Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/E7B451B81B2511EAA22ECB18C4F9AE02.roa
File: E7B451B81B2511EAA22ECB18C4F9AE02.roa (raw, json)
Hash identifier: cg71rnpLN+v5Y4Edie7Jcuqo69isp2Tk9oajYDyRg8k=
Subject key identifier: EE:DE:6C:32:7C:07:DE:41:78:36:98:5E:A0:BA:9A:E2:7B:B2:0D:77
Certificate issuer: /CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87
Certificate serial: 3195
Authority key identifier: 3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/E7B451B81B2511EAA22ECB18C4F9AE02.roa
Signing time: Sun 01 May 2022 15:00:44 +0000
ROA not before: Sun 01 May 2022 15:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45736
IP address blocks: 203.123.54.0/24 maxlen: 24
203.123.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12693 (0x3195)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87
Validity
Not Before: May 1 15:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=626ea09b-3f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7e:5d:7c:bf:da:f5:c2:1e:ec:5a:c0:e3:c7:
fd:c5:28:bf:40:95:16:2b:7c:43:8f:5a:e8:60:2b:
02:01:e3:43:62:c4:12:e8:e2:ae:04:33:36:c3:93:
2d:f7:47:48:22:5f:94:06:6e:21:c5:87:a6:76:b0:
46:eb:8b:a5:75:2f:73:ab:ac:e7:77:b1:b9:a7:e1:
53:6c:fc:f7:37:f3:c2:94:30:71:c4:9d:2f:a3:cf:
81:a9:30:c2:8f:2d:b7:83:77:d6:42:fe:fb:b4:d6:
1f:68:75:d4:e1:c8:94:ca:04:20:b6:45:c7:2c:18:
2c:10:31:22:88:81:44:50:0f:14:df:33:bf:9e:88:
fc:32:71:5f:b9:45:6a:c2:2c:b5:17:31:6d:a1:8a:
7f:3d:7e:05:d5:2c:ea:c6:c8:ed:0b:6b:af:50:5b:
6b:c2:8a:b1:5a:c3:65:ce:5b:ed:7b:0d:8d:4c:59:
3f:5d:83:b6:c0:0d:26:73:da:12:bf:8e:b7:ab:72:
55:ae:1a:70:19:18:f6:0a:4e:63:85:61:33:24:e0:
f8:21:34:22:84:a4:c2:64:80:05:5e:de:76:61:2b:
a4:74:70:14:59:bf:d7:9f:db:28:e8:3b:41:6a:8d:
70:5e:35:4b:b1:de:23:01:09:7d:ce:04:83:70:c8:
cb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DE:6C:32:7C:07:DE:41:78:36:98:5E:A0:BA:9A:E2:7B:B2:0D:77
X509v3 Authority Key Identifier:
keyid:3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/P8lxKSzpGlkajN-n0a4JykbgPoc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/E7B451B81B2511EAA22ECB18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.123.54.0/23
Signature Algorithm: sha256WithRSAEncryption
83:e1:65:1b:79:08:1e:1f:32:28:c7:45:e9:1f:be:01:a2:26:
a7:00:82:22:ef:60:66:4a:da:90:7b:ab:7c:71:1d:f6:3f:af:
50:aa:c2:be:80:53:a5:de:47:6b:47:55:ec:0e:ef:a6:3e:3d:
6e:d6:53:4a:a1:08:f1:9d:b4:00:b5:ac:64:48:94:b5:d1:d6:
95:2e:dd:a9:a1:2d:6a:62:e4:8c:6a:e1:7e:03:62:d4:56:a3:
26:e2:4e:4b:9b:ba:5e:18:42:47:6d:58:4f:95:88:63:1b:c5:
0d:f8:02:fa:f8:ae:e5:b3:aa:c6:94:44:92:2c:85:8e:e0:48:
39:6c:63:f0:4e:1e:2c:e0:f1:6b:09:06:35:7c:0e:85:c6:00:
0c:55:dd:53:f9:85:dd:a7:ec:8e:d2:56:f6:0c:e7:6b:78:62:
fd:23:8d:55:41:35:75:f0:98:ee:56:36:66:fe:1b:af:16:33:
4e:2f:23:b7:5c:1a:57:4c:c9:66:6b:20:0b:d7:ff:97:07:36:
c9:ce:ba:0c:f0:eb:50:7d:dc:67:25:4b:5e:98:39:54:11:da:
57:1d:86:dc:31:69:f6:08:65:f2:b6:bd:39:36:a6:8e:d0:36:
40:51:6b:24:b9:31:07:68:4d:01:dc:b1:47:b4:c9:89:a5:0d:
b8:5e:6c:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE2MzQxMTAvBgNVBAUTKDNGQzk3MTI5MkNFOTFBNTkxQThDREZBN0QxQUUwOUNB
NDZFMDNFODcwHhcNMjIwNTAxMTUwMDQ0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZlYTA5Yi0zZjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxH5dfL/a9cIe7FrA48f9xSi/QJUWK3xDj1roYCsCAeNDYsQS6OKuBDM2w5Mt
90dIIl+UBm4hxYemdrBG64uldS9zq6znd7G5p+FTbPz3N/PClDBxxJ0vo8+BqTDC
jy23g3fWQv77tNYfaHXU4ciUygQgtkXHLBgsEDEiiIFEUA8U3zO/noj8MnFfuUVq
wiy1FzFtoYp/PX4F1SzqxsjtC2uvUFtrwoqxWsNlzlvtew2NTFk/XYO2wA0mc9oS
v463q3JVrhpwGRj2Ck5jhWEzJOD4ITQihKTCZIAFXt52YSukdHAUWb/Xn9so6DtB
ao1wXjVLsd4jAQl9zgSDcMjLPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFO7ebDJ8
B95BeDaYXqC6muJ7sg13MB8GA1UdIwQYMBaAFD/JcSks6RpZGozfp9GuCcpG4D6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTYzNC85NDJCODNCQzFE
OTAxMUUyQTM2MTY2RjAwOEIwMkNEMi9QOGx4S1N6cEdsa2FqTi1uMGE0SnlrYmdQ
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A4bHhLU3pwR2xrYWpOLW4wYTRKeWtiZ1BvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE2MzQvOTQyQjgzQkMxRDkwMTFFMkEzNjE2NkYwMDhCMDJDRDIvRTdCNDUxQjgx
QjI1MTFFQUEyMkVDQjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLezYwDQYJKoZIhvcNAQELBQADggEBAIPhZRt5CB4fMijH
RekfvgGiJqcAgiLvYGZK2pB7q3xxHfY/r1Cqwr6AU6XeR2tHVewO76Y+PW7WU0qh
CPGdtAC1rGRIlLXR1pUu3amhLWpi5Ixq4X4DYtRWoybiTkubul4YQkdtWE+ViGMb
xQ34Avr4ruWzqsaURJIshY7gSDlsY/BOHizg8WsJBjV8DoXGAAxV3VP5hd2n7I7S
VvYM52t4Yv0jjVVBNXXwmO5WNmb+G68WM04vI7dcGldMyWZrIAvX/5cHNsnOugzw
61B93GclS16YOVQR2lcdhtwxafYIZfK2vTk2po7QNkBRayS5MQdoTQHcsUe0yYml
DbhebDM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org