Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/0B49672A716911EDA03D4A50C4F9AE02.roa
File: 0B49672A716911EDA03D4A50C4F9AE02.roa (raw, json)
Hash identifier: dz8MDa75h/gz6YzQBFQqxcycg1NWiakydgPJN071RkU=
Subject key identifier: 6B:A8:47:4D:AC:A5:6A:A4:EA:AE:4C:16:AF:4C:A9:1D:C6:CA:90:73
Certificate issuer: /CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Certificate serial: 0300
Authority key identifier: 56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/0B49672A716911EDA03D4A50C4F9AE02.roa
Signing time: Thu 01 Dec 2022 11:12:29 +0000
ROA not before: Thu 01 Dec 2022 11:12:29 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 0
IP address blocks: 118.185.60.0/24 maxlen: 24
122.15.88.0/21 maxlen: 21
2400:5200:402::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 768 (0x300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Validity
Not Before: Dec 1 11:12:29 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63888c1d-4820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:ff:60:a9:a9:85:7c:ec:91:00:7f:45:2f:
8d:e5:36:2f:1e:ef:bb:21:3f:3b:79:a2:ed:07:07:
20:0a:41:75:d4:19:7c:ce:91:da:f2:de:c8:99:72:
15:fe:b2:9e:da:ff:8a:cc:24:85:cc:f6:de:57:ae:
cc:e2:cc:57:a2:7b:63:61:ea:40:5f:26:97:6f:98:
9d:fc:c5:86:6b:48:ed:bb:11:98:a7:c4:5b:84:f2:
94:6e:c9:02:35:64:c2:2f:ac:2d:0a:9b:f2:d0:4e:
27:a5:b2:16:53:10:04:f9:00:c7:ec:a6:ab:ac:e7:
32:82:f3:8e:b1:c9:01:b6:44:22:81:1c:b8:6c:77:
6a:e2:51:ee:77:8c:14:5e:80:ab:9e:73:29:d4:d2:
1a:18:7a:ee:16:fb:2b:89:54:53:60:a0:d4:c9:1a:
32:b6:7b:14:5c:61:fc:8e:20:36:cb:df:d0:45:bf:
04:33:05:20:89:22:4f:c5:38:54:0c:78:d1:6d:3d:
3d:9c:50:77:68:70:06:ba:09:d2:b9:c6:b2:9d:16:
cb:df:b6:69:64:cf:a2:d0:c5:aa:ae:b5:77:4b:d1:
46:0c:ee:da:28:ef:58:22:bd:2b:5a:0f:e5:63:1a:
c4:67:a7:a4:5e:7d:de:c0:c3:6d:59:74:3c:ed:45:
72:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A8:47:4D:AC:A5:6A:A4:EA:AE:4C:16:AF:4C:A9:1D:C6:CA:90:73
X509v3 Authority Key Identifier:
keyid:56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/0B49672A716911EDA03D4A50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.185.60.0/24
122.15.88.0/21
IPv6:
2400:5200:402::/48
Signature Algorithm: sha256WithRSAEncryption
67:49:9e:00:7d:66:53:e7:9c:73:67:23:94:b7:0d:92:a0:e2:
f1:d5:73:aa:57:87:f6:d0:d6:f0:fe:dc:5d:6a:04:77:18:1a:
57:e9:29:9f:e4:b9:0e:7a:49:65:92:39:c0:7a:d9:48:ca:c4:
9e:aa:6b:82:26:ec:88:e0:0b:8e:73:67:86:c3:84:da:a8:7b:
65:b4:40:13:7f:7e:ed:14:fb:30:9c:d4:30:da:d0:9c:24:16:
8f:78:ef:6b:5d:30:f8:72:14:c4:3c:dc:cb:7d:73:c0:44:29:
54:fd:72:b9:00:2f:34:8e:48:6c:18:6d:cb:1e:5f:e1:fe:47:
d6:13:ac:c3:50:a5:69:2b:fb:80:eb:9f:e0:a1:d9:ab:cf:d4:
7b:78:af:ac:58:37:30:b7:18:69:a2:c6:28:14:59:f0:2f:8d:
d0:5b:ab:90:66:5b:66:ca:25:f5:49:87:0f:c1:4f:d3:3c:6d:
97:b9:c7:da:41:c9:59:ce:33:d9:d7:92:fe:6b:a6:43:a6:29:
b5:68:74:5c:e6:21:bb:58:0b:b1:da:8f:36:76:14:a1:52:6c:
81:dd:65:64:11:ae:83:9f:b1:65:03:f9:e7:a1:5c:ef:ce:6f:
b6:11:59:55:c6:36:a6:8b:19:61:20:28:3a:e6:05:01:72:b7:
c4:c5:bc:f9
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICAwAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0QzOUQxMTAvBgNVBAUTKDU2Qjk4M0U0NkJDQkExMTVGRjIyNjVGRTQ5MTkwOUM3
RDc0MTQ3RjMwHhcNMjIxMjAxMTExMjI5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg4OGMxZC00ODIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq87/YKmphXzskQB/RS+N5TYvHu+7IT87eaLtBwcgCkF11Bl8zpHa8t7ImXIV
/rKe2v+KzCSFzPbeV67M4sxXontjYepAXyaXb5id/MWGa0jtuxGYp8RbhPKUbskC
NWTCL6wtCpvy0E4npbIWUxAE+QDH7KarrOcygvOOsckBtkQigRy4bHdq4lHud4wU
XoCrnnMp1NIaGHruFvsriVRTYKDUyRoytnsUXGH8jiA2y9/QRb8EMwUgiSJPxThU
DHjRbT09nFB3aHAGugnSucaynRbL37ZpZM+i0MWqrrV3S9FGDO7aKO9YIr0rWg/l
YxrEZ6ekXn3ewMNtWXQ87UVyEwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFGuoR02s
pWqk6q5MFq9MqR3GypBzMB8GA1UdIwQYMBaAFFa5g+Rry6EV/yJl/kkZCcfXQUfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDM5RC9ERTdEMkY5NDRF
NzYxMUVDQTU3MjBCNzlDNEY5QUUwMi9Wcm1ENUd2TG9SWF9JbVgtU1JrSng5ZEJS
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZybUQ1R3ZMb1JYX0ltWC1TUmtKeDlkQlJfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0QzOUQvREU3RDJGOTQ0RTc2MTFFQ0E1NzIwQjc5QzRGOUFFMDIvMEI0OTY3MkE3
MTY5MTFFREEwM0Q0QTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAB2uTwDBAN6D1gwDwQCAAIwCQMHACQAUgAEAjANBgkqhkiG
9w0BAQsFAAOCAQEAZ0meAH1mU+ecc2cjlLcNkqDi8dVzqleH9tDW8P7cXWoEdxga
V+kpn+S5DnpJZZI5wHrZSMrEnqprgibsiOALjnNnhsOE2qh7ZbRAE39+7RT7MJzU
MNrQnCQWj3jva10w+HIUxDzcy31zwEQpVP1yuQAvNI5IbBhtyx5f4f5H1hOsw1Cl
aSv7gOuf4KHZq8/Ue3ivrFg3MLcYaaLGKBRZ8C+N0FurkGZbZsol9UmHD8FP0zxt
l7nH2kHJWc4z2deS/mumQ6YptWh0XOYhu1gLsdqPNnYUoVJsgd1lZBGug5+xZQP5
56Fc785vthFZVcY2posZYSAoOuYFAXK3xMW8+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:27 2024 by rpki-client on console-ams.rpki-client.org