Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129969/CF395C381C6A11EEBF62AC0DC4F9AE02/350E31381C9711EEB652AC79C4F9AE02.roa
File: 350E31381C9711EEB652AC79C4F9AE02.roa (raw, json)
Hash identifier: dRKPRCDvDhBREPdXvY6udLtcV2/sVA9CtXQLBnvLQ1I=
Subject key identifier: 89:00:05:48:E8:FA:64:88:88:DF:19:5C:A0:D8:0C:9E:59:5C:27:70
Certificate issuer: /CN=A9129969/serialNumber=01666FC7DD875DFFA0E19BC73CBADA8ECF9A5827
Certificate serial: 0C
Authority key identifier: 01:66:6F:C7:DD:87:5D:FF:A0:E1:9B:C7:3C:BA:DA:8E:CF:9A:58:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AWZvx92HXf-g4ZvHPLrajs-aWCc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129969/CF395C381C6A11EEBF62AC0DC4F9AE02/350E31381C9711EEB652AC79C4F9AE02.roa
Signing time: Fri 07 Jul 2023 09:44:46 +0000
ROA not before: Fri 07 Jul 2023 09:44:46 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 23854
IP address blocks: 119.15.64.0/24 maxlen: 24
119.15.70.0/23 maxlen: 24
203.8.95.0/24 maxlen: 24
203.26.51.0/24 maxlen: 24
203.26.177.0/24 maxlen: 24
203.31.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129969/serialNumber=01666FC7DD875DFFA0E19BC73CBADA8ECF9A5827
Validity
Not Before: Jul 7 09:44:46 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64a7de8e-f8d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:33:56:46:06:ce:8c:4b:f3:77:4f:4e:8c:ca:
67:8b:bb:42:16:be:3d:57:95:b7:7b:07:f6:3d:d0:
92:22:89:96:de:0f:bc:25:b1:72:01:da:76:00:ba:
82:e8:f5:48:3a:5e:0f:48:60:b0:1e:b9:68:a7:9f:
8e:90:a2:66:48:1c:f4:fd:76:82:f1:48:be:c4:f3:
20:fa:13:71:a9:95:cc:fe:75:95:ef:d1:d6:76:96:
19:32:60:2b:59:70:5b:0b:fd:e5:01:b1:99:c2:24:
4e:a9:5d:11:9b:41:46:94:7f:ba:a3:0b:61:8b:ad:
8f:36:87:e5:3a:cb:33:2e:a5:db:4a:bf:18:a8:df:
46:63:14:8d:75:af:8c:52:fa:78:95:18:e6:a5:30:
a1:5f:d9:ee:7c:d9:c8:4e:5a:98:b9:94:ad:31:b1:
c9:bb:02:4c:a3:f2:b7:4b:59:94:a2:33:cc:5f:8f:
43:84:e5:c0:a9:b7:b5:80:a1:13:71:54:bf:24:85:
df:74:20:0d:cb:4a:5c:d0:f4:bd:35:f2:1f:89:f5:
10:54:ee:cd:18:08:4b:7d:4e:67:79:69:87:2b:b1:
fa:42:b5:7a:79:4a:a3:11:f0:9c:2c:dc:5c:a7:2d:
17:22:e9:cc:79:7a:63:d8:72:08:ae:77:12:dd:97:
3f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:00:05:48:E8:FA:64:88:88:DF:19:5C:A0:D8:0C:9E:59:5C:27:70
X509v3 Authority Key Identifier:
keyid:01:66:6F:C7:DD:87:5D:FF:A0:E1:9B:C7:3C:BA:DA:8E:CF:9A:58:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129969/CF395C381C6A11EEBF62AC0DC4F9AE02/AWZvx92HXf-g4ZvHPLrajs-aWCc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AWZvx92HXf-g4ZvHPLrajs-aWCc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129969/CF395C381C6A11EEBF62AC0DC4F9AE02/350E31381C9711EEB652AC79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.64.0/24
