Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B809B/7678F2FEBA9111EAAAB5CC57C4F9AE02/73F005D4BA9311EAB6B2FB5AC4F9AE02.roa
File: 73F005D4BA9311EAB6B2FB5AC4F9AE02.roa (raw, json)
Hash identifier: 39Z2+X2eBp1VJVtkSJElug97RS1if44aRgOic2IzMpI=
Subject key identifier: F0:05:F1:9E:9C:22:FA:09:8D:76:DE:3B:D4:F4:16:74:29:33:E8:91
Certificate issuer: /CN=A91B809B/serialNumber=1FF4E33ED7730DCE3231D2EDB54D96D9EAB5F7F6
Certificate serial: 05C8
Authority key identifier: 1F:F4:E3:3E:D7:73:0D:CE:32:31:D2:ED:B5:4D:96:D9:EA:B5:F7:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H_TjPtdzDc4yMdLttU2W2eq19_Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B809B/7678F2FEBA9111EAAAB5CC57C4F9AE02/73F005D4BA9311EAB6B2FB5AC4F9AE02.roa
Signing time: Wed 08 Jun 2022 10:37:33 +0000
ROA not before: Wed 08 Jun 2022 10:37:33 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 136533
IP address blocks: 103.91.240.0/22 maxlen: 22
123.253.72.0/22 maxlen: 22
2401:17c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1480 (0x5c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B809B/serialNumber=1FF4E33ED7730DCE3231D2EDB54D96D9EAB5F7F6
Validity
Not Before: Jun 8 10:37:33 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62a07bec-0294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2d:99:53:1f:d2:3c:3c:83:a3:3d:1f:be:bf:
2f:e0:50:bc:be:2f:7e:ac:a7:09:2b:1d:16:d0:c9:
52:75:4a:4a:28:7d:b4:36:ef:74:21:21:66:a6:ed:
8f:85:73:47:68:57:c1:e7:a5:be:25:10:6c:c0:e6:
7d:63:cf:ae:3e:9e:09:96:76:9a:c1:c5:f3:07:21:
39:e7:70:2e:a4:e1:28:4a:bf:56:8d:a6:2e:5c:af:
c4:9c:0f:04:35:c5:aa:be:27:d2:c2:f6:67:0c:47:
44:71:ad:96:f6:7e:61:37:1e:2c:45:9b:18:9e:85:
b5:22:75:88:bf:40:08:d6:c1:35:68:c0:76:7c:3f:
34:29:91:d2:33:5d:63:76:e0:fe:62:42:45:ac:33:
69:cd:69:f6:e3:1f:31:43:47:dd:8a:e8:d8:9d:f8:
d9:f4:73:35:a1:0e:a5:17:88:d0:53:cb:ce:02:e8:
c3:ce:c5:9b:8d:a1:2c:b2:51:a7:e9:8d:4c:25:40:
fd:54:b0:e2:00:35:a4:5a:63:24:a1:13:58:6c:80:
e5:c3:92:2b:ce:23:a4:5a:6d:f3:5e:e7:3a:ea:ea:
0b:cb:05:c2:44:7a:8f:1b:0e:df:bb:27:5f:5a:2b:
a8:e6:64:37:cc:50:19:ec:76:f5:1a:83:36:2c:9a:
80:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:05:F1:9E:9C:22:FA:09:8D:76:DE:3B:D4:F4:16:74:29:33:E8:91
X509v3 Authority Key Identifier:
keyid:1F:F4:E3:3E:D7:73:0D:CE:32:31:D2:ED:B5:4D:96:D9:EA:B5:F7:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B809B/7678F2FEBA9111EAAAB5CC57C4F9AE02/H_TjPtdzDc4yMdLttU2W2eq19_Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H_TjPtdzDc4yMdLttU2W2eq19_Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B809B/7678F2FEBA9111EAAAB5CC57C4F9AE02/73F005D4BA9311EAB6B2FB5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.240.0/22
