Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/EF0EA8A24EBA11ED97A1151AC4F9AE02.roa
File: EF0EA8A24EBA11ED97A1151AC4F9AE02.roa (raw, json)
Hash identifier: 2Rzxkabm6nENImIUTESeZRPGOIKQSvFMlsAaxaVHN9U=
Subject key identifier: D7:F4:77:6F:7E:3B:0F:EB:29:B5:9E:A2:AD:7B:E0:86:CA:0D:0F:64
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3339
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/EF0EA8A24EBA11ED97A1151AC4F9AE02.roa
Signing time: Fri 20 Jan 2023 14:40:28 +0000
ROA not before: Fri 20 Jan 2023 14:40:28 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 140900
IP address blocks: 121.46.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13113 (0x3339)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Jan 20 14:40:28 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63caa7db-94a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:36:05:84:53:7e:42:85:5b:61:a5:9b:06:
a2:63:4e:d4:76:6e:8b:e4:80:ff:5e:3b:15:b7:59:
ad:16:c9:67:49:fd:a5:1f:c0:84:1e:dc:5f:f3:ff:
9a:eb:a5:ea:f7:eb:c5:64:6a:63:b7:d9:60:0f:59:
a8:ed:3e:f9:13:86:eb:2d:44:c5:dc:e6:3d:d5:60:
fc:53:ff:e7:be:80:89:d8:e3:39:73:6c:85:ae:e4:
89:2d:73:60:f4:5f:c1:af:4f:40:0b:c6:b9:7d:81:
c3:c4:89:99:84:56:16:d2:97:25:e8:b0:96:5d:29:
ce:08:2a:d6:57:d1:0d:8e:43:2f:90:ae:6f:77:9b:
73:8f:e3:3d:f4:83:d5:f5:de:e8:1a:0f:3a:ba:a2:
a6:4d:22:6c:02:d2:6c:dd:5d:47:ce:34:2f:68:93:
7c:86:0e:a6:f9:e8:cc:76:cf:ab:3e:2b:2f:55:90:
1c:a6:e4:fb:66:11:6c:99:29:28:fe:b4:d0:8e:85:
4d:2e:c3:69:59:da:06:64:56:74:1d:eb:da:6c:91:
c7:92:7d:6c:c1:7a:e2:cd:75:c2:43:6c:18:21:d4:
9e:3a:af:97:c7:5c:81:f1:89:49:d8:0d:c5:1e:09:
91:c0:86:a4:d4:0e:9f:62:ed:45:a2:15:81:21:57:
01:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F4:77:6F:7E:3B:0F:EB:29:B5:9E:A2:AD:7B:E0:86:CA:0D:0F:64
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/EF0EA8A24EBA11ED97A1151AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.46.66.0/24
Signature Algorithm: sha256WithRSAEncryption
97:83:b1:68:b4:fb:c1:fb:9e:d6:2b:39:11:57:8e:67:83:47:
b4:3d:2e:b9:4c:54:14:c4:b5:58:4b:f0:06:88:0d:5f:28:7a:
e4:c5:55:86:87:e1:f2:d3:2e:5c:07:88:22:85:e2:da:85:06:
8f:f0:7a:7d:32:28:eb:d9:0a:30:d7:e0:17:93:fe:0a:61:31:
e9:c0:77:0b:a3:52:bb:d2:f0:2f:3f:89:a2:9e:39:bd:c9:82:
6e:3b:36:06:6c:1d:2d:51:15:32:6a:1f:5f:a6:dc:87:29:78:
45:b1:94:c5:99:80:1a:75:3a:d9:9a:2c:14:34:88:2c:9b:de:
be:7d:a7:9a:0b:ac:00:13:73:9c:12:9d:69:85:75:d3:fa:3b:
42:c6:71:42:e8:a8:b2:39:1f:01:12:12:82:ea:50:d5:c3:45:
6d:58:db:4f:34:aa:ae:16:93:2b:d5:4c:12:9d:61:4e:07:ce:
50:89:4f:36:d8:ee:9d:3f:cb:fa:62:6d:57:60:e8:28:e7:22:
69:66:21:ea:0d:ea:78:8c:34:74:99:80:d9:53:5e:ef:70:94:
ff:26:0d:bc:66:ff:d9:e3:29:b7:6e:6e:42:6c:3a:07:97:c3:
a9:24:9f:b1:e8:d0:f7:f4:63:e2:fa:e4:3b:55:f3:cb:f6:d1:
a2:3d:7e:45
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMzkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMwMTIwMTQ0MDI4WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NhYTdkYi05NGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs3U2BYRTfkKFW2GlmwaiY07Udm6L5ID/XjsVt1mtFslnSf2lH8CEHtxf8/+a
66Xq9+vFZGpjt9lgD1mo7T75E4brLUTF3OY91WD8U//nvoCJ2OM5c2yFruSJLXNg
9F/Br09AC8a5fYHDxImZhFYW0pcl6LCWXSnOCCrWV9ENjkMvkK5vd5tzj+M99IPV
9d7oGg86uqKmTSJsAtJs3V1HzjQvaJN8hg6m+ejMds+rPisvVZAcpuT7ZhFsmSko
/rTQjoVNLsNpWdoGZFZ0HevabJHHkn1swXrizXXCQ2wYIdSeOq+Xx1yB8YlJ2A3F
HgmRwIak1A6fYu1FohWBIVcBqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNf0d29+
Ow/rKbWeoq174IbKDQ9kMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRUYwRUE4QTI0
RUJBMTFFRDk3QTExNTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB5LkIwDQYJKoZIhvcNAQELBQADggEBAJeDsWi0+8H7ntYr
ORFXjmeDR7Q9LrlMVBTEtVhL8AaIDV8oeuTFVYaH4fLTLlwHiCKF4tqFBo/wen0y
KOvZCjDX4BeT/gphMenAdwujUrvS8C8/iaKeOb3Jgm47NgZsHS1RFTJqH1+m3Icp
eEWxlMWZgBp1OtmaLBQ0iCyb3r59p5oLrAATc5wSnWmFddP6O0LGcULoqLI5HwES
EoLqUNXDRW1Y2080qq4WkyvVTBKdYU4HzlCJTzbY7p0/y/pibVdg6CjnImlmIeoN
6niMNHSZgNlTXu9wlP8mDbxm/9njKbdubkJsOgeXw6kkn7Ho0Pf0Y+L65DtV88v2
0aI9fkU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org