Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/E3DEDE3200E111EE9358EB4DC4F9AE02.roa
File: E3DEDE3200E111EE9358EB4DC4F9AE02.roa (raw, json)
Hash identifier: poqDlFovSgA2hPhoiISuxq42Y0IdPxRbnaKlSK6zP+E=
Subject key identifier: DC:42:E2:DB:67:A3:B0:FF:E0:BC:73:33:65:63:98:40:1E:2B:97:E9
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 23
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/E3DEDE3200E111EE9358EB4DC4F9AE02.roa
Signing time: Fri 02 Jun 2023 01:07:49 +0000
ROA not before: Fri 02 Jun 2023 01:07:49 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 204843
IP address blocks: 123.108.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35 (0x23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Jun 2 01:07:49 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=647940e4-fe7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:be:83:8e:39:40:bd:65:03:fc:45:8c:0c:76:
a2:db:1a:5e:a9:97:35:5f:eb:79:e7:5a:2c:f6:da:
68:b5:f8:6b:3b:0f:bd:48:e7:43:27:90:0f:ad:47:
26:9a:31:b4:ff:1a:41:8a:15:ad:3c:90:f2:31:3a:
9c:2f:9a:ec:7f:4d:5a:70:ac:cf:56:3b:de:d1:fa:
48:16:ab:e9:da:7f:48:24:e5:cf:fd:7a:4e:84:d6:
dd:a8:b0:a9:c4:be:26:33:b7:c6:0b:34:98:d2:da:
18:19:35:0e:d6:9b:1e:e8:42:71:f0:fd:3f:2e:fd:
d1:6c:0d:d8:3f:44:bb:47:f9:0b:98:93:28:9e:01:
4a:b5:47:3a:b8:0b:d0:5d:12:76:b0:f6:1f:bc:e6:
16:d7:ef:f9:f7:75:f5:cb:f3:54:19:69:ce:62:e3:
55:7b:46:f0:67:f3:4a:63:21:77:8f:71:e3:cf:c0:
4a:19:89:46:e6:24:9c:2b:d7:65:27:39:91:76:21:
56:33:7c:fc:a9:3d:63:b4:11:0f:51:1f:f4:1f:3b:
43:7f:51:1e:92:dd:83:44:27:3d:be:ce:a4:21:d7:
d1:ff:4b:e4:8f:54:ac:db:a9:f2:8d:ca:e5:0a:de:
16:a4:22:1f:48:c2:d2:14:2d:17:91:be:21:6b:ea:
0c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:42:E2:DB:67:A3:B0:FF:E0:BC:73:33:65:63:98:40:1E:2B:97:E9
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/E3DEDE3200E111EE9358EB4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.108.70.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:85:04:2d:11:0d:a0:80:e2:ad:4b:cc:05:87:77:77:98:34:
11:ba:45:2a:36:e4:a8:d8:a9:9f:23:57:5d:65:20:cd:dc:59:
e5:f2:b6:ec:a6:1e:da:7b:24:c3:8b:1f:e8:a9:e5:ef:a9:5e:
61:b9:87:4b:1b:67:34:2a:61:32:f7:7f:92:17:0f:cf:c4:ce:
bf:b3:c9:78:07:d0:2f:b4:7a:de:cd:59:c7:f8:e0:9f:c1:62:
e2:3f:25:3e:14:f7:de:88:59:9d:ff:b5:47:8c:94:06:94:c6:
60:52:08:5c:79:9d:2d:24:2a:b6:fc:21:65:55:8f:8b:b8:f7:
c4:57:b9:f8:6e:34:67:4e:67:e6:3a:6d:6d:4c:04:0b:03:f9:
05:a4:f9:22:c0:03:9b:bf:94:c4:aa:a2:20:12:30:8b:33:1f:
0a:ff:11:fb:2d:38:f9:94:db:58:bb:33:5c:5f:0e:a7:fe:58:
11:ff:8c:7b:05:fb:78:56:28:01:1e:f5:45:66:88:a0:72:e6:
5e:ff:04:60:28:e0:91:5b:ef:78:7e:ef:f0:3e:5e:ca:a2:ac:
bd:6c:ae:38:c3:23:13:c3:d0:18:8d:74:f1:60:39:b5:7e:45:
91:f1:b3:f3:d5:3a:c1:c9:2d:d5:b0:20:07:c4:83:af:c2:de:
05:60:09:e7
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
NjU1MDExMC8GA1UEBRMoNDU2RUVBMDY5MkM2QTRGMjZGNTNEMkQyMzdEMUNCNERD
RDc4MzMwNTAeFw0yMzA2MDIwMTA3NDlaFw0yMzA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0Nzk0MGU0LWZlN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMvoOOOUC9ZQP8RYwMdqLbGl6plzVf63nnWiz22mi1+Gs7D71I50MnkA+tRyaa
MbT/GkGKFa08kPIxOpwvmux/TVpwrM9WO97R+kgWq+naf0gk5c/9ek6E1t2osKnE
viYzt8YLNJjS2hgZNQ7Wmx7oQnHw/T8u/dFsDdg/RLtH+QuYkyieAUq1Rzq4C9Bd
Enaw9h+85hbX7/n3dfXL81QZac5i41V7RvBn80pjIXePcePPwEoZiUbmJJwr12Un
OZF2IVYzfPypPWO0EQ9RH/QfO0N/UR6S3YNEJz2+zqQh19H/S+SPVKzbqfKNyuUK
3hakIh9IwtIULReRviFr6gzHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU3ELi22ej
sP/gvHMzZWOYQB4rl+kwHwYDVR0jBBgwFoAURW7qBpLGpPJvU9LSN9HLTc14MwUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM2NTUwLzg0MDA5NTRBQ0VD
NDExRUQ4QTgzRkIxMUM0RjlBRTAyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUlc3cUJwTEdwUEp2VTlMU045SExUYzE0TXdVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NjU1MC84NDAwOTU0QUNFQzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9FM0RFREUzMjAw
RTExMUVFOTM1OEVCNERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAHtsRjANBgkqhkiG9w0BAQsFAAOCAQEAPIUELRENoIDirUvM
BYd3d5g0EbpFKjbkqNipnyNXXWUgzdxZ5fK27KYe2nskw4sf6Knl76leYbmHSxtn
NCphMvd/khcPz8TOv7PJeAfQL7R63s1Zx/jgn8Fi4j8lPhT33ohZnf+1R4yUBpTG
YFIIXHmdLSQqtvwhZVWPi7j3xFe5+G40Z05n5jptbUwECwP5BaT5IsADm7+UxKqi
IBIwizMfCv8R+y04+ZTbWLszXF8Op/5YEf+MewX7eFYoAR71RWaIoHLmXv8EYCjg
kVvveH7v8D5eyqKsvWyuOMMjE8PQGI108WA5tX5FkfGz89U6wckt1bAgB8SDr8Le
BWAJ5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:25 2024 by rpki-client on console-ams.rpki-client.org