Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150CF2/D00DB76EF4EE11E9AEFEA819C4F9AE02/5EDD4AA2959311EDB77DA179C4F9AE02.roa
File: 5EDD4AA2959311EDB77DA179C4F9AE02.roa (raw, json)
Hash identifier: TcnkHk4BJWxwtrs9UanBZTH6AMnQX9L3uhWXfcMndWY=
Subject key identifier: AA:DA:EB:FE:23:0F:07:60:D2:BF:90:AB:F6:C6:C5:09:60:07:BC:2B
Certificate issuer: /CN=A9150CF2/serialNumber=B03E7BFB2B4BDAFA2EAA50AB7990F74FFCBCADD7
Certificate serial: 0AF1
Authority key identifier: B0:3E:7B:FB:2B:4B:DA:FA:2E:AA:50:AB:79:90:F7:4F:FC:BC:AD:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sD57-ytL2vouqlCreZD3T_y8rdc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150CF2/D00DB76EF4EE11E9AEFEA819C4F9AE02/5EDD4AA2959311EDB77DA179C4F9AE02.roa
Signing time: Tue 24 Jan 2023 12:26:15 +0000
ROA not before: Tue 24 Jan 2023 12:26:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138482
IP address blocks: 49.128.1.0/24 maxlen: 24
182.161.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2801 (0xaf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150CF2/serialNumber=B03E7BFB2B4BDAFA2EAA50AB7990F74FFCBCADD7
Validity
Not Before: Jan 24 12:26:15 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63cfce67-1542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a4:7f:c0:4d:2b:a9:98:f1:0d:7b:dc:a8:e2:
e8:57:b5:30:b5:80:60:f8:25:6e:ec:22:26:55:f9:
28:1e:b4:6f:85:0c:4b:6d:6d:8a:83:19:04:87:e4:
e7:8d:21:51:9e:bf:0b:83:41:b2:b3:4a:4f:d8:f7:
3f:ae:bd:ae:17:a2:78:2b:f7:d5:dc:9c:a1:0f:91:
2c:10:5a:20:97:e0:7c:b5:2e:52:db:00:a4:c2:94:
0c:f9:e9:0a:75:a0:79:b0:8a:a9:c0:2d:4f:b5:15:
59:80:3b:a6:b8:fe:77:36:fe:70:d9:b6:4d:7a:3e:
7d:e7:69:62:85:33:ff:9b:7b:1f:0a:e0:e0:79:84:
31:c0:c4:82:e7:9b:57:d5:f0:be:1b:b1:da:17:d6:
29:cb:bf:5e:34:84:03:18:bd:3d:02:93:ce:30:8a:
ae:41:7e:67:9a:77:2e:b6:2e:fe:c1:8d:3c:79:7a:
6f:de:4c:a6:d0:33:ca:19:4d:17:df:82:58:8a:51:
a9:4a:9b:f2:77:2a:6c:61:0d:ed:5b:6b:d4:2d:d4:
f1:6e:d8:89:c1:dc:c0:b0:b7:56:8b:fe:80:7d:92:
42:f7:d5:64:4b:74:49:97:ba:37:1d:69:91:41:67:
c9:f3:fa:a4:94:51:cc:6d:db:3f:7b:01:45:33:a0:
a2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DA:EB:FE:23:0F:07:60:D2:BF:90:AB:F6:C6:C5:09:60:07:BC:2B
X509v3 Authority Key Identifier:
keyid:B0:3E:7B:FB:2B:4B:DA:FA:2E:AA:50:AB:79:90:F7:4F:FC:BC:AD:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150CF2/D00DB76EF4EE11E9AEFEA819C4F9AE02/sD57-ytL2vouqlCreZD3T_y8rdc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sD57-ytL2vouqlCreZD3T_y8rdc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150CF2/D00DB76EF4EE11E9AEFEA819C4F9AE02/5EDD4AA2959311EDB77DA179C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.128.1.0/24
