Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/170A8CD689FD11EDA18A396FC4F9AE02.roa
File: 170A8CD689FD11EDA18A396FC4F9AE02.roa (raw, json)
Hash identifier: gWBG3OcLxFE2xLxniwfCl8x7DACFWWK3Bt97x7c/fD0=
Subject key identifier: 42:16:16:AC:3B:4B:88:79:39:54:07:C7:5F:4B:7A:2E:C8:DB:89:8F
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 2049
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/170A8CD689FD11EDA18A396FC4F9AE02.roa
Signing time: Sun 01 Jan 2023 18:12:41 +0000
ROA not before: Sun 01 Jan 2023 18:12:41 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 63980
IP address blocks: 59.153.200.0/22 maxlen: 24
103.57.20.0/22 maxlen: 24
2402:5380::/31 maxlen: 37
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8265 (0x2049)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Jan 1 18:12:41 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63b1cd18-71f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:17:e3:dc:dc:ae:13:3d:ba:27:ed:e1:22:9d:
e8:04:56:5a:78:f2:dd:81:80:a3:0f:5d:aa:1e:e2:
05:13:77:4d:5d:42:cd:5a:1d:f1:5e:4d:4d:e0:df:
60:22:79:d1:66:aa:3a:77:9b:c3:4f:eb:c2:b6:5c:
9d:88:01:63:7e:60:61:bc:d5:61:0b:de:36:ba:a8:
46:ff:32:d4:25:5e:d5:e5:fa:b3:19:16:74:16:05:
b0:e3:46:87:51:a1:96:9c:64:c7:0c:37:79:43:4b:
b0:a6:4a:ef:aa:0a:83:13:15:35:a1:9e:c3:7a:f9:
19:a3:23:d9:ec:49:43:4f:b1:60:17:b9:1e:62:35:
5b:b0:c4:f0:32:7f:3c:3f:87:29:be:71:1a:f2:b8:
62:83:38:22:5a:fd:11:01:fc:ce:dc:be:97:79:24:
31:47:f9:9f:d2:88:e6:b5:2c:27:ba:7d:6e:7d:9a:
3e:fd:34:51:bb:da:de:ac:ae:30:60:62:65:0a:40:
f7:62:b4:54:d2:9e:ff:b9:43:e6:b6:d1:cc:95:dc:
5a:fa:d0:a1:74:c2:a5:58:d7:0f:df:6f:b6:48:3c:
9b:4d:84:48:cc:32:ae:cc:ac:74:5d:0d:62:4f:44:
6d:0a:59:8e:d3:8b:b0:e3:d2:37:15:00:c0:50:ed:
6b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:16:16:AC:3B:4B:88:79:39:54:07:C7:5F:4B:7A:2E:C8:DB:89:8F
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/170A8CD689FD11EDA18A396FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
103.57.20.0/22
IPv6:
2402:5380::/31
Signature Algorithm: sha256WithRSAEncryption
b6:50:da:cd:8a:a1:0e:01:fb:3d:88:7b:0a:20:f0:df:be:aa:
3c:30:c6:84:05:e0:a2:4d:07:cf:d6:18:42:70:86:0d:a5:ce:
9c:4c:ee:be:49:65:f4:82:83:bb:c6:25:bb:47:b2:39:ea:1c:
e7:79:98:d4:48:a0:4d:b7:ed:82:3d:16:63:2b:6c:ec:46:d0:
b8:53:d9:41:7c:f9:f2:d4:12:b2:b5:cb:59:cf:e7:04:06:1a:
9e:0d:6e:cc:df:4a:37:0d:c8:63:c5:bd:a7:aa:3c:d1:43:c6:
f6:24:3c:0b:a8:6f:e0:2e:25:3b:95:59:0a:16:13:3d:04:58:
86:39:aa:4b:4d:42:2c:1e:96:8c:15:c2:71:33:35:81:c4:41:
db:ca:de:b1:55:df:3e:2a:99:c7:2c:6c:dd:5d:a7:45:1e:cc:
87:72:78:27:1b:d6:93:67:aa:95:60:90:85:b6:7b:dc:48:6c:
7f:ec:a3:1a:ce:55:4c:24:24:ad:34:f9:13:43:d6:67:18:b1:
df:9a:90:ab:16:fc:ed:1e:d5:45:a1:6e:e3:bc:8c:3f:ed:33:
bb:ca:c9:ae:0c:ae:2e:a2:e0:41:92:cb:53:2a:24:ff:e1:fb:
b8:73:b1:a1:30:d4:46:b0:6a:4f:8e:26:16:38:78:c8:55:12:
52:c5:a2:96
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICIEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjMwMTAxMTgxMjQxWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2IxY2QxOC03MWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuxfj3NyuEz26J+3hIp3oBFZaePLdgYCjD12qHuIFE3dNXULNWh3xXk1N4N9g
InnRZqo6d5vDT+vCtlydiAFjfmBhvNVhC942uqhG/zLUJV7V5fqzGRZ0FgWw40aH
UaGWnGTHDDd5Q0uwpkrvqgqDExU1oZ7DevkZoyPZ7ElDT7FgF7keYjVbsMTwMn88
P4cpvnEa8rhigzgiWv0RAfzO3L6XeSQxR/mf0ojmtSwnun1ufZo+/TRRu9rerK4w
YGJlCkD3YrRU0p7/uUPmttHMldxa+tChdMKlWNcP32+2SDybTYRIzDKuzKx0XQ1i
T0RtClmO04uw49I3FQDAUO1r5QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEIWFqw7
S4h5OVQHx19Lei7I24mPMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvMTcwQThDRDY4
OUZEMTFFREExOEEzOTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mcgDBAJnORQwDQQCAAIwBwMFASQCU4AwDQYJKoZIhvcN
AQELBQADggEBALZQ2s2KoQ4B+z2Iewog8N++qjwwxoQF4KJNB8/WGEJwhg2lzpxM
7r5JZfSCg7vGJbtHsjnqHOd5mNRIoE237YI9FmMrbOxG0LhT2UF8+fLUErK1y1nP
5wQGGp4NbszfSjcNyGPFvaeqPNFDxvYkPAuob+AuJTuVWQoWEz0EWIY5qktNQiwe
lowVwnEzNYHEQdvK3rFV3z4qmccsbN1dp0UezIdyeCcb1pNnqpVgkIW2e9xIbH/s
oxrOVUwkJK00+RND1mcYsd+akKsW/O0e1UWhbuO8jD/tM7vKya4Mri6i4EGSy1Mq
JP/h+7hzsaEw1Eawak+OJhY4eMhVElLFopY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org