Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/8EF599EAFC2A11EC98B19157C4F9AE02.roa
File: 8EF599EAFC2A11EC98B19157C4F9AE02.roa (raw, json)
Hash identifier: kqlp3EghprP14fklWvLgov+1wPHTH1XYLpchLCArWxM=
Subject key identifier: 53:8B:93:87:D8:55:08:7B:5D:92:BA:8F:B7:71:EC:7D:63:6F:19:B2
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 328E
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/8EF599EAFC2A11EC98B19157C4F9AE02.roa
Signing time: Tue 05 Jul 2022 06:20:26 +0000
ROA not before: Tue 05 Jul 2022 06:20:26 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 3356
IP address blocks: 203.76.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12942 (0x328e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Jul 5 06:20:26 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62c3d82a-8d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bd:d6:49:54:ee:b4:cf:45:f3:1c:c7:f5:fb:
0b:df:33:8d:fe:07:10:53:02:c1:51:89:cb:76:e3:
76:c4:b1:c9:7b:98:27:cb:66:1a:dd:33:f1:37:4f:
d2:65:16:e9:e4:98:2a:b8:3b:94:6d:67:ca:9f:a7:
97:1c:38:42:bf:f2:a2:53:90:dd:2d:b4:47:4c:98:
d6:5a:da:11:2b:a5:0d:b1:70:94:55:f1:ed:a6:50:
33:c2:66:24:32:fc:bf:19:55:83:4d:69:67:d4:46:
27:60:1d:a1:56:ff:1a:a8:78:e1:57:f3:4b:f3:e5:
d3:71:b8:83:0c:e0:68:28:ab:0c:ce:af:f5:84:92:
37:94:6a:7d:ac:39:e0:be:64:ee:ac:5a:67:4a:fb:
c1:48:97:d2:09:0a:e3:b2:bd:a0:47:61:c1:ba:8c:
5e:17:68:d6:92:42:95:e3:0c:33:7a:84:d7:db:d3:
6b:35:92:8b:49:f3:a3:cd:2d:6d:8c:8e:86:7b:49:
22:63:46:ed:15:98:80:90:80:9c:0d:a6:62:5c:29:
10:b3:fa:44:16:92:ad:c9:93:02:cf:2d:b1:1c:b3:
84:d2:e5:51:98:d8:ce:1b:51:b2:56:a0:b1:49:cc:
bf:24:f5:3d:69:fd:6c:60:7e:c2:11:bc:19:35:32:
26:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8B:93:87:D8:55:08:7B:5D:92:BA:8F:B7:71:EC:7D:63:6F:19:B2
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/8EF599EAFC2A11EC98B19157C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.76.152.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:40:2c:d6:6d:1c:a1:d1:dd:0b:e0:97:16:54:d6:1e:26:26:
dd:05:f4:fd:76:6d:91:84:e4:d3:67:22:58:8e:a5:b6:e3:98:
c3:fb:87:28:5e:83:13:fa:1a:8e:72:d7:09:f7:2a:16:e4:ed:
33:e8:75:61:79:35:a1:1a:4d:cc:af:5c:c7:52:16:7a:9d:ac:
4d:b1:ae:70:35:41:13:7b:bf:99:2c:14:ec:ca:4e:01:55:b7:
98:67:0a:94:02:56:ba:4b:81:60:d8:fc:d8:4f:93:cd:f4:56:
53:c5:15:20:0b:de:bc:f5:e7:b8:7c:1b:6e:61:04:d1:66:7b:
cd:8f:82:8b:b7:9a:5a:0d:19:f3:c5:d6:4e:cf:18:62:9c:1f:
f9:d8:03:ae:44:b0:7d:1d:76:d3:e5:64:3d:f6:f5:1a:e6:fb:
e2:b3:f3:f6:97:82:a2:2f:8d:4d:0c:33:7b:14:e1:19:63:a8:
3b:6b:56:b4:2b:5c:d9:9f:08:af:2b:54:16:d5:ea:c6:05:55:
84:86:df:a5:8d:83:91:6f:ef:1c:40:34:70:51:52:92:b3:fb:
99:16:02:e3:13:fb:47:d4:7a:fc:dd:e8:c7:eb:94:f9:12:ca:
e0:a2:46:6e:98:94:5b:a7:01:87:73:b4:8d:b3:25:14:4f:45:
02:14:bb:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMo4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIwNzA1MDYyMDI2WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMzZDgyYS04ZDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3r3WSVTutM9F8xzH9fsL3zON/gcQUwLBUYnLduN2xLHJe5gny2Ya3TPxN0/S
ZRbp5JgquDuUbWfKn6eXHDhCv/KiU5DdLbRHTJjWWtoRK6UNsXCUVfHtplAzwmYk
Mvy/GVWDTWln1EYnYB2hVv8aqHjhV/NL8+XTcbiDDOBoKKsMzq/1hJI3lGp9rDng
vmTurFpnSvvBSJfSCQrjsr2gR2HBuoxeF2jWkkKV4wwzeoTX29NrNZKLSfOjzS1t
jI6Ge0kiY0btFZiAkICcDaZiXCkQs/pEFpKtyZMCzy2xHLOE0uVRmNjOG1GyVqCx
Scy/JPU9af1sYH7CEbwZNTImGwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFOLk4fY
VQh7XZK6j7dx7H1jbxmyMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvOEVGNTk5RUFG
QzJBMTFFQzk4QjE5MTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPLTJgwDQYJKoZIhvcNAQELBQADggEBAI1ALNZtHKHR3Qvg
lxZU1h4mJt0F9P12bZGE5NNnIliOpbbjmMP7hyhegxP6Go5y1wn3Khbk7TPodWF5
NaEaTcyvXMdSFnqdrE2xrnA1QRN7v5ksFOzKTgFVt5hnCpQCVrpLgWDY/NhPk830
VlPFFSAL3rz157h8G25hBNFme82Pgou3mloNGfPF1k7PGGKcH/nYA65EsH0ddtPl
ZD329Rrm++Kz8/aXgqIvjU0MM3sU4RljqDtrVrQrXNmfCK8rVBbV6sYFVYSG36WN
g5Fv7xxANHBRUpKz+5kWAuMT+0fUevzd6MfrlPkSyuCiRm6YlFunAYdztI2zJRRP
RQIUu5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-ams.rpki-client.org