Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/630B45EEC78E11ECAC7D650BC4F9AE02.roa
File: 630B45EEC78E11ECAC7D650BC4F9AE02.roa (raw, json)
Hash identifier: PlHszuhbjDAaaiwv7d0pKNuZ3HNxrxMaAHn+Iq1n28w=
Subject key identifier: 42:A4:C2:E7:D6:C0:66:A6:47:C9:87:4D:92:52:E6:8B:8D:93:4C:E7
Certificate issuer: /CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF
Certificate serial: 033E
Authority key identifier: 23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/630B45EEC78E11ECAC7D650BC4F9AE02.roa
Signing time: Thu 09 Jun 2022 14:08:32 +0000
ROA not before: Thu 09 Jun 2022 14:08:32 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 137872
IP address blocks: 58.82.194.0/23 maxlen: 24
58.82.196.0/22 maxlen: 24
58.82.200.0/21 maxlen: 24
58.82.208.0/20 maxlen: 24
58.82.224.0/21 maxlen: 24
58.82.232.0/21 maxlen: 24
103.15.84.0/22 maxlen: 24
223.122.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 830 (0x33e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF
Validity
Not Before: Jun 9 14:08:32 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62a1fedf-eadf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5d:6c:16:ba:85:d4:03:2d:7e:ac:31:e0:4c:
b1:8a:5f:c7:e4:75:b5:9e:5f:eb:4f:a3:a7:9b:bd:
a6:63:42:a8:69:21:23:8c:08:93:63:33:43:c9:a1:
e0:75:5f:60:1e:a5:35:f1:4e:ab:88:20:5e:79:0a:
2e:d4:80:32:6e:90:35:2b:78:e4:62:31:ac:5a:03:
3f:52:f0:a4:dd:a7:38:4a:15:1b:6e:18:c3:cd:4b:
bf:ed:9f:c1:31:e6:5a:29:d2:00:98:c6:ad:19:81:
8e:2a:a5:5b:11:21:6a:89:b6:7e:6c:92:cd:a8:80:
eb:65:82:ee:ba:2c:0c:cd:5d:5d:d2:ee:d4:e2:7f:
69:bf:70:02:f7:97:8d:86:79:e8:65:13:b6:fa:a7:
bc:2b:b0:ea:d9:40:3f:bb:50:b8:a5:f1:cb:37:90:
c7:d0:52:a5:32:ed:aa:04:89:8c:72:b4:a7:99:ce:
6a:15:ce:e3:ce:8b:07:96:60:a4:c3:30:bc:e1:a1:
c6:13:f4:1e:a9:7e:77:7c:6a:8c:53:02:db:5c:97:
fa:cc:fd:41:e7:0b:e2:d3:11:06:3c:f2:f3:f1:6c:
d6:8b:92:14:f4:fd:c9:27:3f:d8:53:8b:4d:25:75:
fa:98:ab:c9:69:fc:06:37:3b:e0:7a:1c:ff:40:0d:
0c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A4:C2:E7:D6:C0:66:A6:47:C9:87:4D:92:52:E6:8B:8D:93:4C:E7
X509v3 Authority Key Identifier:
keyid:23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/630B45EEC78E11ECAC7D650BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.82.194.0-58.82.239.255
103.15.84.0/22
223.122.64.0/18
Signature Algorithm: sha256WithRSAEncryption
af:91:4c:81:4e:03:cd:75:d3:c0:3b:fe:f0:9b:d5:48:e0:e8:
