Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/1DE4EFFA7F9311EA8177A82DC4F9AE02.roa
File: 1DE4EFFA7F9311EA8177A82DC4F9AE02.roa (raw, json)
Hash identifier: TXgMOJmOXB/vd1ZnQVWzxKpg5MwBwO5y0HfdMiMvVhs=
Subject key identifier: B3:CB:7C:51:F3:A4:B2:B7:2B:A8:DD:73:96:86:2A:19:34:53:77:2B
Certificate issuer: /CN=A91E9580/serialNumber=FE4FDA3967016C113AC807B849340AC6520F0802
Certificate serial: 060D
Authority key identifier: FE:4F:DA:39:67:01:6C:11:3A:C8:07:B8:49:34:0A:C6:52:0F:08:02
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_k_aOWcBbBE6yAe4STQKxlIPCAI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/1DE4EFFA7F9311EA8177A82DC4F9AE02.roa
Signing time: Tue 01 Feb 2022 10:28:26 +0000
ROA not before: Tue 01 Feb 2022 10:28:26 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 4769
IP address blocks: 123.100.224.0/24 maxlen: 24
203.142.6.0/23 maxlen: 23
203.142.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1549 (0x60d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E9580/serialNumber=FE4FDA3967016C113AC807B849340AC6520F0802
Validity
Not Before: Feb 1 10:28:26 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=61f90b4a-2d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:50:43:0e:af:c7:67:aa:93:f7:66:7b:10:75:
6a:40:30:79:3e:29:67:69:cc:75:2f:3a:df:0b:54:
1c:e6:fd:e4:74:89:9a:44:38:66:73:0e:1f:eb:e5:
c6:00:ad:be:56:6a:58:90:f4:29:0e:48:7f:1b:7a:
d5:70:7d:be:53:7a:49:34:df:5c:17:36:36:cb:1e:
0d:a9:25:bd:4b:1e:8d:e4:b1:f7:16:79:1e:3d:dd:
0d:b0:f9:d8:d4:89:93:fc:8d:2a:3d:68:9b:f4:85:
20:26:5b:dd:4f:ed:aa:5c:23:89:2e:98:08:37:f8:
92:a6:7d:a4:d6:58:b2:2f:bf:2e:17:54:da:40:b9:
5b:32:18:b5:92:bf:77:5d:02:24:37:b6:60:71:80:
ec:3e:b0:bb:a9:ae:d8:4b:03:c2:1c:93:84:f3:c4:
42:51:53:03:7c:29:c0:72:b2:81:0a:d1:47:f0:15:
94:04:ff:ca:cf:1e:d4:59:2f:0d:ae:72:54:5b:57:
98:46:0c:65:1f:56:f8:c8:30:ac:2f:64:82:eb:2c:
6c:b7:6c:b4:3b:b3:a6:ae:4b:8b:9a:9d:3b:25:8d:
db:c6:9e:40:72:da:f8:b6:21:87:75:b0:d1:0e:07:
2c:06:e1:d7:39:36:3f:59:8f:12:c8:cb:d3:04:79:
fc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CB:7C:51:F3:A4:B2:B7:2B:A8:DD:73:96:86:2A:19:34:53:77:2B
X509v3 Authority Key Identifier:
keyid:FE:4F:DA:39:67:01:6C:11:3A:C8:07:B8:49:34:0A:C6:52:0F:08:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/_k_aOWcBbBE6yAe4STQKxlIPCAI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_k_aOWcBbBE6yAe4STQKxlIPCAI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9580/C7CE2E107F8D11EAAD8CD51EC4F9AE02/1DE4EFFA7F9311EA8177A82DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.100.224.0/24
