Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/DBB8FEBE611911EBA92B0F58C4F9AE02.roa
File: DBB8FEBE611911EBA92B0F58C4F9AE02.roa (raw, json)
Hash identifier: DfyRpJssJ/OiVg/wvExmWcraiGAubqYPbNBoZJHEW8U=
Subject key identifier: AA:BA:BD:69:FB:EE:95:5A:15:28:D3:3E:C0:53:5B:B8:C5:9A:1F:1A
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 07AF
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/DBB8FEBE611911EBA92B0F58C4F9AE02.roa
Signing time: Fri 04 Nov 2022 23:08:59 +0000
ROA not before: Fri 04 Nov 2022 23:08:59 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 7631
IP address blocks: 123.176.112.0/21 maxlen: 21
123.176.112.0/22 maxlen: 22
123.176.112.0/23 maxlen: 23
123.176.112.0/24 maxlen: 24
123.176.113.0/24 maxlen: 24
123.176.114.0/23 maxlen: 23
123.176.115.0/24 maxlen: 24
123.176.116.0/22 maxlen: 22
123.176.116.0/23 maxlen: 23
123.176.116.0/24 maxlen: 24
125.253.36.0/23 maxlen: 23
203.189.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1967 (0x7af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Nov 4 23:08:59 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63659b8a-37f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c3:03:14:85:e8:4a:ac:3c:e1:5a:3a:65:ce:
0b:ac:09:b0:bc:d6:37:13:3e:24:3d:87:e6:68:3a:
2a:c8:40:1c:1b:24:11:67:73:3f:74:ba:a0:5a:95:
30:61:a1:0e:d3:3c:80:d3:cb:16:21:dd:ae:c7:4d:
8c:fe:3e:74:88:cd:7c:fe:90:9f:33:88:ef:24:71:
74:f0:5e:bd:16:46:ee:9a:e2:5a:02:02:6f:c9:a0:
25:0a:30:5a:ff:04:04:5d:66:62:9e:96:53:a8:cb:
dd:74:07:bc:8f:36:5c:ad:36:97:08:82:e8:f7:35:
ad:cb:8a:bd:4d:08:13:4b:48:0f:b0:a0:09:e6:88:
59:2a:18:79:f6:53:e2:9b:99:8e:77:20:60:cc:ec:
ae:09:7a:44:d9:56:ee:07:91:d1:73:94:f3:f5:ba:
e0:d0:65:59:66:2c:f4:7d:3b:53:fe:73:6c:24:3e:
53:d7:87:c5:53:07:ed:e2:fc:3a:a3:9e:0f:de:1d:
6b:22:1d:f4:31:29:ef:cf:a4:f7:31:f0:0e:d1:b9:
95:b5:fa:4d:f2:01:94:df:90:88:a5:6e:e6:97:b8:
a2:b7:58:a1:39:4b:b5:a0:83:1a:2e:8b:a8:08:1d:
ee:2d:cf:36:94:0e:3d:66:d7:3d:b5:d8:b8:09:21:
ee:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BA:BD:69:FB:EE:95:5A:15:28:D3:3E:C0:53:5B:B8:C5:9A:1F:1A
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/DBB8FEBE611911EBA92B0F58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.176.112.0/21
125.253.36.0/23
203.189.4.0/24
Signature Algorithm: sha256WithRSAEncryption
26:e0:f6:be:eb:10:87:39:2e:95:cc:c7:0d:ae:98:b3:63:fc:
0b:b1:01:10:7a:bc:69:3b:32:3b:44:17:fa:2b:be:58:67:24:
d0:5a:09:8a:dd:d5:36:11:73:3c:fa:90:3a:d0:91:17:0e:2c:
ca:cb:1d:5e:2b:26:48:a1:d6:ad:2e:d6:41:ed:9d:70:68:92:
88:47:dd:19:01:b2:cb:fe:9c:46:7a:39:f8:d6:6d:94:1b:e3:
11:51:3e:e3:74:32:0a:f1:62:13:7f:f6:e6:97:51:18:96:6f:
57:34:3e:24:09:a8:38:9e:6d:a3:63:e9:c7:4d:83:de:77:3b:
77:63:40:dc:09:2a:3a:b0:0e:25:9b:fc:ec:43:1d:3d:91:f6:
d9:e8:25:0b:b9:cf:61:39:88:d7:2a:1e:d9:69:a4:16:2b:1f:
bb:e5:9d:7f:be:05:46:3e:09:75:b1:41:35:7b:bb:1f:be:b7:
6a:7e:63:57:01:06:49:ff:c2:f2:29:97:9d:9e:47:d6:bd:70:
2d:d5:e3:88:32:d2:bc:07:b6:5d:2b:c0:28:a7:b4:c2:f4:c2:
63:1d:1b:32:b3:5a:11:ac:1e:d5:36:58:97:e8:19:e9:8e:c7:
b9:db:ab:5a:83:b3:c8:12:e2:f9:e4:37:f3:9c:04:cf:ca:6d:
05:0d:9e:ed
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjIxMTA0MjMwODU5WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY1OWI4YS0zN2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAncMDFIXoSqw84Vo6Zc4LrAmwvNY3Ez4kPYfmaDoqyEAcGyQRZ3M/dLqgWpUw
YaEO0zyA08sWId2ux02M/j50iM18/pCfM4jvJHF08F69FkbumuJaAgJvyaAlCjBa
/wQEXWZinpZTqMvddAe8jzZcrTaXCILo9zWty4q9TQgTS0gPsKAJ5ohZKhh59lPi
m5mOdyBgzOyuCXpE2VbuB5HRc5Tz9brg0GVZZiz0fTtT/nNsJD5T14fFUwft4vw6
o54P3h1rIh30MSnvz6T3MfAO0bmVtfpN8gGU35CIpW7ml7iit1ihOUu1oIMaLouo
CB3uLc82lA49Ztc9tdi4CSHuQwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKq6vWn7
7pVaFSjTPsBTW7jFmh8aMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvREJCOEZFQkU2
MTE5MTFFQkE5MkIwRjU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAN7sHADBAF9/SQDBADLvQQwDQYJKoZIhvcNAQELBQADggEB
ACbg9r7rEIc5LpXMxw2umLNj/AuxARB6vGk7MjtEF/orvlhnJNBaCYrd1TYRczz6
kDrQkRcOLMrLHV4rJkih1q0u1kHtnXBokohH3RkBssv+nEZ6OfjWbZQb4xFRPuN0
MgrxYhN/9uaXURiWb1c0PiQJqDiebaNj6cdNg953O3djQNwJKjqwDiWb/OxDHT2R
9tnoJQu5z2E5iNcqHtlppBYrH7vlnX++BUY+CXWxQTV7ux++t2p+Y1cBBkn/wvIp
l52eR9a9cC3V44gy0rwHtl0rwCintML0wmMdGzKzWhGsHtU2WJfoGemOx7nbq1qD
s8gS4vnkN/OcBM/KbQUNnu0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org