Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/01FC7864B5DF11ED8B15CB14C4F9AE02.roa
File: 01FC7864B5DF11ED8B15CB14C4F9AE02.roa (raw, json)
Hash identifier: j0pDNnvg1f7ItiFjSuq26xP0+p5j1uw+q3ePP84qit8=
Subject key identifier: 69:C7:4A:AC:68:25:47:64:D0:F2:66:18:35:A6:AF:B0:F8:6E:53:DB
Certificate issuer: /CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248
Certificate serial: 0A56
Authority key identifier: B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/01FC7864B5DF11ED8B15CB14C4F9AE02.roa
Signing time: Sun 26 Feb 2023 14:27:26 +0000
ROA not before: Sun 26 Feb 2023 14:27:26 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38565
IP address blocks: 36.252.0.0/15 maxlen: 23
43.243.96.0/22 maxlen: 24
49.126.0.0/16 maxlen: 20
103.38.196.0/22 maxlen: 24
116.68.208.0/21 maxlen: 24
2400:9500::/32 maxlen: 32
2400:9500:4000::/36 maxlen: 40
2400:9500:8000::/36 maxlen: 40
2400:9500:c000::/36 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2646 (0xa56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248
Validity
Not Before: Feb 26 14:27:26 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63fb6c4e-7fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:37:80:b0:6d:3b:f0:42:b9:8d:a4:0f:fd:ce:
12:5d:c9:e6:28:a1:9b:3d:3f:c3:d2:3b:bd:2f:40:
4d:cb:ad:d0:51:4d:7f:3f:53:76:5e:93:fa:dc:72:
d6:52:2b:70:10:fb:28:66:6a:95:d3:f4:50:68:c5:
f0:f0:cd:a7:5d:ed:18:97:ad:28:e7:12:dd:f1:71:
42:a8:8b:c1:d8:c0:67:c6:8e:4b:6e:b4:0d:f5:d8:
6a:ef:26:5b:c4:80:af:de:00:18:84:df:0f:40:b6:
00:d5:81:94:63:40:15:10:b1:eb:9c:3a:d5:0e:66:
74:83:c6:bc:23:fa:81:23:26:ed:18:ef:d9:26:36:
f2:b0:6c:f0:42:71:ee:cf:76:74:b1:a5:cb:83:af:
ac:8d:eb:b0:04:ec:3e:e9:11:97:aa:dd:e7:45:3e:
b1:14:11:93:14:52:8f:4c:be:ba:d6:9e:9f:12:77:
70:3b:eb:a9:b0:fa:45:25:23:90:0a:6c:65:81:65:
35:46:80:fe:96:cb:4c:f9:29:5a:e3:a9:50:e2:65:
b7:74:c0:fa:a9:ee:af:b6:84:44:fb:68:47:4c:ce:
58:31:21:d9:ee:57:ba:69:45:7f:cc:6e:82:92:4d:
e9:a4:b9:d4:39:74:b8:a3:29:de:dc:2a:2a:ce:02:
da:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C7:4A:AC:68:25:47:64:D0:F2:66:18:35:A6:AF:B0:F8:6E:53:DB
X509v3 Authority Key Identifier:
keyid:B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/01FC7864B5DF11ED8B15CB14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.252.0.0/15
43.243.96.0/22
49.126.0.0/16
103.38.196.0/22
116.68.208.0/21
IPv6:
2400:9500::/32
Signature Algorithm: sha256WithRSAEncryption
70:5d:88:34:d9:da:8f:a9:17:ff:aa:d9:37:9b:f5:8c:82:cb:
