Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/5E4D59D0013411EE81A9F21FC4F9AE02.roa
File: 5E4D59D0013411EE81A9F21FC4F9AE02.roa (raw, json)
Hash identifier: 22lpOAE4yHhgtTTlDbmaSzJ5UgUlsuVGZbAG6oMjrJw=
Subject key identifier: 4B:B4:DC:1E:3F:1C:96:A7:BF:FC:CF:3C:A7:3A:85:6C:1A:A5:09:32
Certificate issuer: /CN=A912D3CB/serialNumber=EDD2A69686865256C9B0FDDD6B714966D5378F33
Certificate serial: 08DD
Authority key identifier: ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/5E4D59D0013411EE81A9F21FC4F9AE02.roa
Signing time: Fri 02 Jun 2023 10:58:13 +0000
ROA not before: Fri 02 Jun 2023 10:58:13 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 150750
IP address blocks: 123.108.92.0/24 maxlen: 24
123.108.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2269 (0x8dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912D3CB/serialNumber=EDD2A69686865256C9B0FDDD6B714966D5378F33
Validity
Not Before: Jun 2 10:58:13 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=6479cb45-732a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4d:a6:ed:68:95:36:08:29:81:42:04:59:8c:
4a:2f:d6:8a:9f:22:4c:7c:51:62:c9:c4:a3:40:85:
49:5e:21:9f:30:0b:47:75:37:d2:f7:73:4d:69:7c:
5e:3f:87:f8:86:84:d3:95:e3:14:eb:38:26:52:34:
7d:f7:b5:c2:bd:7a:3d:bb:61:07:e4:bb:06:8d:1b:
2e:fd:00:e3:25:a8:d7:21:5b:c4:4b:7d:7c:0e:3a:
e9:87:d6:a8:d0:05:ad:0a:f7:08:4a:86:bb:d3:82:
d1:6b:20:75:aa:29:53:74:f8:25:3f:db:d6:63:32:
c0:ed:f1:3e:8e:6e:ca:aa:8a:0d:4f:42:f4:41:6c:
f9:53:48:97:f5:ad:39:f1:70:a0:46:3e:70:38:b4:
7e:49:e4:ee:57:3a:9a:8a:54:81:45:0f:e8:37:0f:
c7:f3:87:d9:a1:3a:6d:fc:2a:c9:42:76:94:8c:2a:
c6:be:61:e7:91:37:e3:33:1e:46:2b:99:11:3c:f7:
37:64:42:10:a2:d0:49:11:f5:3e:69:f5:55:86:a3:
9d:53:a7:5c:8b:12:0a:30:14:0d:a5:d0:49:c6:03:
2e:e4:ee:9d:86:fc:54:3d:2c:c9:57:c2:af:df:b8:
46:a6:d3:0b:92:49:61:19:15:05:a2:b6:9e:4d:ec:
7a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B4:DC:1E:3F:1C:96:A7:BF:FC:CF:3C:A7:3A:85:6C:1A:A5:09:32
X509v3 Authority Key Identifier:
keyid:ED:D2:A6:96:86:86:52:56:C9:B0:FD:DD:6B:71:49:66:D5:37:8F:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/7dKmloaGUlbJsP3da3FJZtU3jzM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7dKmloaGUlbJsP3da3FJZtU3jzM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D3CB/A9A439FC69B211EA9779DD48C4F9AE02/5E4D59D0013411EE81A9F21FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.108.92.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:d5:d8:e1:4a:b8:7b:cd:4a:ff:82:b7:d7:e7:d2:33:07:9a:
