Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/8E3CACE2416A11EEA70CF50AC4F9AE02.roa
File: 8E3CACE2416A11EEA70CF50AC4F9AE02.roa (raw, json)
Hash identifier: 1v/srhjO8q3lSoxkshFxA3YZysEfvuTbErZR5wknJH8=
Subject key identifier: 85:D5:E3:87:A4:85:52:0B:BB:92:D4:F3:89:DC:E0:07:CE:E5:B3:F7
Certificate issuer: /CN=A91F3FAF/serialNumber=1E85A860D62E26079233CB7A01DB0BACBB0369A6
Certificate serial: 08
Authority key identifier: 1E:85:A8:60:D6:2E:26:07:92:33:CB:7A:01:DB:0B:AC:BB:03:69:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HoWoYNYuJgeSM8t6AdsLrLsDaaY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/8E3CACE2416A11EEA70CF50AC4F9AE02.roa
Signing time: Thu 24 Aug 2023 09:16:54 +0000
ROA not before: Thu 24 Aug 2023 09:16:54 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 4609
IP address blocks: 27.109.128.0/17 maxlen: 19
27.109.236.0/24 maxlen: 24
45.64.20.0/22 maxlen: 22
45.64.20.0/24 maxlen: 24
45.64.21.0/24 maxlen: 24
45.64.22.0/24 maxlen: 24
45.64.23.0/24 maxlen: 24
202.175.0.0/24 maxlen: 24
202.175.1.0/24 maxlen: 24
202.175.10.0/24 maxlen: 24
202.175.11.0/24 maxlen: 24
202.175.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3FAF/serialNumber=1E85A860D62E26079233CB7A01DB0BACBB0369A6
Validity
Not Before: Aug 24 09:16:54 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64e72006-aa2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c5:03:41:c9:4c:d5:19:bd:66:88:db:37:00:
d9:43:bf:c5:20:d4:84:e4:1c:78:88:fc:2b:58:0b:
bb:e7:3e:36:a9:08:a7:9f:0d:77:d4:84:ee:20:ea:
67:9e:6d:22:ff:30:78:4e:1b:a6:a6:5f:13:dd:76:
5c:1d:7b:e3:8a:f2:16:c5:7d:bd:1b:aa:44:67:ac:
4d:72:05:e5:48:b0:a4:0c:b1:cb:93:2f:71:2d:d9:
42:71:11:32:c7:8d:9c:36:26:e1:0c:29:44:d1:c5:
25:1c:5e:0e:23:a3:21:d5:92:62:3d:64:ac:ff:36:
75:9d:0c:3a:f7:b2:c9:72:7d:fa:8b:58:01:3c:60:
80:16:4f:d0:0d:cf:8a:d0:83:b6:59:c2:ca:75:a7:
b3:21:79:7c:82:aa:3a:ae:90:0e:f3:85:5f:1c:a3:
b7:22:11:f9:bb:62:b0:b9:67:10:da:e7:84:d2:3f:
09:be:f0:75:ef:87:db:2e:9d:40:5e:4e:1e:14:aa:
d1:6b:26:2f:95:4b:07:69:c7:b8:4a:07:ee:8f:53:
13:7e:88:82:c4:af:66:3d:29:9a:67:41:14:7f:5c:
a5:7a:a0:d5:a7:7a:b6:0a:2e:3e:cd:ce:3f:26:2e:
e8:25:e3:a1:4f:ed:e5:5c:15:f1:7c:72:67:41:39:
95:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D5:E3:87:A4:85:52:0B:BB:92:D4:F3:89:DC:E0:07:CE:E5:B3:F7
X509v3 Authority Key Identifier:
keyid:1E:85:A8:60:D6:2E:26:07:92:33:CB:7A:01:DB:0B:AC:BB:03:69:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/HoWoYNYuJgeSM8t6AdsLrLsDaaY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HoWoYNYuJgeSM8t6AdsLrLsDaaY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3FAF/A90D1B96415C11EE9D355D2CC4F9AE02/8E3CACE2416A11EEA70CF50AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.109.128.0/17
