Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91452AC/248C36221A9F11EB9FD2D363C4F9AE02/8E69A2101CCE11EB9A823C1EC4F9AE02.roa
File: 8E69A2101CCE11EB9A823C1EC4F9AE02.roa (raw, json)
Hash identifier: LuSRud7/7kkcywoH/wUn29LE/MSqEe92f63GXMVevoE=
Subject key identifier: 82:A5:4B:1A:6D:A3:F5:6D:7E:92:18:32:C6:CE:1E:42:CC:92:C7:22
Certificate issuer: /CN=A91452AC/serialNumber=EA9C8646A2D3FCB373BCA65E289D6448EEA8CDBC
Certificate serial: 02DE
Authority key identifier: EA:9C:86:46:A2:D3:FC:B3:73:BC:A6:5E:28:9D:64:48:EE:A8:CD:BC
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/6pyGRqLT_LNzvKZeKJ1kSO6ozbw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91452AC/248C36221A9F11EB9FD2D363C4F9AE02/8E69A2101CCE11EB9A823C1EC4F9AE02.roa
Signing time: Mon 01 Nov 2021 11:28:44 +0000
ROA not before: Mon 01 Nov 2021 11:28:44 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 133115
IP address blocks: 217.194.140.0/24 maxlen: 24
217.194.141.0/24 maxlen: 24
217.194.142.0/24 maxlen: 24
217.194.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 734 (0x2de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91452AC/serialNumber=EA9C8646A2D3FCB373BCA65E289D6448EEA8CDBC
Validity
Not Before: Nov 1 11:28:44 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=617fcf6c-c096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:30:41:4d:4a:49:03:81:40:ff:c4:9d:80:ae:
34:29:8a:88:7a:63:e9:1d:c9:67:24:83:8f:19:8b:
31:e0:af:5b:64:3e:08:8b:d3:24:92:a3:3b:a6:65:
cf:37:76:cf:78:26:4c:91:1a:98:76:5d:b0:ca:fe:
e8:05:9c:72:71:d5:99:78:1a:05:39:0c:0a:f0:fc:
46:37:c1:9c:d3:d0:0c:fd:c0:61:47:cd:69:20:3a:
a7:0a:31:a2:9a:18:79:38:b4:81:c0:8c:48:e5:96:
a8:44:ff:c2:5b:7f:da:e8:2b:fb:b4:99:08:72:72:
a2:41:a4:38:ea:29:ae:c6:56:31:62:17:28:8c:cf:
20:e2:c4:9b:e9:82:33:74:ee:8f:10:86:7e:bf:ce:
ff:f5:b7:d8:0e:cd:c8:bf:0d:a2:7f:28:38:d2:85:
57:d9:4f:25:06:df:7f:6f:f6:e5:8a:bb:65:02:21:
79:ec:79:fe:ae:17:51:4a:a5:80:b4:5b:b7:3c:9a:
cd:00:7b:b5:96:42:7d:b9:e8:a7:b1:c5:15:40:97:
c0:00:5f:12:d1:ed:b7:c1:6e:c9:0d:72:bc:cf:41:
70:d1:92:47:3a:0e:30:5c:c1:8d:f3:6a:08:b0:c8:
e9:d6:e9:65:72:94:41:1e:e7:55:84:5c:7e:45:34:
a7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A5:4B:1A:6D:A3:F5:6D:7E:92:18:32:C6:CE:1E:42:CC:92:C7:22
X509v3 Authority Key Identifier:
keyid:EA:9C:86:46:A2:D3:FC:B3:73:BC:A6:5E:28:9D:64:48:EE:A8:CD:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91452AC/248C36221A9F11EB9FD2D363C4F9AE02/6pyGRqLT_LNzvKZeKJ1kSO6ozbw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/6pyGRqLT_LNzvKZeKJ1kSO6ozbw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91452AC/248C36221A9F11EB9FD2D363C4F9AE02/8E69A2101CCE11EB9A823C1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
