Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/806EA28A487A11ED896C5067C4F9AE02.roa
File: 806EA28A487A11ED896C5067C4F9AE02.roa (raw, json)
Hash identifier: xYMpo2ZojEaH1PZmLPsaffuWbT/xbTZw6aH69umBfD8=
Subject key identifier: 77:13:1A:C7:54:98:9B:D9:D6:67:7F:29:8A:62:C5:C4:CB:61:16:E9
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 1687
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/806EA28A487A11ED896C5067C4F9AE02.roa
Signing time: Tue 23 May 2023 14:42:16 +0000
ROA not before: Tue 23 May 2023 14:42:16 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 150353
IP address blocks: 122.129.86.0/24 maxlen: 24
122.129.87.0/24 maxlen: 24
203.128.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5767 (0x1687)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: May 23 14:42:16 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=646cd0c7-7caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c1:cb:c5:68:b0:9c:6a:dd:90:53:91:ce:de:
71:65:0c:bc:84:23:53:1a:f4:14:4d:11:c5:a6:56:
5e:f1:ae:77:5e:d4:9b:8f:14:e4:2b:4e:40:f8:8c:
44:4f:22:13:7e:6f:d0:0d:95:ae:69:91:11:c9:21:
ac:dd:a8:bd:1a:4d:2c:26:d1:df:ce:fa:bd:59:28:
af:a5:9b:f3:1c:0a:a5:f2:f7:48:90:0a:99:a1:62:
af:70:d6:78:e3:9d:ca:f7:3f:85:09:70:83:dd:47:
77:05:e8:76:e3:df:73:20:a7:3b:c8:d6:c2:9c:ed:
39:c8:73:db:fb:63:e7:0d:f7:3f:ad:d2:26:c7:5c:
1d:da:df:24:33:f8:9e:92:03:fd:f8:3a:7b:08:dd:
34:68:4a:30:34:42:9d:41:5b:a7:2c:65:3f:7c:01:
36:d3:38:94:9b:6f:c1:3c:de:f4:1d:d9:63:41:b7:
32:44:6f:d1:16:d0:26:aa:5d:37:19:f3:cc:a1:4f:
96:b1:34:55:d2:9f:a9:69:8e:33:53:42:73:1c:46:
0d:68:d2:35:72:5c:2f:a6:9d:bf:39:e8:07:00:aa:
a7:ee:44:d1:38:60:ea:19:79:1a:42:c6:15:0c:9e:
13:4c:40:9f:16:45:1e:ef:b0:32:ec:ae:77:34:c2:
97:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:13:1A:C7:54:98:9B:D9:D6:67:7F:29:8A:62:C5:C4:CB:61:16:E9
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/806EA28A487A11ED896C5067C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.129.86.0/23
203.128.20.0/24
Signature Algorithm: sha256WithRSAEncryption
71:1e:d8:9f:20:0b:23:c7:ac:d1:b8:cd:df:c4:73:90:47:4c:
bd:d9:51:50:b6:89:b2:41:9f:16:d6:03:6d:32:7d:c4:ae:a7:
eb:b4:f3:ec:67:62:4f:15:99:47:e4:07:19:6b:70:79:ae:8e:
a3:f2:3c:15:28:3b:f2:90:11:4a:07:f0:41:7d:93:a0:e7:b7:
db:b1:c0:db:63:6b:9e:b3:c0:53:5e:3e:83:e5:03:a4:6d:44:
19:a0:8c:fb:ce:6d:ff:73:af:a5:b5:fe:76:51:a7:94:86:84:
7a:63:86:32:c9:c9:d7:b3:6e:a9:c1:81:94:33:9b:a5:d9:e4:
29:99:cf:d2:d8:f3:45:62:0b:e6:d0:25:44:15:20:e8:52:60:
d0:47:fb:10:47:49:d7:db:41:4c:5b:95:68:84:f3:8f:07:9d:
09:26:3e:fb:ac:96:64:d3:5b:ee:10:a5:a1:14:e0:8a:63:d0:
9c:47:bf:47:36:c1:92:b5:0c:28:30:76:1c:ae:4d:4b:87:cb:
63:ed:be:a3:ad:4f:28:30:21:80:a9:d3:08:7e:8a:10:8c:ca:
2a:dd:b6:cf:d7:6e:5d:06:5e:8c:21:ed:8b:c6:63:68:0f:6d:
92:6a:54:6a:ec:ac:de:7e:22:84:90:ea:d0:9a:80:15:46:dd:
87:6b:dc:ce
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjMwNTIzMTQ0MjE2WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZjZDBjNy03Y2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApMHLxWiwnGrdkFORzt5xZQy8hCNTGvQUTRHFplZe8a53XtSbjxTkK05A+IxE
TyITfm/QDZWuaZERySGs3ai9Gk0sJtHfzvq9WSivpZvzHAql8vdIkAqZoWKvcNZ4
453K9z+FCXCD3Ud3Beh2499zIKc7yNbCnO05yHPb+2PnDfc/rdImx1wd2t8kM/ie
kgP9+Dp7CN00aEowNEKdQVunLGU/fAE20ziUm2/BPN70HdljQbcyRG/RFtAmql03
GfPMoU+WsTRV0p+paY4zU0JzHEYNaNI1clwvpp2/OegHAKqn7kTROGDqGXkaQsYV
DJ4TTECfFkUe77Ay7K53NMKXKQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHcTGsdU
mJvZ1md/KYpixcTLYRbpMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvODA2RUEyOEE0
ODdBMTFFRDg5NkM1MDY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAF6gVYDBADLgBQwDQYJKoZIhvcNAQELBQADggEBAHEe2J8g
CyPHrNG4zd/Ec5BHTL3ZUVC2ibJBnxbWA20yfcSup+u08+xnYk8VmUfkBxlrcHmu
jqPyPBUoO/KQEUoH8EF9k6Dnt9uxwNtja56zwFNePoPlA6RtRBmgjPvObf9zr6W1
/nZRp5SGhHpjhjLJydezbqnBgZQzm6XZ5CmZz9LY80ViC+bQJUQVIOhSYNBH+xBH
SdfbQUxblWiE848HnQkmPvuslmTTW+4QpaEU4Ipj0JxHv0c2wZK1DCgwdhyuTUuH
y2PtvqOtTygwIYCp0wh+ihCMyirdts/Xbl0GXowh7YvGY2gPbZJqVGrsrN5+IoSQ
6tCagBVG3Ydr3M4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org