Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/BEB4CF4023A111EDB57D9C75C4F9AE02.roa
File: BEB4CF4023A111EDB57D9C75C4F9AE02.roa (raw, json)
Hash identifier: Zwf3dlN+/rkdcmp9V49Jn68MzU8uUszaGB2ZnM/EVjc=
Subject key identifier: 7B:5C:94:D0:BE:CE:46:4E:5E:41:48:19:F4:8D:BC:6C:4F:68:8F:58
Certificate issuer: /CN=A91A7761/serialNumber=51D5CC2D5E428FC955149F576211904F05BAF211
Certificate serial: 0399
Authority key identifier: 51:D5:CC:2D:5E:42:8F:C9:55:14:9F:57:62:11:90:4F:05:BA:F2:11
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/BEB4CF4023A111EDB57D9C75C4F9AE02.roa
Signing time: Wed 24 Aug 2022 11:41:52 +0000
ROA not before: Wed 24 Aug 2022 11:41:52 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 207142
IP address blocks: 123.253.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 921 (0x399)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7761/serialNumber=51D5CC2D5E428FC955149F576211904F05BAF211
Validity
Not Before: Aug 24 11:41:52 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63060e7f-c599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3d:7c:c9:9c:4f:01:23:2f:8b:39:c3:5d:5f:
59:85:5a:01:99:d5:40:9a:47:32:df:46:db:b2:e6:
be:4a:19:f8:3d:85:7c:91:ce:a8:08:aa:86:21:c3:
61:a5:f6:27:9c:ee:84:51:40:98:00:f8:52:81:c7:
3b:1c:90:bd:51:97:74:6b:1b:7c:d4:a3:85:16:34:
f8:d5:c0:db:e4:4f:06:da:b8:ac:bb:09:47:9c:03:
04:eb:6e:be:3a:8b:ae:89:10:fa:ef:a1:96:69:fd:
80:a7:03:a5:82:49:f9:ca:c0:80:62:ba:a3:69:39:
b5:ed:95:aa:0a:36:e4:2c:94:f5:e7:a4:91:1a:05:
e8:f1:f9:c1:8d:09:91:11:1e:02:72:13:40:62:1a:
6f:d2:ee:b6:91:ec:7d:88:e1:0b:a7:45:b7:0b:fb:
c8:32:50:d3:9b:07:91:9c:5b:e4:1c:d1:3f:db:36:
a3:fd:28:fd:67:a6:b8:69:ef:4d:1a:ee:bf:e8:51:
b4:ac:92:66:45:f5:35:55:1e:2e:d4:89:95:b8:bd:
79:98:4a:cd:40:d5:20:b4:93:d8:a2:62:b3:45:70:
cb:5f:fb:2d:2e:42:01:9f:31:53:2e:ad:bd:46:01:
1e:6e:3e:b0:41:10:96:a7:1c:86:d1:37:80:28:ae:
4d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5C:94:D0:BE:CE:46:4E:5E:41:48:19:F4:8D:BC:6C:4F:68:8F:58
X509v3 Authority Key Identifier:
keyid:51:D5:CC:2D:5E:42:8F:C9:55:14:9F:57:62:11:90:4F:05:BA:F2:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UdXMLV5Cj8lVFJ9XYhGQTwW68hE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7761/0E4B9168BD3411EB90E55428C4F9AE02/BEB4CF4023A111EDB57D9C75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.253.224.0/24
Signature Algorithm: sha256WithRSAEncryption
