Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/8CF234A0B0F011E5A08A224DC4F9AE02.roa
File: 8CF234A0B0F011E5A08A224DC4F9AE02.roa (raw, json)
Hash identifier: rgVkRUJ3Uct1Kp2MwcuIrd8dMOeToSAXaxnIXb9GLNQ=
Subject key identifier: A7:C7:43:37:EC:2E:ED:4C:57:44:3C:4F:28:47:D0:2F:FB:B3:80:B1
Certificate issuer: /CN=A916413C/serialNumber=365D71B2682F56B0EEFF1154755D279B8F9AFB33
Certificate serial: 236F
Authority key identifier: 36:5D:71:B2:68:2F:56:B0:EE:FF:11:54:75:5D:27:9B:8F:9A:FB:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/8CF234A0B0F011E5A08A224DC4F9AE02.roa
Signing time: Wed 10 Nov 2021 04:21:59 +0000
ROA not before: Wed 10 Nov 2021 04:21:59 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 45517
IP address blocks: 203.153.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9071 (0x236f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916413C/serialNumber=365D71B2682F56B0EEFF1154755D279B8F9AFB33
Validity
Not Before: Nov 10 04:21:59 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=618b48e7-46a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:93:c8:62:f0:c5:a1:f2:6e:78:da:d3:7f:c2:
e8:2e:92:2b:ac:85:c3:17:31:56:4b:ce:c6:0e:2f:
78:ef:d0:af:68:fa:ae:2a:31:cc:a0:bf:4a:03:5a:
80:da:80:3f:6c:eb:37:f1:e5:e7:be:be:37:f8:ed:
75:02:53:2d:48:e1:73:dc:69:4d:8a:68:f3:06:b0:
d2:4c:8c:74:5d:69:1e:c0:72:39:ff:b9:26:c2:bc:
3b:e3:2f:11:9a:dd:5b:9e:6c:f9:e8:03:78:4c:f9:
71:a2:37:0a:33:b6:05:2f:7a:dc:42:4a:1e:11:bd:
1f:a1:07:6c:41:bb:db:77:af:87:db:04:f7:57:c1:
3d:f7:a4:a4:f5:c6:22:a6:ee:50:d0:d3:60:ff:86:
8d:21:5a:b3:4c:c3:1f:bd:da:be:15:3e:7f:3f:a9:
6c:0b:79:f8:cb:22:91:14:0f:be:60:43:9f:b9:c9:
14:91:86:82:f4:3f:9a:ac:f3:d4:28:2d:eb:ea:5d:
2e:e6:e3:aa:c9:43:42:35:58:83:96:91:9d:63:75:
56:f6:38:e3:d7:b3:84:b7:92:4b:db:90:cc:b8:59:
85:a1:62:8e:c7:1a:30:10:99:11:9d:c3:7e:be:78:
b9:20:d6:f2:71:45:2e:9f:8c:97:05:61:50:b7:1f:
ea:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C7:43:37:EC:2E:ED:4C:57:44:3C:4F:28:47:D0:2F:FB:B3:80:B1
X509v3 Authority Key Identifier:
keyid:36:5D:71:B2:68:2F:56:B0:EE:FF:11:54:75:5D:27:9B:8F:9A:FB:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/8CF234A0B0F011E5A08A224DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.153.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a3:c3:87:07:e2:b2:ab:ea:0a:28:09:14:e7:ac:6b:99:48:
73:14:c0:6d:e5:6a:9d:91:08:bd:01:38:83:db:4d:51:1c:1c:
7e:88:32:41:c8:c2:a6:9f:f3:82:22:81:83:c9:e6:aa:1f:24:
23:8d:e5:2c:b1:2b:4d:36:f3:84:1b:cc:8c:bd:b2:60:79:3c:
99:59:65:44:80:1f:c4:09:f3:e2:d3:cb:1e:b3:7f:51:1c:65:
07:4a:47:bc:71:8e:b1:5f:5c:3d:bb:f4:57:ed:6f:c8:0f:19:
60:45:1b:1a:6c:4f:7a:59:31:62:46:cf:7a:f7:57:be:03:83:
a5:cf:ba:2a:a5:a9:60:83:05:44:32:a2:66:28:fa:14:4b:4f:
ee:f3:e1:1d:44:7b:5d:fc:69:ea:a1:b4:6a:55:e0:f1:ca:67:
b7:7a:26:74:40:bd:4e:e0:08:1d:55:25:4a:e6:22:5b:48:b3:
79:b5:82:a1:c9:f9:6d:c8:97:8d:2c:a7:ef:a0:74:d7:08:2d:
13:09:8a:c7:8d:da:52:92:10:54:c9:3f:9c:ed:47:3b:d2:e6:
b0:3b:82:51:df:20:87:be:33:a8:62:8f:62:f3:3c:08:19:d5:
26:80:89:58:4d:28:f3:ce:a3:bf:42:50:50:3d:e2:d2:9f:14:
2b:12:fb:0f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICI28wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQxM0MxMTAvBgNVBAUTKDM2NUQ3MUIyNjgyRjU2QjBFRUZGMTE1NDc1NUQyNzlC
OEY5QUZCMzMwHhcNMjExMTEwMDQyMTU5WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MThiNDhlNy00NmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv5PIYvDFofJueNrTf8LoLpIrrIXDFzFWS87GDi9479CvaPquKjHMoL9KA1qA
2oA/bOs38eXnvr43+O11AlMtSOFz3GlNimjzBrDSTIx0XWkewHI5/7kmwrw74y8R
mt1bnmz56AN4TPlxojcKM7YFL3rcQkoeEb0foQdsQbvbd6+H2wT3V8E996Sk9cYi
pu5Q0NNg/4aNIVqzTMMfvdq+FT5/P6lsC3n4yyKRFA++YEOfuckUkYaC9D+arPPU
KC3r6l0u5uOqyUNCNViDlpGdY3VW9jjj17OEt5JL25DMuFmFoWKOxxowEJkRncN+
vni5INbycUUun4yXBWFQtx/qLQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKfHQzfs
Lu1MV0Q8TyhH0C/7s4CxMB8GA1UdIwQYMBaAFDZdcbJoL1aw7v8RVHVdJ5uPmvsz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDEzQy85REQ4MjAxQUEw
NzMxMUU0QThCQjZGNDRDNEY5QUUwMi9ObDF4c21ndlZyRHVfeEZVZFYwbm00LWEt
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05sMXhzbWd2VnJEdV94RlVkVjBubTQtYS16TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQxM0MvOUREODIwMUFBMDczMTFFNEE4QkI2RjQ0QzRGOUFFMDIvOENGMjM0QTBC
MEYwMTFFNUEwOEEyMjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLmdwwDQYJKoZIhvcNAQELBQADggEBAIyjw4cH4rKr6goo
CRTnrGuZSHMUwG3lap2RCL0BOIPbTVEcHH6IMkHIwqaf84IigYPJ5qofJCON5Syx
K00284QbzIy9smB5PJlZZUSAH8QJ8+LTyx6zf1EcZQdKR7xxjrFfXD279Fftb8gP
GWBFGxpsT3pZMWJGz3r3V74Dg6XPuiqlqWCDBUQyomYo+hRLT+7z4R1Ee138aeqh
tGpV4PHKZ7d6JnRAvU7gCB1VJUrmIltIs3m1gqHJ+W3Il40sp++gdNcILRMJiseN
2lKSEFTJP5ztRzvS5rA7glHfIIe+M6hij2LzPAgZ1SaAiVhNKPPOo79CUFA94tKf
FCsS+w8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-ams.rpki-client.org