Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/CD448AA6248B11EDBD7D820BC4F9AE02.roa
File: CD448AA6248B11EDBD7D820BC4F9AE02.roa (raw, json)
Hash identifier: mDxFbxcIlAW4oy0oDJPPoBLdMF6DL+wMqfovZsyGiaA=
Subject key identifier: 68:97:F4:13:3E:D2:01:45:0B:97:3C:A7:BA:92:91:F5:EE:48:AF:5E
Certificate issuer: /CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248
Certificate serial: 09AC
Authority key identifier: B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/CD448AA6248B11EDBD7D820BC4F9AE02.roa
Signing time: Thu 25 Aug 2022 15:37:19 +0000
ROA not before: Thu 25 Aug 2022 15:37:19 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38565
IP address blocks: 36.252.0.0/15 maxlen: 20
43.243.96.0/22 maxlen: 24
49.126.0.0/16 maxlen: 20
103.38.196.0/22 maxlen: 24
116.68.208.0/21 maxlen: 24
2400:9500::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2476 (0x9ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248
Validity
Not Before: Aug 25 15:37:19 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6307972e-511a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:45:3b:9e:4d:e8:2e:61:d0:11:e0:8f:c2:12:
df:38:c4:dd:e0:3e:e6:65:0e:eb:81:ed:7b:aa:18:
35:e3:5f:60:eb:5b:52:dd:b5:fb:73:32:15:c3:53:
12:88:58:4e:e5:e8:28:4c:1b:69:ba:bf:b9:43:ff:
cf:1d:22:72:ad:b5:14:2a:ef:8f:d6:d3:b3:b9:5a:
d3:c3:a5:55:c1:68:0c:ef:3e:f5:bc:ac:68:cf:b3:
e9:0a:c0:c0:61:3a:b0:e4:c2:d5:8c:21:a8:69:cc:
68:bb:86:87:20:eb:b7:13:96:6e:6e:25:9a:b7:d6:
64:98:9d:c6:e6:ce:86:b8:0c:ac:9d:92:56:eb:82:
0f:ee:7f:c5:4b:fa:a5:17:6f:72:e2:6a:a4:90:c5:
a9:26:59:45:0d:30:e3:97:92:a9:f6:b2:96:12:11:
91:45:11:e7:c5:da:b3:16:17:f2:43:73:e8:cd:17:
f1:e6:d2:89:ea:b6:fe:af:1e:0d:89:fd:01:76:eb:
8d:c1:f8:60:eb:86:c1:79:2b:e2:14:38:5b:4b:67:
86:b7:56:1d:0e:c5:95:13:4b:e6:06:11:c2:16:f1:
a5:77:e3:e6:13:f2:c4:00:35:7a:10:a7:33:00:94:
e2:4b:04:71:2a:5f:ad:27:df:d8:12:43:90:44:33:
1e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:97:F4:13:3E:D2:01:45:0B:97:3C:A7:BA:92:91:F5:EE:48:AF:5E
X509v3 Authority Key Identifier:
keyid:B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/CD448AA6248B11EDBD7D820BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.252.0.0/15
43.243.96.0/22
49.126.0.0/16
103.38.196.0/22
116.68.208.0/21
IPv6:
2400:9500::/32
Signature Algorithm: sha256WithRSAEncryption
72:18:2d:b0:6f:2c:e8:82:b4:f3:cc:3d:a0:c1:0f:e4:d4:ce:
3b:69:5b:c0:d8:d1:4d:ab:6d:7f:bd:45:ca:97:11:83:05:34:
d6:f5:dd:1e:fa:e7:e6:87:f0:17:ab:b6:52:9d:b0:04:46:18:
4d:48:ac:94:11:bf:79:4d:af:b9:44:c5:d9:7a:f1:a3:af:e3:
ce:f8:87:99:4b:7a:a7:59:3c:f6:2c:59:e8:2c:91:98:67:31:
a9:4b:0c:dc:d0:1e:30:cb:1c:18:8f:c9:a0:84:72:59:b3:40:
53:3b:94:04:77:e0:6c:9e:d7:30:10:1e:00:2e:2a:34:ff:01:
c2:21:bf:dc:78:b9:e9:20:51:f2:25:1c:9f:c6:16:18:20:8e:
ba:8e:dd:d0:b7:0c:b4:4f:1d:6c:7a:00:65:ec:e2:8f:55:40:
19:87:17:0e:2e:e2:d5:30:b0:80:26:f4:2d:2f:5a:c7:8f:d3:
e5:f0:b7:a2:b2:95:02:59:17:2e:9d:44:59:4a:78:f3:30:25:
4c:15:b3:a3:6a:2e:3f:43:56:4c:e1:36:96:be:61:e3:5c:d8:
63:9a:6f:4f:58:d8:ff:84:8a:6b:ec:b3:6a:d3:db:a5:78:ae:
ae:30:e1:ce:f8:63:65:e2:6a:d1:43:ee:f9:27:79:98:0a:88:
e6:62:2c:db
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICCawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkM5NjYxMTAvBgNVBAUTKEIyQTI1RERFMUE5RUM5MUI1OTk4NkE1MzJGNzg4MzU0
MzYxODMyNDgwHhcNMjIwODI1MTUzNzE5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA3OTcyZS01MTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuEU7nk3oLmHQEeCPwhLfOMTd4D7mZQ7rge17qhg1419g61tS3bX7czIVw1MS
iFhO5egoTBtpur+5Q//PHSJyrbUUKu+P1tOzuVrTw6VVwWgM7z71vKxoz7PpCsDA
YTqw5MLVjCGoacxou4aHIOu3E5ZubiWat9ZkmJ3G5s6GuAysnZJW64IP7n/FS/ql
F29y4mqkkMWpJllFDTDjl5Kp9rKWEhGRRRHnxdqzFhfyQ3PozRfx5tKJ6rb+rx4N
if0BduuNwfhg64bBeSviFDhbS2eGt1YdDsWVE0vmBhHCFvGld+PmE/LEADV6EKcz
AJTiSwRxKl+tJ9/YEkOQRDMekQIDAQABo4ICujCCArYwHQYDVR0OBBYEFGiX9BM+
0gFFC5c8p7qSkfXuSK9eMB8GA1UdIwQYMBaAFLKiXd4anskbWZhqUy94g1Q2GDJI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzk2Ni9BMTk1MkJBMjFD
MTExMUVBQjZDM0M3NkRDNEY5QUUwMi9zcUpkM2hxZXlSdFptR3BUTDNpRFZEWVlN
a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NxSmQzaHFleVJ0Wm1HcFRMM2lEVkRZWU1rZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkM5NjYvQTE5NTJCQTIxQzExMTFFQUI2QzNDNzZEQzRGOUFFMDIvQ0Q0NDhBQTYy
NDhCMTFFREJEN0Q4MjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCIEAgABMBwDAwEk/AMEAivzYAMDADF+AwQCZybEAwQDdETQMA0EAgACMAcD
BQAkAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQByGC2wbyzogrTzzD2gwQ/k1M47aVvA
2NFNq21/vUXKlxGDBTTW9d0e+ufmh/AXq7ZSnbAERhhNSKyUEb95Ta+5RMXZevGj
r+PO+IeZS3qnWTz2LFnoLJGYZzGpSwzc0B4wyxwYj8mghHJZs0BTO5QEd+Bsntcw
EB4ALio0/wHCIb/ceLnpIFHyJRyfxhYYII66jt3Qtwy0Tx1segBl7OKPVUAZhxcO
LuLVMLCAJvQtL1rHj9Pl8LeispUCWRcunURZSnjzMCVMFbOjai4/Q1ZM4TaWvmHj
XNhjmm9PWNj/hIpr7LNq09uleK6uMOHO+GNl4mrRQ+75J3mYCojmYizb
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org