Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/771A4F74140211EDBA205F6EC4F9AE02.roa
File: 771A4F74140211EDBA205F6EC4F9AE02.roa (raw, json)
Hash identifier: 7+4Xup8kZY5tljlESmPakkgk/GMa8j+yHUkDtlJFZn8=
Subject key identifier: B2:CD:21:EF:9B:04:CF:49:A2:9C:F2:04:7D:19:12:84:91:50:CE:F6
Certificate issuer: /CN=A918BCEE/serialNumber=F40BE8B5AD16B1847FC0D4F4708F9D414931ABA6
Certificate serial: 0E
Authority key identifier: F4:0B:E8:B5:AD:16:B1:84:7F:C0:D4:F4:70:8F:9D:41:49:31:AB:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Avota0WsYR_wNT0cI-dQUkxq6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/771A4F74140211EDBA205F6EC4F9AE02.roa
Signing time: Fri 05 Aug 2022 22:13:32 +0000
ROA not before: Fri 05 Aug 2022 22:13:32 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 54203
IP address blocks: 36.255.204.0/24 maxlen: 24
36.255.205.0/24 maxlen: 24
36.255.206.0/23 maxlen: 23
103.209.252.0/24 maxlen: 24
2404:5d80:6000::/40 maxlen: 40
2404:5d80:6100::/40 maxlen: 40
2404:5d80:6300::/40 maxlen: 40
2404:5d80:6600::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BCEE/serialNumber=F40BE8B5AD16B1847FC0D4F4708F9D414931ABA6
Validity
Not Before: Aug 5 22:13:32 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=62ed960b-0782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:47:93:aa:78:32:3f:8e:7f:d9:69:3c:f1:25:
35:5c:be:bf:6f:9f:b2:86:e8:82:ca:6a:9e:41:62:
7d:3a:15:63:28:7e:41:8c:ad:35:68:0f:01:9e:65:
07:ae:fd:ed:3f:0d:5f:0c:e2:1c:80:dc:ba:b4:95:
90:c5:83:04:8e:b7:ca:55:5a:bb:03:ea:31:df:09:
43:92:1a:07:14:20:9a:27:30:2f:33:d9:0f:ce:73:
92:4c:c1:2d:3c:0b:f1:c1:31:d8:57:89:95:42:e7:
7b:bd:37:7f:75:0d:a9:fd:5b:26:b1:08:5e:1c:70:
2a:f0:86:5f:92:57:1b:61:e8:ae:d8:f3:b3:cb:48:
5d:e8:19:0c:e9:5b:a9:25:fe:e7:91:b4:dd:88:4d:
03:15:4c:a7:bf:7b:9c:cf:05:3b:99:e4:34:e2:1a:
6a:61:c0:35:a3:3c:0d:79:4f:ce:39:54:1a:5a:4b:
ce:90:48:86:02:9e:c6:06:dc:4c:c4:e4:e4:74:df:
5d:3b:97:e2:9d:74:c9:e6:b2:d9:d9:1d:85:47:c1:
73:2d:51:ba:b9:e7:12:cc:41:50:57:ae:e7:a2:5e:
6b:33:20:70:da:3a:31:30:9f:f4:a5:52:a1:23:fc:
74:fc:a4:b5:6b:6b:8e:f5:fb:e8:1a:c9:ce:9a:c2:
1d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CD:21:EF:9B:04:CF:49:A2:9C:F2:04:7D:19:12:84:91:50:CE:F6
X509v3 Authority Key Identifier:
keyid:F4:0B:E8:B5:AD:16:B1:84:7F:C0:D4:F4:70:8F:9D:41:49:31:AB:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/9Avota0WsYR_wNT0cI-dQUkxq6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Avota0WsYR_wNT0cI-dQUkxq6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BCEE/68C3563013FF11EDA3F33941C4F9AE02/771A4F74140211EDBA205F6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.204.0/22
