Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/591546C005A911EEAAC9A54DC4F9AE02.roa
File: 591546C005A911EEAAC9A54DC4F9AE02.roa (raw, json)
Hash identifier: JK1Kw8ksi4ojy/piVf6BqccliFYC6vgcke/b9GBiD+o=
Subject key identifier: CE:3E:92:4F:C5:5B:1B:EA:8B:06:C9:77:9E:99:8D:47:38:35:C4:AA
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1990
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/591546C005A911EEAAC9A54DC4F9AE02.roa
Signing time: Thu 08 Jun 2023 03:05:40 +0000
ROA not before: Thu 08 Jun 2023 03:05:40 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 4808
IP address blocks: 124.65.200.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6544 (0x1990)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 03:05:40 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64814584-3b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:99:04:2b:a2:e4:68:80:46:85:be:25:31:99:
b4:04:9b:91:72:26:1e:07:05:50:22:c9:d7:59:3f:
40:08:4a:12:5e:b5:8d:29:9e:a9:85:60:18:22:4a:
a9:b5:b0:a6:8d:5a:0f:8a:41:20:52:c4:52:43:e2:
84:1d:48:76:42:bf:bd:41:ab:e9:0d:1b:76:55:25:
90:88:c4:0c:98:9a:da:9a:c3:87:f9:03:25:cc:5b:
16:4b:55:83:d5:79:f4:fc:ee:84:9b:47:24:08:4d:
e6:80:5f:88:df:f5:44:c7:6f:86:3f:7d:e5:ec:d8:
ba:64:e4:b6:af:de:db:41:5c:50:ea:21:95:cf:5b:
2d:d4:92:05:5d:0a:82:a3:27:91:81:4f:0b:86:d6:
31:42:d8:d3:41:e6:e3:1d:f1:09:c0:40:9f:56:db:
11:b6:c0:bf:b1:b2:68:d6:42:ff:3f:3b:92:08:05:
e3:65:5c:bb:52:d7:f0:ef:49:7c:1b:e0:a9:8f:b5:
bf:33:5b:11:80:e9:80:cb:9f:35:ce:16:af:7a:8b:
d4:e8:04:43:73:8f:0e:95:f3:fb:9c:99:9b:06:d4:
f7:6f:17:b8:1a:f4:7c:55:1b:12:49:50:04:6e:a9:
ec:21:10:37:27:83:17:79:cf:22:ed:b3:98:09:d1:
e6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3E:92:4F:C5:5B:1B:EA:8B:06:C9:77:9E:99:8D:47:38:35:C4:AA
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/591546C005A911EEAAC9A54DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
124.65.200.0/21
Signature Algorithm: sha256WithRSAEncryption
85:41:c7:a5:71:da:26:91:97:b3:35:80:7f:cb:f5:80:85:29:
bf:c9:48:a9:11:24:f8:3f:0a:2e:26:0c:e9:0d:ff:0b:68:53:
b6:ad:29:3b:ce:d8:b8:68:79:2c:32:9d:30:aa:13:de:63:90:
36:32:3e:ee:2e:be:81:7f:e7:f1:74:95:95:fc:58:e6:57:60:
cb:8b:5f:c2:51:a0:77:98:60:a1:f9:96:cb:8a:93:da:fe:de:
d0:a1:cc:2c:a8:58:12:c5:c3:56:6a:26:e6:19:79:ad:a3:e0:
cd:72:ff:bd:dc:b8:25:2d:74:99:bc:7d:4b:fa:45:dd:d5:19:
4e:d9:3a:c1:20:60:10:96:aa:0d:a7:a9:1f:45:65:40:6b:5a:
fa:f9:27:f7:ea:79:2e:ff:74:8f:bc:23:11:a7:83:ea:24:22:
9d:ef:77:49:92:ad:ba:04:7a:61:a2:c2:0a:c2:5b:4f:61:92:
ac:8b:26:c0:f1:c4:44:cd:cb:11:11:d9:eb:4a:fe:c0:9b:29:
20:fa:58:5a:58:c6:5b:1d:bb:56:0a:29:69:73:27:65:92:1b:
0d:1c:d3:96:3d:48:0e:29:98:c7:a2:6e:0e:5a:6f:8b:22:23:
da:8b:4b:55:33:74:65:57:59:fe:7c:7e:4a:c4:db:3b:21:12:
a4:ce:f2:d0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGZAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDMwNTQwWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxNDU4NC0zYjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyZkEK6LkaIBGhb4lMZm0BJuRciYeBwVQIsnXWT9ACEoSXrWNKZ6phWAYIkqp
tbCmjVoPikEgUsRSQ+KEHUh2Qr+9QavpDRt2VSWQiMQMmJramsOH+QMlzFsWS1WD
1Xn0/O6Em0ckCE3mgF+I3/VEx2+GP33l7Ni6ZOS2r97bQVxQ6iGVz1st1JIFXQqC
oyeRgU8LhtYxQtjTQebjHfEJwECfVtsRtsC/sbJo1kL/PzuSCAXjZVy7Utfw70l8
G+Cpj7W/M1sRgOmAy581zhaveovU6ARDc48OlfP7nJmbBtT3bxe4GvR8VRsSSVAE
bqnsIRA3J4MXec8i7bOYCdHmQwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM4+kk/F
WxvqiwbJd56ZjUc4NcSqMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvNTkxNTQ2QzAw
NUE5MTFFRUFBQzlBNTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAN8QcgwDQYJKoZIhvcNAQELBQADggEBAIVBx6Vx2iaRl7M1
gH/L9YCFKb/JSKkRJPg/Ci4mDOkN/wtoU7atKTvO2LhoeSwynTCqE95jkDYyPu4u
voF/5/F0lZX8WOZXYMuLX8JRoHeYYKH5lsuKk9r+3tChzCyoWBLFw1ZqJuYZea2j
4M1y/73cuCUtdJm8fUv6Rd3VGU7ZOsEgYBCWqg2nqR9FZUBrWvr5J/fqeS7/dI+8
IxGng+okIp3vd0mSrboEemGiwgrCW09hkqyLJsDxxETNyxER2etK/sCbKSD6WFpY
xlsdu1YKKWlzJ2WSGw0c05Y9SA4pmMeibg5ab4siI9qLS1UzdGVXWf58fkrE2zsh
EqTO8tA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org