Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6D8C84D005E311EE8C4A7469C4F9AE02.roa
File: 6D8C84D005E311EE8C4A7469C4F9AE02.roa (raw, json)
Hash identifier: D6MrYqP9A9gbKsaZlNMqWqSKMIzgdXcm+r2lraoJuKc=
Subject key identifier: 90:56:F1:1A:15:6C:38:BA:4F:CF:5C:58:00:60:29:B7:34:DC:03:B3
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1C4D
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6D8C84D005E311EE8C4A7469C4F9AE02.roa
Signing time: Thu 08 Jun 2023 10:01:25 +0000
ROA not before: Thu 08 Jun 2023 10:01:25 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 23650
IP address blocks: 121.227.30.0/23 maxlen: 23
121.228.105.0/24 maxlen: 24
218.30.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7245 (0x1c4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jun 8 10:01:25 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6481a6f5-79b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:80:e0:9c:11:99:e6:dc:7c:5c:81:c4:ca:e5:
d5:f1:a0:fe:77:fb:91:82:1b:2e:45:41:e3:37:d5:
b4:5a:a2:07:c2:82:19:4f:94:6e:66:2c:8c:f2:6f:
ac:32:7e:19:fc:f1:87:44:00:6c:ef:33:1c:79:11:
96:b8:84:00:d8:7c:3b:6c:f8:8f:4d:13:76:d9:b2:
b5:75:4e:b5:b2:75:45:49:c0:fc:c9:a5:de:47:ee:
ff:5d:75:b6:57:0c:35:eb:08:73:e0:fa:fa:0f:c7:
d1:dd:04:a1:f6:c0:ba:62:02:b1:ba:c1:d9:4a:1f:
e7:63:de:8e:eb:91:a1:83:e8:38:17:fc:d3:68:9e:
87:2c:52:0c:6f:56:28:68:83:b3:46:2e:3b:92:92:
91:18:03:89:c6:31:50:d2:d7:cf:e1:42:24:7e:21:
b5:cd:73:53:d0:5a:50:db:f4:7f:a6:9d:ce:06:b0:
d9:ae:a6:22:e2:0b:24:7b:ae:51:77:4b:3b:bc:e3:
63:5d:eb:2c:c6:c1:61:db:6f:b0:e5:85:59:b7:50:
83:2e:f9:dd:b1:16:95:a0:37:aa:d4:f0:b2:00:94:
5e:14:63:b3:91:53:a1:80:23:ed:66:c4:70:d6:2b:
d3:83:13:fe:20:2f:26:d2:71:85:51:7d:d0:29:33:
07:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:56:F1:1A:15:6C:38:BA:4F:CF:5C:58:00:60:29:B7:34:DC:03:B3
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6D8C84D005E311EE8C4A7469C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.227.30.0/23
121.228.105.0/24
218.30.129.0/24
Signature Algorithm: sha256WithRSAEncryption
20:eb:84:5b:15:ff:a1:ef:a0:f9:a8:70:56:d9:81:4c:80:8c:
9c:7d:61:2b:47:ef:a9:7b:3f:24:c3:1c:36:69:c5:48:74:f2:
47:e3:cc:a5:a8:bd:06:95:d9:ee:c9:24:a6:41:05:71:41:2f:
d1:b2:23:7a:25:67:2e:04:a1:27:8e:6a:70:51:4a:9a:41:49:
59:df:fb:65:8a:06:d4:35:e3:b0:c7:f5:76:84:1b:15:d1:8a:
50:1e:82:ca:86:82:c3:0d:32:9c:c2:e5:9c:9a:c1:79:02:3e:
94:60:4e:f8:d3:5a:6e:f2:f2:b3:e3:ab:1b:ad:b1:22:a6:b9:
36:b4:e0:27:0a:08:86:f9:72:5d:71:12:ec:5f:f2:c4:8c:8d:
da:e9:5e:f8:8b:fd:fc:df:7c:c0:b5:35:42:78:67:6d:f8:e7:
8e:b8:90:e7:fe:f4:fa:5b:65:59:24:86:3b:19:db:51:f2:ad:
08:d0:5a:ed:45:d2:35:6e:a5:6f:06:20:bf:4f:e3:c9:7b:84:
63:da:f4:86:65:a8:58:e2:28:41:1e:1c:9d:6c:ba:31:0c:9e:
84:bb:86:c9:cc:d0:42:48:1b:0f:c8:59:da:bd:97:62:fd:8a:
15:c8:e0:1d:5f:75:da:83:98:9c:d8:c8:03:f4:7c:14:4f:c2:
4c:d7:fc:76
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICHE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjMwNjA4MTAwMTI1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxYTZmNS03OWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYDgnBGZ5tx8XIHEyuXV8aD+d/uRghsuRUHjN9W0WqIHwoIZT5RuZiyM8m+s
Mn4Z/PGHRABs7zMceRGWuIQA2Hw7bPiPTRN22bK1dU61snVFScD8yaXeR+7/XXW2
Vww16whz4Pr6D8fR3QSh9sC6YgKxusHZSh/nY96O65Ghg+g4F/zTaJ6HLFIMb1Yo
aIOzRi47kpKRGAOJxjFQ0tfP4UIkfiG1zXNT0FpQ2/R/pp3OBrDZrqYi4gske65R
d0s7vONjXessxsFh22+w5YVZt1CDLvndsRaVoDeq1PCyAJReFGOzkVOhgCPtZsRw
1ivTgxP+IC8m0nGFUX3QKTMHrQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJBW8RoV
bDi6T89cWABgKbc03AOzMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNkQ4Qzg0RDAw
NUUzMTFFRThDNEE3NDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAF54x4DBAB55GkDBADaHoEwDQYJKoZIhvcNAQELBQADggEB
ACDrhFsV/6HvoPmocFbZgUyAjJx9YStH76l7PyTDHDZpxUh08kfjzKWovQaV2e7J
JKZBBXFBL9GyI3olZy4EoSeOanBRSppBSVnf+2WKBtQ147DH9XaEGxXRilAegsqG
gsMNMpzC5ZyawXkCPpRgTvjTWm7y8rPjqxutsSKmuTa04CcKCIb5cl1xEuxf8sSM
jdrpXviL/fzffMC1NUJ4Z2345464kOf+9PpbZVkkhjsZ21HyrQjQWu1F0jVupW8G
IL9P48l7hGPa9IZlqFjiKEEeHJ1sujEMnoS7hsnM0EJIGw/IWdq9l2L9ihXI4B1f
ddqDmJzYyAP0fBRPwkzX/HY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org