Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F30019F48C5611E792848B4AC4F9AE02.roa
File: F30019F48C5611E792848B4AC4F9AE02.roa (raw, json)
Hash identifier: CrTfsMveiCB9RrwyDXfOzArWJZoOnLCKEbRFgxzqj3U=
Subject key identifier: 74:EB:FD:E0:33:45:A9:8C:C1:9B:1A:8C:88:E2:E9:F9:7F:3A:32:CE
Certificate issuer: /CN=A91DFB70/serialNumber=5D2DD154B5DCE21FB786C526DBDEF1B045928AB8
Certificate serial: 24C6
Authority key identifier: 5D:2D:D1:54:B5:DC:E2:1F:B7:86:C5:26:DB:DE:F1:B0:45:92:8A:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XS3RVLXc4h-3hsUm297xsEWSirg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F30019F48C5611E792848B4AC4F9AE02.roa
Signing time: Thu 06 Apr 2023 16:33:16 +0000
ROA not before: Thu 06 Apr 2023 16:33:16 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 18115
IP address blocks: 27.110.128.0/24 maxlen: 24
58.71.117.0/24 maxlen: 24
122.54.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9414 (0x24c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DFB70/serialNumber=5D2DD154B5DCE21FB786C526DBDEF1B045928AB8
Validity
Not Before: Apr 6 16:33:16 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=642ef44c-ce42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a5:b1:a9:ff:e3:f6:89:f0:5a:c9:e9:7b:c6:
3d:19:e9:d8:9f:2b:4b:f6:16:49:c4:d4:4e:67:19:
71:22:0a:37:ab:4c:7b:1e:33:59:a4:16:98:3e:90:
3e:0e:b6:96:8e:7c:82:34:d9:c2:58:0b:c3:25:02:
33:7f:bd:77:d6:be:3d:d7:dc:68:ec:7f:94:93:c6:
f7:bf:1d:1f:e0:14:3a:1c:14:27:6b:f9:7b:70:36:
ca:8b:71:78:b4:38:27:33:1d:69:a2:77:10:24:94:
23:3a:f1:c4:85:08:77:d7:b8:9b:f2:36:9c:e1:07:
23:49:3b:e6:68:27:00:5f:15:97:f1:6a:18:8b:5a:
db:9c:11:a8:6e:00:b4:d4:5a:ee:f9:f6:8a:95:d6:
a8:a0:d3:a8:65:24:2d:0e:6c:ed:b0:06:a2:bc:6e:
d9:0d:59:d9:e8:6b:9e:12:6f:dc:03:4a:59:e7:02:
20:a0:54:50:22:bb:9d:88:d0:f9:eb:db:e7:1d:47:
39:ec:ce:77:a6:35:3a:55:8c:23:c1:47:44:47:73:
b3:f2:96:f3:5c:5e:05:b3:7f:bf:0a:22:21:ca:f3:
b0:fd:41:69:65:0a:47:d1:31:87:ae:72:55:6f:3a:
df:fc:8f:4d:9c:d1:9c:fa:ca:15:05:c7:da:0e:3b:
5a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EB:FD:E0:33:45:A9:8C:C1:9B:1A:8C:88:E2:E9:F9:7F:3A:32:CE
X509v3 Authority Key Identifier:
keyid:5D:2D:D1:54:B5:DC:E2:1F:B7:86:C5:26:DB:DE:F1:B0:45:92:8A:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/XS3RVLXc4h-3hsUm297xsEWSirg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XS3RVLXc4h-3hsUm297xsEWSirg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F30019F48C5611E792848B4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.110.128.0/24
