Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ECA1F/09D37E48DB0711EB9F659537C4F9AE02/BA86DCD4DB0811EB853F6638C4F9AE02.roa
File: BA86DCD4DB0811EB853F6638C4F9AE02.roa (raw, json)
Hash identifier: 90eQtQYsVu2EdLC92rYV5imvJ9foRMLilBlYZ+RhpJk=
Subject key identifier: F2:28:50:88:CD:66:47:5F:B5:3C:6B:53:07:53:31:45:EA:47:AD:1E
Certificate issuer: /CN=A91ECA1F/serialNumber=A7FB287839DDAC8A8AC8167F07041B6B25BD57DA
Certificate serial: 02
Authority key identifier: A7:FB:28:78:39:DD:AC:8A:8A:C8:16:7F:07:04:1B:6B:25:BD:57:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_soeDndrIqKyBZ_BwQbayW9V9o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ECA1F/09D37E48DB0711EB9F659537C4F9AE02/BA86DCD4DB0811EB853F6638C4F9AE02.roa
Signing time: Fri 02 Jul 2021 07:40:10 +0000
ROA not before: Fri 02 Jul 2021 07:40:10 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 1239
IP address blocks: 103.139.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ECA1F/serialNumber=A7FB287839DDAC8A8AC8167F07041B6B25BD57DA
Validity
Not Before: Jul 2 07:40:10 2021 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=60dec2da-a4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3a:a4:19:bf:ae:d3:2e:e1:bb:6a:67:f5:83:
bd:04:fb:8e:2d:f4:a3:9b:12:33:d0:d8:d0:4e:d1:
25:fd:b1:f5:54:6c:55:7f:4b:bb:13:ce:0e:2e:07:
a8:4d:c8:88:b9:31:bf:4f:9b:ba:5a:3c:25:f5:20:
60:83:8b:bd:0b:2c:b9:9d:a0:80:26:93:f4:fb:5e:
a6:b2:9e:9c:03:50:cb:fa:05:d9:a0:d2:25:94:ad:
65:f3:84:c0:77:a7:86:4f:56:96:75:5a:1a:aa:61:
85:8f:a7:5c:e0:68:b9:cf:3f:37:bc:f4:42:78:60:
43:ae:57:dc:6b:a0:de:1c:b1:a7:de:4f:3c:d2:c1:
49:11:a1:38:50:83:12:05:81:51:f0:de:6e:a6:91:
98:56:67:1e:fa:97:95:0f:9b:1e:2b:2c:59:fb:7a:
8b:80:da:0b:f1:b6:e2:1b:7d:ae:64:e7:89:bd:64:
94:7c:bc:ea:c5:62:2f:03:45:8f:a3:16:9e:6e:bd:
ec:36:d6:a4:7c:ac:ac:b2:09:45:34:6e:47:34:bd:
54:85:ea:b1:f0:e3:ca:c9:28:eb:d8:4d:ab:fa:88:
56:c7:cb:b7:8d:63:24:71:b1:ce:c9:1f:d8:94:d5:
7c:b0:c6:66:30:72:99:78:73:7e:4b:4f:fa:6c:bc:
42:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:28:50:88:CD:66:47:5F:B5:3C:6B:53:07:53:31:45:EA:47:AD:1E
X509v3 Authority Key Identifier:
keyid:A7:FB:28:78:39:DD:AC:8A:8A:C8:16:7F:07:04:1B:6B:25:BD:57:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ECA1F/09D37E48DB0711EB9F659537C4F9AE02/p_soeDndrIqKyBZ_BwQbayW9V9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p_soeDndrIqKyBZ_BwQbayW9V9o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ECA1F/09D37E48DB0711EB9F659537C4F9AE02/BA86DCD4DB0811EB853F6638C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.50.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:4f:4d:29:e3:a1:6e:04:48:ce:70:e3:61:0a:19:48:6a:51:
