Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/E983DFE805B111EEB557BC73C4F9AE02.roa
File: E983DFE805B111EEB557BC73C4F9AE02.roa (raw, json)
Hash identifier: VonrLKIfZgKN2zntLep7prkBPwiVTWcWZZwkoMkpfNw=
Subject key identifier: F5:60:0F:94:D7:33:53:00:13:2C:6C:F6:BC:6A:91:92:D5:E1:55:D9
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1995
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/E983DFE805B111EEB557BC73C4F9AE02.roa
Signing time: Thu 08 Jun 2023 04:06:58 +0000
ROA not before: Thu 08 Jun 2023 04:06:58 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 138421
IP address blocks: 210.51.30.0/24 maxlen: 24
210.51.31.0/24 maxlen: 24
210.51.32.0/24 maxlen: 24
210.51.33.0/24 maxlen: 24
210.51.34.0/23 maxlen: 23
210.51.36.0/22 maxlen: 22
210.51.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6549 (0x1995)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 04:06:58 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=648153e2-9552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:25:2d:3a:ee:1b:63:53:37:f1:bf:91:f1:1c:
af:0a:a1:52:7b:5d:79:fe:be:e4:70:a7:f0:a6:21:
ed:aa:74:af:90:d8:18:2c:b6:47:d5:46:32:73:24:
b0:dd:57:05:d2:ee:d6:cb:ec:69:f7:a8:10:6a:18:
b8:37:8d:bb:0a:0b:78:47:02:37:a3:79:bb:b6:d3:
59:d8:0c:a5:45:c2:91:ef:41:d5:b6:ad:3a:65:ff:
a6:ad:f5:ac:a6:45:96:94:21:78:c7:3f:ae:14:fc:
5e:b4:c8:1f:17:d7:52:0f:f2:44:14:49:e4:cb:31:
a2:04:d0:c5:35:32:03:5d:80:f4:a2:75:03:b5:5c:
3a:22:e5:a4:72:5a:a1:d7:b8:22:34:c5:89:dc:37:
db:3d:83:81:bc:d8:af:47:11:a6:15:6b:95:09:18:
f6:6f:72:68:87:ef:b6:75:d8:75:27:1d:3b:8f:14:
51:b2:bb:df:3a:70:39:1e:1d:b5:11:95:ed:fb:95:
60:a5:5a:87:b3:fc:d3:b8:d4:c4:5c:89:78:f7:b8:
56:b8:54:a3:82:0b:a9:5e:a6:c9:72:39:ef:22:54:
5e:e9:39:b0:c2:85:4d:67:ad:df:75:f9:82:4d:52:
0f:c9:26:11:b9:30:fd:3e:8e:19:9c:eb:28:41:8f:
0a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:60:0F:94:D7:33:53:00:13:2C:6C:F6:BC:6A:91:92:D5:E1:55:D9
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/E983DFE805B111EEB557BC73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.51.30.0-210.51.39.255
Signature Algorithm: sha256WithRSAEncryption
a7:ca:63:cc:ed:55:f7:d1:ab:52:a3:4f:15:60:c8:90:54:00:
ce:15:9d:6c:67:9c:84:f2:b8:54:d7:d3:43:e0:8a:20:ac:09:
c6:2c:fb:05:d9:c5:20:67:64:5f:60:9d:d7:9a:11:42:75:80:
47:dc:cc:aa:e2:5e:93:64:e6:16:29:2d:bf:64:1e:f2:e9:8f:
c8:74:18:9b:c5:6a:15:7f:17:90:04:bb:50:14:bd:95:8b:85:
04:99:13:c0:57:5a:e1:01:a1:e7:6a:96:fb:19:2b:44:99:f4:
c7:f4:0b:b5:63:d7:6f:fc:6f:0f:fa:85:d1:9a:1c:2c:77:87:
7a:0a:4b:00:bb:f1:11:25:d8:dc:d8:cc:4c:39:d2:04:5a:5b:
90:52:0d:b0:20:1b:63:91:fc:3d:bf:b5:cf:c9:0d:96:e1:95:
5a:a4:7c:6f:62:60:47:2f:41:67:fa:f9:1d:ca:a2:6c:6b:20:
64:69:50:ee:ac:80:9b:4d:6d:7a:98:1a:f6:bd:75:0c:17:56:
4a:c9:ae:a2:39:df:a8:01:56:90:0e:38:ae:b3:b9:02:71:21:
95:03:9b:8c:6e:f8:fb:f2:76:e4:cc:10:e3:16:16:0c:bd:01:
9f:f9:81:26:f8:93:18:d3:f8:9c:55:87:49:f0:b2:3b:41:32:
59:d8:b1:51
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICGZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDQwNjU4WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxNTNlMi05NTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArCUtOu4bY1M38b+R8RyvCqFSe115/r7kcKfwpiHtqnSvkNgYLLZH1UYycySw
3VcF0u7Wy+xp96gQahi4N427Cgt4RwI3o3m7ttNZ2AylRcKR70HVtq06Zf+mrfWs
pkWWlCF4xz+uFPxetMgfF9dSD/JEFEnkyzGiBNDFNTIDXYD0onUDtVw6IuWkclqh
17giNMWJ3DfbPYOBvNivRxGmFWuVCRj2b3Joh++2ddh1Jx07jxRRsrvfOnA5Hh21
EZXt+5VgpVqHs/zTuNTEXIl497hWuFSjggupXqbJcjnvIlRe6TmwwoVNZ63fdfmC
TVIPySYRuTD9Po4ZnOsoQY8KZwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFPVgD5TX
M1MAEyxs9rxqkZLV4VXZMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvRTk4M0RGRTgw
NUIxMTFFRUI1NTdCQzczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAdIzHgMEA9IzIDANBgkqhkiG9w0BAQsFAAOCAQEAp8pj
zO1V99GrUqNPFWDIkFQAzhWdbGechPK4VNfTQ+CKIKwJxiz7BdnFIGdkX2Cd15oR
QnWAR9zMquJek2TmFiktv2Qe8umPyHQYm8VqFX8XkAS7UBS9lYuFBJkTwFda4QGh
52qW+xkrRJn0x/QLtWPXb/xvD/qF0ZocLHeHegpLALvxESXY3NjMTDnSBFpbkFIN
sCAbY5H8Pb+1z8kNluGVWqR8b2JgRy9BZ/r5HcqibGsgZGlQ7qyAm01tepga9r11
DBdWSsmuojnfqAFWkA44rrO5AnEhlQObjG74+/J25MwQ4xYWDL0Bn/mBJviTGNP4
nFWHSfCyO0EyWdixUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org