45.64.20.0/22
202.175.0.0/23
202.175.10.0-202.175.12.255
Signature Algorithm: sha256WithRSAEncryption
09:99:2e:d6:9f:eb:fd:3f:e7:8a:18:8c:33:e3:6b:21:dc:a0:
69:a9:16:41:29:eb:86:3f:19:c7:69:d5:a0:b2:2c:5e:39:4a:
d6:30:fc:11:28:c3:15:cb:12:e0:45:2a:90:3e:d0:ae:af:f4:
c1:11:39:9c:ad:98:2b:01:b7:75:ed:46:ca:cc:f4:75:ef:9c:
83:8d:ef:97:0c:95:52:03:c2:e7:1b:5d:84:87:f6:13:90:df:
fb:ab:a3:77:6f:60:5e:68:ec:57:31:4e:e0:0c:a6:44:6f:13:
1b:a2:f8:6d:80:eb:ab:2d:ed:53:8d:d3:33:97:36:b2:9e:81:
8b:f0:6a:53:f5:38:c1:b8:ca:83:ca:b5:9f:5a:99:f1:d6:b2:
10:d3:56:b0:72:87:37:84:c8:5f:2b:6c:39:11:1e:0b:c0:8c:
9a:11:99:6b:29:0a:81:0f:57:f1:81:cd:e5:af:d3:4b:8e:31:
9a:e5:63:3b:85:88:53:62:d5:63:eb:75:e5:1b:7c:6a:e0:2b:
50:23:b5:a0:34:b9:38:fc:53:70:16:43:34:97:80:67:5b:9f:
0e:7a:43:29:1b:ab:20:86:5e:f9:df:00:fd:73:75:cc:ab:a4:
2e:28:a3:8e:4d:d6:e9:89:dd:54:14:84:79:1c:03:09:38:7b:
6c:5d:7b:f8
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
M0ZBRjExMC8GA1UEBRMoMUU4NUE4NjBENjJFMjYwNzkyMzNDQjdBMDFEQjBCQUNC
QjAzNjlBNjAeFw0yMzA4MjQwOTE2NTRaFw0yMzEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZTcyMDA2LWFhMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAxQNByUzVGb1miNs3ANlDv8Ug1ITkHHiI/CtYC7vnPjapCKefDXfUhO4g6mee
bSL/MHhOG6amXxPddlwde+OK8hbFfb0bqkRnrE1yBeVIsKQMscuTL3Et2UJxETLH
jZw2JuEMKUTRxSUcXg4joyHVkmI9ZKz/NnWdDDr3sslyffqLWAE8YIAWT9ANz4rQ
g7ZZwsp1p7MheXyCqjqukA7zhV8co7ciEfm7YrC5ZxDa54TSPwm+8HXvh9sunUBe
Th4UqtFrJi+VSwdpx7hKB+6PUxN+iILEr2Y9KZpnQRR/XKV6oNWnerYKLj7Nzj8m
Lugl46FP7eVcFfF8cmdBOZUDAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQUhdXjh6SF
Ugu7ktTzidzgB87ls/cwHwYDVR0jBBgwFoAUHoWoYNYuJgeSM8t6AdsLrLsDaaYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzRkFGL0E5MEQxQjk2NDE1
QzExRUU5RDM1NUQyQ0M0RjlBRTAyL0hvV29ZTll1SmdlU004dDZBZHNMckxzRGFh
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSG9Xb1lOWXVKZ2VTTTh0NkFkc0xyTHNEYWFZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
M0ZBRi9BOTBEMUI5NjQxNUMxMUVFOUQzNTVEMkNDNEY5QUUwMi84RTNDQUNFMjQx
NkExMUVFQTcwQ0Y1MEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMEBxttgAMEAi1AFAMEAcqvADAMAwQByq8KAwQAyq8MMA0GCSqG
SIb3DQEBCwUAA4IBAQAJmS7Wn+v9P+eKGIwz42sh3KBpqRZBKeuGPxnHadWgsixe
OUrWMPwRKMMVyxLgRSqQPtCur/TBETmcrZgrAbd17UbKzPR175yDje+XDJVSA8Ln
G12Eh/YTkN/7q6N3b2BeaOxXMU7gDKZEbxMbovhtgOurLe1TjdMzlzaynoGL8GpT
9TjBuMqDyrWfWpnx1rIQ01awcoc3hMhfK2w5ER4LwIyaEZlrKQqBD1fxgc3lr9NL
jjGa5WM7hYhTYtVj63XlG3xq4CtQI7WgNLk4/FNwFkM0l4BnW58OekMpG6sghl75
3wD9c3XMq6QuKKOOTdbpid1UFIR5HAMJOHtsXXv4
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org