0a:65:23:f6:6c:3f:04:e6:57:d7:08:fb:81:02:af:2a:16:82:
8a:aa:be:35:83:65:e2:84:a2:9b:05:86:9a:7f:1f:f9:2c:44:
b1:ce:9b:7c:55:2f:fd:ac:42:40:3b:7f:8a:dc:db:e7:d2:34:
03:7d:18:90:b7:a6:1a:f4:c8:d8:c7:e9:27:94:ee:4a:38:eb:
c0:88:03:14:32:da:cf:19:02:b0:8e:b0:24:a8:52:35:46:eb:
84:fb:a0:d2:cb:dd:8d:29:30:82:e8:b9:01:f4:a6:c6:58:d8:
74:6f:68:f7:ec:84:23:29:a9:2c:6d:31:ad:4c:72:35:48:dc:
40:ad:e5:c0:53:a1:5b:a5:42:a7:ef:a0:42:10:fe:92:81:67:
6e:7e:ff:57:2c:ff:c1:82:89:cc:6d:56:1c:b3:83:eb:a7:7a:
f3:42:5a:05:cb:4a:92:cc:9f:3a:19:51:fd:a6:97:85:ed:1f:
24:52:02:ab:74:58:bf:eb:57:56:63:12:75:d4:02:58:bf:7d:
9b:c2:95:4b:17:6c:2e:3b:ad:d5:7b:bc:34:fb:5a:76:6b:14:
33:d3:be:56:e5:9a:cb:49:58:fe:45:f9:d6:6b:34:4f:85:00:
86:31:27:d1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkQzQ0IxMTAvBgNVBAUTKEVERDJBNjk2ODY4NjUyNTZDOUIwRkRERDZCNzE0OTY2
RDUzNzhGMzMwHhcNMjMwNjAyMTA1ODEzWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5Y2I0NS03MzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA002m7WiVNggpgUIEWYxKL9aKnyJMfFFiycSjQIVJXiGfMAtHdTfS93NNaXxe
P4f4hoTTleMU6zgmUjR997XCvXo9u2EH5LsGjRsu/QDjJajXIVvES318Djrph9ao
0AWtCvcISoa704LRayB1qilTdPglP9vWYzLA7fE+jm7KqooNT0L0QWz5U0iX9a05
8XCgRj5wOLR+SeTuVzqailSBRQ/oNw/H84fZoTpt/CrJQnaUjCrGvmHnkTfjMx5G
K5kRPPc3ZEIQotBJEfU+afVVhqOdU6dcixIKMBQNpdBJxgMu5O6dhvxUPSzJV8Kv
37hGptMLkklhGRUForaeTex6iwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEu03B4/
HJanv/zPPKc6hWwapQkyMB8GA1UdIwQYMBaAFO3SppaGhlJWybD93WtxSWbVN48z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRDNDQi9BOUE0MzlGQzY5
QjIxMUVBOTc3OURENDhDNEY5QUUwMi83ZEttbG9hR1VsYkpzUDNkYTNGSlp0VTNq
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdkS21sb2FHVWxiSnNQM2RhM0ZKWnRVM2p6TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkQzQ0IvQTlBNDM5RkM2OUIyMTFFQTk3NzlERDQ4QzRGOUFFMDIvNUU0RDU5RDAw
MTM0MTFFRTgxQTlGMjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAF7bFwwDQYJKoZIhvcNAQELBQADggEBAG/V2OFKuHvNSv+C
t9fn0jMHmgplI/ZsPwTmV9cI+4ECryoWgoqqvjWDZeKEopsFhpp/H/ksRLHOm3xV
L/2sQkA7f4rc2+fSNAN9GJC3phr0yNjH6SeU7ko468CIAxQy2s8ZArCOsCSoUjVG
64T7oNLL3Y0pMILouQH0psZY2HRvaPfshCMpqSxtMa1McjVI3ECt5cBToVulQqfv
oEIQ/pKBZ25+/1cs/8GCicxtVhyzg+unevNCWgXLSpLMnzoZUf2ml4XtHyRSAqt0
WL/rV1ZjEnXUAli/fZvClUsXbC47rdV7vDT7WnZrFDPTvlblmstJWP5F+dZrNE+F
AIYxJ9E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org