36:35:4c:3c:6c:d5:6a:a4:3a:0e:ca:f2:65:96:0c:71:7d:ad:
97:37:02:84:31:6f:23:4d:d3:17:b9:93:b9:05:d6:a8:a1:82:
96:c1:56:5b:55:c8:a8:f3:9b:13:ec:0b:1c:ed:84:2e:0d:0b:
cb:c5:dd:9b:2f:c3:6c:9c:5a:c3:6a:d4:45:33:1c:66:de:ff:
97:c1:c1:7c:08:e5:c4:dc:4e:64:d5:ab:b5:66:5f:e3:fd:2f:
3a:0c:08:d2:95:92:bf:a4:dd:bf:53:ed:5b:3b:50:8e:c9:e9:
be:ce:e4:5d:77:5d:9a:10:1a:8f:b5:bd:73:01:9e:4e:84:8d:
57:9f:de:a3:d4:c2:2c:02:1d:41:2b:c9:93:fd:31:7b:91:2c:
2d:ae:6d:d7:be:cb:68:3d:60:f9:e3:79:7f:11:4e:32:5b:07:
f9:4e:6e:1e:98:4b:15:cd:dd:9b:da:5a:bb:e4:08:67:80:25:
53:64:48:76:5a:c4:ee:61:57:84:3a:fe:0a:c1:5f:71:99:64:
e8:c5:f4:07:ce:1e:19:3d:a1:8f:c3:de:7e:be:40:65:a7:ef:
bb:99:fc:ed:29:d0:47:60:61:94:62:86:45:89:98:f3:d9:76:
88:2a:76:4f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICClYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkM5NjYxMTAvBgNVBAUTKEIyQTI1RERFMUE5RUM5MUI1OTk4NkE1MzJGNzg4MzU0
MzYxODMyNDgwHhcNMjMwMjI2MTQyNzI2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZiNmM0ZS03ZmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuzeAsG078EK5jaQP/c4SXcnmKKGbPT/D0ju9L0BNy63QUU1/P1N2XpP63HLW
UitwEPsoZmqV0/RQaMXw8M2nXe0Yl60o5xLd8XFCqIvB2MBnxo5LbrQN9dhq7yZb
xICv3gAYhN8PQLYA1YGUY0AVELHrnDrVDmZ0g8a8I/qBIybtGO/ZJjbysGzwQnHu
z3Z0saXLg6+sjeuwBOw+6RGXqt3nRT6xFBGTFFKPTL661p6fEndwO+upsPpFJSOQ
CmxlgWU1RoD+lstM+Sla46lQ4mW3dMD6qe6vtoRE+2hHTM5YMSHZ7le6aUV/zG6C
kk3ppLnUOXS4oyne3CoqzgLajwIDAQABo4ICujCCArYwHQYDVR0OBBYEFGnHSqxo
JUdk0PJmGDWmr7D4blPbMB8GA1UdIwQYMBaAFLKiXd4anskbWZhqUy94g1Q2GDJI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzk2Ni9BMTk1MkJBMjFD
MTExMUVBQjZDM0M3NkRDNEY5QUUwMi9zcUpkM2hxZXlSdFptR3BUTDNpRFZEWVlN
a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NxSmQzaHFleVJ0Wm1HcFRMM2lEVkRZWU1rZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkM5NjYvQTE5NTJCQTIxQzExMTFFQUI2QzNDNzZEQzRGOUFFMDIvMDFGQzc4NjRC
NURGMTFFRDhCMTVDQjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCIEAgABMBwDAwEk/AMEAivzYAMDADF+AwQCZybEAwQDdETQMA0EAgACMAcD
BQAkAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQBwXYg02dqPqRf/qtk3m/WMgss2NUw8
bNVqpDoOyvJllgxxfa2XNwKEMW8jTdMXuZO5BdaooYKWwVZbVcio85sT7Asc7YQu
DQvLxd2bL8NsnFrDatRFMxxm3v+XwcF8COXE3E5k1au1Zl/j/S86DAjSlZK/pN2/
U+1bO1COyem+zuRdd12aEBqPtb1zAZ5OhI1Xn96j1MIsAh1BK8mT/TF7kSwtrm3X
vstoPWD543l/EU4yWwf5Tm4emEsVzd2b2lq75AhngCVTZEh2WsTuYVeEOv4KwV9x
mWToxfQHzh4ZPaGPw95+vkBlp++7mfztKdBHYGGUYoZFiZjz2XaIKnZP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org