Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/ED9717423D3411EA94BC1177C4F9AE02.roa
File: ED9717423D3411EA94BC1177C4F9AE02.roa (raw, json)
Hash identifier: 5TvxjuVdVIWTcUiIapgshC4OWMvZYKVrARQupH7AUCE=
Subject key identifier: CA:D2:8E:E5:BB:8D:0E:B9:DC:51:B2:BE:0B:0F:08:15:4A:5E:CF:52
Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F
Certificate serial: 07FB
Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/ED9717423D3411EA94BC1177C4F9AE02.roa
Signing time: Wed 12 Jan 2022 08:57:43 +0000
ROA not before: Wed 12 Jan 2022 08:57:43 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 209
IP address blocks: 116.251.204.0/24 maxlen: 24
116.251.205.0/24 maxlen: 24
116.251.206.0/24 maxlen: 24
116.251.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2043 (0x7fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F
Validity
Not Before: Jan 12 08:57:43 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61de9807-ec47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b2:0e:2c:da:a4:02:31:79:05:80:46:a5:3e:
10:21:0a:f7:56:83:6a:c5:d5:19:6b:8f:ad:05:b3:
9f:cc:15:c9:78:af:c0:5a:7d:ec:7b:19:71:eb:69:
fb:cd:f8:82:a0:78:0e:7d:e1:f7:67:09:1b:97:1d:
5c:83:28:6c:90:a4:39:1b:17:87:21:7d:4a:77:29:
fe:94:2a:23:07:9f:78:43:90:12:6f:56:ca:60:a2:
2f:6d:50:c8:fc:3e:37:c1:6c:19:1a:42:0f:0d:72:
22:91:68:11:96:72:ac:61:ca:2c:3c:b4:a6:90:e8:
f5:8e:75:6a:cd:93:33:38:3d:55:9c:d1:6e:8d:df:
f2:71:6a:a4:e6:8b:36:07:81:57:6c:54:6d:f5:68:
62:59:20:99:e2:8d:1e:fe:7e:e4:13:93:40:ed:87:
90:ab:10:1b:6f:26:c6:f1:5d:52:de:4d:d8:8d:b4:
69:8b:6c:88:68:dc:dc:02:f2:af:40:d3:b1:42:cb:
09:44:a7:00:2c:bc:1b:04:2f:3a:5d:d0:d1:1c:fb:
cb:9a:09:52:e1:21:3e:37:c6:bd:30:e7:d8:5f:07:
f1:d5:3a:b4:0f:a4:33:be:35:98:b4:f5:a2:30:49:
96:9b:35:b7:86:9e:ef:12:19:2d:a6:11:19:7f:8f:
39:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D2:8E:E5:BB:8D:0E:B9:DC:51:B2:BE:0B:0F:08:15:4A:5E:CF:52
X509v3 Authority Key Identifier:
keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/ED9717423D3411EA94BC1177C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.251.204.0/22
Signature Algorithm: sha256WithRSAEncryption
14:f8:5b:9f:36:45:1e:94:02:05:69:cd:31:b7:aa:e7:5c:bb:
97:06:17:ce:31:70:96:27:68:dd:d9:1d:b3:ba:8f:0d:69:b3:
29:dc:0f:fb:fb:57:99:72:48:fb:67:3e:8e:6f:72:4a:2d:b0:
e0:9d:d2:88:85:b9:4f:e8:62:d0:f1:da:03:e7:54:36:f8:2f:
d7:2f:17:9c:a4:e3:8c:ee:c5:a2:eb:a2:a0:f1:df:63:16:b6:
d2:81:d5:fc:43:7b:e1:b4:b0:43:0a:21:c0:07:09:bc:ab:df:
cc:75:e3:24:1f:a1:8e:8b:36:16:b4:3d:48:46:70:69:0e:2c:
05:0c:ce:49:97:a7:46:c7:5d:50:e2:56:9d:5f:d3:4d:ec:b5:
95:96:8f:0d:79:0a:d1:7f:0c:23:34:75:c2:d4:14:c4:72:a9:
46:82:6b:64:fb:82:e2:97:1f:c5:2c:45:3d:e7:0c:f8:4c:a0:
1e:80:b6:c3:3a:97:d6:c5:87:61:f6:c0:3e:d2:4d:05:bf:36:
35:31:12:3c:c6:55:27:e5:99:d3:03:33:f7:a1:da:59:19:07:
ad:f6:3a:82:56:7a:c0:e9:34:a8:28:73:5f:e0:df:97:f4:cb:
52:b2:65:ff:3d:a7:95:43:da:16:77:e2:f7:b1:63:76:7d:1f:
0f:2b:5a:a5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB/swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC
MjU1N0Y0M0YwHhcNMjIwMTEyMDg1NzQzWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWRlOTgwNy1lYzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtrIOLNqkAjF5BYBGpT4QIQr3VoNqxdUZa4+tBbOfzBXJeK/AWn3sexlx62n7
zfiCoHgOfeH3Zwkblx1cgyhskKQ5GxeHIX1Kdyn+lCojB594Q5ASb1bKYKIvbVDI
/D43wWwZGkIPDXIikWgRlnKsYcosPLSmkOj1jnVqzZMzOD1VnNFujd/ycWqk5os2
B4FXbFRt9WhiWSCZ4o0e/n7kE5NA7YeQqxAbbybG8V1S3k3YjbRpi2yIaNzcAvKv
QNOxQssJRKcALLwbBC86XdDRHPvLmglS4SE+N8a9MOfYXwfx1Tq0D6QzvjWYtPWi
MEmWmzW3hp7vEhktphEZf485MwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMrSjuW7
jQ653FGyvgsPCBVKXs9SMB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4
NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5
RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTg1NjgvRDMxMzA2NzYxODU3MTFFQTk4NjM0MTVFQzRGOUFFMDIvRUQ5NzE3NDIz
RDM0MTFFQTk0QkMxMTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ0+8wwDQYJKoZIhvcNAQELBQADggEBABT4W582RR6UAgVp
zTG3qudcu5cGF84xcJYnaN3ZHbO6jw1psyncD/v7V5lySPtnPo5vckotsOCd0oiF
uU/oYtDx2gPnVDb4L9cvF5yk44zuxaLroqDx32MWttKB1fxDe+G0sEMKIcAHCbyr
38x14yQfoY6LNha0PUhGcGkOLAUMzkmXp0bHXVDiVp1f003stZWWjw15CtF/DCM0
dcLUFMRyqUaCa2T7guKXH8UsRT3nDPhMoB6AtsM6l9bFh2H2wD7STQW/NjUxEjzG
VSflmdMDM/eh2lkZB632OoJWesDpNKgoc1/g35f0y1KyZf89p5VD2hZ34vexY3Z9
Hw8rWqU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-ams.rpki-client.org