Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/79CB8CC49ED311EBB06C4E4DC4F9AE02.roa
File: 79CB8CC49ED311EBB06C4E4DC4F9AE02.roa (raw, json)
Hash identifier: xRT1cEyh5VJZRlB/SLL50r3muLTpSYXJBFGH47SXsV0=
Subject key identifier: 31:B2:D5:C6:5A:5E:96:C2:B3:35:29:E3:4A:3D:8C:D4:48:BB:4D:A9
Certificate issuer: /CN=A913B6D4/serialNumber=0D5028986A356B69B4AF7D2F6649D6BBDCBE8BED
Certificate serial: 01D9
Authority key identifier: 0D:50:28:98:6A:35:6B:69:B4:AF:7D:2F:66:49:D6:BB:DC:BE:8B:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DVAomGo1a2m0r30vZknWu9y-i-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/79CB8CC49ED311EBB06C4E4DC4F9AE02.roa
Signing time: Tue 30 Nov 2021 14:21:32 +0000
ROA not before: Tue 30 Nov 2021 14:21:32 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 48024
IP address blocks: 58.84.52.0/22 maxlen: 24
103.197.68.0/22 maxlen: 24
116.206.100.0/22 maxlen: 23
116.206.100.0/24 maxlen: 24
116.206.101.0/24 maxlen: 24
116.206.102.0/24 maxlen: 24
116.206.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473 (0x1d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B6D4/serialNumber=0D5028986A356B69B4AF7D2F6649D6BBDCBE8BED
Validity
Not Before: Nov 30 14:21:32 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61a6336b-2c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fc:dc:f3:15:49:20:6e:1c:94:69:2f:86:15:
07:14:93:9c:46:d5:8d:35:9a:70:c1:1f:65:2b:06:
0c:6c:e6:23:68:46:1a:59:36:da:5c:89:af:66:c0:
c8:26:53:97:01:e5:1a:1e:b7:e4:c5:88:f6:29:a7:
ba:6a:23:93:85:ce:92:93:07:20:af:11:08:0f:c6:
d7:46:d5:79:a9:c0:4d:35:65:57:13:1b:f5:9d:cf:
ba:ce:00:48:95:21:e2:c3:27:b4:c7:e4:8f:c4:e7:
fb:17:a1:ff:58:13:60:e6:38:ab:cf:59:26:f0:5a:
bd:79:67:f5:18:90:35:68:f5:10:e5:d4:9f:da:7b:
d2:e6:07:68:c5:05:11:27:75:ae:57:ad:7c:cc:4a:
f6:2c:ae:22:67:3a:ac:76:78:4f:c8:6b:1f:d6:5f:
bc:1d:c3:32:5f:a9:e4:3e:5b:3c:8e:dd:67:6d:ff:
69:3e:f5:b7:94:f8:66:a2:bd:d5:5f:5e:ac:a0:f5:
2b:56:17:48:71:9c:46:ed:b7:89:b3:e5:47:c7:a9:
66:8c:94:4d:da:1e:7c:da:40:5f:dc:ec:e4:be:f8:
03:0e:51:07:f6:d8:9a:66:43:45:44:e2:32:a6:0a:
12:c6:ad:e9:0a:1c:7e:9c:06:43:e2:ec:a3:dd:73:
0f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B2:D5:C6:5A:5E:96:C2:B3:35:29:E3:4A:3D:8C:D4:48:BB:4D:A9
X509v3 Authority Key Identifier:
keyid:0D:50:28:98:6A:35:6B:69:B4:AF:7D:2F:66:49:D6:BB:DC:BE:8B:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/DVAomGo1a2m0r30vZknWu9y-i-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DVAomGo1a2m0r30vZknWu9y-i-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/79CB8CC49ED311EBB06C4E4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.84.52.0/22
