Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/1570766E5ABF11ED9CD3E225C4F9AE02.roa
File: 1570766E5ABF11ED9CD3E225C4F9AE02.roa (raw, json)
Hash identifier: AmFJ7MOhfpoULrpXt0JDOb/W8rBtXMSkqX8F6vG9rAw=
Subject key identifier: 2E:14:1C:56:D7:70:D1:5E:89:3F:30:FC:91:FC:DE:49:04:BD:90:C8
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 3395
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/1570766E5ABF11ED9CD3E225C4F9AE02.roa
Signing time: Wed 02 Nov 2022 15:20:24 +0000
ROA not before: Wed 02 Nov 2022 15:20:24 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 139879
IP address blocks: 175.29.200.0/22 maxlen: 24
175.29.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13205 (0x3395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Nov 2 15:20:24 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63628ab8-b0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f8:44:4a:c6:60:ed:d2:c3:21:57:4e:32:2b:
85:1c:d4:16:3f:db:b5:f0:17:6f:04:c6:18:de:c8:
14:4a:4e:75:8c:84:86:d1:26:f2:8b:1a:d1:40:c3:
d8:80:24:0a:bd:7b:46:54:eb:1f:46:ba:4c:2e:ec:
c9:08:29:43:a8:cd:63:26:00:dd:91:6d:5c:78:2e:
e6:b1:2e:41:fd:ee:aa:42:6a:f9:18:7a:b3:f7:91:
70:68:8a:30:79:91:2b:27:4c:b7:e5:4f:b1:d3:ce:
c5:02:a7:7f:89:46:28:24:13:30:17:7c:f3:9a:e3:
56:5c:5f:b9:35:06:f0:98:af:06:32:5f:62:b7:c2:
6a:b2:a7:56:29:b2:14:9b:a0:42:51:26:8b:32:11:
a3:43:a3:92:f5:9c:05:17:88:ce:d5:1c:12:b3:c2:
8a:05:06:3d:8d:1f:d6:21:72:c9:62:02:f4:81:d9:
65:fb:0b:8c:d1:8d:8f:fa:0c:d5:e5:bd:1d:6d:b4:
a4:bc:91:65:3b:6b:df:c4:d9:12:db:58:8d:1f:2d:
10:13:66:a6:e1:6b:5f:13:40:99:11:37:1b:41:57:
ec:70:96:3b:bf:37:7f:fb:ab:52:9b:6f:eb:df:3f:
fd:15:31:d7:3b:86:81:9e:9b:0f:bf:bf:12:49:73:
a4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:14:1C:56:D7:70:D1:5E:89:3F:30:FC:91:FC:DE:49:04:BD:90:C8
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/1570766E5ABF11ED9CD3E225C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.200.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:44:5c:e3:45:5c:90:b3:59:37:47:bd:c1:a7:c9:f5:47:1e:
34:b3:72:3d:31:24:99:96:4f:ea:ad:83:51:5d:f1:e1:97:a6:
45:92:dd:57:6a:a8:ad:cc:00:db:85:41:d5:5c:a8:e4:8c:29:
f1:0d:3f:d2:ea:4e:8b:3f:08:6a:17:78:a0:e6:75:75:24:8d:
5b:50:88:14:41:a2:2c:d5:4a:d6:7d:26:20:85:8f:10:5d:e4:
b1:6d:ab:b5:cf:2e:c8:d9:0e:9e:ff:b1:39:5e:87:0c:71:3f:
c0:ee:e7:75:27:e8:44:65:28:a4:82:8f:85:7a:e2:53:0a:94:
f6:f5:be:19:6c:a5:d0:19:8c:ce:f9:e2:b4:a7:71:cf:8e:03:
01:71:e0:af:ae:99:2e:b5:0f:e6:cf:ad:47:55:65:3a:99:ce:
20:ab:82:e5:94:a6:42:ce:02:88:7e:97:e6:7e:f5:f1:16:e3:
81:b3:68:07:a6:27:5d:c8:e9:0a:fc:82:28:6d:7c:c6:48:5e:
60:cc:4c:ff:9c:89:f3:6a:e5:1a:67:26:75:45:67:5a:23:26:
99:23:0d:4d:47:65:18:80:bf:0c:ab:d6:d3:86:24:4f:fb:f1:
5f:3e:30:a8:71:a7:80:4e:9e:4d:8b:73:de:ce:cf:c5:5d:38:
a8:fc:fd:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIxMTAyMTUyMDI0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYyOGFiOC1iMGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyPhESsZg7dLDIVdOMiuFHNQWP9u18BdvBMYY3sgUSk51jISG0SbyixrRQMPY
gCQKvXtGVOsfRrpMLuzJCClDqM1jJgDdkW1ceC7msS5B/e6qQmr5GHqz95FwaIow
eZErJ0y35U+x087FAqd/iUYoJBMwF3zzmuNWXF+5NQbwmK8GMl9it8JqsqdWKbIU
m6BCUSaLMhGjQ6OS9ZwFF4jO1RwSs8KKBQY9jR/WIXLJYgL0gdll+wuM0Y2P+gzV
5b0dbbSkvJFlO2vfxNkS21iNHy0QE2am4WtfE0CZETcbQVfscJY7vzd/+6tSm2/r
3z/9FTHXO4aBnpsPv78SSXOkuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFC4UHFbX
cNFeiT8w/JH83kkEvZDIMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvMTU3MDc2NkU1
QUJGMTFFRDlDRDNFMjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAOvHcgwDQYJKoZIhvcNAQELBQADggEBAB5EXONFXJCzWTdH
vcGnyfVHHjSzcj0xJJmWT+qtg1Fd8eGXpkWS3VdqqK3MANuFQdVcqOSMKfENP9Lq
Tos/CGoXeKDmdXUkjVtQiBRBoizVStZ9JiCFjxBd5LFtq7XPLsjZDp7/sTlehwxx
P8Du53Un6ERlKKSCj4V64lMKlPb1vhlspdAZjM754rSncc+OAwFx4K+umS61D+bP
rUdVZTqZziCrguWUpkLOAoh+l+Z+9fEW44GzaAemJ13I6Qr8gihtfMZIXmDMTP+c
ifNq5RpnJnVFZ1ojJpkjDU1HZRiAvwyr1tOGJE/78V8+MKhxp4BOnk2Lc97Oz8Vd
OKj8/fA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:02 2024 by rpki-client on console-ams.rpki-client.org