Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/F2361EDC7FF911EDA62E3721C4F9AE02.roa
File: F2361EDC7FF911EDA62E3721C4F9AE02.roa (raw, json)
Hash identifier: EAeHAGPwCm/lHQWLCPHD9LN8G1ouBrDnxDf9ahZ9glY=
Subject key identifier: FB:34:A3:6D:39:94:F5:76:92:57:BC:53:BE:9D:0E:DF:EB:B4:8D:72
Certificate issuer: /CN=A911E9B6/serialNumber=2E8CBB8C2600C6A098C958B964C32DCB18B8035C
Certificate serial: 06
Authority key identifier: 2E:8C:BB:8C:26:00:C6:A0:98:C9:58:B9:64:C3:2D:CB:18:B8:03:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/F2361EDC7FF911EDA62E3721C4F9AE02.roa
Signing time: Tue 20 Dec 2022 00:44:58 +0000
ROA not before: Tue 20 Dec 2022 00:44:58 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 9328
IP address blocks: 150.173.0.0/16 maxlen: 16
202.137.200.0/21 maxlen: 21
202.160.96.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E9B6/serialNumber=2E8CBB8C2600C6A098C958B964C32DCB18B8035C
Validity
Not Before: Dec 20 00:44:58 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63a1058a-201d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b3:68:19:55:f7:e2:1f:cb:89:80:ed:f8:d6:
af:6b:b5:79:0e:c1:c5:e8:f5:52:8f:cf:55:43:16:
e3:54:35:19:2b:c2:c2:ba:63:02:85:f8:3f:40:1f:
16:7b:d6:c5:a3:22:68:7b:8b:8f:0f:07:e4:e6:a7:
33:3a:4a:fc:2c:d1:31:f5:26:f7:78:30:2d:28:b2:
8f:c2:b4:41:8c:72:9b:46:ad:6d:51:63:cd:ee:da:
5b:02:d6:ec:b8:ea:74:38:4f:91:d8:ce:73:7c:9a:
87:09:80:eb:fd:01:28:a1:47:0d:32:a6:f6:ad:76:
a1:5b:0b:de:5c:7c:fd:c4:70:09:27:02:91:b4:af:
61:81:47:b5:d0:c0:e2:22:89:98:57:10:1d:fe:3e:
d0:e9:0c:15:52:1a:90:ee:b0:c4:eb:94:c2:6a:2c:
32:bf:a8:a3:fa:aa:5f:9a:80:08:fa:a6:f2:b8:bb:
3d:87:b4:43:54:32:39:7d:b0:a3:87:a6:1d:72:38:
fa:b4:a2:eb:11:9e:87:f1:27:81:40:5f:e4:ec:e6:
1c:a5:7d:a5:fd:ec:a3:19:e7:0d:74:b9:e1:60:cb:
e5:62:9d:63:12:b7:c6:89:c9:16:1c:c6:e0:d0:a8:
85:f4:5d:5d:c7:df:4a:f5:82:ba:25:e6:42:2c:eb:
0e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:34:A3:6D:39:94:F5:76:92:57:BC:53:BE:9D:0E:DF:EB:B4:8D:72
X509v3 Authority Key Identifier:
keyid:2E:8C:BB:8C:26:00:C6:A0:98:C9:58:B9:64:C3:2D:CB:18:B8:03:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Loy7jCYAxqCYyVi5ZMMtyxi4A1w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E9B6/7918CB0C7FF511ED9ED4641DC4F9AE02/F2361EDC7FF911EDA62E3721C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
150.173.0.0/16
202.137.200.0/21
202.160.96.0/20
Signature Algorithm: sha256WithRSAEncryption