103.197.68.0/22
116.206.100.0/22
Signature Algorithm: sha256WithRSAEncryption
39:44:b7:93:39:6e:be:56:73:99:f7:c2:75:18:10:63:86:33:
88:11:9f:9f:76:82:d9:82:03:81:fd:14:84:e0:5f:df:24:88:
e4:bc:45:b0:8b:aa:fa:4e:80:61:df:d9:02:5e:5c:e8:65:1b:
f1:f9:87:4b:f9:53:4a:18:ef:03:38:d2:f5:4d:f2:ca:83:09:
96:90:c7:d5:0d:f2:b0:0f:7a:99:0e:87:cd:3f:5f:59:0d:80:
af:0a:23:c0:5b:fe:d0:2b:7f:a7:6d:26:92:29:70:e2:36:f6:
ac:06:bc:78:b0:26:07:02:55:13:87:11:f0:92:ca:09:e0:cf:
ee:06:0c:fd:80:ba:f2:75:4b:fb:82:15:65:67:0a:8f:59:7e:
cd:29:93:f8:3b:16:f2:02:83:8f:1a:72:bd:19:77:fb:dc:fb:
35:20:18:3a:50:e8:6e:fb:d4:78:c2:f7:16:47:51:6b:93:00:
6b:4a:82:ff:11:8c:e9:64:02:73:4c:61:f7:13:88:e8:eb:44:
a0:21:b8:c0:6d:72:7a:56:32:1b:df:17:75:c2:68:bf:89:01:
84:78:17:5e:da:df:6c:19:e7:7d:6e:c5:93:17:9b:1e:36:9d:
e4:59:e1:8a:3c:9f:74:64:8b:d3:03:dc:39:b9:1c:4e:fc:f5:
29:03:7c:c1
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I2RDQxMTAvBgNVBAUTKDBENTAyODk4NkEzNTZCNjlCNEFGN0QyRjY2NDlENkJC
RENCRThCRUQwHhcNMjExMTMwMTQyMTMyWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWE2MzM2Yi0yYzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0fzc8xVJIG4clGkvhhUHFJOcRtWNNZpwwR9lKwYMbOYjaEYaWTbaXImvZsDI
JlOXAeUaHrfkxYj2Kae6aiOThc6SkwcgrxEID8bXRtV5qcBNNWVXExv1nc+6zgBI
lSHiwye0x+SPxOf7F6H/WBNg5jirz1km8Fq9eWf1GJA1aPUQ5dSf2nvS5gdoxQUR
J3WuV618zEr2LK4iZzqsdnhPyGsf1l+8HcMyX6nkPls8jt1nbf9pPvW3lPhmor3V
X16soPUrVhdIcZxG7beJs+VHx6lmjJRN2h582kBf3OzkvvgDDlEH9tiaZkNFROIy
pgoSxq3pChx+nAZD4uyj3XMPWQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDGy1cZa
XpbCszUp40o9jNRIu02pMB8GA1UdIwQYMBaAFA1QKJhqNWtptK99L2ZJ1rvcvovt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjZENC85NTcyNTM2ODlF
NzkxMUVCOEY3QTQ0ODdDNEY5QUUwMi9EVkFvbUdvMWEybTByMzB2WmtuV3U5eS1p
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RWQW9tR28xYTJtMHIzMHZaa25XdTl5LWktMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I2RDQvOTU3MjUzNjg5RTc5MTFFQjhGN0E0NDg3QzRGOUFFMDIvNzlDQjhDQzQ5
RUQzMTFFQkIwNkM0RTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAI6VDQDBAJnxUQDBAJ0zmQwDQYJKoZIhvcNAQELBQADggEB
ADlEt5M5br5Wc5n3wnUYEGOGM4gRn592gtmCA4H9FITgX98kiOS8RbCLqvpOgGHf
2QJeXOhlG/H5h0v5U0oY7wM40vVN8sqDCZaQx9UN8rAPepkOh80/X1kNgK8KI8Bb
/tArf6dtJpIpcOI29qwGvHiwJgcCVROHEfCSygngz+4GDP2AuvJ1S/uCFWVnCo9Z
fs0pk/g7FvICg48acr0Zd/vc+zUgGDpQ6G771HjC9xZHUWuTAGtKgv8RjOlkAnNM
YfcTiOjrRKAhuMBtcnpWMhvfF3XCaL+JAYR4F17a32wZ531uxZMXmx42neRZ4Yo8
n3Rki9MD3Dm5HE789SkDfME=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org