Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/3CD0B720D94A11EB8DB95E7CC4F9AE02.roa
File: 3CD0B720D94A11EB8DB95E7CC4F9AE02.roa (raw, json)
Hash identifier: qU//HJuyo/1z0E43LhpfqPfuLpMKk2oitPyLNe9yPIg=
Subject key identifier: E1:F2:E8:28:E7:2A:E6:B6:C8:CD:C9:10:59:9F:37:BD:D0:12:60:C6
Certificate issuer: /CN=A9131D5E/serialNumber=41E2E352064CA2FF9E21C484355AC02E4407258D
Certificate serial: 01C3
Authority key identifier: 41:E2:E3:52:06:4C:A2:FF:9E:21:C4:84:35:5A:C0:2E:44:07:25:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeLjUgZMov-eIcSENVrALkQHJY0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/3CD0B720D94A11EB8DB95E7CC4F9AE02.roa
Signing time: Thu 10 Feb 2022 04:12:21 +0000
ROA not before: Thu 10 Feb 2022 04:12:21 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 4759
IP address blocks: 210.16.0.0/18 maxlen: 24
210.16.14.224/28 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 451 (0x1c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131D5E/serialNumber=41E2E352064CA2FF9E21C484355AC02E4407258D
Validity
Not Before: Feb 10 04:12:21 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=620490a4-1d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e5:c8:22:e1:88:f7:de:94:b7:a8:cd:8c:49:
81:82:ce:fc:ca:e9:8e:28:04:36:6c:59:bd:ef:54:
e4:9a:13:a1:57:a9:6c:55:8f:3a:f9:ce:91:46:8d:
81:4a:97:00:23:49:b5:06:c9:01:3d:ae:cd:7c:ed:
a5:dd:1a:84:1b:93:b1:2a:a8:ba:5d:48:29:f9:3e:
30:62:bb:39:4a:d8:0c:eb:15:99:5f:ed:3a:cf:aa:
0e:30:35:3e:2e:00:a2:80:f7:e4:59:ed:0a:34:4e:
3f:26:56:c7:fd:8e:a0:44:e4:82:36:3e:7c:e1:95:
64:a5:fb:59:6f:d1:c8:58:ca:dc:dc:a6:8a:4f:47:
ce:ef:09:5e:12:07:7e:0e:a5:20:e0:a6:7e:b4:ea:
4b:58:dc:d0:c6:12:89:9a:81:3b:75:20:ad:f3:ed:
5f:a7:22:50:5b:6b:f9:2c:fb:bf:94:2c:34:5e:73:
f3:ec:14:53:26:9a:39:13:f3:63:08:23:8b:1c:e8:
df:6d:6f:f3:8c:06:b7:a6:5e:9a:9a:49:be:07:b0:
45:b8:80:f9:b4:a1:6a:c6:51:1d:39:23:72:b6:05:
d0:35:3c:23:c0:b6:0a:e5:57:e7:b9:0f:19:81:aa:
01:db:3b:06:b4:a3:57:b5:aa:bd:4b:70:23:41:8c:
b4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F2:E8:28:E7:2A:E6:B6:C8:CD:C9:10:59:9F:37:BD:D0:12:60:C6
X509v3 Authority Key Identifier:
keyid:41:E2:E3:52:06:4C:A2:FF:9E:21:C4:84:35:5A:C0:2E:44:07:25:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/QeLjUgZMov-eIcSENVrALkQHJY0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeLjUgZMov-eIcSENVrALkQHJY0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/3CD0B720D94A11EB8DB95E7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.16.0.0/18