123.253.72.0/22
IPv6:
2401:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
c1:db:2d:c4:d6:92:49:3b:96:f9:88:64:aa:56:66:89:07:56:
b4:07:a3:94:1c:aa:8a:42:5b:92:96:5b:58:0b:bd:f0:5c:76:
b3:32:5e:79:52:04:33:f4:08:00:e1:19:ee:16:2a:64:f9:ea:
67:1d:f5:82:ab:17:f5:79:15:ea:55:f5:9f:41:ad:71:dc:f9:
61:62:f7:89:b2:54:d3:b3:af:bf:ec:b6:f1:83:fd:30:42:6b:
38:e0:df:84:c8:2c:75:86:71:6c:e2:00:33:f3:61:cc:83:82:
82:36:eb:a0:1b:45:46:38:4b:07:04:ee:f9:a4:b0:33:38:f4:
9b:22:33:5a:4c:51:b5:f0:e7:e6:8f:98:41:6b:e1:94:ea:07:
83:87:e9:62:0e:e4:04:b9:b9:91:20:95:79:75:95:61:83:fe:
d4:c8:1f:46:d1:7b:b1:58:83:94:3d:e2:1d:3e:eb:21:59:97:
e3:d5:16:d9:6a:08:f7:c8:eb:92:f9:6f:a4:cd:dd:c3:08:fa:
ee:5e:96:53:af:99:f3:c9:15:ff:43:13:fa:d9:40:25:f9:2d:
4c:1f:49:e9:b4:02:e7:ec:56:25:11:dd:bd:77:10:e2:97:5d:
40:a3:1d:ca:09:57:4b:73:cd:ce:5b:84:47:5c:39:95:d4:68:
ee:ce:21:35
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjgwOUIxMTAvBgNVBAUTKDFGRjRFMzNFRDc3MzBEQ0UzMjMxRDJFREI1NEQ5NkQ5
RUFCNUY3RjYwHhcNMjIwNjA4MTAzNzMzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmEwN2JlYy0wMjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwy2ZUx/SPDyDoz0fvr8v4FC8vi9+rKcJKx0W0MlSdUpKKH20Nu90ISFmpu2P
hXNHaFfB56W+JRBswOZ9Y8+uPp4JlnaawcXzByE553AupOEoSr9WjaYuXK/EnA8E
NcWqvifSwvZnDEdEca2W9n5hNx4sRZsYnoW1InWIv0AI1sE1aMB2fD80KZHSM11j
duD+YkJFrDNpzWn24x8xQ0fdiujYnfjZ9HM1oQ6lF4jQU8vOAujDzsWbjaEsslGn
6Y1MJUD9VLDiADWkWmMkoRNYbIDlw5IrziOkWm3zXuc66uoLywXCRHqPGw7fuydf
Wiuo5mQ3zFAZ7Hb1GoM2LJqA5wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPAF8Z6c
IvoJjXbeO9T0FnQpM+iRMB8GA1UdIwQYMBaAFB/04z7Xcw3OMjHS7bVNltnqtff2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODA5Qi83Njc4RjJGRUJB
OTExMUVBQUFCNUNDNTdDNEY5QUUwMi9IX1RqUHRkekRjNHlNZEx0dFUyVzJlcTE5
X1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hfVGpQdGR6RGM0eU1kTHR0VTJXMmVxMTlfWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjgwOUIvNzY3OEYyRkVCQTkxMTFFQUFBQjVDQzU3QzRGOUFFMDIvNzNGMDA1RDRC
QTkzMTFFQUI2QjJGQjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnW/ADBAJ7/UgwDQQCAAIwBwMFACQBF8AwDQYJKoZIhvcN
AQELBQADggEBAMHbLcTWkkk7lvmIZKpWZokHVrQHo5QcqopCW5KWW1gLvfBcdrMy
XnlSBDP0CADhGe4WKmT56mcd9YKrF/V5FepV9Z9BrXHc+WFi94myVNOzr7/stvGD
/TBCazjg34TILHWGcWziADPzYcyDgoI266AbRUY4SwcE7vmksDM49JsiM1pMUbXw
5+aPmEFr4ZTqB4OH6WIO5AS5uZEglXl1lWGD/tTIH0bRe7FYg5Q94h0+6yFZl+PV
FtlqCPfI65L5b6TN3cMI+u5ellOvmfPJFf9DE/rZQCX5LUwfSem0AufsViUR3b13
EOKXXUCjHcoJV0tzzc5bhEdcOZXUaO7OITU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org