da:12:4f:34:fd:59:de:01:34:43:85:f3:fc:5b:47:ee:00:f6:
18:b4:fb:2e:52:cc:11:94:69:5a:97:04:bd:67:a6:8a:dd:9d:
91:f3:2f:20:32:4a:e3:a6:61:f7:6f:6f:cb:41:2b:97:1b:98:
a4:d1:56:3b:92:e0:c0:54:a4:29:0e:2c:fe:29:f1:29:c6:51:
b8:f8:e4:40:ef:54:05:21:26:e7:24:20:fd:56:47:36:cc:50:
b4:77:9e:80:11:1c:06:a8:14:b9:1e:2b:42:20:b8:9e:1a:ee:
de:5e:47:3b:3e:c7:f1:71:6b:2c:42:72:d7:76:19:1c:7a:2d:
6f:95:66:b1:18:e5:38:54:58:2e:da:f0:5f:c1:d1:db:8e:c6:
5f:d9:29:25:be:35:28:2f:bf:21:94:b4:87:cd:cd:9f:45:b5:
9b:46:71:6f:7e:41:98:bb:58:d6:2b:28:5f:8b:28:70:b7:a4:
42:e2:41:50:e8:ba:d7:0f:2e:66:bf:ca:7d:20:65:4f:91:2c:
98:ca:91:6b:01:6a:a3:83:ae:a7:0e:c3:ec:08:71:aa:7c:9f:
4f:f9:b4:6f:dc:ec:ff:e7:cd:be:c2:c1:87:c7:4a:58:74:b9:
7c:af:fa:90:5a:58:e5:8b:e2:08:ef:97:5e:39:5b:dd:79:5d:
1f:a4:51:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA5kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTc3NjExMTAvBgNVBAUTKDUxRDVDQzJENUU0MjhGQzk1NTE0OUY1NzYyMTE5MDRG
MDVCQUYyMTEwHhcNMjIwODI0MTE0MTUyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA2MGU3Zi1jNTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7j18yZxPASMviznDXV9ZhVoBmdVAmkcy30bbsua+Shn4PYV8kc6oCKqGIcNh
pfYnnO6EUUCYAPhSgcc7HJC9UZd0axt81KOFFjT41cDb5E8G2risuwlHnAME626+
OouuiRD676GWaf2ApwOlgkn5ysCAYrqjaTm17ZWqCjbkLJT156SRGgXo8fnBjQmR
ER4CchNAYhpv0u62kex9iOELp0W3C/vIMlDTmweRnFvkHNE/2zaj/Sj9Z6a4ae9N
Gu6/6FG0rJJmRfU1VR4u1ImVuL15mErNQNUgtJPYomKzRXDLX/stLkIBnzFTLq29
RgEebj6wQRCWpxyG0TeAKK5NVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHtclNC+
zkZOXkFIGfSNvGxPaI9YMB8GA1UdIwQYMBaAFFHVzC1eQo/JVRSfV2IRkE8FuvIR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzc2MS8wRTRCOTE2OEJE
MzQxMUVCOTBFNTU0MjhDNEY5QUUwMi9VZFhNTFY1Q2o4bFZGSjlYWWhHUVR3VzY4
aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VkWE1MVjVDajhsVkZKOVhZaEdRVHdXNjhoRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTc3NjEvMEU0QjkxNjhCRDM0MTFFQjkwRTU1NDI4QzRGOUFFMDIvQkVCNENGNDAy
M0ExMTFFREI1N0Q5Qzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7/eAwDQYJKoZIhvcNAQELBQADggEBANoSTzT9Wd4BNEOF
8/xbR+4A9hi0+y5SzBGUaVqXBL1npordnZHzLyAySuOmYfdvb8tBK5cbmKTRVjuS
4MBUpCkOLP4p8SnGUbj45EDvVAUhJuckIP1WRzbMULR3noARHAaoFLkeK0IguJ4a
7t5eRzs+x/FxayxCctd2GRx6LW+VZrEY5ThUWC7a8F/B0duOxl/ZKSW+NSgvvyGU
tIfNzZ9FtZtGcW9+QZi7WNYrKF+LKHC3pELiQVDoutcPLma/yn0gZU+RLJjKkWsB
aqODrqcOw+wIcap8n0/5tG/c7P/nzb7CwYfHSlh0uXyv+pBaWOWL4gjvl145W915
XR+kURQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org