103.209.252.0/24
IPv6:
2404:5d80:6000::/39
2404:5d80:6300::/40
2404:5d80:6600::/40
Signature Algorithm: sha256WithRSAEncryption
0a:b0:8e:68:3b:0b:22:2f:db:3f:18:6c:46:f2:e3:c0:3b:69:
54:78:9c:db:68:81:b4:6a:da:02:e6:b3:25:1d:b5:2a:06:e0:
9a:bb:a8:04:e8:19:22:22:ab:eb:23:4c:1d:53:9f:ee:ed:c7:
67:46:d9:d6:d0:d0:0e:c6:84:8f:a8:b3:13:59:44:05:07:54:
fd:85:b6:d0:2e:3f:12:aa:af:6a:0d:12:8b:2f:f8:29:5a:b1:
68:3a:a4:b2:ff:3d:b5:6b:31:5b:05:46:c7:57:8a:b5:25:d1:
97:29:4b:17:8d:60:72:c2:93:57:aa:b2:dc:e1:e7:da:b5:0f:
c2:ec:ae:ff:b1:33:09:3a:35:e8:f5:4d:ca:3f:7d:c9:88:39:
23:43:bc:1a:12:05:a0:3d:df:c9:fe:44:0d:7b:1d:e1:d4:0b:
37:86:54:14:44:85:8b:a2:03:6e:9b:15:79:94:0e:43:ed:ab:
5c:36:dc:5e:e8:14:80:8f:cf:16:a7:5c:5a:37:dc:48:2e:0c:
5a:bd:d5:a5:9f:3d:bf:76:c9:5d:04:d1:7f:bf:b3:20:0d:04:
28:ae:c3:d0:66:95:8c:46:c2:c8:13:45:7b:e6:ea:cc:01:3d:
e1:6d:00:25:a6:27:04:f1:db:77:87:ef:f9:bd:8d:89:f1:44:
7b:43:8b:7f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QkNFRTExMC8GA1UEBRMoRjQwQkU4QjVBRDE2QjE4NDdGQzBENEY0NzA4RjlENDE0
OTMxQUJBNjAeFw0yMjA4MDUyMjEzMzJaFw0yMzA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyZWQ5NjBiLTA3ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClR5OqeDI/jn/ZaTzxJTVcvr9vn7KG6ILKap5BYn06FWMofkGMrTVoDwGeZQeu
/e0/DV8M4hyA3Lq0lZDFgwSOt8pVWrsD6jHfCUOSGgcUIJonMC8z2Q/Oc5JMwS08
C/HBMdhXiZVC53u9N391Dan9WyaxCF4ccCrwhl+SVxth6K7Y87PLSF3oGQzpW6kl
/ueRtN2ITQMVTKe/e5zPBTuZ5DTiGmphwDWjPA15T845VBpaS86QSIYCnsYG3EzE
5OR03107l+KddMnmstnZHYVHwXMtUbq55xLMQVBXrueiXmszIHDaOjEwn/SlUqEj
/HT8pLVra471++gayc6awh29AgMBAAGjggK7MIICtzAdBgNVHQ4EFgQUss0h75sE
z0minPIEfRkShJFQzvYwHwYDVR0jBBgwFoAU9Avota0WsYR/wNT0cI+dQUkxq6Yw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThCQ0VFLzY4QzM1NjMwMTNG
RjExRURBM0YzMzk0MUM0RjlBRTAyLzlBdm90YTBXc1lSX3dOVDBjSS1kUVVreHE2
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOUF2b3RhMFdzWVJfd05UMGNJLWRRVWt4cTZZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QkNFRS82OEMzNTYzMDEzRkYxMUVEQTNGMzM5NDFDNEY5QUUwMi83NzFBNEY3NDE0
MDIxMUVEQkEyMDVGNkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBFBggrBgEFBQcBBwEB/wQ2
MDQwEgQCAAEwDAMEAiT/zAMEAGfR/DAeBAIAAjAYAwYBJARdgGADBgAkBF2AYwMG
ACQEXYBmMA0GCSqGSIb3DQEBCwUAA4IBAQAKsI5oOwsiL9s/GGxG8uPAO2lUeJzb
aIG0atoC5rMlHbUqBuCau6gE6BkiIqvrI0wdU5/u7cdnRtnW0NAOxoSPqLMTWUQF
B1T9hbbQLj8Sqq9qDRKLL/gpWrFoOqSy/z21azFbBUbHV4q1JdGXKUsXjWBywpNX
qrLc4efatQ/C7K7/sTMJOjXo9U3KP33JiDkjQ7waEgWgPd/J/kQNex3h1As3hlQU
RIWLogNumxV5lA5D7atcNtxe6BSAj88Wp1xaN9xILgxavdWlnz2/dsldBNF/v7Mg
DQQorsPQZpWMRsLIE0V75urMAT3hbQAlpicE8dt3h+/5vY2J8UR7Q4t/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-ams.rpki-client.org