Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/49F923621E0111E9A590C837C4F9AE02.roa
File: 49F923621E0111E9A590C837C4F9AE02.roa (raw, json)
Hash identifier: t/IA716GE/sawv/xypaLKrXRdtfj6+iEGLWPUphm/2E=
Subject key identifier: E0:D2:96:99:A6:23:85:23:19:D7:FC:4F:1B:8F:B0:2A:27:46:85:17
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 34ED
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/49F923621E0111E9A590C837C4F9AE02.roa
Signing time: Mon 25 Jul 2022 02:41:24 +0000
ROA not before: Mon 25 Jul 2022 02:41:24 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 38543
IP address blocks: 58.97.61.0/24 maxlen: 24
58.97.62.0/24 maxlen: 24
61.90.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13549 (0x34ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 25 02:41:24 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62de02d4-dbf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a5:71:8a:e0:45:1f:a9:a7:02:0b:ec:35:2f:
85:b3:b3:3e:7b:dc:5a:6a:67:29:22:11:ea:42:80:
28:23:a9:9d:21:00:88:bb:52:dd:96:6e:4b:03:93:
b7:40:34:f4:ff:20:3e:52:07:48:0e:fb:4a:f2:fb:
68:04:1f:a0:1b:18:a6:1a:dd:69:87:77:fa:92:8f:
7a:3c:36:bd:15:93:16:32:23:c9:c1:ee:4c:5a:f6:
5f:1d:d4:d3:57:34:69:fe:79:2c:45:ec:73:0a:6d:
b7:17:c4:e5:85:e6:91:83:31:fd:d6:b1:82:c4:c7:
bb:a7:6b:17:57:bd:c8:04:e0:b8:be:53:5e:61:dd:
55:5a:6b:68:3d:05:3a:44:0d:d3:74:8e:9b:d6:93:
19:d3:09:41:a1:bd:d8:ce:29:46:c6:58:a0:12:d0:
03:0c:5c:d2:9a:76:57:93:56:2c:2b:d4:a8:d0:be:
85:d7:07:b8:7a:16:08:f2:45:94:48:fe:ea:91:0d:
42:1f:4c:01:f6:73:05:c4:01:26:6d:30:00:20:ff:
3d:17:5d:bc:78:ac:75:43:d4:da:7d:c5:79:40:df:
1e:59:70:e3:4f:ff:28:d6:2e:d7:ac:36:0d:f2:0b:
89:73:06:83:1a:d8:4a:c8:bf:14:6e:ca:0f:bf:18:
db:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D2:96:99:A6:23:85:23:19:D7:FC:4F:1B:8F:B0:2A:27:46:85:17
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/49F923621E0111E9A590C837C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.97.61.0-58.97.62.255
61.90.164.0/24
Signature Algorithm: sha256WithRSAEncryption
56:1f:ec:d2:b3:50:e5:f6:87:ff:09:bc:77:58:b9:3d:84:92:
4e:66:a5:32:f5:d1:c8:af:24:d0:6b:bd:3f:b7:b9:21:9f:f6:
d7:b9:23:71:3f:81:44:78:5f:d5:a0:1d:cf:c6:62:d1:a7:a1:
d6:67:76:67:87:2c:de:31:b0:35:05:d7:19:84:3b:c7:3b:e8:
5e:00:18:e0:a9:fe:11:f7:6b:d4:f4:56:77:f5:0c:d8:20:7c:
e7:c8:44:a7:b5:1c:b2:fb:cc:84:02:72:59:d7:98:b7:b8:11:
7f:8c:61:1d:14:e8:3c:51:54:1b:05:98:ce:1d:ea:f6:e8:00:
c7:2a:ce:0e:5a:d9:dc:76:d5:c7:85:a6:19:5e:96:9f:d0:9a:
48:c0:98:c2:67:3f:7b:56:e8:cc:39:36:7f:9a:1a:b7:60:3c:
d7:50:31:25:15:9d:f3:4d:0c:e4:0a:78:6d:8d:e9:79:34:d4:
ac:c4:1e:ad:98:61:f7:58:65:bb:95:1a:61:8b:9a:b6:21:2b:
9e:a2:10:57:f6:88:0c:00:c9:72:f8:71:58:ef:68:0d:19:4b:
43:b4:83:d5:30:b9:bb:a3:08:87:32:3d:68:2a:cd:29:b5:20:
d6:cd:ec:87:9d:d1:af:e8:07:13:b5:8c:45:17:0b:fd:90:e1:
50:43:43:60
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICNO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjIwNzI1MDI0MTI0WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRlMDJkNC1kYmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyqVxiuBFH6mnAgvsNS+Fs7M+e9xaamcpIhHqQoAoI6mdIQCIu1Ldlm5LA5O3
QDT0/yA+UgdIDvtK8vtoBB+gGximGt1ph3f6ko96PDa9FZMWMiPJwe5MWvZfHdTT
VzRp/nksRexzCm23F8TlheaRgzH91rGCxMe7p2sXV73IBOC4vlNeYd1VWmtoPQU6
RA3TdI6b1pMZ0wlBob3YzilGxligEtADDFzSmnZXk1YsK9So0L6F1we4ehYI8kWU
SP7qkQ1CH0wB9nMFxAEmbTAAIP89F128eKx1Q9TafcV5QN8eWXDjT/8o1i7XrDYN
8guJcwaDGthKyL8UbsoPvxjbqQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFODSlpmm
I4UjGdf8TxuPsConRoUXMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNDlGOTIzNjIx
RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEADphPQMEADphPgMEAD1apDANBgkqhkiG9w0BAQsFAAOC
AQEAVh/s0rNQ5faH/wm8d1i5PYSSTmalMvXRyK8k0Gu9P7e5IZ/217kjcT+BRHhf
1aAdz8Zi0aeh1md2Z4cs3jGwNQXXGYQ7xzvoXgAY4Kn+Efdr1PRWd/UM2CB858hE
p7UcsvvMhAJyWdeYt7gRf4xhHRToPFFUGwWYzh3q9ugAxyrODlrZ3HbVx4WmGV6W
n9CaSMCYwmc/e1bozDk2f5oat2A811AxJRWd800M5Ap4bY3peTTUrMQerZhh91hl
u5UaYYuatiErnqIQV/aIDADJcvhxWO9oDRlLQ7SD1TC5u6MIhzI9aCrNKbUg1s3s
h53Rr+gHE7WMRRcL/ZDhUENDYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org