Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/38709062D53E11EAA6BF5E13C4F9AE02.roa
File: 38709062D53E11EAA6BF5E13C4F9AE02.roa (raw, json)
Hash identifier: KqGXH/c2TxBQpIdfMJFd9RzDwwf0jxW8IZNlB21IbyU=
Subject key identifier: AB:BE:8E:0C:FC:9D:57:63:3A:C7:66:A2:AD:90:6E:0E:45:54:89:8C
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 13E3
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/38709062D53E11EAA6BF5E13C4F9AE02.roa
Signing time: Fri 18 Feb 2022 06:24:46 +0000
ROA not before: Fri 18 Feb 2022 06:24:46 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 38285
IP address blocks: 122.148.0.0/17 maxlen: 17
122.149.240.0/20 maxlen: 20
122.150.0.0/24 maxlen: 24
122.151.0.0/24 maxlen: 24
122.151.2.0/24 maxlen: 24
123.2.0.0/16 maxlen: 16
123.3.0.0/24 maxlen: 24
202.136.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5091 (0x13e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 18 06:24:46 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=620f3bad-d237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:14:b1:43:5c:15:e8:36:a9:b3:fb:4d:62:2c:
4f:ff:42:c4:9d:6c:6f:01:d7:3d:f8:39:5f:d2:14:
92:e2:df:87:b8:61:97:57:5e:4a:7d:d9:3f:09:fa:
c8:a1:b4:4d:59:bb:78:12:5b:69:d6:45:92:cf:3f:
28:45:0e:f2:d8:11:ef:91:84:5b:06:1b:06:f9:0e:
cd:0f:69:77:f6:13:d0:25:7f:0d:6b:17:18:1b:4a:
a0:9d:d0:98:36:c5:cd:75:20:2b:22:80:fc:40:b4:
c3:d2:28:de:70:85:8b:3d:62:6c:9f:e2:ac:9d:87:
50:f9:88:e2:66:8d:50:8d:d8:b8:55:ef:ee:6d:a1:
d1:15:7a:3f:17:5f:73:40:4d:b9:f7:67:b3:4e:2e:
0d:f4:a4:4d:c2:bc:e6:3d:2e:1e:1e:f8:e5:f4:ce:
97:1d:79:58:9a:1f:89:91:55:65:15:e6:80:b6:30:
63:7b:9c:ff:2d:29:9c:18:d2:af:6a:c9:dc:a6:d9:
02:1a:23:8a:1b:d2:82:9b:6d:66:ae:d8:bf:de:9b:
45:0c:86:3a:d8:fa:17:da:48:e9:50:56:49:b4:0e:
b2:0f:22:e2:72:98:e4:6d:69:e6:8d:54:25:fe:d4:
5e:de:3c:dc:f0:cc:7d:13:d4:1a:63:37:58:59:dc:
3c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:BE:8E:0C:FC:9D:57:63:3A:C7:66:A2:AD:90:6E:0E:45:54:89:8C
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/38709062D53E11EAA6BF5E13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.148.0.0/17
122.149.240.0-122.150.0.255
122.151.0.0/24
122.151.2.0/24
123.2.0.0-123.3.0.255
202.136.32.0/20
Signature Algorithm: sha256WithRSAEncryption
a8:c3:95:8a:2a:a5:3a:a9:f4:63:cb:a3:4e:e2:bb:71:8b:f7:
f2:2c:ca:02:66:30:4c:7d:0f:ba:de:4e:8a:5a:96:5b:5c:70:
6c:6a:8b:45:ac:38:ca:ce:cf:e9:c6:96:57:0c:1b:b8:c7:c0:
b4:79:28:2c:f1:42:01:04:9c:cb:2a:5f:4b:4d:81:df:a6:a6:
31:73:e6:1f:20:3a:93:d5:02:ab:e9:89:56:f1:0a:12:1d:9d:
23:0f:f5:2d:59:ab:41:51:6d:ae:07:53:51:57:6b:d6:31:bd:
b6:f6:a6:c3:b9:f2:b8:15:63:c2:c6:17:2a:c8:bc:fb:02:26:
ca:0a:22:98:4f:53:c9:82:ad:0d:ab:e4:d9:23:ea:f6:af:4d:
05:87:6e:02:9c:0b:f4:da:e8:fa:f8:04:cc:db:65:24:62:25:
18:82:eb:43:1f:37:27:de:10:ec:2f:90:ff:b0:2b:0d:a5:51:
71:62:4d:01:18:9d:de:ea:18:df:3a:9d:d0:34:b2:3c:61:3d:
10:00:e6:ee:c6:c4:d4:35:b2:c3:44:03:dd:5d:d8:09:a6:c3:
e7:5b:cc:70:29:56:e1:29:84:e1:53:8e:22:98:dd:ed:18:42:
49:9c:9f:4c:0a:cb:56:c5:3b:cc:c9:e8:0d:a1:87:d8:a1:49:
65:95:9b:9f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICE+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjIwMjE4MDYyNDQ2WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBmM2JhZC1kMjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApxSxQ1wV6Daps/tNYixP/0LEnWxvAdc9+Dlf0hSS4t+HuGGXV15Kfdk/CfrI
obRNWbt4Eltp1kWSzz8oRQ7y2BHvkYRbBhsG+Q7ND2l39hPQJX8NaxcYG0qgndCY
NsXNdSArIoD8QLTD0ijecIWLPWJsn+KsnYdQ+YjiZo1Qjdi4Ve/ubaHRFXo/F19z
QE2592ezTi4N9KRNwrzmPS4eHvjl9M6XHXlYmh+JkVVlFeaAtjBje5z/LSmcGNKv
asncptkCGiOKG9KCm21mrti/3ptFDIY62PoX2kjpUFZJtA6yDyLicpjkbWnmjVQl
/tRe3jzc8Mx9E9QaYzdYWdw8ZQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFKu+jgz8
nVdjOsdmoq2Qbg5FVImMMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvMzg3MDkwNjJE
NTNFMTFFQUE2QkY1RTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MDkEAgABMDMDBAd6lAAwDAMEBHqV8AMEAHqWAAMEAHqXAAMEAHqXAjALAwMB
ewIDBAB7AwADBATKiCAwDQYJKoZIhvcNAQELBQADggEBAKjDlYoqpTqp9GPLo07i
u3GL9/IsygJmMEx9D7reTopalltccGxqi0WsOMrOz+nGllcMG7jHwLR5KCzxQgEE
nMsqX0tNgd+mpjFz5h8gOpPVAqvpiVbxChIdnSMP9S1Zq0FRba4HU1FXa9Yxvbb2
psO58rgVY8LGFyrIvPsCJsoKIphPU8mCrQ2r5Nkj6vavTQWHbgKcC/Ta6Pr4BMzb
ZSRiJRiC60MfNyfeEOwvkP+wKw2lUXFiTQEYnd7qGN86ndA0sjxhPRAA5u7GxNQ1
ssNEA91d2Ammw+dbzHApVuEphOFTjiKY3e0YQkmcn0wKy1bFO8zJ6A2hh9ihSWWV
m58=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org