Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/10396C6A568611EDAB9E6D87C4F9AE02.roa
File: 10396C6A568611EDAB9E6D87C4F9AE02.roa (raw, json)
Hash identifier: qdcMr/tPsWVROBHEzwkkf/5vqJKxC7dQuUgOA9Y5EC0=
Subject key identifier: 3E:44:DD:4A:92:DA:90:CA:4E:43:69:77:59:0C:88:AA:D2:43:A1:C8
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2632
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/10396C6A568611EDAB9E6D87C4F9AE02.roa
Signing time: Tue 20 Dec 2022 16:12:06 +0000
ROA not before: Tue 20 Dec 2022 16:12:06 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 10015
IP address blocks: 43.250.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9778 (0x2632)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Dec 20 16:12:06 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63a1ded6-b681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e2:6c:e1:54:f2:84:fc:07:da:c0:6d:e0:28:
6e:13:a1:28:ab:b9:14:4f:d2:59:6e:1b:13:9c:b2:
10:51:3e:61:7f:aa:00:c9:6d:f5:76:94:82:1c:25:
39:41:19:29:b3:c0:0c:78:d9:cd:51:45:89:38:cb:
c3:7d:a2:20:ea:a2:38:6c:9a:59:61:ef:82:41:12:
1a:0a:91:5e:0a:03:25:29:a9:74:86:ad:8c:64:b6:
6a:f0:65:74:3a:fc:a5:27:b1:3b:cf:3e:62:0d:a8:
a3:3d:bf:5c:b8:d1:f5:6a:b4:6d:91:8f:75:0f:96:
47:24:6c:88:43:c8:c5:2b:2a:84:88:3b:86:2a:cb:
fd:4a:7b:85:73:39:c0:8f:87:cc:d1:88:e7:be:dc:
de:d1:1e:2c:c7:f5:c4:5b:ca:d4:25:8d:16:d5:7b:
b0:32:2f:01:a8:95:0f:23:17:cc:f8:36:48:bc:35:
27:42:6d:77:a1:77:48:f4:ed:07:4d:7e:df:b3:ff:
6b:9f:e8:55:98:3d:26:34:4f:3b:3f:d7:c0:15:69:
18:e1:bd:b6:1d:5e:98:bf:be:cf:67:38:f9:ad:37:
9f:0a:9d:a9:a2:19:cd:41:b8:b4:b1:4b:b5:ef:51:
ab:c0:b9:c1:5e:4f:3f:c1:2b:ab:4a:b6:61:c1:3b:
07:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:44:DD:4A:92:DA:90:CA:4E:43:69:77:59:0C:88:AA:D2:43:A1:C8
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/10396C6A568611EDAB9E6D87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.124.0/24
Signature Algorithm: sha256WithRSAEncryption
18:03:4c:0d:a0:d1:65:23:e0:25:03:98:42:96:0c:a5:60:48:
2f:ce:a5:5d:e4:11:34:2d:5b:c8:d7:a3:8d:ca:9f:65:de:06:
1f:77:06:4c:a7:35:84:14:e4:5b:15:bf:dd:62:fe:f0:d7:a5:
fb:18:28:80:27:19:78:f1:af:5a:5d:f0:c1:f1:be:83:0a:7a:
5d:8d:9b:b9:68:b7:2c:1c:68:84:0f:36:d9:c1:22:78:94:cd:
c6:c3:b3:7f:93:cf:26:c2:00:48:28:f9:7b:3b:61:92:ab:1b:
58:a7:51:3f:b3:62:63:6c:77:d2:41:3f:f9:bc:a5:d0:8e:13:
63:65:84:37:31:5c:30:0e:9a:d5:a0:48:aa:47:14:e4:44:eb:
2a:b3:f1:4e:3c:30:d5:9d:8e:88:c2:72:9f:2e:54:a1:af:f4:
54:60:3a:11:08:42:97:0e:cb:c9:03:af:84:56:67:65:87:a9:
ce:50:c4:2b:6d:22:d3:55:47:f2:b1:ff:ca:0c:8b:cb:b3:ab:
13:1a:97:f2:dd:27:a8:b2:cd:23:39:9f:46:f3:70:ba:5e:16:
a6:dd:af:22:bd:e9:25:b9:19:ce:07:e9:cd:c7:dc:07:ba:23:
16:3c:34:2b:80:c0:7d:8b:8f:26:45:6b:7d:03:48:66:2a:1f:
f5:e9:0d:d3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjIxMjIwMTYxMjA2WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ExZGVkNi1iNjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAquJs4VTyhPwH2sBt4ChuE6Eoq7kUT9JZbhsTnLIQUT5hf6oAyW31dpSCHCU5
QRkps8AMeNnNUUWJOMvDfaIg6qI4bJpZYe+CQRIaCpFeCgMlKal0hq2MZLZq8GV0
OvylJ7E7zz5iDaijPb9cuNH1arRtkY91D5ZHJGyIQ8jFKyqEiDuGKsv9SnuFcznA
j4fM0Yjnvtze0R4sx/XEW8rUJY0W1XuwMi8BqJUPIxfM+DZIvDUnQm13oXdI9O0H
TX7fs/9rn+hVmD0mNE87P9fAFWkY4b22HV6Yv77PZzj5rTefCp2pohnNQbi0sUu1
71GrwLnBXk8/wSurSrZhwTsHvwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD5E3UqS
2pDKTkNpd1kMiKrSQ6HIMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvMTAzOTZDNkE1
Njg2MTFFREFCOUU2RDg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+nwwDQYJKoZIhvcNAQELBQADggEBABgDTA2g0WUj4CUD
mEKWDKVgSC/OpV3kETQtW8jXo43Kn2XeBh93BkynNYQU5FsVv91i/vDXpfsYKIAn
GXjxr1pd8MHxvoMKel2Nm7lotywcaIQPNtnBIniUzcbDs3+TzybCAEgo+Xs7YZKr
G1inUT+zYmNsd9JBP/m8pdCOE2NlhDcxXDAOmtWgSKpHFORE6yqz8U48MNWdjojC
cp8uVKGv9FRgOhEIQpcOy8kDr4RWZ2WHqc5QxCttItNVR/Kx/8oMi8uzqxMal/Ld
J6iyzSM5n0bzcLpeFqbdryK96SW5Gc4H6c3H3Ae6IxY8NCuAwH2LjyZFa30DSGYq
H/XpDdM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org