Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/6212D79A012811EEA97F422EC4F9AE02.roa
File: 6212D79A012811EEA97F422EC4F9AE02.roa (raw, json)
Hash identifier: 4/As1h4GbALUJUdA8WuHJ853lKjq4LO76lKUUgrDXjQ=
Subject key identifier: A3:B2:8A:4F:03:99:A2:3B:3E:57:86:1F:BD:48:4A:D9:D7:B8:D1:26
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1975
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/6212D79A012811EEA97F422EC4F9AE02.roa
Signing time: Fri 02 Jun 2023 09:32:25 +0000
ROA not before: Fri 02 Jun 2023 09:32:25 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 17621
IP address blocks: 210.22.220.0/22 maxlen: 22
210.22.224.0/20 maxlen: 20
210.22.240.0/21 maxlen: 21
210.22.248.0/22 maxlen: 22
210.22.252.0/24 maxlen: 24
210.22.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6517 (0x1975)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 2 09:32:25 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6479b729-f37d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:47:71:3b:51:c1:32:fa:6d:b9:44:4c:7f:5d:
c5:96:3f:e7:6f:d4:2c:31:3d:a7:af:d8:e7:fd:be:
75:59:f7:66:f2:8f:51:f6:ed:04:c3:44:ad:0c:fd:
0d:c2:1f:c9:d4:ac:7c:8b:24:df:0b:27:30:ef:ed:
52:d4:29:01:92:3d:6c:6c:2a:bd:ce:1b:a2:fd:20:
21:7a:3c:51:bd:a7:23:e5:53:88:0b:97:06:8c:8a:
2c:8c:d8:06:0e:d0:03:3a:09:5e:cb:d4:24:04:4d:
fc:09:e9:a4:69:e0:5e:9e:b7:f0:43:2c:86:25:25:
65:50:cb:3f:3c:ea:44:92:a6:05:54:a0:f6:84:6a:
3a:1a:96:ba:62:69:ee:a8:34:ff:fe:31:ae:a7:af:
af:0d:a6:7c:ca:ce:27:1d:5c:dd:25:1a:1d:e4:de:
b0:02:3b:7c:e2:90:4f:0a:6e:f3:78:be:42:c1:32:
54:8e:50:23:02:5c:23:1f:5c:51:b9:6d:96:95:4c:
45:5e:af:96:b4:a9:e4:39:e5:68:07:4c:d6:56:d1:
6e:a9:c2:69:90:71:6b:cc:38:2c:a0:3d:a8:5c:19:
f5:98:3a:e1:51:82:82:3b:6c:b9:9e:3a:bf:6b:43:
9f:ee:61:0a:6b:3f:d0:31:fc:30:80:10:d3:70:be:
cf:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B2:8A:4F:03:99:A2:3B:3E:57:86:1F:BD:48:4A:D9:D7:B8:D1:26
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/6212D79A012811EEA97F422EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.22.220.0-210.22.252.255
210.22.254.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:18:a1:e0:2b:04:bb:c8:58:00:71:7f:06:23:8a:50:8f:50:
b2:5e:d7:be:ca:95:55:22:ef:45:eb:f6:5b:bd:27:21:be:e0:
a6:f7:35:20:0a:16:ff:a2:c7:44:4a:c6:f0:7c:2d:b2:e4:1f:
7c:4c:9e:15:9f:6e:a3:b2:d1:03:c7:42:a4:cc:21:d5:5e:e9:
5b:47:13:3a:86:01:a9:63:18:c9:b4:18:1a:a4:e8:b7:a0:5e:
1e:ef:95:71:4f:81:63:72:a9:3e:b7:58:57:48:b1:0a:70:63:
ce:69:13:05:17:1f:2c:40:d6:a8:9f:8a:e4:76:43:16:07:fe:
ef:1a:b5:40:87:22:80:0e:bd:69:b1:07:6e:c8:f9:50:be:fc:
8c:58:25:5f:ca:98:be:b5:65:03:40:ee:3e:1e:7b:bd:12:54:
cf:27:16:c7:de:d4:df:3a:90:24:13:2f:a4:3b:8b:d6:c8:50:
ec:ec:0d:06:90:e8:71:3e:a2:7d:53:81:6f:0d:30:75:7a:43:
df:3c:78:07:c8:09:f4:7f:25:a0:48:38:3f:4a:c7:e8:2e:99:
b6:48:e3:ed:8d:0e:f8:e4:ca:69:3a:9b:c5:ea:27:df:93:bd:
9d:ee:0a:83:41:54:69:0e:12:b4:aa:9a:ff:ee:ba:38:f6:d5:
16:3e:03:b8
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICGXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjAyMDkzMjI1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5YjcyOS1mMzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA60dxO1HBMvptuURMf13Flj/nb9QsMT2nr9jn/b51Wfdm8o9R9u0Ew0StDP0N
wh/J1Kx8iyTfCycw7+1S1CkBkj1sbCq9zhui/SAhejxRvacj5VOIC5cGjIosjNgG
DtADOgley9QkBE38CemkaeBenrfwQyyGJSVlUMs/POpEkqYFVKD2hGo6Gpa6Ymnu
qDT//jGup6+vDaZ8ys4nHVzdJRod5N6wAjt84pBPCm7zeL5CwTJUjlAjAlwjH1xR
uW2WlUxFXq+WtKnkOeVoB0zWVtFuqcJpkHFrzDgsoD2oXBn1mDrhUYKCO2y5njq/
a0Of7mEKaz/QMfwwgBDTcL7PPQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFKOyik8D
maI7PleGH71IStnXuNEmMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvNjIxMkQ3OUEw
MTI4MTFFRUE5N0Y0MjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAtIW3AMEANIW/AMEAdIW/jANBgkqhkiG9w0BAQsFAAOC
AQEAPxih4CsEu8hYAHF/BiOKUI9Qsl7XvsqVVSLvRev2W70nIb7gpvc1IAoW/6LH
RErG8HwtsuQffEyeFZ9uo7LRA8dCpMwh1V7pW0cTOoYBqWMYybQYGqTot6BeHu+V
cU+BY3KpPrdYV0ixCnBjzmkTBRcfLEDWqJ+K5HZDFgf+7xq1QIcigA69abEHbsj5
UL78jFglX8qYvrVlA0DuPh57vRJUzycWx97U3zqQJBMvpDuL1shQ7OwNBpDocT6i
fVOBbw0wdXpD3zx4B8gJ9H8loEg4P0rH6C6Ztkjj7Y0O+OTKaTqbxeon35O9ne4K
g0FUaQ4StKqa/+66OPbVFj4DuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org