Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A62F/1CF98726085211EA8DF67349C4F9AE02/C35E0E906BA911ECAE3C463FC4F9AE02.roa
File: C35E0E906BA911ECAE3C463FC4F9AE02.roa (raw, json)
Hash identifier: YLrQNcfvcVStTYdHchD+EnF5CtlNyr2ZN9W65Pw+DSI=
Subject key identifier: 63:14:80:D0:28:88:BC:35:8D:98:74:AA:C4:8C:7A:13:62:57:67:AC
Certificate issuer: /CN=A918A62F/serialNumber=DFB6723672151EC2C46CD04E71C59F9169CAE6F8
Certificate serial: 0822
Authority key identifier: DF:B6:72:36:72:15:1E:C2:C4:6C:D0:4E:71:C5:9F:91:69:CA:E6:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/37ZyNnIVHsLEbNBOccWfkWnK5vg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A62F/1CF98726085211EA8DF67349C4F9AE02/C35E0E906BA911ECAE3C463FC4F9AE02.roa
Signing time: Sun 02 Jan 2022 08:55:42 +0000
ROA not before: Sun 02 Jan 2022 08:55:42 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 45905
IP address blocks: 123.253.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2082 (0x822)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A62F/serialNumber=DFB6723672151EC2C46CD04E71C59F9169CAE6F8
Validity
Not Before: Jan 2 08:55:42 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=61d1688d-0264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2c:62:1a:b8:7e:53:86:11:a9:ea:d6:de:4c:
71:8d:15:a0:bf:68:5e:db:04:8e:35:d8:e1:2b:52:
a1:f7:d1:51:f3:3c:3d:db:b2:90:92:74:17:58:3e:
f2:e3:ac:18:6f:8f:13:9e:9b:88:45:8f:88:99:3a:
5b:43:8e:64:1d:3f:3c:b4:71:0e:a5:94:61:f4:87:
52:55:5e:f7:f2:bf:8b:af:42:f9:e7:d3:85:67:4e:
f6:ee:09:9d:5e:49:74:87:12:b2:5c:98:4e:13:53:
15:3b:bf:20:3e:55:4a:60:78:8e:b0:7f:45:e6:59:
19:1b:46:4f:1e:bc:c6:55:fe:60:3e:6a:d2:1b:36:
88:bb:24:fb:3c:58:2a:22:0e:66:b2:a0:8a:d6:ff:
8d:94:e8:fc:80:e4:7a:7b:6a:ed:e2:20:3e:e1:4e:
2b:58:fb:b9:d2:40:b9:72:e4:d5:93:79:36:5d:14:
0f:8a:55:7e:ac:de:b1:4d:0c:43:56:d1:5e:fa:f0:
b3:91:b3:b4:28:c1:bf:73:38:09:9a:d7:56:a1:da:
ca:a4:ab:b6:6b:82:58:02:58:0b:37:ca:84:04:09:
7f:e6:05:31:96:71:e0:d6:93:0a:89:9b:cd:ed:a5:
1d:1b:b1:ed:95:d5:46:98:62:0f:0d:05:82:bf:81:
ca:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:14:80:D0:28:88:BC:35:8D:98:74:AA:C4:8C:7A:13:62:57:67:AC
X509v3 Authority Key Identifier:
keyid:DF:B6:72:36:72:15:1E:C2:C4:6C:D0:4E:71:C5:9F:91:69:CA:E6:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A62F/1CF98726085211EA8DF67349C4F9AE02/37ZyNnIVHsLEbNBOccWfkWnK5vg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/37ZyNnIVHsLEbNBOccWfkWnK5vg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A62F/1CF98726085211EA8DF67349C4F9AE02/C35E0E906BA911ECAE3C463FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.253.214.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:5c:9d:9d:81:19:9d:8a:87:18:b9:48:52:9a:6c:27:ae:a4:
70:0d:b7:b0:65:03:85:73:b8:c2:c8:00:c1:b8:7b:75:bc:5b:
07:40:6a:7c:3d:4c:2b:2d:bd:e1:49:77:35:34:21:75:d1:ce:
b4:57:9b:8c:a0:57:05:1e:1b:25:3f:97:02:9b:10:0e:49:71:
2c:dc:a0:47:e9:cb:3c:e9:5e:23:f3:c6:7a:66:7c:ad:94:ef:
4b:48:c6:7c:e8:28:6f:88:01:5f:ea:f9:48:48:27:17:83:dd:
35:ec:87:01:b1:f7:24:bf:2a:6a:fb:2b:47:ee:d7:82:ef:ea:
e8:e3:19:2a:87:51:40:d7:e3:c3:83:91:35:e1:01:91:94:f3:
2b:8e:5f:9d:8a:54:42:27:80:ff:4d:d3:f2:00:7e:43:92:e9:
8c:36:25:30:67:89:19:c4:66:0d:8f:79:0c:bc:35:42:39:2b:
37:b1:45:58:3d:15:bc:d8:b6:d0:6f:17:48:af:c2:dc:fb:65:
29:32:c0:d2:2f:fc:62:21:1e:64:71:1d:92:ce:13:bc:95:3f:
f2:6c:d4:cf:07:09:b8:17:fd:1c:19:1d:5f:b3:0d:eb:a5:92:
14:fd:7a:0b:1b:f1:a8:6e:07:38:17:b7:64:67:63:48:57:de:
92:f9:5a:30
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEE2MkYxMTAvBgNVBAUTKERGQjY3MjM2NzIxNTFFQzJDNDZDRDA0RTcxQzU5Rjkx
NjlDQUU2RjgwHhcNMjIwMTAyMDg1NTQyWhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWQxNjg4ZC0wMjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzCxiGrh+U4YRqerW3kxxjRWgv2he2wSONdjhK1Kh99FR8zw927KQknQXWD7y
46wYb48TnpuIRY+ImTpbQ45kHT88tHEOpZRh9IdSVV738r+Lr0L559OFZ0727gmd
Xkl0hxKyXJhOE1MVO78gPlVKYHiOsH9F5lkZG0ZPHrzGVf5gPmrSGzaIuyT7PFgq
Ig5msqCK1v+NlOj8gOR6e2rt4iA+4U4rWPu50kC5cuTVk3k2XRQPilV+rN6xTQxD
VtFe+vCzkbO0KMG/czgJmtdWodrKpKu2a4JYAlgLN8qEBAl/5gUxlnHg1pMKiZvN
7aUdG7HtldVGmGIPDQWCv4HK2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFGMUgNAo
iLw1jZh0qsSMehNiV2esMB8GA1UdIwQYMBaAFN+2cjZyFR7CxGzQTnHFn5Fpyub4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTYyRi8xQ0Y5ODcyNjA4
NTIxMUVBOERGNjczNDlDNEY5QUUwMi8zN1p5Tm5JVkhzTEViTkJPY2NXZmtXbks1
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzM3WnlObklWSHNMRWJOQk9jY1dma1duSzV2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEE2MkYvMUNGOTg3MjYwODUyMTFFQThERjY3MzQ5QzRGOUFFMDIvQzM1RTBFOTA2
QkE5MTFFQ0FFM0M0NjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7/dYwDQYJKoZIhvcNAQELBQADggEBAEpcnZ2BGZ2Khxi5
SFKabCeupHANt7BlA4VzuMLIAMG4e3W8WwdAanw9TCstveFJdzU0IXXRzrRXm4yg
VwUeGyU/lwKbEA5JcSzcoEfpyzzpXiPzxnpmfK2U70tIxnzoKG+IAV/q+UhIJxeD
3TXshwGx9yS/Kmr7K0fu14Lv6ujjGSqHUUDX48ODkTXhAZGU8yuOX52KVEIngP9N
0/IAfkOS6Yw2JTBniRnEZg2PeQy8NUI5KzexRVg9FbzYttBvF0ivwtz7ZSkywNIv
/GIhHmRxHZLOE7yVP/Js1M8HCbgX/RwZHV+zDeulkhT9egsb8ahuBzgXt2RnY0hX
3pL5WjA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:49 2023 by rpki-client on console-fra.rpki-client.org