Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/67F3EF6EF93111ECBD395279C4F9AE02.roa
File: 67F3EF6EF93111ECBD395279C4F9AE02.roa (raw, json)
Hash identifier: KKExiBK1aUVwb3D3rdJN5s6A2xS2964Gk0USqJy89VA=
Subject key identifier: CC:DE:5B:76:07:34:95:51:8F:91:88:BA:C2:CD:29:4A:41:FB:B3:C5
Certificate issuer: /CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Certificate serial: 0423
Authority key identifier: 83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/67F3EF6EF93111ECBD395279C4F9AE02.roa
Signing time: Fri 01 Jul 2022 11:31:54 +0000
ROA not before: Fri 01 Jul 2022 11:31:54 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 142045
IP address blocks: 202.94.165.0/24 maxlen: 24
2407:4ac0::/32 maxlen: 32
2407:4ac0:1400::/38 maxlen: 40
2407:4ac0:1800::/37 maxlen: 40
2407:4ac0:2000::/35 maxlen: 40
2407:4ac0:2800::/37 maxlen: 40
2407:4ac0:3000::/36 maxlen: 40
2407:4ac0:6000::/35 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1059 (0x423)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91756B7/serialNumber=83D96F1DEA72A99D234B4456D6F6675DC7E6061E
Validity
Not Before: Jul 1 11:31:54 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62bedb29-09c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d5:b1:77:5b:c8:c6:0f:90:a6:73:38:0d:c0:
e7:cd:c4:e6:c6:29:e9:b1:94:bc:da:5d:1e:78:58:
05:c6:24:8a:ad:f0:3e:61:8c:50:b1:10:9a:e1:1e:
18:c9:dc:d0:65:f9:cc:50:44:53:63:23:8c:5d:b8:
da:3f:31:5e:98:98:17:2e:22:4a:1d:dc:0d:51:e4:
86:42:4f:8b:c9:38:79:a2:05:ea:6e:1d:93:60:22:
11:4c:e5:11:e1:38:af:2c:5d:3c:ba:28:4c:cf:1b:
63:24:ed:63:db:13:ea:e5:7c:1d:0a:df:ab:fe:c9:
59:4b:ba:d4:8e:7f:09:c8:d6:ee:12:a8:cd:b5:dc:
d2:b3:32:78:4f:bd:a0:e1:a6:8c:76:ee:b4:81:b8:
4e:00:2c:79:9a:d6:7b:55:e8:35:97:03:4d:cb:5c:
3e:40:21:c6:22:91:2c:43:46:2b:b6:3e:8b:ec:46:
51:bb:3e:7e:38:a1:05:d2:f6:f1:99:47:29:ca:6d:
df:c1:e9:4f:91:c3:0a:82:c9:8f:a0:5a:a5:10:49:
d7:17:f9:5a:e6:20:56:45:06:bc:17:3b:bb:66:70:
54:cf:d1:6b:8e:cc:b5:2e:46:31:f8:8e:86:11:9d:
7f:0b:39:35:28:8c:0c:48:c7:f8:a2:51:c0:ea:43:
32:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DE:5B:76:07:34:95:51:8F:91:88:BA:C2:CD:29:4A:41:FB:B3:C5
X509v3 Authority Key Identifier:
keyid:83:D9:6F:1D:EA:72:A9:9D:23:4B:44:56:D6:F6:67:5D:C7:E6:06:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/g9lvHepyqZ0jS0RW1vZnXcfmBh4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g9lvHepyqZ0jS0RW1vZnXcfmBh4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756B7/95EF7DBA967D11EBADD50D2CC4F9AE02/67F3EF6EF93111ECBD395279C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.94.165.0/24
