Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/37A6001CA30F11ED9C9ACA0EC4F9AE02.roa
File: 37A6001CA30F11ED9C9ACA0EC4F9AE02.roa (raw, json)
Hash identifier: xPeatZgx+EHT+Qa+WIeJ0wl3Zqqdksqdyhpfal/h+V8=
Subject key identifier: C0:9D:43:87:DC:9C:90:C8:D8:DB:FD:86:38:A0:94:7F:15:B1:54:ED
Certificate issuer: /CN=A91262F0/serialNumber=FC4AE7D9E3F419A7D204A54C79D1F3EFA9A7D6C8
Certificate serial: 02
Authority key identifier: FC:4A:E7:D9:E3:F4:19:A7:D2:04:A5:4C:79:D1:F3:EF:A9:A7:D6:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Ern2eP0GafSBKVMedHz76mn1sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/37A6001CA30F11ED9C9ACA0EC4F9AE02.roa
Signing time: Thu 02 Feb 2023 15:35:27 +0000
ROA not before: Thu 02 Feb 2023 15:35:27 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 17539
IP address blocks: 58.84.28.0/22 maxlen: 22
103.197.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262F0/serialNumber=FC4AE7D9E3F419A7D204A54C79D1F3EFA9A7D6C8
Validity
Not Before: Feb 2 15:35:27 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63dbd83f-c995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8d:19:34:ae:1b:30:d7:e8:13:2c:77:30:c1:
66:6c:cd:dd:da:f5:55:f0:52:3f:e6:73:5f:33:85:
98:29:82:04:92:a1:b7:33:e7:ae:1f:1b:17:2a:62:
54:70:d6:79:a8:28:02:c8:e0:8d:1d:e5:ac:5b:51:
1a:d6:cc:fc:23:9b:5c:00:fc:a2:15:46:d4:6e:f8:
27:35:f5:7f:4e:d3:41:40:e7:22:36:39:68:dd:77:
d7:58:5b:5a:31:00:22:0d:bb:09:73:a4:18:4d:1e:
0b:b9:79:e0:52:98:3b:bb:68:d4:28:bf:f5:a4:80:
1f:81:b4:aa:40:b7:73:ba:15:3c:16:f9:99:fb:04:
10:b2:de:e4:6e:6b:c3:7b:70:bb:83:ce:21:13:1c:
cc:1d:b1:c9:47:de:e7:2a:97:54:e5:a3:c7:f8:a0:
27:d2:0e:c8:47:a3:d6:0e:1e:c5:92:cd:46:7e:6d:
a8:47:8f:81:84:dd:f3:43:fb:ed:98:58:91:16:fa:
14:3f:f0:ec:72:9a:9d:70:70:4c:7a:4b:61:fa:37:
e6:ef:27:68:24:6b:ae:01:06:b6:cc:93:98:c4:b2:
05:28:9d:26:45:e0:9a:80:f3:3d:56:7a:06:92:1d:
f3:f8:91:ae:79:82:fe:cc:1a:70:27:98:7f:57:d3:
f0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9D:43:87:DC:9C:90:C8:D8:DB:FD:86:38:A0:94:7F:15:B1:54:ED
X509v3 Authority Key Identifier:
keyid:FC:4A:E7:D9:E3:F4:19:A7:D2:04:A5:4C:79:D1:F3:EF:A9:A7:D6:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/_Ern2eP0GafSBKVMedHz76mn1sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Ern2eP0GafSBKVMedHz76mn1sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262F0/33AD0A62A30C11EDB3388C0CC4F9AE02/37A6001CA30F11ED9C9ACA0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.84.28.0/22
