Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4E9106BE09DA11EEBA18A082C4F9AE02.roa
File: 4E9106BE09DA11EEBA18A082C4F9AE02.roa (raw, json)
Hash identifier: SRydX2nZnK5dHUpqDuo4uacBxvcEeeNbWIB6JTEO9bc=
Subject key identifier: FA:94:AA:A1:7D:C7:D8:90:E1:70:A7:72:7C:5C:9E:CC:A5:EB:CE:25
Certificate issuer: /CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Certificate serial: 023C
Authority key identifier: 70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4E9106BE09DA11EEBA18A082C4F9AE02.roa
Signing time: Tue 13 Jun 2023 11:06:12 +0000
ROA not before: Tue 13 Jun 2023 11:06:12 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 136816
IP address blocks: 210.79.61.0/24 maxlen: 24
210.79.62.0/24 maxlen: 24
210.79.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 572 (0x23c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C63A6/serialNumber=701F3C14F0AD7EEF65D34D003CDC1924648CDE37
Validity
Not Before: Jun 13 11:06:12 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64884da4-3ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c5:1c:54:57:41:e5:6d:47:25:06:fa:36:b1:
13:34:92:00:a7:e8:7b:22:c0:f6:1c:ce:b4:7f:14:
94:1e:6d:92:52:89:bf:c9:f6:14:6d:6a:33:b2:b0:
d9:7c:72:a9:71:1b:8f:85:05:5c:0c:4f:ab:55:0d:
6a:69:af:5c:3c:8a:62:fe:b7:e5:56:6d:3d:41:c2:
98:31:90:0e:f7:14:12:18:ff:c3:7c:39:3e:8d:7d:
e8:61:63:79:d0:b6:f4:32:f1:35:18:ba:61:f1:bb:
49:60:3e:7a:c1:7c:39:63:5f:df:92:92:01:ea:07:
fb:77:77:14:71:f7:59:a3:7b:45:94:78:4f:04:a1:
87:0f:ec:87:be:b2:87:68:52:70:0e:f5:5e:7a:90:
0a:84:c3:96:9b:e5:f1:83:fe:dd:ad:5d:79:22:a0:
37:bf:1a:ea:7e:66:a0:c6:97:c2:09:aa:3f:e1:c7:
27:22:89:71:c4:cd:5b:33:e0:cb:e7:0a:99:45:06:
09:73:94:1d:ee:88:a4:2d:75:3e:21:cf:25:d1:07:
4d:80:56:cf:c8:45:3d:b0:de:70:6d:b8:e3:85:37:
10:61:d7:b9:a6:b3:5d:3e:a5:5c:f0:20:d8:5e:36:
5f:3a:13:4b:29:d4:ab:ce:87:ee:4b:33:2d:27:30:
51:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:94:AA:A1:7D:C7:D8:90:E1:70:A7:72:7C:5C:9E:CC:A5:EB:CE:25
X509v3 Authority Key Identifier:
keyid:70:1F:3C:14:F0:AD:7E:EF:65:D3:4D:00:3C:DC:19:24:64:8C:DE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/cB88FPCtfu9l000APNwZJGSM3jc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cB88FPCtfu9l000APNwZJGSM3jc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C63A6/0D39C4E49A9B11EC82C70B20C4F9AE02/4E9106BE09DA11EEBA18A082C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.79.61.0-210.79.63.255
Signature Algorithm: sha256WithRSAEncryption
