Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/03932A4824D011EC8177FD85C4F9AE02.roa
File: 03932A4824D011EC8177FD85C4F9AE02.roa (raw, json)
Hash identifier: N98Joj44C2iDfRqavYSZXE4GEEdzprVkfF+58U9cyaE=
Subject key identifier: 2F:18:73:6F:DC:2B:F3:34:CC:17:77:0A:05:E9:03:27:80:D7:BA:40
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 3078
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/03932A4824D011EC8177FD85C4F9AE02.roa
Signing time: Thu 21 Oct 2021 14:40:25 +0000
ROA not before: Thu 21 Oct 2021 14:40:25 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 1239
IP address blocks: 175.29.112.0/21 maxlen: 24
175.29.128.0/21 maxlen: 24
175.29.200.0/21 maxlen: 24
175.29.224.0/21 maxlen: 24
175.29.232.0/21 maxlen: 24
175.29.240.0/21 maxlen: 24
175.29.248.0/21 maxlen: 24
203.76.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12408 (0x3078)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Oct 21 14:40:25 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=61717bd9-0a73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8c:cc:e9:41:1e:5d:84:62:19:e4:da:a4:cf:
d6:75:54:35:a2:ed:5b:2c:48:79:32:05:bf:c2:d6:
6a:a3:e7:b3:00:db:0f:d0:df:04:81:df:cd:3f:d7:
47:f0:15:dc:74:06:0d:03:d8:28:4e:c5:89:f1:c8:
6e:4b:82:20:88:24:77:90:e1:0a:5d:5d:9e:b0:ce:
09:68:cc:ec:90:33:8f:0f:86:b3:87:51:42:9a:1c:
62:b0:ee:5e:e1:a6:9c:96:1d:e2:42:a8:da:48:23:
20:e2:7b:06:19:d5:be:53:7a:6e:79:4b:88:e7:60:
5f:52:11:88:0b:3f:b3:bf:72:eb:83:51:69:9a:16:
62:df:9b:d2:e2:05:e9:8c:89:47:a5:f5:90:69:b7:
1b:21:04:51:83:2e:33:08:31:c4:f6:5d:dd:c3:05:
ea:c7:30:39:18:fc:25:c7:85:22:b0:2b:ed:7e:9a:
2a:e2:90:bb:e7:85:05:d0:78:74:cf:59:b7:97:7d:
21:09:c4:92:19:fe:fb:c0:80:9b:01:36:44:84:fa:
8b:e1:a7:44:c7:ac:d5:1a:d1:4c:00:fb:ee:cc:e8:
fd:43:c1:c6:bb:1a:2b:26:82:17:20:d1:75:05:8a:
d8:03:9a:fd:21:ce:7c:60:72:65:c2:91:27:6d:c9:
f9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:18:73:6F:DC:2B:F3:34:CC:17:77:0A:05:E9:03:27:80:D7:BA:40
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/03932A4824D011EC8177FD85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.112.0/21
175.29.128.0/21
175.29.200.0/21
175.29.224.0/19
203.76.152.0/21
Signature Algorithm: sha256WithRSAEncryption
65:4f:b7:20:1b:bb:fa:16:73:39:19:6e:74:56:4a:7f:6b:e6:
c6:c3:15:39:d8:9c:82:a2:5c:44:59:47:61:fc:89:7b:10:77:
b5:6e:4c:c1:7f:27:65:f0:21:3c:b0:f2:6b:20:50:b7:d1:83:
79:3c:3e:84:97:a9:e7:2f:df:19:5c:03:61:36:2b:28:1e:56:
af:d9:6a:52:b6:d8:b1:3d:72:53:c1:57:e4:ae:e5:7d:94:6d:
87:48:1a:b9:eb:41:ac:02:ad:4b:4a:67:6c:c3:02:08:06:24:
27:f6:0e:bd:bb:5b:6d:e7:ec:7e:50:d4:fa:79:db:6d:06:86:
ea:c2:3e:22:d5:73:16:63:e0:4f:54:1d:f2:6f:63:c2:ab:86:
ed:81:ae:99:37:46:a5:37:18:a0:b4:02:24:d6:5e:71:9e:0e:
06:82:52:e1:bc:12:77:4f:03:9c:a4:52:bf:2f:5b:83:56:82:
9b:68:00:ab:29:bf:58:bf:78:37:cc:92:20:4f:d2:8c:6e:8c:
2e:a7:29:f0:2e:9a:6e:f1:c9:a9:04:c9:8a:ed:7b:7e:80:5c:
2f:67:00:e9:3f:d4:ac:93:81:a7:d1:d1:f1:35:86:25:a2:26:
ca:90:2c:a5:b2:ed:0f:04:85:1d:87:1d:2f:d2:0c:10:c9:2c:
3f:41:96:6d
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICMHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjExMDIxMTQ0MDI1WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTcxN2JkOS0wYTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA44zM6UEeXYRiGeTapM/WdVQ1ou1bLEh5MgW/wtZqo+ezANsP0N8Egd/NP9dH
8BXcdAYNA9goTsWJ8chuS4IgiCR3kOEKXV2esM4JaMzskDOPD4azh1FCmhxisO5e
4aaclh3iQqjaSCMg4nsGGdW+U3pueUuI52BfUhGICz+zv3Lrg1FpmhZi35vS4gXp
jIlHpfWQabcbIQRRgy4zCDHE9l3dwwXqxzA5GPwlx4UisCvtfpoq4pC754UF0Hh0
z1m3l30hCcSSGf77wICbATZEhPqL4adEx6zVGtFMAPvuzOj9Q8HGuxorJoIXINF1
BYrYA5r9Ic58YHJlwpEnbcn5ZwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFC8Yc2/c
K/M0zBd3CgXpAyeA17pAMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvMDM5MzJBNDgy
NEQwMTFFQzgxNzdGRDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAOvHXADBAOvHYADBAOvHcgDBAWvHeADBAPLTJgwDQYJKoZI
hvcNAQELBQADggEBAGVPtyAbu/oWczkZbnRWSn9r5sbDFTnYnIKiXERZR2H8iXsQ
d7VuTMF/J2XwITyw8msgULfRg3k8PoSXqecv3xlcA2E2KygeVq/ZalK22LE9clPB
V+Su5X2UbYdIGrnrQawCrUtKZ2zDAggGJCf2Dr27W23n7H5Q1Pp5220GhurCPiLV
cxZj4E9UHfJvY8Krhu2Brpk3RqU3GKC0AiTWXnGeDgaCUuG8EndPA5ykUr8vW4NW
gptoAKspv1i/eDfMkiBP0oxujC6nKfAumm7xyakEyYrte36AXC9nAOk/1KyTgafR
0fE1hiWiJsqQLKWy7Q8EhR2HHS/SDBDJLD9Blm0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:59 2024 by rpki-client on console-ams.rpki-client.org