Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/34CF6BEA6CAE11EDAE46E940C4F9AE02.roa
File: 34CF6BEA6CAE11EDAE46E940C4F9AE02.roa (raw, json)
Hash identifier: K+em/UMPk+MkEpOURPwZalXfpXT9Zhi+JV1YuX5Bmv4=
Subject key identifier: 8B:54:64:C5:84:43:67:47:53:00:09:03:A2:D8:2C:7E:A6:72:4D:22
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 2023
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/34CF6BEA6CAE11EDAE46E940C4F9AE02.roa
Signing time: Fri 25 Nov 2022 10:44:59 +0000
ROA not before: Fri 25 Nov 2022 10:44:59 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 132352
IP address blocks: 59.153.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8227 (0x2023)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Nov 25 10:44:59 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63809caa-49b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:12:d3:86:3c:00:2f:49:dc:e8:c5:82:12:25:
5d:2b:4f:26:74:60:67:59:d1:44:90:9f:e1:d5:ff:
29:b2:31:9c:38:b6:ff:c9:be:31:e4:c6:bd:dc:99:
cd:bb:89:88:cb:af:53:d7:38:8f:a9:d6:9c:45:e0:
61:12:6b:cb:af:08:b8:21:09:3f:41:7c:40:9c:62:
ff:5b:44:67:9f:54:dc:f6:a5:f9:c7:39:b0:00:e6:
f2:02:8c:38:42:26:49:61:5e:ef:45:78:58:72:ea:
db:bf:dd:6a:e7:fe:04:bf:3c:48:3d:4b:50:cc:80:
68:c1:18:d9:fb:24:5b:d1:32:95:c1:28:7b:b3:af:
9d:e9:9d:81:ec:4f:e2:c2:64:93:52:89:d1:61:22:
d2:ac:90:92:7a:cb:7b:b2:d0:93:dc:e7:ee:81:c0:
a8:6e:4e:14:67:af:e0:a5:78:46:27:97:59:d5:93:
79:77:b7:e0:c6:fb:34:ca:86:b5:40:02:04:b1:b7:
66:4e:f3:15:77:bc:b5:43:02:af:1e:d1:ea:b2:fd:
7a:f6:19:41:1a:4c:a2:c5:e2:9f:6f:3d:96:7c:61:
98:76:79:d5:16:61:dc:c1:44:36:d0:ae:bc:3b:02:
4a:f2:15:45:20:39:76:46:e9:d3:92:e3:44:b9:da:
6a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:54:64:C5:84:43:67:47:53:00:09:03:A2:D8:2C:7E:A6:72:4D:22
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/34CF6BEA6CAE11EDAE46E940C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:00:20:70:60:75:45:14:cb:86:88:13:da:8e:07:f7:a9:59:
bc:31:ef:bb:02:ce:41:7a:3a:ca:93:84:9b:82:c3:87:b5:fa:
03:b8:e6:df:c5:c4:73:28:a1:cf:0d:39:28:3b:20:48:7a:9b:
ff:bf:61:2d:8f:ca:92:0b:8e:e2:fd:ef:57:25:42:46:79:10:
c7:59:0c:15:47:4e:6a:1c:b8:a5:22:b1:7d:4a:21:a9:43:9f:
8d:35:10:d1:24:86:d8:b1:e2:c3:99:50:9a:db:41:68:4b:91:
08:13:7e:34:ba:b4:80:5e:51:cd:88:f3:c1:f5:df:c0:65:59:
bc:2d:dd:73:f4:35:24:37:71:ae:6e:f5:df:07:ac:08:66:96:
19:05:43:34:2c:db:d5:b3:f7:27:53:fb:8e:41:b9:19:ac:a9:
7b:ff:ff:55:87:df:f8:b0:a8:e5:c9:bd:96:a2:2d:33:72:7a:
f6:4e:1d:7b:ac:2d:ca:6a:00:02:f8:9c:66:94:bc:5b:e8:69:
ea:4b:aa:e2:bc:2a:fd:92:17:03:3c:1e:f2:37:7c:fd:bc:6b:
14:f6:79:04:d3:80:fb:ac:33:7b:37:ab:84:43:88:cc:1f:5f:
d4:79:ec:1b:8f:74:18:7d:11:48:69:15:4e:71:33:1b:27:62:
f7:ca:55:3f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICICMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjIxMTI1MTA0NDU5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzgwOWNhYS00OWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0xLThjwAL0nc6MWCEiVdK08mdGBnWdFEkJ/h1f8psjGcOLb/yb4x5Ma93JnN
u4mIy69T1ziPqdacReBhEmvLrwi4IQk/QXxAnGL/W0Rnn1Tc9qX5xzmwAObyAow4
QiZJYV7vRXhYcurbv91q5/4EvzxIPUtQzIBowRjZ+yRb0TKVwSh7s6+d6Z2B7E/i
wmSTUonRYSLSrJCSest7stCT3OfugcCobk4UZ6/gpXhGJ5dZ1ZN5d7fgxvs0yoa1
QAIEsbdmTvMVd7y1QwKvHtHqsv169hlBGkyixeKfbz2WfGGYdnnVFmHcwUQ20K68
OwJK8hVFIDl2RunTkuNEudpqmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFItUZMWE
Q2dHUwAJA6LYLH6mck0iMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvMzRDRjZCRUE2
Q0FFMTFFREFFNDZFOTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAI7mcgwDQYJKoZIhvcNAQELBQADggEBALoAIHBgdUUUy4aI
E9qOB/epWbwx77sCzkF6OsqThJuCw4e1+gO45t/FxHMooc8NOSg7IEh6m/+/YS2P
ypILjuL971clQkZ5EMdZDBVHTmocuKUisX1KIalDn401ENEkhtix4sOZUJrbQWhL
kQgTfjS6tIBeUc2I88H138BlWbwt3XP0NSQ3ca5u9d8HrAhmlhkFQzQs29Wz9ydT
+45BuRmsqXv//1WH3/iwqOXJvZaiLTNyevZOHXusLcpqAAL4nGaUvFvoaepLquK8
Kv2SFwM8HvI3fP28axT2eQTTgPusM3s3q4RDiMwfX9R57BuPdBh9EUhpFU5xMxsn
YvfKVT8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org