Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/942F98EE4F2B11EDB2B82054C4F9AE02.roa
File: 942F98EE4F2B11EDB2B82054C4F9AE02.roa (raw, json)
Hash identifier: JIZz9p2iKXGU/LHm9L7Ggdsnulp5RM9L9jRIT0NvzJo=
Subject key identifier: B5:95:5C:DA:23:0D:98:5D:85:C3:B6:0B:28:6E:86:8B:C0:81:1E:95
Certificate issuer: /CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248
Certificate serial: 0A04
Authority key identifier: B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/942F98EE4F2B11EDB2B82054C4F9AE02.roa
Signing time: Tue 18 Oct 2022 21:26:51 +0000
ROA not before: Tue 18 Oct 2022 21:26:51 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38565
IP address blocks: 36.252.0.0/15 maxlen: 23
43.243.96.0/22 maxlen: 24
49.126.0.0/16 maxlen: 20
103.38.196.0/22 maxlen: 24
116.68.208.0/21 maxlen: 24
2400:9500::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2564 (0xa04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248
Validity
Not Before: Oct 18 21:26:51 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=634f1a1a-dcbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:11:ad:f6:e5:a0:01:2b:4f:bc:39:d4:0c:48:
12:dd:ab:97:f8:d5:25:2e:cf:5f:20:6a:c9:5d:25:
ed:b4:43:0d:8d:4c:a4:cc:a4:46:3a:30:46:01:d4:
96:fa:a1:24:ef:93:49:83:49:66:e6:2e:70:42:fa:
30:01:aa:8f:93:fb:87:98:cf:76:a4:b3:1e:87:a8:
36:ba:a9:0f:02:b0:86:f3:56:7e:5f:02:84:30:f0:
62:24:76:d1:bf:15:3e:82:d3:6c:f6:d1:70:5a:93:
35:4c:96:06:59:63:8c:4a:d0:06:ba:27:17:b5:d2:
7b:2d:c1:22:83:22:c3:1e:74:c4:b8:82:96:ff:1b:
8b:2b:bf:93:e1:d4:7d:78:da:ee:e2:4f:86:f2:9a:
10:78:90:34:05:30:43:1c:97:19:40:54:87:91:27:
82:d6:2d:95:ea:d6:7d:6f:55:ac:7c:6f:ad:06:cb:
91:98:fe:d0:7b:64:f5:19:ea:80:f0:43:f7:82:12:
fa:03:f4:cf:98:83:2f:a2:22:18:ca:99:17:39:9e:
19:b8:53:b9:31:20:17:0c:97:a8:72:c6:6c:25:75:
b8:7e:11:19:79:b4:d4:a8:cb:d4:5d:27:30:7c:b3:
f1:ce:46:f3:7a:85:6f:2e:e1:45:42:54:27:4c:a7:
c2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:95:5C:DA:23:0D:98:5D:85:C3:B6:0B:28:6E:86:8B:C0:81:1E:95
X509v3 Authority Key Identifier:
keyid:B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/942F98EE4F2B11EDB2B82054C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.252.0.0/15
43.243.96.0/22
49.126.0.0/16
103.38.196.0/22
116.68.208.0/21
IPv6:
2400:9500::/32
Signature Algorithm: sha256WithRSAEncryption
7e:e7:15:13:d1:a3:10:05:24:05:45:c8:78:4a:b1:b6:ba:39:
94:1c:67:ef:f2:74:c1:13:05:1e:1f:ca:68:cd:41:f2:29:9b:
fc:d9:f3:df:56:fa:85:84:89:e1:66:68:88:79:ef:3c:7c:2c:
d4:e6:e8:f3:c7:c6:89:c5:9d:46:1b:5d:03:9a:d3:09:05:10:
8e:f6:1e:28:f1:7d:5f:9c:83:ab:11:96:cc:5c:d8:e9:e7:04:
11:10:27:3d:5a:d4:7d:e3:db:b6:6a:77:1b:9d:f9:07:65:a3:
74:4b:ed:11:75:c6:6d:e1:85:43:f6:c2:f9:d0:f0:22:85:ff:
61:f9:b3:02:be:b0:a1:41:ce:d0:9d:c8:81:0f:ef:a6:16:26:
9c:4a:d1:6b:6b:7f:ed:09:91:f4:40:a5:1d:17:e4:d2:dd:63:
54:72:79:88:2e:07:d9:73:aa:85:fb:c9:94:75:6c:08:b3:f7:
97:95:28:0c:97:e9:e7:79:59:35:a0:02:93:c2:43:31:7f:12:
5a:3e:05:4e:fd:ab:91:99:75:43:0a:28:24:8b:64:48:a5:0c:
fe:6d:12:54:e6:08:d3:ab:b6:59:8e:c5:93:96:99:84:af:38:
aa:94:fe:3f:e1:a5:2e:77:b0:10:21:93:e2:39:b9:33:00:95:
d8:85:08:83
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICCgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkM5NjYxMTAvBgNVBAUTKEIyQTI1RERFMUE5RUM5MUI1OTk4NkE1MzJGNzg4MzU0
MzYxODMyNDgwHhcNMjIxMDE4MjEyNjUxWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRmMWExYS1kY2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5RGt9uWgAStPvDnUDEgS3auX+NUlLs9fIGrJXSXttEMNjUykzKRGOjBGAdSW
+qEk75NJg0lm5i5wQvowAaqPk/uHmM92pLMeh6g2uqkPArCG81Z+XwKEMPBiJHbR
vxU+gtNs9tFwWpM1TJYGWWOMStAGuicXtdJ7LcEigyLDHnTEuIKW/xuLK7+T4dR9
eNru4k+G8poQeJA0BTBDHJcZQFSHkSeC1i2V6tZ9b1WsfG+tBsuRmP7Qe2T1GeqA
8EP3ghL6A/TPmIMvoiIYypkXOZ4ZuFO5MSAXDJeocsZsJXW4fhEZebTUqMvUXScw
fLPxzkbzeoVvLuFFQlQnTKfC4QIDAQABo4ICujCCArYwHQYDVR0OBBYEFLWVXNoj
DZhdhcO2CyhuhovAgR6VMB8GA1UdIwQYMBaAFLKiXd4anskbWZhqUy94g1Q2GDJI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzk2Ni9BMTk1MkJBMjFD
MTExMUVBQjZDM0M3NkRDNEY5QUUwMi9zcUpkM2hxZXlSdFptR3BUTDNpRFZEWVlN
a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NxSmQzaHFleVJ0Wm1HcFRMM2lEVkRZWU1rZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkM5NjYvQTE5NTJCQTIxQzExMTFFQUI2QzNDNzZEQzRGOUFFMDIvOTQyRjk4RUU0
RjJCMTFFREIyQjgyMDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCIEAgABMBwDAwEk/AMEAivzYAMDADF+AwQCZybEAwQDdETQMA0EAgACMAcD
BQAkAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQB+5xUT0aMQBSQFRch4SrG2ujmUHGfv
8nTBEwUeH8pozUHyKZv82fPfVvqFhInhZmiIee88fCzU5ujzx8aJxZ1GG10DmtMJ
BRCO9h4o8X1fnIOrEZbMXNjp5wQRECc9WtR949u2ancbnfkHZaN0S+0RdcZt4YVD
9sL50PAihf9h+bMCvrChQc7QnciBD++mFiacStFra3/tCZH0QKUdF+TS3WNUcnmI
LgfZc6qF+8mUdWwIs/eXlSgMl+nneVk1oAKTwkMxfxJaPgVO/auRmXVDCigki2RI
pQz+bRJU5gjTq7ZZjsWTlpmErziqlP4/4aUud7AQIZPiObkzAJXYhQiD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:24 2024 by rpki-client on console-ams.rpki-client.org