56:d6:f8:c0:87:cf:21:bb:8a:2e:b9:c5:77:af:e6:0d:c3:d8:
18:93:86:d4:75:c5:ee:2e:5e:37:3f:95:4a:2d:fa:b7:d9:13:
71:f4:06:ad:b8:74:96:07:29:7e:2f:e6:25:2d:3a:a8:f2:b1:
d3:af:70:97:80:27:a4:19:c3:70:eb:8e:95:aa:81:29:99:01:
93:83:2c:70:df:fc:95:06:34:e5:80:1f:78:fc:ff:0b:98:ec:
4c:e2:18:05:50:c4:12:86:ba:9b:0a:d3:30:5f:7d:89:89:e1:
57:69:66:62:ce:4d:0d:08:83:54:a2:b9:22:a1:cb:e7:4e:33:
be:f0:0e:08:ee:06:ef:05:09:5d:5b:07:58:1f:8f:d6:ed:c2:
80:1d:43:fb:04:27:7e:57:a6:97:04:0a:dd:e7:d0:2a:88:72:
49:24:0a:b6:84:75:73:0d:10:02:f9:c1:7f:a9:09:92:0f:c6:
d8:81:ae:38:90:41:27:55:17:d1:33:27:20:d9:aa:54:c3:7b:
45:00:8a:56:41:3a:f7:df:8c:9b:56:7a:a9:8a:d3:d5:78:fd:
02:00:c8:69:6a:ec:3c:89:d9:45:cc:13:1b:69:08:ea:13:e3:
c6:c6:a8:47
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICAz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJCNEQxMTAvBgNVBAUTKDIzRjVEOTNBODJFN0Q3ODQwNjc5QjFDNjREQTM3QzM3
Q0ZGRTc3RUYwHhcNMjIwNjA5MTQwODMyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmExZmVkZi1lYWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvF1sFrqF1AMtfqwx4Eyxil/H5HW1nl/rT6Onm72mY0KoaSEjjAiTYzNDyaHg
dV9gHqU18U6riCBeeQou1IAybpA1K3jkYjGsWgM/UvCk3ac4ShUbbhjDzUu/7Z/B
MeZaKdIAmMatGYGOKqVbESFqibZ+bJLNqIDrZYLuuiwMzV1d0u7U4n9pv3AC95eN
hnnoZRO2+qe8K7Dq2UA/u1C4pfHLN5DH0FKlMu2qBImMcrSnmc5qFc7jzosHlmCk
wzC84aHGE/QeqX53fGqMUwLbXJf6zP1B5wvi0xEGPPLz8WzWi5IU9P3JJz/YU4tN
JXX6mKvJafwGNzvgehz/QA0MqQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFEKkwufW
wGamR8mHTZJS5ouNk0znMB8GA1UdIwQYMBaAFCP12TqC59eEBnmxxk2jfDfP/nfv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI0RC9DMTk5RTAwNkIy
MDUxMUVCQUVBRTlGMTBDNEY5QUUwMi9JX1haT29MbjE0UUdlYkhHVGFOOE44Xy1k
LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lfWFpPb0xuMTRRR2ViSEdUYU44TjhfLWQtOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJCNEQvQzE5OUUwMDZCMjA1MTFFQkFFQUU5RjEwQzRGOUFFMDIvNjMwQjQ1RUVD
NzhFMTFFQ0FDN0Q2NTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEATpSwgMEBDpS4AMEAmcPVAMEBt96QDANBgkqhkiG9w0B
AQsFAAOCAQEAr5FMgU4DzXXTwDv+8JvVSODoVtb4wIfPIbuKLrnFd6/mDcPYGJOG
1HXF7i5eNz+VSi36t9kTcfQGrbh0lgcpfi/mJS06qPKx069wl4AnpBnDcOuOlaqB
KZkBk4MscN/8lQY05YAfePz/C5jsTOIYBVDEEoa6mwrTMF99iYnhV2lmYs5NDQiD
VKK5IqHL504zvvAOCO4G7wUJXVsHWB+P1u3CgB1D+wQnflemlwQK3efQKohySSQK
toR1cw0QAvnBf6kJkg/G2IGuOJBBJ1UX0TMnINmqVMN7RQCKVkE699+Mm1Z6qYrT
1Xj9AgDIaWrsPInZRcwTG2kI6hPjxsaoRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org