203.142.6.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:ed:a0:65:71:bb:23:82:f0:99:11:ab:03:a8:a4:fe:26:a3:
66:cb:0b:88:0d:77:4e:db:19:48:d0:9c:e8:46:fe:67:bb:bf:
37:08:c6:48:54:99:64:f9:5b:73:3a:39:97:c9:63:c5:a8:8a:
f2:15:1d:2e:5e:eb:26:95:e5:14:ef:2c:50:ec:94:82:c6:0b:
ba:84:52:1f:05:32:e7:22:ee:48:df:b8:12:ca:ec:9a:79:84:
6c:e5:be:42:5f:fc:90:80:5c:01:1c:15:ea:10:61:91:a8:1d:
05:72:b6:4b:91:87:bf:07:c2:9e:94:50:f5:04:ac:ec:62:9e:
f5:3a:b6:98:13:d9:03:61:8e:a3:a2:23:ba:d3:14:28:7c:e6:
a3:eb:dc:35:84:7e:59:41:af:9e:0b:f3:c6:fd:35:4c:26:e7:
5e:74:51:34:45:86:f5:e1:cc:7b:32:54:83:e3:67:46:4e:a2:
24:b7:1e:f3:a5:6b:bc:e7:09:5a:22:5f:c1:92:64:ff:78:63:
fd:dc:18:3f:1c:95:96:da:46:80:08:27:93:80:a0:cd:ff:5c:
0a:8a:40:23:50:90:e8:64:37:2a:cf:1d:96:c9:54:a3:9f:4e:
0f:8a:4a:21:23:13:c9:53:c6:b1:b4:ee:7b:37:da:b4:7c:59:
c7:59:12:be
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTk1ODAxMTAvBgNVBAUTKEZFNEZEQTM5NjcwMTZDMTEzQUM4MDdCODQ5MzQwQUM2
NTIwRjA4MDIwHhcNMjIwMjAxMTAyODI2WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY5MGI0YS0yZDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx1BDDq/HZ6qT92Z7EHVqQDB5Pilnacx1LzrfC1Qc5v3kdImaRDhmcw4f6+XG
AK2+VmpYkPQpDkh/G3rVcH2+U3pJNN9cFzY2yx4NqSW9Sx6N5LH3FnkePd0NsPnY
1ImT/I0qPWib9IUgJlvdT+2qXCOJLpgIN/iSpn2k1liyL78uF1TaQLlbMhi1kr93
XQIkN7ZgcYDsPrC7qa7YSwPCHJOE88RCUVMDfCnAcrKBCtFH8BWUBP/Kzx7UWS8N
rnJUW1eYRgxlH1b4yDCsL2SC6yxst2y0O7OmrkuLmp07JY3bxp5Actr4tiGHdbDR
DgcsBuHXOTY/WY8SyMvTBHn8mQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLPLfFHz
pLK3K6jdc5aGKhk0U3crMB8GA1UdIwQYMBaAFP5P2jlnAWwROsgHuEk0CsZSDwgC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTU4MC9DN0NFMkUxMDdG
OEQxMUVBQUQ4Q0Q1MUVDNEY5QUUwMi9fa19hT1djQmJCRTZ5QWU0U1RRS3hsSVBD
QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19rX2FPV2NCYkJFNnlBZTRTVFFLeGxJUENBSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTk1ODAvQzdDRTJFMTA3RjhEMTFFQUFEOENENTFFQzRGOUFFMDIvMURFNEVGRkE3
RjkzMTFFQTgxNzdBODJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB7ZOADBAHLjgYwDQYJKoZIhvcNAQELBQADggEBAEztoGVx
uyOC8JkRqwOopP4mo2bLC4gNd07bGUjQnOhG/me7vzcIxkhUmWT5W3M6OZfJY8Wo
ivIVHS5e6yaV5RTvLFDslILGC7qEUh8FMuci7kjfuBLK7Jp5hGzlvkJf/JCAXAEc
FeoQYZGoHQVytkuRh78Hwp6UUPUErOxinvU6tpgT2QNhjqOiI7rTFCh85qPr3DWE
fllBr54L88b9NUwm5150UTRFhvXhzHsyVIPjZ0ZOoiS3HvOla7znCVoiX8GSZP94
Y/3cGD8clZbaRoAIJ5OAoM3/XAqKQCNQkOhkNyrPHZbJVKOfTg+KSiEjE8lTxrG0
7ns32rR8WcdZEr4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org