IPv6:
2407:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
36:3d:1a:03:1a:18:ab:dd:0e:00:40:70:4e:75:13:76:2e:02:
bd:ae:42:e4:31:f2:73:f4:09:d9:73:47:59:8a:52:71:73:e6:
ae:02:3a:4d:b0:35:1d:39:80:c8:68:d9:4d:49:85:b4:e5:48:
d9:7f:60:d3:b7:d3:53:29:f6:f6:10:d8:95:51:b7:fd:9d:ef:
24:6f:a4:0c:d1:5c:1a:55:80:24:40:46:4f:8e:e3:6c:3d:3a:
ce:7b:a8:bf:68:fb:60:7f:33:86:1c:ff:0a:e7:b4:99:2b:08:
b5:6b:1f:5f:39:6e:da:91:54:9b:36:f0:60:82:b7:f4:0a:ae:
9d:c5:6e:88:bd:8f:8c:18:c3:da:a3:15:e7:04:03:90:c6:c4:
c4:f6:11:a0:53:47:b2:db:0c:52:ea:71:94:a2:69:72:6f:c2:
77:81:25:b1:ad:df:99:cb:98:b4:e4:c6:4f:5a:b7:31:da:01:
14:d6:74:28:4f:ca:76:25:4c:f8:9d:9a:37:65:54:ac:60:c0:
f5:0d:a7:a3:08:ad:4b:9a:55:cc:42:81:71:cc:75:08:5f:21:
c3:a9:9f:ef:90:b3:f0:03:ff:e8:88:f7:ed:f6:19:e5:8c:b4:
71:9e:c1:11:16:b0:0a:97:70:07:fc:00:fc:34:24:0c:24:4e:
a8:a4:d4:48
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU2QjcxMTAvBgNVBAUTKDgzRDk2RjFERUE3MkE5OUQyMzRCNDQ1NkQ2RjY2NzVE
QzdFNjA2MUUwHhcNMjIwNzAxMTEzMTU0WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJlZGIyOS0wOWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApdWxd1vIxg+QpnM4DcDnzcTmxinpsZS82l0eeFgFxiSKrfA+YYxQsRCa4R4Y
ydzQZfnMUERTYyOMXbjaPzFemJgXLiJKHdwNUeSGQk+LyTh5ogXqbh2TYCIRTOUR
4TivLF08uihMzxtjJO1j2xPq5XwdCt+r/slZS7rUjn8JyNbuEqjNtdzSszJ4T72g
4aaMdu60gbhOACx5mtZ7Veg1lwNNy1w+QCHGIpEsQ0Yrtj6L7EZRuz5+OKEF0vbx
mUcpym3fwelPkcMKgsmPoFqlEEnXF/la5iBWRQa8Fzu7ZnBUz9Frjsy1LkYx+I6G
EZ1/Czk1KIwMSMf4olHA6kMy6wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMzeW3YH
NJVRj5GIusLNKUpB+7PFMB8GA1UdIwQYMBaAFIPZbx3qcqmdI0tEVtb2Z13H5gYe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZCNy85NUVGN0RCQTk2
N0QxMUVCQURENTBEMkNDNEY5QUUwMi9nOWx2SGVweXFaMGpTMFJXMXZablhjZm1C
aDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c5bHZIZXB5cVowalMwUlcxdlpuWGNmbUJoNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU2QjcvOTVFRjdEQkE5NjdEMTFFQkFERDUwRDJDQzRGOUFFMDIvNjdGM0VGNkVG
OTMxMTFFQ0JEMzk1Mjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBADKXqUwDQQCAAIwBwMFACQHSsAwDQYJKoZIhvcNAQELBQAD
ggEBADY9GgMaGKvdDgBAcE51E3YuAr2uQuQx8nP0CdlzR1mKUnFz5q4COk2wNR05
gMho2U1JhbTlSNl/YNO301Mp9vYQ2JVRt/2d7yRvpAzRXBpVgCRARk+O42w9Os57
qL9o+2B/M4Yc/wrntJkrCLVrH185btqRVJs28GCCt/QKrp3Fboi9j4wYw9qjFecE
A5DGxMT2EaBTR7LbDFLqcZSiaXJvwneBJbGt35nLmLTkxk9atzHaARTWdChPynYl
TPidmjdlVKxgwPUNp6MIrUuaVcxCgXHMdQhfIcOpn++Qs/AD/+iI9+32GeWMtHGe
wREWsAqXcAf8APw0JAwkTqik1Eg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org