Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/3364B43834C011E99FD5B811C4F9AE02.roa
File: 3364B43834C011E99FD5B811C4F9AE02.roa (raw, json)
Hash identifier: 0mqWEHJfmqL+4y72PQVk2KqAyemk61KgBtrFhb0m9As=
Subject key identifier: 17:D1:BB:92:AD:8E:66:CB:DA:92:EF:E2:00:06:FC:A2:29:33:96:30
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1B25
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/3364B43834C011E99FD5B811C4F9AE02.roa
Signing time: Fri 26 Aug 2022 05:13:40 +0000
ROA not before: Fri 26 Aug 2022 05:13:40 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 23650
IP address blocks: 121.227.7.0/24 maxlen: 24
121.227.30.0/23 maxlen: 23
121.227.107.0/24 maxlen: 24
121.227.168.0/24 maxlen: 24
121.227.196.0/24 maxlen: 24
121.228.105.0/24 maxlen: 24
121.228.130.0/24 maxlen: 24
218.30.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6949 (0x1b25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Aug 26 05:13:40 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63085684-8d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:32:8a:55:0e:73:ad:de:f1:fc:00:dd:8c:0a:
8f:98:0f:7f:0d:a5:47:c1:56:be:d1:3c:b7:65:a8:
88:48:31:94:3a:36:3a:5c:2f:e6:25:0b:b8:4a:9b:
d5:e7:4a:46:ae:d5:ec:2e:79:a7:47:f9:44:74:21:
f1:a8:bb:8d:c5:68:e0:4c:ad:61:b3:46:79:1a:95:
a3:47:ea:e7:96:d5:10:cb:8b:35:c8:5f:34:b1:d9:
39:49:a6:75:08:03:67:3e:5d:d2:01:07:de:b6:19:
a8:3c:93:bb:17:c6:1f:3d:76:3f:80:75:6b:6f:a6:
49:a9:99:d4:9a:b8:31:97:7b:a1:c3:91:91:ae:8d:
e7:f6:bd:bc:e1:b0:b6:d4:b0:d4:4a:06:c6:e5:2f:
da:3e:bb:b3:23:12:b2:07:78:ff:a0:ad:35:cc:05:
0e:c7:a0:50:01:ee:1e:d9:c5:9a:8b:4c:70:e3:8d:
a9:cd:b9:56:cb:54:8c:e5:94:5a:12:11:73:82:69:
ce:7a:16:72:2c:86:f4:3a:cf:35:66:70:83:24:f9:
ce:d2:6d:33:c1:4f:d4:81:68:40:d8:3b:79:7b:dc:
08:43:d3:21:ff:e2:9f:6b:96:3e:a9:6b:92:9c:de:
d9:f9:a4:dd:fe:04:45:1e:cc:5b:a7:ce:e6:b0:16:
03:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D1:BB:92:AD:8E:66:CB:DA:92:EF:E2:00:06:FC:A2:29:33:96:30
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/3364B43834C011E99FD5B811C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.227.7.0/24
121.227.30.0/23
121.227.107.0/24
121.227.168.0/24
121.227.196.0/24
121.228.105.0/24
121.228.130.0/24
218.30.129.0/24
Signature Algorithm: sha256WithRSAEncryption
41:94:97:f8:4d:50:c5:41:43:8f:20:d6:a5:f5:cc:d2:40:2c:
0b:0e:75:87:25:fa:e6:2b:6b:5d:73:e0:44:f2:03:4c:c4:53:
f0:4a:9f:37:c3:99:d4:49:45:39:93:36:fb:48:fd:f1:dd:f8:
a7:e3:50:b7:5c:6a:ee:ff:cb:a7:0e:b6:bd:8d:40:8a:36:ca:
76:2b:30:7d:8c:50:15:2d:96:70:74:4a:96:a1:e8:e5:59:9d:
93:cc:28:9a:56:10:31:31:58:40:c8:c2:1e:d8:83:98:80:da:
d5:27:fc:56:c0:01:d3:ee:e5:af:0c:42:0a:ee:e6:e5:2c:d3:
d2:d8:7c:25:2b:f1:eb:a0:83:71:04:6c:3a:a8:ca:d5:da:39:
67:a7:28:6c:98:8c:e2:85:91:f7:f5:35:15:4d:fd:39:04:d6:
34:fb:c9:99:7e:ad:c7:bd:a2:a4:3d:ea:14:8f:27:18:f1:bd:
2e:ec:10:71:22:b3:97:12:a2:db:a7:eb:24:1a:3a:89:a2:1b:
e1:2b:d7:9c:bf:18:bc:c1:b1:b3:35:86:cf:d9:17:54:be:c3:
c6:2d:34:38:d8:83:b3:72:36:90:13:47:bb:6e:22:8a:aa:db:
9b:c7:35:9d:5a:9f:50:0e:eb:56:0d:71:1e:69:8c:0b:59:6a:
dd:51:df:65
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICGyUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjIwODI2MDUxMzQwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA4NTY4NC04ZDVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2DKKVQ5zrd7x/ADdjAqPmA9/DaVHwVa+0Ty3ZaiISDGUOjY6XC/mJQu4SpvV
50pGrtXsLnmnR/lEdCHxqLuNxWjgTK1hs0Z5GpWjR+rnltUQy4s1yF80sdk5SaZ1
CANnPl3SAQfethmoPJO7F8YfPXY/gHVrb6ZJqZnUmrgxl3uhw5GRro3n9r284bC2
1LDUSgbG5S/aPruzIxKyB3j/oK01zAUOx6BQAe4e2cWai0xw442pzblWy1SM5ZRa
EhFzgmnOehZyLIb0Os81ZnCDJPnO0m0zwU/UgWhA2Dt5e9wIQ9Mh/+Kfa5Y+qWuS
nN7Z+aTd/gRFHsxbp87msBYDVQIDAQABo4ICvzCCArswHQYDVR0OBBYEFBfRu5Kt
jmbL2pLv4gAG/KIpM5YwMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvMzM2NEI0Mzgz
NEMwMTFFOTlGRDVCODExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBAB54wcDBAF54x4DBAB542sDBAB546gDBAB548QDBAB55GkD
BAB55IIDBADaHoEwDQYJKoZIhvcNAQELBQADggEBAEGUl/hNUMVBQ48g1qX1zNJA
LAsOdYcl+uYra11z4ETyA0zEU/BKnzfDmdRJRTmTNvtI/fHd+KfjULdcau7/y6cO
tr2NQIo2ynYrMH2MUBUtlnB0Spah6OVZnZPMKJpWEDExWEDIwh7Yg5iA2tUn/FbA
AdPu5a8MQgru5uUs09LYfCUr8eugg3EEbDqoytXaOWenKGyYjOKFkff1NRVN/TkE
1jT7yZl+rce9oqQ96hSPJxjxvS7sEHEis5cSotun6yQaOomiG+Er15y/GLzBsbM1
hs/ZF1S+w8YtNDjYg7NyNpATR7tuIoqq25vHNZ1an1AO61YNcR5pjAtZat1R32U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org