Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/3255C4E64E3011ED8BA5D30DC4F9AE02.roa
File: 3255C4E64E3011ED8BA5D30DC4F9AE02.roa (raw, json)
Hash identifier: cbJ0ucOYuA/ShZVC8yt2I5l19CwCzbu5BIdoaaZArbY=
Subject key identifier: B0:46:42:2A:4D:14:FC:12:7C:4A:DF:59:F3:6E:CF:11:6C:61:4F:C1
Certificate issuer: /CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093
Certificate serial: 0881
Authority key identifier: BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/3255C4E64E3011ED8BA5D30DC4F9AE02.roa
Signing time: Mon 17 Oct 2022 15:47:37 +0000
ROA not before: Mon 17 Oct 2022 15:47:37 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 59362
IP address blocks: 103.92.216.0/23 maxlen: 24
103.92.218.0/23 maxlen: 24
123.253.96.0/24 maxlen: 24
123.253.97.0/24 maxlen: 24
123.253.98.0/24 maxlen: 24
123.253.99.0/24 maxlen: 24
2401:21c0::/32 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2177 (0x881)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123F5D/serialNumber=BF522D9925A5846280F60530AD39D766E4ABF093
Validity
Not Before: Oct 17 15:47:37 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=634d7919-b9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:15:04:97:a3:b1:4a:0c:35:c8:0c:bb:c2:55:
d3:66:6a:00:c1:dc:0a:48:20:2c:32:47:42:4e:3d:
a8:34:84:11:e0:64:79:3b:1c:05:f9:1a:ef:4b:36:
11:c0:36:dd:55:05:0a:6f:ce:7a:16:ed:42:40:ee:
95:99:21:3f:31:61:d6:e4:e8:a2:11:63:83:3b:92:
cf:e6:c5:6f:2b:c8:ac:1f:4a:98:d9:3f:32:26:2b:
53:32:c0:ee:12:97:82:52:60:97:a3:7e:9c:7d:d5:
7a:70:37:c3:60:2e:b2:b5:89:49:11:33:f2:c2:54:
d2:a0:fc:ba:db:69:7f:ed:12:26:c6:fc:ab:02:7b:
f6:84:33:1c:6c:8a:87:9a:6e:71:71:70:5f:91:d9:
7b:e3:19:99:ca:03:7b:a8:ad:a1:41:af:8b:00:33:
f4:ea:b9:da:6b:52:cd:fe:56:88:c1:38:3a:41:c1:
e8:40:39:b4:33:2f:30:56:8e:2a:f7:6c:ca:97:7b:
a4:92:32:da:8d:01:96:28:54:cd:3b:e8:5f:fb:f8:
90:36:6e:94:6a:40:54:71:c1:73:8d:f9:9f:44:ed:
95:af:cc:e8:ee:b0:62:3c:88:95:10:08:b6:cc:a3:
10:3a:59:c6:33:3b:9e:1a:51:f2:46:14:f2:2c:7a:
51:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:46:42:2A:4D:14:FC:12:7C:4A:DF:59:F3:6E:CF:11:6C:61:4F:C1
X509v3 Authority Key Identifier:
keyid:BF:52:2D:99:25:A5:84:62:80:F6:05:30:AD:39:D7:66:E4:AB:F0:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/v1ItmSWlhGKA9gUwrTnXZuSr8JM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v1ItmSWlhGKA9gUwrTnXZuSr8JM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123F5D/75F875F2669011EA9683FB2FC4F9AE02/3255C4E64E3011ED8BA5D30DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.92.216.0/22
