Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/ABA394E6911111EBA69D2641C4F9AE02.roa
File: ABA394E6911111EBA69D2641C4F9AE02.roa (raw, json)
Hash identifier: lQhrwh+mOTef72hhOs+0yOSydAzix4nMK7cBLW6ZlKk=
Subject key identifier: 8E:F6:33:38:4A:70:95:A7:3C:14:6D:E2:FF:2A:A4:F0:81:DB:CF:70
Certificate issuer: /CN=A912CB2A/serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7
Certificate serial: 0508
Authority key identifier: 14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/ABA394E6911111EBA69D2641C4F9AE02.roa
Signing time: Thu 10 Aug 2023 05:04:39 +0000
ROA not before: Thu 10 Aug 2023 05:04:39 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 9723
IP address blocks: 121.52.192.0/22 maxlen: 22
121.52.196.0/23 maxlen: 23
121.52.198.0/24 maxlen: 24
121.52.199.0/24 maxlen: 24
202.74.64.0/21 maxlen: 21
2403:6900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1288 (0x508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912CB2A/serialNumber=147E9756439D9DB7156134AC78F91C233B9392A7
Validity
Not Before: Aug 10 05:04:39 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64d46fe7-3112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:63:54:b0:2a:14:52:53:ba:a1:25:84:4f:c5:
7d:8b:c9:dd:3d:72:7f:85:fd:d7:e8:0b:50:b0:ba:
a4:5c:3a:ac:4d:96:0c:99:23:9f:f6:29:72:68:fd:
e0:49:44:37:a2:c7:cb:ee:1b:ca:47:c0:97:af:ed:
b0:fd:d2:a1:9e:6a:32:45:2f:e1:cf:b2:c0:82:ca:
ed:41:08:64:8f:2e:f3:d3:26:df:bd:9e:d7:2e:bc:
28:87:c9:84:a6:0f:e5:e4:0c:ed:b5:d2:3f:56:c2:
ed:65:e8:bf:ec:c5:7f:a0:3a:8b:78:7f:e1:fa:51:
0f:e0:12:b5:93:c6:ee:42:66:60:80:2b:b6:cf:a0:
c5:c1:d2:03:4b:21:91:df:f2:7d:23:b8:28:a1:3c:
df:24:de:3f:28:ff:82:cf:96:65:40:92:f9:66:df:
11:10:69:47:fe:c2:0e:40:2e:92:a4:96:92:fb:c0:
1d:38:0d:77:ac:66:4a:c5:3d:8d:70:ed:09:52:40:
e8:e5:3e:58:a6:88:e8:16:3e:59:0e:14:73:96:58:
c6:ca:db:e7:f7:96:9d:8d:5d:f8:96:86:0f:df:1b:
76:30:c2:d5:9a:57:a5:ec:21:8a:d1:49:1d:c9:cc:
9d:3d:85:6d:6f:26:f7:98:fb:9e:61:bb:d9:d9:6e:
81:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F6:33:38:4A:70:95:A7:3C:14:6D:E2:FF:2A:A4:F0:81:DB:CF:70
X509v3 Authority Key Identifier:
keyid:14:7E:97:56:43:9D:9D:B7:15:61:34:AC:78:F9:1C:23:3B:93:92:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/FH6XVkOdnbcVYTSsePkcIzuTkqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FH6XVkOdnbcVYTSsePkcIzuTkqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CB2A/E01C7A8490E011EBA105871FC4F9AE02/ABA394E6911111EBA69D2641C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.52.192.0/21
