Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/CF93BC8EA0BD11EC8C30AB58C4F9AE02.roa
File: CF93BC8EA0BD11EC8C30AB58C4F9AE02.roa (raw, json)
Hash identifier: uGha8ZuRAVJK3hPKUHWSSjxmmE6SiTSAjHYAzDCETew=
Subject key identifier: C2:17:DC:BE:38:5D:E3:A1:A2:38:39:3C:51:72:90:A8:51:F0:40:37
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 24D6
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/CF93BC8EA0BD11EC8C30AB58C4F9AE02.roa
Signing time: Tue 02 Aug 2022 04:23:23 +0000
ROA not before: Tue 02 Aug 2022 04:23:23 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 46664
IP address blocks: 45.249.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9430 (0x24d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Aug 2 04:23:23 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62e8a6bb-7407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9d:b4:c3:7b:e5:38:56:4c:0d:39:09:da:a1:
56:67:1e:73:a2:f8:e5:ae:e0:19:4f:53:7d:47:26:
a0:94:7a:10:06:d4:ea:39:f8:6f:f7:62:54:69:f8:
43:44:9f:80:e1:e5:7f:c6:ac:b7:07:6d:5b:8b:5a:
95:a1:2e:f4:8f:77:76:1e:b1:06:36:67:e8:ba:c7:
31:9f:9a:a6:c1:70:9e:7b:8d:83:11:0f:fb:5c:fc:
85:7d:a8:96:61:65:74:a0:31:c8:82:a8:fc:cd:40:
b4:f0:6d:9e:e9:01:ee:67:73:d3:46:dd:d1:6d:b7:
4d:54:f4:1d:fe:a6:55:1e:80:64:bd:11:c6:af:61:
82:66:67:29:e1:7a:4d:70:7b:66:c2:3b:0e:db:f5:
59:46:75:4d:6b:ce:5d:e5:f6:8a:db:9c:99:da:78:
f7:1d:be:c0:9a:94:87:cd:ab:5c:e4:34:d9:9b:62:
f5:cf:1f:40:d7:9b:f0:b7:10:a3:c8:29:23:9f:af:
cb:9f:12:f2:4a:85:74:97:b0:13:ac:82:6b:20:2f:
e0:45:80:9b:04:9a:0c:72:a6:49:ef:b3:76:5c:f3:
eb:b8:8b:1e:04:c8:73:1a:58:09:61:b7:2d:96:69:
93:79:62:fe:88:3f:ee:44:ad:14:77:e8:1a:68:63:
ef:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:17:DC:BE:38:5D:E3:A1:A2:38:39:3C:51:72:90:A8:51:F0:40:37
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/CF93BC8EA0BD11EC8C30AB58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.91.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:41:97:27:49:a4:f3:c2:91:2f:4c:aa:3b:bb:3d:73:3f:94:
cf:cf:de:8f:9d:3d:10:4e:e6:ea:49:91:e6:fa:ab:9e:79:0b:
71:5c:66:6f:2a:34:a5:48:66:57:7f:37:f9:6d:1e:26:83:9b:
b8:72:aa:f8:fa:c5:11:b7:42:fd:fd:ad:37:21:da:ec:6b:71:
43:09:5c:bf:77:48:56:07:b1:87:60:62:16:3f:ec:b0:83:a0:
ff:86:ef:f4:b4:6c:fa:fc:4e:d8:a1:36:f8:33:6b:4b:20:27:
21:f3:d7:39:83:04:d1:d8:8a:cd:f3:fd:c1:7e:74:a3:4c:d6:
15:fb:32:78:b7:1f:2a:2d:8b:32:3c:ad:49:ae:78:1b:89:af:
0f:4e:83:89:6f:aa:05:a7:25:3a:39:04:6a:fa:18:9e:61:6c:
13:8e:81:91:db:6b:ef:2c:dd:cb:5b:69:73:22:8c:d7:19:f6:
bd:c5:77:c3:da:ea:ff:8b:22:43:b7:16:f7:6d:fa:9b:4b:a3:
2f:7f:ab:9a:b0:d0:ed:68:c5:33:23:7a:54:69:99:9c:01:ee:
8b:58:cd:40:14:3f:bd:27:b3:37:90:e5:d3:a7:3d:50:c1:0b:
b8:bd:55:4f:20:c6:22:dc:1a:30:28:75:3b:fc:5b:d4:8a:44:
98:4f:20:fb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjIwODAyMDQyMzIzWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU4YTZiYi03NDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv520w3vlOFZMDTkJ2qFWZx5zovjlruAZT1N9RyaglHoQBtTqOfhv92JUafhD
RJ+A4eV/xqy3B21bi1qVoS70j3d2HrEGNmfouscxn5qmwXCee42DEQ/7XPyFfaiW
YWV0oDHIgqj8zUC08G2e6QHuZ3PTRt3RbbdNVPQd/qZVHoBkvRHGr2GCZmcp4XpN
cHtmwjsO2/VZRnVNa85d5faK25yZ2nj3Hb7AmpSHzatc5DTZm2L1zx9A15vwtxCj
yCkjn6/LnxLySoV0l7ATrIJrIC/gRYCbBJoMcqZJ77N2XPPruIseBMhzGlgJYbct
lmmTeWL+iD/uRK0Ud+gaaGPvkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMIX3L44
XeOhojg5PFFykKhR8EA3MB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvQ0Y5M0JDOEVB
MEJEMTFFQzhDMzBBQjU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAt+VswDQYJKoZIhvcNAQELBQADggEBAFtBlydJpPPCkS9M
qju7PXM/lM/P3o+dPRBO5upJkeb6q555C3FcZm8qNKVIZld/N/ltHiaDm7hyqvj6
xRG3Qv39rTch2uxrcUMJXL93SFYHsYdgYhY/7LCDoP+G7/S0bPr8TtihNvgza0sg
JyHz1zmDBNHYis3z/cF+dKNM1hX7Mni3HyotizI8rUmueBuJrw9Og4lvqgWnJTo5
BGr6GJ5hbBOOgZHba+8s3ctbaXMijNcZ9r3Fd8Pa6v+LIkO3Fvdt+ptLoy9/q5qw
0O1oxTMjelRpmZwB7otYzUAUP70nszeQ5dOnPVDBC7i9VU8gxiLcGjAodTv8W9SK
RJhPIPs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org