Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9025/10D771C2788411EAADA51310C4F9AE02/BCB8F46A78BC11EAB9E4F747C4F9AE02.roa
File: BCB8F46A78BC11EAB9E4F747C4F9AE02.roa (raw, json)
Hash identifier: ENchKG9SdWC2AZN+8y78BKEOy5ibyzapezc8zynAfz4=
Subject key identifier: 29:65:20:B3:C0:9D:32:9D:AA:68:7B:F7:D1:ED:DB:8A:7C:69:3C:8F
Certificate issuer: /CN=A91C9025/serialNumber=06DF1B524BD0DDDDA179B0450627EAF7F8D94C00
Certificate serial: 061C
Authority key identifier: 06:DF:1B:52:4B:D0:DD:DD:A1:79:B0:45:06:27:EA:F7:F8:D9:4C:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bt8bUkvQ3d2hebBFBifq9_jZTAA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9025/10D771C2788411EAADA51310C4F9AE02/BCB8F46A78BC11EAB9E4F747C4F9AE02.roa
Signing time: Tue 01 Feb 2022 10:08:01 +0000
ROA not before: Tue 01 Feb 2022 10:08:01 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 59214
IP address blocks: 123.108.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1564 (0x61c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9025/serialNumber=06DF1B524BD0DDDDA179B0450627EAF7F8D94C00
Validity
Not Before: Feb 1 10:08:01 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61f90681-3890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d9:f8:6e:ff:02:b2:aa:e0:ff:8a:4f:c0:9b:
d0:b2:3b:f7:a8:b8:73:b1:bf:52:19:b4:5b:07:3b:
89:84:2a:f9:ab:3c:9a:ec:77:63:0d:b8:36:3b:63:
31:f8:72:e0:af:d1:41:15:a8:5a:7f:55:94:c9:c2:
fd:3a:65:6f:a9:5b:6d:e6:ce:e5:6d:bf:d5:88:8f:
77:76:2b:f3:2a:86:d9:b8:ba:25:30:73:fc:65:5f:
99:3a:54:71:03:2c:40:0f:6f:1b:f1:3d:2b:cd:f4:
28:84:04:5a:59:e3:3b:2f:cf:04:4c:51:74:36:8e:
4e:63:6b:f3:95:22:e1:0a:0a:60:63:a1:e6:c7:96:
a1:c6:7e:57:d8:d2:1f:e9:bb:4e:26:61:c2:c5:5c:
5e:b1:c5:77:12:98:7a:1e:de:bc:6a:b0:40:65:57:
59:a5:2a:82:25:34:17:d3:b1:c9:5f:a5:0e:98:4d:
da:07:e1:4e:5e:d6:77:cf:19:64:18:30:b3:da:d1:
64:6b:29:e5:2a:c6:8d:d9:29:c1:48:ca:c1:43:57:
04:70:db:1b:4c:4e:45:0d:40:ca:eb:43:42:60:87:
d0:34:74:23:a8:bd:b9:b7:ee:0f:03:16:79:14:2b:
e2:1f:3b:af:e7:fa:db:07:68:c5:93:51:6b:b4:88:
22:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:65:20:B3:C0:9D:32:9D:AA:68:7B:F7:D1:ED:DB:8A:7C:69:3C:8F
X509v3 Authority Key Identifier:
keyid:06:DF:1B:52:4B:D0:DD:DD:A1:79:B0:45:06:27:EA:F7:F8:D9:4C:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9025/10D771C2788411EAADA51310C4F9AE02/Bt8bUkvQ3d2hebBFBifq9_jZTAA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bt8bUkvQ3d2hebBFBifq9_jZTAA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9025/10D771C2788411EAADA51310C4F9AE02/BCB8F46A78BC11EAB9E4F747C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.108.72.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:7f:fb:d8:8e:f4:37:55:5f:c8:0b:3f:d4:09:af:24:d4:89:
0f:62:7d:39:aa:1e:5a:b4:f5:d4:85:06:0c:b7:ef:e2:59:60:
61:b5:ed:a3:3f:09:a0:8c:93:31:5e:5f:c2:62:47:f2:a2:87:
9a:62:6e:a0:b5:fe:db:49:77:23:61:7e:de:0a:c4:17:c2:38:
e9:ff:a8:0f:10:aa:1c:31:03:e5:28:ee:30:f4:73:93:f8:fb:
60:08:42:43:d0:05:5d:23:6b:59:73:fd:ad:a0:f3:b3:98:3d:
8e:3d:16:66:3b:fa:40:bc:dc:66:b5:26:71:85:cc:8e:5e:22:
58:3d:d7:97:91:4f:6f:ea:be:a6:fa:9a:84:7b:12:9e:cf:8b:
17:9e:83:10:1e:47:45:ae:91:bc:cd:50:fd:0b:f6:13:a2:fc:
d3:1c:9a:4c:09:9a:28:e8:d0:92:5a:5f:26:6f:62:ae:b1:b3:
ac:94:e6:33:38:84:20:77:96:9a:9e:6b:e0:d5:79:eb:9d:8b:
9a:63:ca:ec:38:4a:65:b6:55:cb:70:91:ed:5d:59:1f:4f:79:
76:34:25:f1:fa:2f:31:e2:f7:96:c0:51:37:bc:28:fa:bc:85:
5b:19:d0:98:d7:f4:59:4d:39:91:c6:7b:9e:d0:9d:9c:c4:b4:
5d:58:d4:97
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBhwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzkwMjUxMTAvBgNVBAUTKDA2REYxQjUyNEJEMERERERBMTc5QjA0NTA2MjdFQUY3
RjhEOTRDMDAwHhcNMjIwMjAxMTAwODAxWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY5MDY4MS0zODkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtNn4bv8Csqrg/4pPwJvQsjv3qLhzsb9SGbRbBzuJhCr5qzya7HdjDbg2O2Mx
+HLgr9FBFahaf1WUycL9OmVvqVtt5s7lbb/ViI93divzKobZuLolMHP8ZV+ZOlRx
AyxAD28b8T0rzfQohARaWeM7L88ETFF0No5OY2vzlSLhCgpgY6Hmx5ahxn5X2NIf
6btOJmHCxVxescV3Eph6Ht68arBAZVdZpSqCJTQX07HJX6UOmE3aB+FOXtZ3zxlk
GDCz2tFkaynlKsaN2SnBSMrBQ1cEcNsbTE5FDUDK60NCYIfQNHQjqL25t+4PAxZ5
FCviHzuv5/rbB2jFk1FrtIgiUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCllILPA
nTKdqmh799Ht24p8aTyPMB8GA1UdIwQYMBaAFAbfG1JL0N3doXmwRQYn6vf42UwA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTAyNS8xMEQ3NzFDMjc4
ODQxMUVBQURBNTEzMTBDNEY5QUUwMi9CdDhiVWt2UTNkMmhlYkJGQmlmcTlfalpU
QUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0J0OGJVa3ZRM2QyaGViQkZCaWZxOV9qWlRBQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzkwMjUvMTBENzcxQzI3ODg0MTFFQUFEQTUxMzEwQzRGOUFFMDIvQkNCOEY0NkE3
OEJDMTFFQUI5RTRGNzQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7bEgwDQYJKoZIhvcNAQELBQADggEBAHt/+9iO9DdVX8gL
P9QJryTUiQ9ifTmqHlq09dSFBgy37+JZYGG17aM/CaCMkzFeX8JiR/Kih5pibqC1
/ttJdyNhft4KxBfCOOn/qA8QqhwxA+Uo7jD0c5P4+2AIQkPQBV0ja1lz/a2g87OY
PY49FmY7+kC83Ga1JnGFzI5eIlg915eRT2/qvqb6moR7Ep7PixeegxAeR0WukbzN
UP0L9hOi/NMcmkwJmijo0JJaXyZvYq6xs6yU5jM4hCB3lpqea+DVeeudi5pjyuw4
SmW2Vctwke1dWR9PeXY0JfH6LzHi95bAUTe8KPq8hVsZ0JjX9FlNOZHGe57QnZzE
tF1Y1Jc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:07 2023 by rpki-client on console-fra.rpki-client.org