6iH+kKMe3ZexISiiT8DFzyGm
YkHu1rsCPe0YLg0FW8n8mXlPaYMOFf1AYAViMjrmnuQbDxGReurPARXKUyBZuEko
9fS2+W2pHk9camRlSUAoSZR/40E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org