Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF28E0CBD0911ED9EEA5722C4F9AE02.roa
File: 8FF28E0CBD0911ED9EEA5722C4F9AE02.roa (raw, json)
Hash identifier: D63Q0VoNMUZwAucKRBHibrro+RzS0Utd1LeDq/Mjuoc=
Subject key identifier: BA:FD:C7:2C:86:79:04:B4:00:A5:AB:E3:D9:72:42:1D:DA:C0:4F:F1
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3361
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF28E0CBD0911ED9EEA5722C4F9AE02.roa
Signing time: Tue 07 Mar 2023 17:00:29 +0000
ROA not before: Tue 07 Mar 2023 17:00:29 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 138985
IP address blocks: 116.90.106.0/24 maxlen: 24
116.90.107.0/24 maxlen: 24
116.90.108.0/24 maxlen: 24
116.90.109.0/24 maxlen: 24
202.69.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13153 (0x3361)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Mar 7 17:00:29 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64076dac-42ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9b:05:3b:dd:fc:e5:58:a8:bf:29:b4:82:8d:
7a:31:c7:e8:9c:e7:71:3f:fc:36:38:01:94:77:45:
4c:a3:ae:c5:6e:86:f7:19:ed:c2:d4:01:67:8d:99:
76:6a:15:2f:fc:0c:2d:b8:a6:9d:28:c8:96:cb:b6:
9d:a0:ca:ab:92:a0:9d:39:f7:3a:6c:95:ad:62:ef:
ff:f6:0e:ca:d7:78:b9:58:28:d7:71:73:6a:3f:23:
c0:27:20:f7:d0:50:9f:56:40:fb:70:30:8b:9f:c7:
d2:e1:cb:c6:55:e7:70:73:aa:dd:da:4c:af:c5:a0:
38:ff:01:a7:27:33:31:7c:37:3a:9c:68:61:62:9e:
6b:5e:ab:ae:82:03:b4:31:b4:e8:b1:0c:4b:04:8c:
98:3c:35:6e:b1:bb:49:45:bc:0c:75:5b:86:27:06:
b1:8b:01:7e:8b:ed:94:d7:04:d3:d2:a1:f8:d5:e7:
7b:10:3a:b1:e5:52:a2:88:73:86:65:f1:44:ef:49:
d7:17:4d:06:b7:2a:55:2e:14:81:20:f9:65:69:39:
4a:8e:ee:b5:e6:96:3d:43:85:f6:8e:3c:df:72:fb:
aa:bf:45:95:b2:94:96:ab:68:bd:04:38:0c:2e:d4:
46:92:a9:40:e2:f2:ae:1c:81:bf:77:ae:59:e6:f1:
58:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:FD:C7:2C:86:79:04:B4:00:A5:AB:E3:D9:72:42:1D:DA:C0:4F:F1
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/8FF28E0CBD0911ED9EEA5722C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.106.0-116.90.109.255
202.69.42.0/24
Signature Algorithm: sha256WithRSAEncryption
31:3c:9e:1f:62:a4:52:bd:04:42:2f:aa:4e:e3:84:f3:9e:01:
61:8d:8c:0f:54:ef:ed:73:92:fd:a6:62:1e:7a:f5:82:6f:cb:
18:a2:53:b8:29:03:95:b9:69:68:72:78:8b:13:3a:d5:32:08:
db:f3:83:0a:5a:bd:a7:5a:e0:70:d5:9d:a5:75:be:9f:38:94:
d3:9e:ee:08:25:75:82:63:c6:fe:5a:bf:d1:3c:f3:7a:02:43:
d2:dd:ac:31:c3:d2:46:b0:fc:9e:89:0a:15:89:1b:af:f3:56:
a5:2e:fd:b3:ec:64:1c:79:d5:64:cb:cd:0a:01:0b:65:51:6d:
6b:f1:dc:41:25:c1:57:02:d8:1d:c4:a1:87:6b:5b:3f:2d:f7:
d7:7d:76:2e:31:14:99:06:d2:08:da:da:e1:ed:f9:55:8c:fd:
26:de:51:40:42:03:40:15:c9:c0:4c:4a:58:93:fc:48:34:a5:
88:e4:85:ed:22:85:8f:f0:8a:c8:06:ad:eb:31:02:c3:e3:60:
dc:19:82:a9:29:24:13:47:56:a7:5c:5f:44:5e:39:47:c4:a7:
8e:cc:53:b1:87:f1:76:3f:3f:58:b6:b4:1d:d7:ef:64:d0:a3:
c3:23:60:cd:a3:c3:59:5b:21:12:b6:60:45:19:a7:c5:17:e7:
5c:20:7d:6a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICM2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMwMzA3MTcwMDI5WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA3NmRhYy00MmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJsFO9385Viovym0go16McfonOdxP/w2OAGUd0VMo67Fbob3Ge3C1AFnjZl2
ahUv/AwtuKadKMiWy7adoMqrkqCdOfc6bJWtYu//9g7K13i5WCjXcXNqPyPAJyD3
0FCfVkD7cDCLn8fS4cvGVedwc6rd2kyvxaA4/wGnJzMxfDc6nGhhYp5rXquuggO0
MbTosQxLBIyYPDVusbtJRbwMdVuGJwaxiwF+i+2U1wTT0qH41ed7EDqx5VKiiHOG
ZfFE70nXF00GtypVLhSBIPllaTlKju615pY9Q4X2jjzfcvuqv0WVspSWq2i9BDgM
LtRGkqlA4vKuHIG/d65Z5vFY8QIDAQABo4ICozCCAp8wHQYDVR0OBBYEFLr9xyyG
eQS0AKWr49lyQh3awE/xMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvOEZGMjhFMENC
RDA5MTFFRDlFRUE1NzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAXRaagMEAXRabAMEAMpFKjANBgkqhkiG9w0BAQsFAAOC
AQEAMTyeH2KkUr0EQi+qTuOE854BYY2MD1Tv7XOS/aZiHnr1gm/LGKJTuCkDlblp
aHJ4ixM61TII2/ODClq9p1rgcNWdpXW+nziU057uCCV1gmPG/lq/0TzzegJD0t2s
McPSRrD8nokKFYkbr/NWpS79s+xkHHnVZMvNCgELZVFta/HcQSXBVwLYHcShh2tb
Py331312LjEUmQbSCNra4e35VYz9Jt5RQEIDQBXJwExKWJP8SDSliOSF7SKFj/CK
yAat6zECw+Ng3BmCqSkkE0dWp1xfRF45R8SnjsxTsYfxdj8/WLa0HdfvZNCjwyNg
zaPDWVshErZgRRmnxRfnXCB9ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org