123.253.96.0/22
IPv6:
2401:21c0::/32
Signature Algorithm: sha256WithRSAEncryption
be:4a:77:8d:39:48:62:b5:62:c6:ee:6f:4c:60:bb:6e:91:e0:
32:da:29:72:c5:31:20:bd:b2:5d:98:67:dd:4f:47:ec:aa:fa:
a8:5f:f9:76:e6:ef:20:06:ff:e9:4f:68:cb:46:f1:c6:f7:2d:
93:23:16:1d:36:d9:06:a1:15:98:a4:6c:ca:de:19:c3:1a:ef:
f4:f4:06:66:e1:71:3c:e6:23:2d:d9:37:31:ee:3f:79:d6:7d:
c2:de:ba:df:18:a3:bd:d7:df:32:7b:92:f2:ae:53:c6:c1:6d:
85:29:15:f5:a1:81:74:e1:35:2c:b2:29:e0:6e:28:30:ad:ee:
fb:ae:ac:11:a9:20:f2:95:b6:13:1b:66:96:dc:59:0d:27:06:
49:c3:54:43:12:07:0e:56:53:bf:c1:39:f5:08:22:f2:d8:2c:
ad:60:90:22:e2:ea:00:72:c2:13:c8:f8:5b:5f:e2:c0:8f:10:
d4:c9:8b:a0:0b:29:12:b9:05:c5:4f:ef:5f:5a:d9:57:b2:0d:
33:cd:f4:74:79:33:9d:fb:cd:9c:5c:86:7d:2e:4b:7e:ef:91:
b1:ec:e8:bb:27:d5:ce:b5:0f:81:68:66:35:9c:4f:23:fa:2f:
9b:5d:97:fe:06:eb:2c:ce:3f:96:46:e7:a6:79:76:9d:a5:21:
61:42:72:e0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNGNUQxMTAvBgNVBAUTKEJGNTIyRDk5MjVBNTg0NjI4MEY2MDUzMEFEMzlENzY2
RTRBQkYwOTMwHhcNMjIxMDE3MTU0NzM3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRkNzkxOS1iOWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAthUEl6OxSgw1yAy7wlXTZmoAwdwKSCAsMkdCTj2oNIQR4GR5OxwF+RrvSzYR
wDbdVQUKb856Fu1CQO6VmSE/MWHW5OiiEWODO5LP5sVvK8isH0qY2T8yJitTMsDu
EpeCUmCXo36cfdV6cDfDYC6ytYlJETPywlTSoPy622l/7RImxvyrAnv2hDMcbIqH
mm5xcXBfkdl74xmZygN7qK2hQa+LADP06rnaa1LN/laIwTg6QcHoQDm0My8wVo4q
92zKl3ukkjLajQGWKFTNO+hf+/iQNm6UakBUccFzjfmfRO2Vr8zo7rBiPIiVEAi2
zKMQOlnGMzueGlHyRhTyLHpRvQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLBGQipN
FPwSfErfWfNuzxFsYU/BMB8GA1UdIwQYMBaAFL9SLZklpYRigPYFMK0512bkq/CT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0Y1RC83NUY4NzVGMjY2
OTAxMUVBOTY4M0ZCMkZDNEY5QUUwMi92MUl0bVNXbGhHS0E5Z1V3clRuWFp1U3I4
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YxSXRtU1dsaEdLQTlnVXdyVG5YWnVTcjhKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNGNUQvNzVGODc1RjI2NjkwMTFFQTk2ODNGQjJGQzRGOUFFMDIvMzI1NUM0RTY0
RTMwMTFFRDhCQTVEMzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnXNgDBAJ7/WAwDQQCAAIwBwMFACQBIcAwDQYJKoZIhvcN
AQELBQADggEBAL5Kd405SGK1Ysbub0xgu26R4DLaKXLFMSC9sl2YZ91PR+yq+qhf
+Xbm7yAG/+lPaMtG8cb3LZMjFh022QahFZikbMreGcMa7/T0BmbhcTzmIy3ZNzHu
P3nWfcLeut8Yo73X3zJ7kvKuU8bBbYUpFfWhgXThNSyyKeBuKDCt7vuurBGpIPKV
thMbZpbcWQ0nBknDVEMSBw5WU7/BOfUIIvLYLK1gkCLi6gBywhPI+Ftf4sCPENTJ
i6ALKRK5BcVP719a2VeyDTPN9HR5M537zZxchn0uS37vkbHs6Lsn1c61D4FoZjWc
TyP6L5tdl/4G6yzOP5ZG56Z5dp2lIWFCcuA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org