182.161.67.0/24
Signature Algorithm: sha256WithRSAEncryption
33:4d:9f:d4:90:51:0c:69:20:3e:a2:8e:43:dd:db:f8:cc:00:
a0:9d:59:b0:a1:54:31:f8:b3:95:01:a9:f7:da:14:d2:f4:40:
c2:52:ff:35:3a:da:bd:7a:22:2e:d6:e0:32:eb:eb:a3:e4:80:
fc:80:56:f4:de:ca:f3:99:16:fc:cc:f4:cb:75:4e:84:54:0f:
6c:30:f4:87:fa:25:17:85:11:5a:67:7f:d3:cd:e1:5b:48:c3:
00:3e:85:fd:62:63:ae:dc:66:b7:ec:1b:b3:5a:b1:d8:ea:bf:
f6:0f:3a:8a:24:17:fd:e1:ca:6e:50:2a:f7:53:9f:68:b0:1f:
5a:e1:c6:52:87:e5:66:8f:a0:0b:e5:f8:a9:e2:da:04:9c:a4:
a8:8a:ec:c7:c3:03:69:6f:3d:30:62:ba:ab:c4:e9:38:19:84:
1a:5b:4c:a6:04:9d:6c:eb:50:28:6d:b8:94:a5:5c:26:3e:18:
a7:4f:90:d3:ee:a9:b2:4a:f7:d9:a5:08:7b:c4:4c:68:d8:e2:
95:c9:90:87:d3:f4:b3:2c:c6:30:02:97:05:3f:9a:89:a0:3c:
f5:76:92:85:5e:d9:e7:fa:4c:0c:e6:43:ad:6a:9f:9c:38:e1:
95:30:36:84:60:58:92:9e:0a:63:39:06:4b:68:87:b8:37:04:
06:4e:45:2d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCvEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBDRjIxMTAvBgNVBAUTKEIwM0U3QkZCMkI0QkRBRkEyRUFBNTBBQjc5OTBGNzRG
RkNCQ0FERDcwHhcNMjMwMTI0MTIyNjE1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NmY2U2Ny0xNTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz6R/wE0rqZjxDXvcqOLoV7UwtYBg+CVu7CImVfkoHrRvhQxLbW2KgxkEh+Tn
jSFRnr8Lg0Gys0pP2Pc/rr2uF6J4K/fV3JyhD5EsEFogl+B8tS5S2wCkwpQM+ekK
daB5sIqpwC1PtRVZgDumuP53Nv5w2bZNej5952lihTP/m3sfCuDgeYQxwMSC55tX
1fC+G7HaF9Ypy79eNIQDGL09ApPOMIquQX5nmncuti7+wY08eXpv3kym0DPKGU0X
34JYilGpSpvydypsYQ3tW2vULdTxbtiJwdzAsLdWi/6AfZJC99VkS3RJl7o3HWmR
QWfJ8/qklFHMbds/ewFFM6CiPQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKra6/4j
Dwdg0r+Qq/bGxQlgB7wrMB8GA1UdIwQYMBaAFLA+e/srS9r6LqpQq3mQ90/8vK3X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MENGMi9EMDBEQjc2RUY0
RUUxMUU5QUVGRUE4MTlDNEY5QUUwMi9zRDU3LXl0TDJ2b3VxbENyZVpEM1RfeThy
ZGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NENTcteXRMMnZvdXFsQ3JlWkQzVF95OHJkYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBDRjIvRDAwREI3NkVGNEVFMTFFOUFFRkVBODE5QzRGOUFFMDIvNUVERDRBQTI5
NTkzMTFFREI3N0RBMTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAxgAEDBAC2oUMwDQYJKoZIhvcNAQELBQADggEBADNNn9SQ
UQxpID6ijkPd2/jMAKCdWbChVDH4s5UBqffaFNL0QMJS/zU62r16Ii7W4DLr66Pk
gPyAVvTeyvOZFvzM9Mt1ToRUD2ww9If6JReFEVpnf9PN4VtIwwA+hf1iY67cZrfs
G7Nasdjqv/YPOookF/3hym5QKvdTn2iwH1rhxlKH5WaPoAvl+Kni2gScpKiK7MfD
A2lvPTBiuqvE6TgZhBpbTKYEnWzrUChtuJSlXCY+GKdPkNPuqbJK99mlCHvETGjY
4pXJkIfT9LMsxjAClwU/momgPPV2koVe2ef6TAzmQ61qn5w44ZUwNoRgWJKeCmM5
Bktoh7g3BAZORS0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:41 2023 by rpki-client on console-fra.rpki-client.org