202.74.64.0/21
IPv6:
2403:6900::/32
Signature Algorithm: sha256WithRSAEncryption
25:f8:98:1b:01:72:be:3d:31:3b:31:09:f3:45:cb:10:c5:0e:
19:df:0e:29:6a:a6:eb:01:25:fd:64:7b:27:ed:48:07:36:99:
7a:63:8f:e4:4a:81:2b:44:58:70:f9:b9:98:9c:aa:af:75:37:
f3:06:f3:25:9c:2e:b4:99:e6:48:c7:9a:0b:ea:ee:c1:1c:d3:
0b:32:86:db:26:3c:87:9c:28:d4:ff:14:7b:37:a4:4c:2b:aa:
1c:ac:53:4f:f0:56:79:25:f6:91:7b:79:e6:43:58:1f:26:58:
e2:d7:19:5c:ed:61:1b:5e:16:27:bb:e6:c5:75:87:06:20:cd:
92:b6:13:1e:3a:13:b9:48:c1:5e:fd:f9:be:00:32:98:40:d1:
d8:38:1b:cf:0a:35:3b:56:f3:d4:83:80:55:99:75:dc:7d:ec:
d2:e1:2b:11:a1:b8:50:a7:44:cc:f6:9b:09:99:a6:ec:97:72:
df:f3:22:85:f6:48:df:4f:a4:d9:5c:f0:a3:ef:ac:07:92:10:
69:b4:b8:be:ce:ef:6d:6e:e1:b5:fc:aa:94:e4:8e:c0:04:71:
ab:d4:e9:c1:4f:65:d5:b0:0e:05:3c:ef:79:30:0d:db:36:20:
f2:c7:c7:50:da:fe:b7:39:b9:75:47:ae:d3:9e:e6:51:50:47:
fa:7d:15:df
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkNCMkExMTAvBgNVBAUTKDE0N0U5NzU2NDM5RDlEQjcxNTYxMzRBQzc4RjkxQzIz
M0I5MzkyQTcwHhcNMjMwODEwMDUwNDM5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ0NmZlNy0zMTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzGNUsCoUUlO6oSWET8V9i8ndPXJ/hf3X6AtQsLqkXDqsTZYMmSOf9ilyaP3g
SUQ3osfL7hvKR8CXr+2w/dKhnmoyRS/hz7LAgsrtQQhkjy7z0ybfvZ7XLrwoh8mE
pg/l5AzttdI/VsLtZei/7MV/oDqLeH/h+lEP4BK1k8buQmZggCu2z6DFwdIDSyGR
3/J9I7gooTzfJN4/KP+Cz5ZlQJL5Zt8REGlH/sIOQC6SpJaS+8AdOA13rGZKxT2N
cO0JUkDo5T5YpojoFj5ZDhRzlljGytvn95adjV34loYP3xt2MMLVmlel7CGK0Ukd
ycydPYVtbyb3mPueYbvZ2W6BGQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI72MzhK
cJWnPBRt4v8qpPCB289wMB8GA1UdIwQYMBaAFBR+l1ZDnZ23FWE0rHj5HCM7k5Kn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0IyQS9FMDFDN0E4NDkw
RTAxMUVCQTEwNTg3MUZDNEY5QUUwMi9GSDZYVmtPZG5iY1ZZVFNzZVBrY0l6dVRr
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZINlhWa09kbmJjVllUU3NlUGtjSXp1VGtxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkNCMkEvRTAxQzdBODQ5MEUwMTFFQkExMDU4NzFGQzRGOUFFMDIvQUJBMzk0RTY5
MTExMTFFQkE2OUQyNjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAN5NMADBAPKSkAwDQQCAAIwBwMFACQDaQAwDQYJKoZIhvcN
AQELBQADggEBACX4mBsBcr49MTsxCfNFyxDFDhnfDilqpusBJf1keyftSAc2mXpj
j+RKgStEWHD5uZicqq91N/MG8yWcLrSZ5kjHmgvq7sEc0wsyhtsmPIecKNT/FHs3
pEwrqhysU0/wVnkl9pF7eeZDWB8mWOLXGVztYRteFie75sV1hwYgzZK2Ex46E7lI
wV79+b4AMphA0dg4G88KNTtW89SDgFWZddx97NLhKxGhuFCnRMz2mwmZpuyXct/z
IoX2SN9PpNlc8KPvrAeSEGm0uL7O721u4bX8qpTkjsAEcavU6cFPZdWwDgU873kw
Dds2IPLHx1Da/rc5uXVHrtOe5lFQR/p9Fd8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org