7f:9a:f9:44:34:e1:11:96:cb:08:57:68:cb:cc:d8:48:d6:81:
de:76:9d:3e:64:37:a5:c8:ba:2d:7b:4f:a6:58:96:5f:64:8a:
70:80:05:8d:9b:d0:e1:55:18:ff:32:30:54:81:4f:ee:55:64:
b5:7d:e6:9e:51:35:15:8a:97:53:65:b4:67:1d:92:1e:a8:14:
4e:b6:cb:a9:e7:c7:1d:e0:60:da:5d:d2:2f:d0:42:25:98:7c:
09:17:54:62:d1:55:aa:ed:b4:7b:b4:4b:5c:79:e0:6b:14:bf:
5e:d2:ef:39:c5:2d:74:dc:4e:81:9e:d5:7e:15:08:a9:74:c4:
d4:22:fe:aa:60:28:f9:57:b4:e9:41:b1:1e:9b:44:2e:58:d5:
51:eb:e1:25:6e:fa:b3:4b:35:6e:32:4c:11:43:c4:3b:92:80:
bb:ed:9d:7d:03:b9:db:ff:dc:3a:d2:eb:93:4d:37:1c:d9:0e:
0b:57:03:03:e5:d7:2c:cb:d2:85:21:94:02:3f:35:f6:b7:b1:
f4:92:12:ba:ab:fb:6d:6a:22:52:bb:a3:73:a3:85:c2:8a:0d:
e8:17:92:c6:f8:a9:e8:f1:4d:62:01:e2:4a:0b:fd:a5:08:27:
5b:48:3d:49:e0:bc:42:eb:21:01:21:07:32:46:ba:40:37:cb:
cb:46:f3:95
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAjwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzYzQTYxMTAvBgNVBAUTKDcwMUYzQzE0RjBBRDdFRUY2NUQzNEQwMDNDREMxOTI0
NjQ4Q0RFMzcwHhcNMjMwNjEzMTEwNjEyWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg4NGRhNC0zY2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3cUcVFdB5W1HJQb6NrETNJIAp+h7IsD2HM60fxSUHm2SUom/yfYUbWozsrDZ
fHKpcRuPhQVcDE+rVQ1qaa9cPIpi/rflVm09QcKYMZAO9xQSGP/DfDk+jX3oYWN5
0Lb0MvE1GLph8btJYD56wXw5Y1/fkpIB6gf7d3cUcfdZo3tFlHhPBKGHD+yHvrKH
aFJwDvVeepAKhMOWm+Xxg/7drV15IqA3vxrqfmagxpfCCao/4ccnIolxxM1bM+DL
5wqZRQYJc5Qd7oikLXU+Ic8l0QdNgFbPyEU9sN5wbbjjhTcQYde5prNdPqVc8CDY
XjZfOhNLKdSrzofuSzMtJzBRLQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFPqUqqF9
x9iQ4XCncnxcnsyl684lMB8GA1UdIwQYMBaAFHAfPBTwrX7vZdNNADzcGSRkjN43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjNBNi8wRDM5QzRFNDlB
OUIxMUVDODJDNzBCMjBDNEY5QUUwMi9jQjg4RlBDdGZ1OWwwMDBBUE53WkpHU00z
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NCODhGUEN0ZnU5bDAwMEFQTndaSkdTTTNqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzYzQTYvMEQzOUM0RTQ5QTlCMTFFQzgyQzcwQjIwQzRGOUFFMDIvNEU5MTA2QkUw
OURBMTFFRUJBMThBMDgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEANJPPQMEBtJPADANBgkqhkiG9w0BAQsFAAOCAQEAf5r5
RDThEZbLCFdoy8zYSNaB3nadPmQ3pci6LXtPpliWX2SKcIAFjZvQ4VUY/zIwVIFP
7lVktX3mnlE1FYqXU2W0Zx2SHqgUTrbLqefHHeBg2l3SL9BCJZh8CRdUYtFVqu20
e7RLXHngaxS/XtLvOcUtdNxOgZ7VfhUIqXTE1CL+qmAo+Ve06UGxHptELljVUevh
JW76s0s1bjJMEUPEO5KAu+2dfQO52//cOtLrk003HNkOC1cDA+XXLMvShSGUAj81
9rex9JISuqv7bWoiUrujc6OFwooN6BeSxvip6PFNYgHiSgv9pQgnW0g9SeC8Qush
ASEHMka6QDfLy0bzlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org