58.71.117.0/24
122.54.67.0/24
Signature Algorithm: sha256WithRSAEncryption
89:6a:66:1c:4f:2a:9c:45:41:d0:7b:b1:38:ec:d7:69:8f:f1:
a7:81:71:5a:3a:af:3d:7d:cc:9a:76:3c:3a:38:db:81:94:ca:
fa:f9:e1:1c:8a:93:09:9d:e8:db:1d:5a:6c:00:95:61:c2:87:
6a:0d:15:fd:50:97:72:15:9b:f7:c5:2b:4e:03:b6:5e:34:8e:
6d:02:ee:b6:53:5c:85:d5:70:25:16:ac:9a:a7:4c:b7:3f:c8:
1c:d2:fb:95:79:30:a7:ec:00:81:70:ed:6b:5e:cd:c1:20:52:
30:7e:58:d9:42:e2:e6:66:4a:f1:63:1d:9d:bc:4d:02:ad:a6:
79:88:69:cf:fb:aa:df:80:87:26:06:bf:4c:3f:18:7b:87:50:
5a:b9:1a:ca:da:27:ab:35:61:d9:29:09:b1:17:7b:e5:2c:07:
3f:ef:d6:f2:cb:2c:10:ae:36:44:59:38:d8:97:cf:1d:a3:9d:
c2:a7:25:d8:b0:c6:6d:23:d2:5c:6e:65:44:88:63:39:e2:c5:
b9:9f:99:3c:c5:80:87:70:6f:19:38:75:38:72:ef:b5:11:3e:
c4:fa:b3:01:a1:05:b1:c3:1e:51:25:78:a5:39:d6:9b:f5:1f:
e3:51:ef:3b:85:63:1d:77:ad:67:7d:06:40:2f:20:30:01:cc:
81:a6:70:14
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REZCNzAxMTAvBgNVBAUTKDVEMkREMTU0QjVEQ0UyMUZCNzg2QzUyNkRCREVGMUIw
NDU5MjhBQjgwHhcNMjMwNDA2MTYzMzE2WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJlZjQ0Yy1jZTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7qWxqf/j9onwWsnpe8Y9GenYnytL9hZJxNROZxlxIgo3q0x7HjNZpBaYPpA+
DraWjnyCNNnCWAvDJQIzf7131r4919xo7H+Uk8b3vx0f4BQ6HBQna/l7cDbKi3F4
tDgnMx1poncQJJQjOvHEhQh317ib8jac4QcjSTvmaCcAXxWX8WoYi1rbnBGobgC0
1Fru+faKldaooNOoZSQtDmztsAaivG7ZDVnZ6GueEm/cA0pZ5wIgoFRQIrudiND5
69vnHUc57M53pjU6VYwjwUdER3Oz8pbzXF4Fs3+/CiIhyvOw/UFpZQpH0TGHrnJV
bzrf/I9NnNGc+soVBcfaDjtaeQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHTr/eAz
RamMwZsajIji6fl/OjLOMB8GA1UdIwQYMBaAFF0t0VS13OIft4bFJtve8bBFkoq4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERkI3MC8yOTgzNjQ3Qzgz
OEYxMUU1ODZGQzU4MTJDNEY5QUUwMi9YUzNSVkxYYzRoLTNoc1VtMjk3eHNFV1Np
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hTM1JWTFhjNGgtM2hzVW0yOTd4c0VXU2lyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REZCNzAvMjk4MzY0N0M4MzhGMTFFNTg2RkM1ODEyQzRGOUFFMDIvRjMwMDE5RjQ4
QzU2MTFFNzkyODQ4QjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAbboADBAA6R3UDBAB6NkMwDQYJKoZIhvcNAQELBQADggEB
AIlqZhxPKpxFQdB7sTjs12mP8aeBcVo6rz19zJp2PDo424GUyvr54RyKkwmd6Nsd
WmwAlWHCh2oNFf1Ql3IVm/fFK04Dtl40jm0C7rZTXIXVcCUWrJqnTLc/yBzS+5V5
MKfsAIFw7WtezcEgUjB+WNlC4uZmSvFjHZ28TQKtpnmIac/7qt+AhyYGv0w/GHuH
UFq5GsraJ6s1YdkpCbEXe+UsBz/v1vLLLBCuNkRZONiXzx2jncKnJdiwxm0j0lxu
ZUSIYznixbmfmTzFgIdwbxk4dThy77URPsT6swGhBbHDHlEleKU51pv1H+NR7zuF
Yx13rWd9BkAvIDABzIGmcBQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org