Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1A23/AC533DEE289611EBBAAD5721C4F9AE02/9FE83F66289911EBAF69D425C4F9AE02.roa
File: 9FE83F66289911EBAF69D425C4F9AE02.roa (raw, json)
Hash identifier: DGqVhsQH3mQZMUohBSYOQw9HL7Wcpo45txOs7LW3cyc=
Subject key identifier: E4:62:D8:2F:93:BE:3E:B4:CA:47:28:17:85:09:7C:81:6E:22:6E:0F
Certificate issuer: /CN=A91B1A23/serialNumber=27C3900FBD77EE22CB71E9A90E81574CDE4644AD
Certificate serial: 0589
Authority key identifier: 27:C3:90:0F:BD:77:EE:22:CB:71:E9:A9:0E:81:57:4C:DE:46:44:AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J8OQD7137iLLcempDoFXTN5GRK0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1A23/AC533DEE289611EBBAAD5721C4F9AE02/9FE83F66289911EBAF69D425C4F9AE02.roa
Signing time: Thu 05 Jan 2023 00:20:28 +0000
ROA not before: Thu 05 Jan 2023 00:20:28 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 45250
IP address blocks: 203.81.176.0/24 maxlen: 24
203.81.177.0/24 maxlen: 24
203.81.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1417 (0x589)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1A23/serialNumber=27C3900FBD77EE22CB71E9A90E81574CDE4644AD
Validity
Not Before: Jan 5 00:20:28 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63b617cc-4967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:af:26:78:0e:d5:a4:a5:fb:36:90:bf:59:2a:
25:a7:16:16:43:16:33:91:67:dc:76:13:eb:de:13:
8d:fc:61:61:78:1c:34:5c:07:5e:91:0c:de:f8:78:
e4:1b:b6:73:58:d6:fd:77:81:eb:09:3e:f7:01:49:
2f:f3:ee:e4:1d:1d:f0:24:ca:cd:da:00:c7:5e:7d:
51:63:a7:88:09:23:87:c1:4e:ed:4a:ec:a3:67:af:
f6:cd:5e:f4:1a:2a:69:f5:bf:8b:ca:1a:7f:51:17:
54:6d:b0:eb:a9:41:83:63:d5:01:d9:f4:18:2c:00:
74:2f:84:99:ee:e5:ff:88:f1:ba:18:56:36:22:e3:
78:e5:24:d6:28:aa:4b:14:a2:59:7c:1e:69:4b:e3:
73:39:72:ed:03:15:b9:18:c5:68:e9:8e:bf:b3:f1:
81:d6:b1:7d:eb:e0:eb:9a:ee:00:fc:a8:a0:bb:9b:
6e:13:00:67:c8:2d:c2:70:73:70:62:ac:cc:db:fc:
3b:ab:03:97:2a:74:1f:2b:60:e1:7f:13:cf:a8:ed:
93:77:0b:e1:66:9b:6b:1e:17:64:4f:90:25:e8:14:
60:f1:dc:51:57:30:67:6e:95:5a:18:da:2e:58:20:
73:a1:08:71:a3:57:4b:e2:8d:3f:82:10:b0:3b:fe:
e3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:62:D8:2F:93:BE:3E:B4:CA:47:28:17:85:09:7C:81:6E:22:6E:0F
X509v3 Authority Key Identifier:
keyid:27:C3:90:0F:BD:77:EE:22:CB:71:E9:A9:0E:81:57:4C:DE:46:44:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1A23/AC533DEE289611EBBAAD5721C4F9AE02/J8OQD7137iLLcempDoFXTN5GRK0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J8OQD7137iLLcempDoFXTN5GRK0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1A23/AC533DEE289611EBBAAD5721C4F9AE02/9FE83F66289911EBAF69D425C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.81.176.0-203.81.178.255