119.15.70.0/23
203.8.95.0/24
203.26.51.0/24
203.26.177.0/24
203.31.75.0/24
Signature Algorithm: sha256WithRSAEncryption
46:0f:94:74:23:0e:85:a9:03:80:5d:ca:99:9d:68:7a:6f:f6:
2e:9e:24:5b:57:fc:7f:1d:18:12:ad:c6:af:38:19:93:9e:41:
f2:96:3d:80:f8:56:9c:22:0c:14:e9:a3:82:d0:b6:1d:f3:db:
c0:bf:14:15:0a:39:00:f6:84:72:76:40:ac:15:94:ad:15:b1:
f1:65:5a:b2:a7:60:91:15:16:7e:df:10:ff:7c:76:91:a3:c4:
01:5f:b7:22:80:81:8e:66:3a:14:63:33:a4:75:48:36:2d:48:
e7:91:5d:ce:2f:d8:9c:75:e6:90:fd:26:3e:89:26:6c:cf:15:
ee:a3:47:f4:55:cd:d9:4f:a2:bd:35:f9:38:db:4c:c0:47:9a:
b6:7c:44:11:b4:b4:36:c3:3d:9b:50:89:63:c1:29:56:ca:25:
d0:1c:42:17:7e:0e:96:69:fe:0d:1b:48:50:cb:fb:ca:ce:cb:
9a:f9:f8:c6:57:fe:ba:87:d9:07:2d:2e:37:f8:4b:a8:ac:48:
36:f0:d5:61:56:b1:3f:b0:24:53:49:4a:24:0f:a6:67:2a:32:
c0:d0:66:bb:ca:54:77:c1:48:bc:72:2b:29:4e:38:6d:29:ea:
16:f8:ea:44:d2:f6:64:f3:a1:8a:32:03:60:59:38:8f:52:36:
f4:96:04:e1
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
OTk2OTExMC8GA1UEBRMoMDE2NjZGQzdERDg3NURGRkEwRTE5QkM3M0NCQURBOEVD
RjlBNTgyNzAeFw0yMzA3MDcwOTQ0NDZaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YTdkZThlLWY4ZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD8M1ZGBs6MS/N3T06MymeLu0IWvj1Xlbd7B/Y90JIiiZbeD7wlsXIB2nYAuoLo
9Ug6Xg9IYLAeuWinn46QomZIHPT9doLxSL7E8yD6E3Gplcz+dZXv0dZ2lhkyYCtZ
cFsL/eUBsZnCJE6pXRGbQUaUf7qjC2GLrY82h+U6yzMupdtKvxio30ZjFI11r4xS
+niVGOalMKFf2e582chOWpi5lK0xscm7Akyj8rdLWZSiM8xfj0OE5cCpt7WAoRNx
VL8khd90IA3LSlzQ9L018h+J9RBU7s0YCEt9Tmd5aYcrsfpCtXp5SqMR8Jws3Fyn
LRci6cx5emPYcgiudxLdlz9BAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUiQAFSOj6
ZIiI3xlcoNgMnllcJ3AwHwYDVR0jBBgwFoAUAWZvx92HXf+g4ZvHPLrajs+aWCcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI5OTY5L0NGMzk1QzM4MUM2
QTExRUVCRjYyQUMwREM0RjlBRTAyL0FXWnZ4OTJIWGYtZzRadkhQTHJhanMtYVdD
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQVdadng5MkhYZi1nNFp2SFBMcmFqcy1hV0NjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
OTk2OS9DRjM5NUMzODFDNkExMUVFQkY2MkFDMERDNEY5QUUwMi8zNTBFMzEzODFD
OTcxMUVFQjY1MkFDNzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA9BggrBgEFBQcBBwEB/wQu
MCwwKgQCAAEwJAMEAHcPQAMEAXcPRgMEAMsIXwMEAMsaMwMEAMsasQMEAMsfSzAN
BgkqhkiG9w0BAQsFAAOCAQEARg+UdCMOhakDgF3KmZ1oem/2Lp4kW1f8fx0YEq3G
rzgZk55B8pY9gPhWnCIMFOmjgtC2HfPbwL8UFQo5APaEcnZArBWUrRWx8WVasqdg
kRUWft8Q/3x2kaPEAV+3IoCBjmY6FGMzpHVINi1I55Fdzi/YnHXmkP0mPokmbM8V
7qNH9FXN2U+ivTX5ONtMwEeatnxEEbS0NsM9m1CJY8EpVsol0BxCF34Olmn+DRtI
UMv7ys7Lmvn4xlf+uofZBy0uN/hLqKxINvDVYVaxP7AkU0lKJA+mZyoywNBmu8pU
d8FIvHIrKU44bSnqFvjqRNL2ZPOhijIDYFk4j1I29JYE4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org