Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/C2E0C988BEC211EB95A2611DC4F9AE02.roa
File: C2E0C988BEC211EB95A2611DC4F9AE02.roa (raw, json)
Hash identifier: 6s5P97ioUqnqqeluPZb3aUSVPenHAdnWdRFKbB0AGaU=
Subject key identifier: 45:70:E8:98:96:24:BF:C3:EE:53:F8:4C:B7:05:9D:CD:0E:19:08:3F
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1C52
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/C2E0C988BEC211EB95A2611DC4F9AE02.roa
Signing time: Thu 08 Jun 2023 12:31:35 +0000
ROA not before: Thu 08 Jun 2023 12:31:35 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 140330
IP address blocks: 59.60.6.0/23 maxlen: 23
59.60.8.0/22 maxlen: 22
59.60.12.0/23 maxlen: 23
110.87.0.0/19 maxlen: 19
110.87.64.0/19 maxlen: 19
117.28.232.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7250 (0x1c52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jun 8 12:31:35 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6481ca26-44a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a1:87:a4:e8:08:90:3f:f6:a1:7d:6e:7a:72:
a1:7d:c4:cf:a3:25:11:9c:80:c4:65:37:94:25:a7:
4c:34:eb:89:7e:5b:ad:8b:01:14:ca:3a:ca:55:c3:
6b:53:15:40:b9:77:82:b6:2b:1f:1c:ae:e6:b1:19:
84:4d:7e:79:52:c9:11:65:da:2e:1c:50:99:0f:7e:
7c:b8:2a:f3:e7:06:e9:c4:14:5d:17:0c:8e:5a:2a:
6e:95:d6:5a:6c:cf:6f:9c:2b:51:55:bc:f9:d6:ea:
d3:da:16:df:b8:ae:84:d9:76:7f:5b:41:ac:fa:7a:
00:ca:6b:7f:1b:84:85:85:19:44:bf:31:85:05:65:
29:7f:e9:21:49:6c:ce:30:64:6c:aa:7c:d5:c3:3d:
71:42:48:a4:e1:25:34:90:b5:a1:9c:bf:c5:57:29:
dd:3e:09:f3:18:f7:62:e9:71:1c:f4:39:43:36:38:
93:8b:ea:25:48:aa:05:e6:c7:b7:46:29:94:4b:9f:
6e:25:9b:30:20:53:c1:58:68:08:07:58:66:fa:e3:
b9:fd:e2:3c:aa:47:f7:1c:5b:8c:b8:cf:d6:d6:71:
dc:79:4d:7d:b6:c7:56:8e:4c:14:49:9e:11:a0:04:
89:8f:09:1a:7d:f2:47:db:43:e9:97:37:e9:ed:a5:
6b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:70:E8:98:96:24:BF:C3:EE:53:F8:4C:B7:05:9D:CD:0E:19:08:3F
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/C2E0C988BEC211EB95A2611DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.60.6.0-59.60.13.255
110.87.0.0/19
110.87.64.0/19
117.28.232.0/21
Signature Algorithm: sha256WithRSAEncryption
ad:0f:0b:dd:91:89:b8:04:5a:ca:17:e5:37:b7:6c:2e:c6:ac:
2f:ad:82:d2:c1:11:15:5c:7f:a8:fb:a0:1a:2e:91:cc:a8:5f:
04:ab:e4:cf:fa:09:e8:fc:ce:82:84:28:16:c3:8e:34:b3:83:
c8:1d:4e:3e:8b:2b:2d:14:ad:e8:ac:4b:02:85:b9:1d:40:23:
cb:0e:af:16:8c:ef:4b:6d:75:fa:d7:6f:7a:9d:ba:bb:c9:89:
de:68:2a:c7:b1:cc:b8:4d:ba:59:a1:dc:03:b1:e8:fb:f3:36:
6a:33:c8:50:54:54:b6:8e:82:69:56:06:4b:71:03:fe:83:06:
d3:b8:4f:0a:71:15:69:40:97:f8:86:ff:0b:03:3c:af:fe:d1:
c0:78:e3:f8:3b:f3:dc:32:95:2c:d2:1d:b8:3c:2b:6c:d6:4d:
59:da:0c:9a:3e:e4:ed:84:39:7f:8b:6c:48:f5:d3:f3:b0:47:
39:3d:79:04:bf:90:e4:54:62:db:3f:23:d6:3c:8f:37:eb:3f:
fb:ac:07:80:39:30:07:60:ab:47:e1:fe:8d:e2:07:57:14:8f:
2d:3c:4d:87:b4:12:8c:25:b5:d7:5b:d6:0d:11:e2:bb:8f:49:
10:bd:27:0f:85:79:a9:fb:21:6c:6e:14:1c:55:69:b8:81:aa:
f3:d8:2c:05
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICHFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjMwNjA4MTIzMTM1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxY2EyNi00NGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8KGHpOgIkD/2oX1uenKhfcTPoyURnIDEZTeUJadMNOuJflutiwEUyjrKVcNr
UxVAuXeCtisfHK7msRmETX55UskRZdouHFCZD358uCrz5wbpxBRdFwyOWipuldZa
bM9vnCtRVbz51urT2hbfuK6E2XZ/W0Gs+noAymt/G4SFhRlEvzGFBWUpf+khSWzO
MGRsqnzVwz1xQkik4SU0kLWhnL/FVyndPgnzGPdi6XEc9DlDNjiTi+olSKoF5se3
RimUS59uJZswIFPBWGgIB1hm+uO5/eI8qkf3HFuMuM/W1nHceU19tsdWjkwUSZ4R
oASJjwkaffJH20Pplzfp7aVrcwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFEVw6JiW
JL/D7lP4TLcFnc0OGQg/MB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvQzJFMEM5ODhC
RUMyMTFFQjk1QTI2MTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCAwDAMEATs8BgMEATs8DAMEBW5XAAMEBW5XQAMEA3Uc6DANBgkq
hkiG9w0BAQsFAAOCAQEArQ8L3ZGJuARayhflN7dsLsasL62C0sERFVx/qPugGi6R
zKhfBKvkz/oJ6PzOgoQoFsOONLODyB1OPosrLRSt6KxLAoW5HUAjyw6vFozvS211
+tdvep26u8mJ3mgqx7HMuE26WaHcA7Ho+/M2ajPIUFRUto6CaVYGS3ED/oMG07hP
CnEVaUCX+Ib/CwM8r/7RwHjj+Dvz3DKVLNIduDwrbNZNWdoMmj7k7YQ5f4tsSPXT
87BHOT15BL+Q5FRi2z8j1jyPN+s/+6wHgDkwB2CrR+H+jeIHVxSPLTxNh7QSjCW1
11vWDRHiu49JEL0nD4V5qfshbG4UHFVpuIGq89gsBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org