Signature Algorithm: sha256WithRSAEncryption
62:27:d8:5e:ae:0a:63:dc:bb:50:1e:21:8e:6c:19:78:9c:11:
d7:cb:26:5f:f3:a2:53:9b:38:9a:ee:f9:62:c7:fb:07:a6:a2:
ac:e4:fa:04:d7:99:81:9b:b6:bb:32:33:30:77:28:20:17:98:
e6:b3:dc:ca:48:70:e7:06:9d:d8:e5:98:e2:57:a6:e8:d3:0f:
c0:54:26:11:9e:7d:aa:95:b3:df:7e:7b:57:a3:8a:4e:30:0a:
cc:04:cb:1a:7d:f4:44:2c:23:07:d4:76:73:f8:5a:5a:50:aa:
57:41:18:94:4f:03:b5:93:6f:2d:26:72:c1:be:57:7c:49:a3:
69:3c:27:6e:28:8d:a2:33:b5:04:04:ba:d3:0c:d6:00:14:f5:
00:bd:c7:96:96:fa:9c:53:0a:44:92:12:59:c2:dc:1f:10:4d:
44:e4:c5:00:22:74:48:14:ee:b7:7b:4b:70:75:a8:de:41:86:
36:bd:13:12:4c:37:45:4b:60:6d:87:e9:b9:d9:5d:d1:60:4f:
eb:ed:cb:47:59:a2:2c:11:a9:cf:62:34:41:85:82:f3:1b:44:
ba:ea:91:96:a3:f9:5b:5d:2e:ff:b1:76:a8:f0:21:76:47:1d:
8c:df:64:da:f7:4a:3d:dc:d9:0a:55:0b:d2:90:32:a6:7a:26:
76:70:9d:4e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzFENUUxMTAvBgNVBAUTKDQxRTJFMzUyMDY0Q0EyRkY5RTIxQzQ4NDM1NUFDMDJF
NDQwNzI1OEQwHhcNMjIwMjEwMDQxMjIxWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA0OTBhNC0xZDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtuXIIuGI996Ut6jNjEmBgs78yumOKAQ2bFm971TkmhOhV6lsVY86+c6RRo2B
SpcAI0m1BskBPa7NfO2l3RqEG5OxKqi6XUgp+T4wYrs5StgM6xWZX+06z6oOMDU+
LgCigPfkWe0KNE4/JlbH/Y6gROSCNj584ZVkpftZb9HIWMrc3KaKT0fO7wleEgd+
DqUg4KZ+tOpLWNzQxhKJmoE7dSCt8+1fpyJQW2v5LPu/lCw0XnPz7BRTJpo5E/Nj
CCOLHOjfbW/zjAa3pl6amkm+B7BFuID5tKFqxlEdOSNytgXQNTwjwLYK5VfnuQ8Z
gaoB2zsGtKNXtaq9S3AjQYy0JwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOHy6Cjn
Kua2yM3JEFmfN73QEmDGMB8GA1UdIwQYMBaAFEHi41IGTKL/niHEhDVawC5EByWN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMUQ1RS81NkRENDhERUQ5
NDcxMUVCOUExQTBENzFDNEY5QUUwMi9RZUxqVWdaTW92LWVJY1NFTlZyQUxrUUhK
WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FlTGpVZ1pNb3YtZUljU0VOVnJBTGtRSEpZMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzFENUUvNTZERDQ4REVEOTQ3MTFFQjlBMUEwRDcxQzRGOUFFMDIvM0NEMEI3MjBE
OTRBMTFFQjhEQjk1RTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAbSEAAwDQYJKoZIhvcNAQELBQADggEBAGIn2F6uCmPcu1Ae
IY5sGXicEdfLJl/zolObOJru+WLH+wemoqzk+gTXmYGbtrsyMzB3KCAXmOaz3MpI
cOcGndjlmOJXpujTD8BUJhGefaqVs99+e1ejik4wCswEyxp99EQsIwfUdnP4WlpQ
qldBGJRPA7WTby0mcsG+V3xJo2k8J24ojaIztQQEutMM1gAU9QC9x5aW+pxTCkSS
ElnC3B8QTUTkxQAidEgU7rd7S3B1qN5Bhja9ExJMN0VLYG2H6bnZXdFgT+vty0dZ
oiwRqc9iNEGFgvMbRLrqkZaj+VtdLv+xdqjwIXZHHYzfZNr3Sj3c2QpVC9KQMqZ6
JnZwnU4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org