217.194.140.0/22
Signature Algorithm: sha256WithRSAEncryption
29:ce:5e:c2:24:6e:2a:65:56:60:26:e8:82:f6:aa:f3:8f:9e:
5c:af:56:d8:b8:13:03:17:cb:9c:2d:06:c8:39:3f:a9:a3:27:
92:ec:a5:4f:ba:82:4b:ea:46:6f:df:e8:af:d6:91:03:bd:da:
79:6d:af:77:13:e6:26:f2:07:1f:71:37:7e:cd:f7:ce:02:39:
a2:6e:f6:2b:51:38:51:ff:59:b1:c1:70:26:c9:96:3c:f0:30:
15:20:1d:fc:3e:c7:54:41:95:bd:c9:fa:ed:e4:20:a3:d9:33:
14:f4:f7:08:01:05:cb:b2:0a:1e:74:a7:74:9a:6e:d0:1b:a4:
30:c9:25:3f:f4:19:5e:30:07:35:22:7a:25:9c:1a:6a:8d:07:
ed:00:72:3b:e2:a0:cf:bd:d7:8c:96:a7:25:8f:77:17:0e:9e:
00:b7:72:20:d2:0b:30:3b:d2:c2:00:f1:f6:07:e5:6c:1f:fd:
7a:9a:fc:c7:c8:a4:19:33:d1:cb:b1:d8:05:f2:27:81:f2:00:
dc:cc:c7:d2:70:e7:f8:ec:a5:28:b3:fe:20:a5:d7:d7:84:84:
fd:3d:40:01:2d:ac:b7:2f:6b:ce:6a:ef:cc:c0:54:24:7b:8e:
15:4b:6e:e7:c8:39:bf:79:78:e1:9a:bc:de:34:89:e9:68:34:
2b:04:1c:08
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAt4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDUyQUMxMTAvBgNVBAUTKEVBOUM4NjQ2QTJEM0ZDQjM3M0JDQTY1RTI4OUQ2NDQ4
RUVBOENEQkMwHhcNMjExMTAxMTEyODQ0WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTdmY2Y2Yy1jMDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvDBBTUpJA4FA/8SdgK40KYqIemPpHclnJIOPGYsx4K9bZD4Ii9MkkqM7pmXP
N3bPeCZMkRqYdl2wyv7oBZxycdWZeBoFOQwK8PxGN8Gc09AM/cBhR81pIDqnCjGi
mhh5OLSBwIxI5ZaoRP/CW3/a6Cv7tJkIcnKiQaQ46imuxlYxYhcojM8g4sSb6YIz
dO6PEIZ+v87/9bfYDs3Ivw2ifyg40oVX2U8lBt9/b/blirtlAiF57Hn+rhdRSqWA
tFu3PJrNAHu1lkJ9ueinscUVQJfAAF8S0e23wW7JDXK8z0Fw0ZJHOg4wXMGN82oI
sMjp1ullcpRBHudVhFx+RTSnnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIKlSxpt
o/VtfpIYMsbOHkLMksciMB8GA1UdIwQYMBaAFOqchkai0/yzc7ymXiidZEjuqM28
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTJBQy8yNDhDMzYyMjFB
OUYxMUVCOUZEMkQzNjNDNEY5QUUwMi82cHlHUnFMVF9MTnp2S1plS0oxa1NPNm96
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzZweUdScUxUX0xOenZLWmVLSjFrU082b3pidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDUyQUMvMjQ4QzM2MjIxQTlGMTFFQjlGRDJEMzYzQzRGOUFFMDIvOEU2OUEyMTAx
Q0NFMTFFQjlBODIzQzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALZwowwDQYJKoZIhvcNAQELBQADggEBACnOXsIkbiplVmAm
6IL2qvOPnlyvVti4EwMXy5wtBsg5P6mjJ5LspU+6gkvqRm/f6K/WkQO92nltr3cT
5ibyBx9xN37N984COaJu9itROFH/WbHBcCbJljzwMBUgHfw+x1RBlb3J+u3kIKPZ
MxT09wgBBcuyCh50p3SabtAbpDDJJT/0GV4wBzUieiWcGmqNB+0AcjvioM+914yW
pyWPdxcOngC3ciDSCzA70sIA8fYH5Wwf/Xqa/MfIpBkz0cux2AXyJ4HyANzMx9Jw
5/jspSiz/iCl19eEhP09QAEtrLcva85q78zAVCR7jhVLbufIOb95eOGavN40ielo
NCsEHAg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org