103.197.44.0/22
Signature Algorithm: sha256WithRSAEncryption
84:07:59:80:cd:d4:37:76:b8:f2:1f:21:5d:95:cd:8c:8e:ca:
b3:c4:7c:a5:cb:56:5c:4d:ab:92:76:80:f2:7f:fe:17:b1:0d:
a5:8f:d6:b0:cb:d3:7a:ab:b3:95:ab:51:76:10:2b:e4:96:b4:
45:64:3c:d4:5c:c8:7d:a2:a4:96:de:94:cf:b3:70:cc:94:a5:
2b:4f:c8:ff:ca:82:d4:45:b2:3c:24:87:e9:b1:5b:4f:6b:c5:
20:be:2a:65:7b:b3:9e:7c:fa:57:07:03:19:e1:5c:a1:6f:5c:
28:cd:35:2f:b7:31:d6:b6:6d:95:57:c5:65:9e:07:35:b9:01:
c8:a9:d9:65:6a:3e:cd:b2:71:e1:42:f3:5c:46:40:8a:f7:9a:
a2:86:9c:5e:08:e9:48:c1:7b:74:71:50:40:f2:25:05:e3:43:
f0:be:31:e5:91:f4:7e:7e:6f:49:42:78:e9:47:72:4f:5f:48:
d4:20:af:30:33:a4:eb:8b:fa:45:1e:e1:79:b4:4b:ec:e6:b4:
9c:26:45:3d:87:36:f3:a9:fb:4b:ef:79:1f:51:ef:9d:83:0c:
84:de:2b:b0:74:42:b9:60:58:9a:ff:13:0a:7e:46:8a:60:9e:
85:59:fc:36:7f:0c:db:a7:b6:b3:b4:22:82:a6:72:d7:4d:c2:
c6:73:43:f1
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
NjJGMDExMC8GA1UEBRMoRkM0QUU3RDlFM0Y0MTlBN0QyMDRBNTRDNzlEMUYzRUZB
OUE3RDZDODAeFw0yMzAyMDIxNTM1MjdaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZGJkODNmLWM5OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8jRk0rhsw1+gTLHcwwWZszd3a9VXwUj/mc18zhZgpggSSobcz564fGxcqYlRw
1nmoKALI4I0d5axbURrWzPwjm1wA/KIVRtRu+Cc19X9O00FA5yI2OWjdd9dYW1ox
ACINuwlzpBhNHgu5eeBSmDu7aNQov/WkgB+BtKpAt3O6FTwW+Zn7BBCy3uRua8N7
cLuDziETHMwdsclH3ucql1Tlo8f4oCfSDshHo9YOHsWSzUZ+bahHj4GE3fND++2Y
WJEW+hQ/8Oxymp1wcEx6S2H6N+bvJ2gka64BBrbMk5jEsgUonSZF4JqA8z1WegaS
HfP4ka55gv7MGnAnmH9X0/D9AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUwJ1Dh9yc
kMjY2/2GOKCUfxWxVO0wHwYDVR0jBBgwFoAU/Ern2eP0GafSBKVMedHz76mn1sgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI2MkYwLzMzQUQwQTYyQTMw
QzExRURCMzM4OEMwQ0M0RjlBRTAyL19Fcm4yZVAwR2FmU0JLVk1lZEh6NzZtbjFz
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvX0VybjJlUDBHYWZTQktWTWVkSHo3Nm1uMXNnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NjJGMC8zM0FEMEE2MkEzMEMxMUVEQjMzODhDMENDNEY5QUUwMi8zN0E2MDAxQ0Ez
MEYxMUVEOUM5QUNBMEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAjpUHAMEAmfFLDANBgkqhkiG9w0BAQsFAAOCAQEAhAdZgM3U
N3a48h8hXZXNjI7Ks8R8pctWXE2rknaA8n/+F7ENpY/WsMvTequzlatRdhAr5Ja0
RWQ81FzIfaKklt6Uz7NwzJSlK0/I/8qC1EWyPCSH6bFbT2vFIL4qZXuznnz6VwcD
GeFcoW9cKM01L7cx1rZtlVfFZZ4HNbkByKnZZWo+zbJx4ULzXEZAiveaooacXgjp
SMF7dHFQQPIlBeND8L4x5ZH0fn5vSUJ46UdyT19I1CCvMDOk64v6RR7hebRL7Oa0
nCZFPYc286n7S+95H1HvnYMMhN4rsHRCuWBYmv8TCn5GimCehVn8Nn8M26e2s7Qi
gqZy103CxnND8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org