25:8c:5a:e1:ea:29:37:4f:7b:c0:de:1e:cb:ce:5d:62:aa:23:
4b:e1:74:c8:d0:6d:1e:ab:5b:f6:56:f1:6b:f4:a2:fc:b8:fe:
3b:36:b8:df:7d:f0:2a:a9:1e:39:46:52:f0:3c:37:20:09:5f:
04:bd:3a:f5:3c:99:48:57:b0:54:ad:17:4c:e9:86:34:99:03:
c6:f3:d9:84:19:63:1f:4f:63:8f:dd:7d:bb:3d:d6:da:4a:8f:
bd:03:c1:f5:9d:f7:17:71:ad:80:39:d0:cc:a5:8b:74:6f:b3:
b4:5c:75:b2:97:60:d6:63:32:c5:c3:24:01:4b:42:9f:1b:f5:
4a:ad:99:75:f9:c9:f4:37:53:69:1b:a8:9f:8d:06:77:c0:21:
0a:5d:e2:c9:b1:07:2f:75:98:8a:df:2c:04:6d:46:88:77:a0:
15:99:34:63:c5:45:f3:a8:13:83:72:31:b0:4f:57:ef:56:da:
74:bf:61:ed:08:f9:d3:05:84:87:62:80:6a:cd:53:f4:79:ec:
50:ed:35:42:12:3d:4c:dd:f8:12:e5:70:97:2a:00:5b:70:04:
94:47:d5:f5:9b:b9:7b:ee:86:d5:11:d0:9b:e4:7d:17:3f:16:
0c:8c:5c:96:54:2c:6e:90:dc:03:5c:a2:ea:fc:9c:2b:df:2f:
eb:b2:d4:a2
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RTlCNjExMC8GA1UEBRMoMkU4Q0JCOEMyNjAwQzZBMDk4Qzk1OEI5NjRDMzJEQ0Ix
OEI4MDM1QzAeFw0yMjEyMjAwMDQ0NThaFw0yNDAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYTEwNThhLTIwMWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDes2gZVffiH8uJgO341q9rtXkOwcXo9VKPz1VDFuNUNRkrwsK6YwKF+D9AHxZ7
1sWjImh7i48PB+TmpzM6Svws0TH1Jvd4MC0oso/CtEGMcptGrW1RY83u2lsC1uy4
6nQ4T5HYznN8mocJgOv9ASihRw0ypvatdqFbC95cfP3EcAknApG0r2GBR7XQwOIi
iZhXEB3+PtDpDBVSGpDusMTrlMJqLDK/qKP6ql+agAj6pvK4uz2HtENUMjl9sKOH
ph1yOPq0ousRnofxJ4FAX+Ts5hylfaX97KMZ5w10ueFgy+VinWMSt8aJyRYcxuDQ
qIX0XV3H30r1grol5kIs6w4hAgMBAAGjggKgMIICnDAdBgNVHQ4EFgQU+zSjbTmU
9XaSV7xTvp0O3+u0jXIwHwYDVR0jBBgwFoAULoy7jCYAxqCYyVi5ZMMtyxi4A1ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFOUI2Lzc5MThDQjBDN0ZG
NTExRUQ5RUQ0NjQxREM0RjlBRTAyL0xveTdqQ1lBeHFDWXlWaTVaTU10eXhpNEEx
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTG95N2pDWUF4cUNZeVZpNVpNTXR5eGk0QTF3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RTlCNi83OTE4Q0IwQzdGRjUxMUVEOUVENDY0MURDNEY5QUUwMi9GMjM2MUVEQzdG
RjkxMUVEQTYyRTM3MjFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAqBggrBgEFBQcBBwEB/wQb
MBkwFwQCAAEwEQMDAJatAwQDyonIAwQEyqBgMA0GCSqGSIb3DQEBCwUAA4IBAQAl
jFrh6ik3T3vA3h7Lzl1iqiNL4XTI0G0eq1v2VvFr9KL8uP47NrjfffAqqR45RlLw
PDcgCV8EvTr1PJlIV7BUrRdM6YY0mQPG89mEGWMfT2OP3X27PdbaSo+9A8H1nfcX
ca2AOdDMpYt0b7O0XHWyl2DWYzLFwyQBS0KfG/VKrZl1+cn0N1NpG6ifjQZ3wCEK
XeLJsQcvdZiK3ywEbUaId6AVmTRjxUXzqBODcjGwT1fvVtp0v2HtCPnTBYSHYoBq
zVP0eexQ7TVCEj1M3fgS5XCXKgBbcASUR9X1m7l77obVEdCb5H0XPxYMjFyWVCxu
kNwDXKLq/Jwr3y/rstSi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org