Signature Algorithm: sha256WithRSAEncryption
7b:8a:1d:cb:d6:a8:02:06:c0:a3:7f:85:64:2b:40:f4:ef:37:
b7:a3:6a:08:88:82:7b:37:74:1f:8c:85:b5:80:67:86:d8:55:
0c:35:4c:f6:a1:29:48:ab:c1:f2:20:09:42:d5:2e:b4:90:13:
84:6f:d8:fc:a8:f4:c4:36:7a:b4:1a:8d:2a:db:99:d4:f5:b1:
a5:2e:dc:39:47:26:f9:10:6f:61:79:be:e9:5b:69:0a:c4:ab:
fd:aa:78:9c:68:e7:cd:b4:7a:d9:16:28:c1:c9:ac:73:8c:d0:
30:0b:cd:84:f3:e6:59:f9:45:a9:f9:5e:58:6c:18:52:8e:7c:
98:d8:85:38:77:03:87:a3:b2:b1:ea:e2:21:75:aa:d0:7e:16:
89:81:ef:6d:b5:8d:f7:f1:61:69:a3:62:eb:9a:1c:1d:1f:f3:
8f:a3:81:cf:26:8b:98:dc:63:e2:00:e0:5b:77:24:20:f9:f8:
f5:dd:57:3b:64:d4:06:cf:c3:a5:ec:e7:78:cd:8d:a4:25:c4:
99:0f:ab:64:6b:84:29:39:96:b1:2b:f9:17:75:82:dc:e1:67:
6f:d5:8b:e2:69:04:5a:49:e6:32:a2:78:84:7a:35:ab:0a:c8:
79:00:be:b1:a2:dc:27:be:b1:b4:45:1d:4f:db:97:bd:f5:b7:
a4:3a:31:07
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjFBMjMxMTAvBgNVBAUTKDI3QzM5MDBGQkQ3N0VFMjJDQjcxRTlBOTBFODE1NzRD
REU0NjQ0QUQwHhcNMjMwMTA1MDAyMDI4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I2MTdjYy00OTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz68meA7VpKX7NpC/WSolpxYWQxYzkWfcdhPr3hON/GFheBw0XAdekQze+Hjk
G7ZzWNb9d4HrCT73AUkv8+7kHR3wJMrN2gDHXn1RY6eICSOHwU7tSuyjZ6/2zV70
Gipp9b+Lyhp/URdUbbDrqUGDY9UB2fQYLAB0L4SZ7uX/iPG6GFY2IuN45STWKKpL
FKJZfB5pS+NzOXLtAxW5GMVo6Y6/s/GB1rF96+Drmu4A/Kigu5tuEwBnyC3CcHNw
YqzM2/w7qwOXKnQfK2DhfxPPqO2TdwvhZptrHhdkT5Al6BRg8dxRVzBnbpVaGNou
WCBzoQhxo1dL4o0/ghCwO/7j5QIDAQABo4ICnTCCApkwHQYDVR0OBBYEFORi2C+T
vj60ykcoF4UJfIFuIm4PMB8GA1UdIwQYMBaAFCfDkA+9d+4iy3HpqQ6BV0zeRkSt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUEyMy9BQzUzM0RFRTI4
OTYxMUVCQkFBRDU3MjFDNEY5QUUwMi9KOE9RRDcxMzdpTExjZW1wRG9GWFRONUdS
SzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0o4T1FENzEzN2lMTGNlbXBEb0ZYVE41R1JLMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjFBMjMvQUM1MzNERUUyODk2MTFFQkJBQUQ1NzIxQzRGOUFFMDIvOUZFODNGNjYy
ODk5MTFFQkFGNjlENDI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEBMtRsAMEAMtRsjANBgkqhkiG9w0BAQsFAAOCAQEAe4od
y9aoAgbAo3+FZCtA9O83t6NqCIiCezd0H4yFtYBnhthVDDVM9qEpSKvB8iAJQtUu
tJAThG/Y/Kj0xDZ6tBqNKtuZ1PWxpS7cOUcm+RBvYXm+6VtpCsSr/ap4nGjnzbR6
2RYowcmsc4zQMAvNhPPmWflFqfleWGwYUo58mNiFOHcDh6OyseriIXWq0H4WiYHv
bbWN9/FhaaNi65ocHR/zj6OBzyaLmNxj4gDgW3ckIPn49d1XO2TUBs/DpezneM2N
pCXEmQ+rZGuEKTmWsSv5F3WC3OFnb9WL4mkEWknmMqJ4hHo1qwrIeQC+saLcJ76x
tEUdT9uXvfW3pDoxBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:56 2024 by rpki-client on console-ams.rpki-client.org