Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/977871B208C511EDBC862E48C4F9AE02.roa
File: 977871B208C511EDBC862E48C4F9AE02.roa (raw, json)
Hash identifier: 5fZCBYHiF1fJ1uKsPlCTe9Ms+DAoN3V5KPj1Rrszle8=
Subject key identifier: D0:98:92:65:96:FE:8A:D8:31:8F:7B:FF:56:CD:C9:DB:C4:16:A0:14
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 3364
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/977871B208C511EDBC862E48C4F9AE02.roa
Signing time: Thu 06 Oct 2022 14:40:39 +0000
ROA not before: Thu 06 Oct 2022 14:40:39 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 17469
IP address blocks: 175.29.124.0/22 maxlen: 24
175.29.140.0/22 maxlen: 24
175.29.144.0/22 maxlen: 24
175.29.152.0/21 maxlen: 21
175.29.160.0/20 maxlen: 24
175.29.176.0/20 maxlen: 24
175.29.192.0/21 maxlen: 24
202.22.192.0/20 maxlen: 24
203.76.144.0/21 maxlen: 24
203.82.192.0/20 maxlen: 24
2404:150::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13156 (0x3364)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Oct 6 14:40:39 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=633ee8e7-a50c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e7:50:83:d4:3d:51:4a:38:d3:6c:19:12:3e:
6c:84:67:5a:d9:e2:3c:38:cb:d0:c8:57:0b:ad:df:
03:78:23:a7:a2:da:c2:33:b5:af:49:95:c5:a5:6b:
7c:94:0e:65:61:e7:7b:95:9f:49:bc:b6:2e:1c:42:
ea:4e:54:a3:8e:fa:95:37:97:67:5b:11:d5:85:d9:
30:99:fb:eb:68:ab:3b:95:3a:5f:f9:32:90:b6:0f:
0b:bf:e4:9c:d1:6c:23:5a:b6:85:10:94:5e:72:c0:
a6:c6:fb:5e:0d:f8:0c:0a:43:76:d3:b0:a6:fb:cf:
d1:c6:83:f5:36:2d:f0:c1:c4:00:dd:23:29:1a:7d:
7c:3b:20:30:f9:40:f7:61:5d:9f:10:82:af:09:8f:
81:7c:30:fe:d7:df:09:bc:96:f5:dc:b9:87:df:8e:
50:f1:20:56:67:ae:9a:75:23:b1:fc:02:fc:41:92:
c7:67:66:64:9c:35:55:66:2e:ff:fe:66:35:c3:10:
fd:55:e6:6f:48:6d:0e:99:39:7d:52:82:2b:5b:79:
61:ad:6c:cc:aa:ae:27:fd:39:f9:f4:e3:24:59:3f:
bf:ba:c6:84:d8:0f:26:05:cb:f2:a5:31:35:1d:ef:
11:9f:19:0c:75:93:09:b3:8c:3b:96:cb:61:e2:af:
57:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:98:92:65:96:FE:8A:D8:31:8F:7B:FF:56:CD:C9:DB:C4:16:A0:14
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/977871B208C511EDBC862E48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.124.0/22
175.29.140.0-175.29.147.255
175.29.152.0-175.29.199.255
202.22.192.0/20
203.76.144.0/21
203.82.192.0/20
IPv6:
2404:150::/32
Signature Algorithm: sha256WithRSAEncryption
2e:ea:51:9c:4e:a2:5a:7d:f8:fe:42:62:b0:34:dd:53:56:d6:
ad:2a:98:41:cf:da:f5:06:85:93:7e:10:33:72:53:bb:17:bd:
b0:88:88:5a:18:c2:47:3a:03:34:af:0f:04:ed:8a:89:bc:b0:
34:a2:82:80:96:96:f8:06:46:ae:ec:c9:84:07:78:f4:77:ca:
e3:07:0b:4e:b0:f6:03:39:a6:0f:20:c6:13:e9:b4:98:24:ca:
3a:5d:34:ba:b8:45:ec:5f:57:2c:00:97:6d:6a:e0:1e:12:93:
e6:5b:3b:bc:87:34:a6:26:3a:53:09:b4:ed:62:a3:54:ef:a0:
72:cc:95:f1:95:7b:ed:64:92:f8:95:6d:1f:92:5b:6e:73:cc:
9b:36:b7:20:90:42:aa:37:97:23:14:13:ee:a2:73:6f:01:0f:
12:71:2b:67:74:6f:6b:55:f4:5e:15:3b:9e:bd:84:cd:0b:2e:
c4:5f:d8:d0:1b:c2:b0:c0:02:97:43:b3:a9:d3:1e:ba:98:3b:
96:8e:16:6f:91:e5:4b:32:e0:ff:33:25:53:0c:eb:47:b4:a6:
08:09:a2:40:5a:72:47:49:4d:a4:b9:86:16:b5:34:c9:66:3d:
dc:b4:df:c0:42:c8:d6:a2:4b:9f:f5:21:73:13:98:cf:cf:bd:
1d:44:32:56
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgICM2QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIxMDA2MTQ0MDM5WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNlZThlNy1hNTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm+dQg9Q9UUo402wZEj5shGda2eI8OMvQyFcLrd8DeCOnotrCM7WvSZXFpWt8
lA5lYed7lZ9JvLYuHELqTlSjjvqVN5dnWxHVhdkwmfvraKs7lTpf+TKQtg8Lv+Sc
0WwjWraFEJRecsCmxvteDfgMCkN207Cm+8/RxoP1Ni3wwcQA3SMpGn18OyAw+UD3
YV2fEIKvCY+BfDD+198JvJb13LmH345Q8SBWZ66adSOx/AL8QZLHZ2ZknDVVZi7/
/mY1wxD9VeZvSG0OmTl9UoIrW3lhrWzMqq4n/Tn59OMkWT+/usaE2A8mBcvypTE1
He8RnxkMdZMJs4w7lsth4q9XYQIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFNCYkmWW
/orYMY97/1bNydvEFqAUMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvOTc3ODcxQjIw
OEM1MTFFREJDODYyRTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXAYIKwYBBQUHAQcBAf8E
TTBLMDoEAgABMDQDBAKvHXwwDAMEAq8djAMEAq8dkDAMAwQDrx2YAwQDrx3AAwQE
yhbAAwQDy0yQAwQEy1LAMA0EAgACMAcDBQAkBAFQMA0GCSqGSIb3DQEBCwUAA4IB
AQAu6lGcTqJaffj+QmKwNN1TVtatKphBz9r1BoWTfhAzclO7F72wiIhaGMJHOgM0
rw8E7YqJvLA0ooKAlpb4Bkau7MmEB3j0d8rjBwtOsPYDOaYPIMYT6bSYJMo6XTS6
uEXsX1csAJdtauAeEpPmWzu8hzSmJjpTCbTtYqNU76ByzJXxlXvtZJL4lW0fkltu
c8ybNrcgkEKqN5cjFBPuonNvAQ8ScStndG9rVfReFTuevYTNCy7EX9jQG8KwwAKX
Q7Op0x66mDuWjhZvkeVLMuD/MyVTDOtHtKYICaJAWnJHSU2kuYYWtTTJZj3ctN/A
QsjWokuf9SFzE5jPz70dRDJW
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org