54:43:12:bb:6e:46:d0:fb:44:d0:6c:a5:41:bb:d0:7e:15:9d:
fc:17:b8:1c:b1:d7:8e:e8:aa:71:ba:99:2b:64:98:9d:30:e4:
dc:74:12:e8:02:49:02:d3:8c:24:dd:02:05:06:2e:5f:01:74:
41:97:7f:1b:44:bf:e4:bf:2d:e6:1f:aa:c1:e2:24:d4:2f:96:
96:9a:1e:70:c1:0d:b8:d5:7f:3f:45:bb:d5:ae:3f:e6:c8:ff:
ac:3d:f7:56:d5:9a:05:29:ce:60:71:b9:b5:96:19:71:50:51:
b5:23:71:21:73:e6:21:35:19:88:c9:f7:d7:a0:ec:2b:2c:f2:
1e:6f:fe:97:66:4e:4b:a4:4e:92:09:8e:01:8c:71:79:de:df:
8d:ff:06:6d:c4:1e:d5:37:af:3f:4c:94:e4:bc:66:0c:12:54:
8e:3d:fe:22:94:c1:38:01:e2:bb:84:ff:08:0b:5a:14:a5:3f:
63:ad:e7:9c:54:d3:b0:da:eb:45:7e:3f:26:3f:4d:d2:36:29:
b0:1c:4d:bc:30:08:a9:46:ec:fe:37:4e:7b:18:5c:24:31:a9:
68:17:20:59:fd:16:3a:53:29:12:d2:2f:fa:d2:6c:9d:67:a5:
e0:5d:2b:b6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
Q0ExRjExMC8GA1UEBRMoQTdGQjI4NzgzOUREQUM4QThBQzgxNjdGMDcwNDFCNkIy
NUJENTdEQTAeFw0yMTA3MDIwNzQwMTBaFw0yMjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYwZGVjMmRhLWE0YmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcOqQZv67TLuG7amf1g70E+44t9KObEjPQ2NBO0SX9sfVUbFV/S7sTzg4uB6hN
yIi5Mb9Pm7paPCX1IGCDi70LLLmdoIAmk/T7XqaynpwDUMv6Bdmg0iWUrWXzhMB3
p4ZPVpZ1WhqqYYWPp1zgaLnPPze89EJ4YEOuV9xroN4csafeTzzSwUkRoThQgxIF
gVHw3m6mkZhWZx76l5UPmx4rLFn7eouA2gvxtuIbfa5k54m9ZJR8vOrFYi8DRY+j
Fp5uvew21qR8rKyyCUU0bkc0vVSF6rHw48rJKOvYTav6iFbHy7eNYyRxsc7JH9iU
1XywxmYwcpl4c35LT/psvEIZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU8ihQiM1m
R1+1PGtTB1MxRepHrR4wHwYDVR0jBBgwFoAUp/soeDndrIqKyBZ/BwQbayW9V9ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDQTFGLzA5RDM3RTQ4REIw
NzExRUI5RjY1OTUzN0M0RjlBRTAyL3Bfc29lRG5kcklxS3lCWl9Cd1FiYXlXOVY5
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcF9zb2VEbmRySXFLeUJaX0J3UWJheVc5VjlvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
Q0ExRi8wOUQzN0U0OERCMDcxMUVCOUY2NTk1MzdDNEY5QUUwMi9CQTg2RENENERC
MDgxMUVCODUzRjY2MzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGeLMjANBgkqhkiG9w0BAQsFAAOCAQEApU9NKeOhbgRIznDj
YQoZSGpRVEMSu25G0PtE0GylQbvQfhWd/Be4HLHXjuiqcbqZK2SYnTDk3HQS6AJJ
AtOMJN0CBQYuXwF0QZd/G0S/5L8t5h+qweIk1C+WlpoecMENuNV/P0W71a4/5sj/
rD33VtWaBSnOYHG5tZYZcVBRtSNxIXPmITUZiMn316DsKyzyHm/+l2ZOS6ROkgmO
AYxxed7fjf8GbcQe1TevP0yU5LxmDBJUjj3+IpTBOAHiu4T/CAtaFKU/Y63nnFTT
sNrrRX4/Jj9N0jYpsBxNvDAIqUbs/jdOexhcJDGpaBcgWf0WOlMpEtIv+tJsnWel
4F0rtg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-ams.rpki-client.org