Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/B80DE826624C11EEAA80C035C4F9AE02.roa
File: B80DE826624C11EEAA80C035C4F9AE02.roa (raw, json)
Hash identifier: huqp3+RnwmQL7boo57vCqRAk2Sq91ixbOsN9LvdmoFw=
Subject key identifier: 11:57:BE:56:69:F4:30:2E:A6:08:83:16:44:D9:47:74:A9:18:24:C3
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 088F
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/B80DE826624C11EEAA80C035C4F9AE02.roa
Signing time: Wed 04 Oct 2023 00:26:54 +0000
ROA not before: Wed 04 Oct 2023 00:26:54 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 7631
IP address blocks: 123.176.112.0/22 maxlen: 22
123.176.112.0/23 maxlen: 23
123.176.113.0/24 maxlen: 24
123.176.114.0/23 maxlen: 23
123.176.115.0/24 maxlen: 24
123.176.116.0/22 maxlen: 22
123.176.116.0/23 maxlen: 23
123.176.116.0/24 maxlen: 24
125.253.36.0/23 maxlen: 23
203.189.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2191 (0x88f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Oct 4 00:26:54 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=651cb14e-a00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:85:17:bd:a6:ae:64:2f:72:9b:3b:4c:c8:
6b:ba:18:5c:89:67:50:24:db:02:1b:36:05:ae:18:
b6:50:d1:b4:68:91:7a:c9:e9:b8:86:c2:88:4d:94:
ef:98:56:62:79:ec:c9:3b:6d:ba:28:51:c8:c9:11:
e4:b1:83:35:06:0a:6b:9f:37:f5:a9:81:35:09:cb:
8e:66:ba:f0:53:a7:66:fc:ac:9a:ff:e9:50:17:ed:
9f:8e:f8:91:60:69:85:c4:98:07:6e:1b:0f:fb:7f:
b9:ed:d5:66:d1:f5:37:71:aa:90:28:dc:a0:de:8b:
9e:45:c3:86:ad:96:38:1a:28:6e:47:7f:da:d3:3a:
0e:47:5a:a6:73:38:a2:78:14:c7:86:90:20:cb:97:
75:f3:a6:c7:e5:c1:1a:dc:b2:de:d7:9b:ab:2f:35:
1a:00:ac:6b:30:c2:d9:07:50:bb:f1:28:57:05:58:
56:42:11:47:a0:f6:28:cc:3c:1b:c0:b1:27:88:78:
64:56:a6:e4:8e:a5:6c:f3:10:4b:dd:93:dd:fe:81:
bd:7c:a4:99:1e:a4:cf:67:fc:e2:e8:96:7a:1e:2f:
97:01:97:5c:1a:55:2c:68:18:cd:2a:1e:f0:40:5c:
0f:1f:90:fa:bd:35:4a:38:02:be:cf:2d:d2:4b:0b:
1b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:57:BE:56:69:F4:30:2E:A6:08:83:16:44:D9:47:74:A9:18:24:C3
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/B80DE826624C11EEAA80C035C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.176.112.0/21
125.253.36.0/23
203.189.4.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ec:58:cf:0e:da:42:de:22:df:63:3b:dd:4f:8a:dc:84:0e:
34:48:ec:74:7c:56:07:89:4e:77:9b:11:73:1c:71:80:76:08:
69:d7:96:d4:a3:63:75:50:23:32:f3:e0:1c:0a:7a:92:97:5b:
df:65:4d:8a:fc:8a:4f:20:20:e6:b6:5b:d9:2d:b4:6d:f6:3f:
dd:fa:b0:59:ba:ef:96:e4:5a:89:8d:9a:9c:c4:28:23:34:ee:
6a:50:6d:78:e0:82:13:4c:3e:61:33:b6:1b:cd:16:d4:97:86:
9b:01:7a:c1:88:f3:1a:00:59:86:d5:17:3e:3b:b3:f8:36:9e:
b1:1f:38:4c:96:b3:f7:d2:66:e8:08:a5:d2:96:33:54:38:8c:
83:67:bf:33:0d:3b:2f:86:0b:9b:0b:d7:69:ab:55:3e:ce:b9:
17:7c:35:ca:92:ee:9c:0b:a4:b5:fa:1b:97:4b:20:11:28:28:
17:8e:f2:29:ac:65:30:a8:91:54:41:f4:4d:56:83:fc:c4:aa:
4e:19:e9:03:18:ac:5e:01:b6:17:c9:bc:e9:b7:e4:78:8f:a6:
c0:c3:28:2f:f0:07:4a:f9:4b:40:e7:07:3e:83:9d:ef:c9:58:
31:be:16:4b:39:66:f5:f2:fe:ee:f1:e9:4b:68:91:1a:89:fa:
3c:c9:4f:99
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjMxMDA0MDAyNjU0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFjYjE0ZS1hMDBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvQKFF72mrmQvcps7TMhruhhciWdQJNsCGzYFrhi2UNG0aJF6yem4hsKITZTv
mFZieezJO226KFHIyRHksYM1Bgprnzf1qYE1CcuOZrrwU6dm/Kya/+lQF+2fjviR
YGmFxJgHbhsP+3+57dVm0fU3caqQKNyg3oueRcOGrZY4GihuR3/a0zoOR1qmczii
eBTHhpAgy5d186bH5cEa3LLe15urLzUaAKxrMMLZB1C78ShXBVhWQhFHoPYozDwb
wLEniHhkVqbkjqVs8xBL3ZPd/oG9fKSZHqTPZ/zi6JZ6Hi+XAZdcGlUsaBjNKh7w
QFwPH5D6vTVKOAK+zy3SSwsbWQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFBFXvlZp
9DAupgiDFkTZR3SpGCTDMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvQjgwREU4MjY2
MjRDMTFFRUFBODBDMDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAN7sHADBAF9/SQDBADLvQQwDQYJKoZIhvcNAQELBQADggEB
AAnsWM8O2kLeIt9jO91PityEDjRI7HR8VgeJTnebEXMccYB2CGnXltSjY3VQIzLz
4BwKepKXW99lTYr8ik8gIOa2W9kttG32P936sFm675bkWomNmpzEKCM07mpQbXjg
ghNMPmEzthvNFtSXhpsBesGI8xoAWYbVFz47s/g2nrEfOEyWs/fSZugIpdKWM1Q4
jINnvzMNOy+GC5sL12mrVT7OuRd8NcqS7pwLpLX6G5dLIBEoKBeO8imsZTCokVRB
9E1Wg/zEqk4Z6QMYrF4BthfJvOm35HiPpsDDKC/wB0r5S0DnBz6Dne/JWDG+Fks5
ZvXy/u7x6UtokRqJ+jzJT5k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org