Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/DB1EB5B8CFA311EBB517402CC4F9AE02.roa
File: DB1EB5B8CFA311EBB517402CC4F9AE02.roa (raw, json)
Hash identifier: 7bTvnrUeOVFItrM5qfXrMrL4jq6NQsI2Nh+mLssHqDE=
Subject key identifier: F4:9C:AE:57:82:93:74:DA:4A:37:8F:50:B8:03:8C:B2:1A:A8:5C:11
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 307D
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/DB1EB5B8CFA311EBB517402CC4F9AE02.roa
Signing time: Thu 21 Oct 2021 14:40:30 +0000
ROA not before: Thu 21 Oct 2021 14:40:30 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 3356
IP address blocks: 175.29.112.0/21 maxlen: 24
175.29.128.0/21 maxlen: 24
175.29.200.0/21 maxlen: 24
175.29.224.0/19 maxlen: 24
203.76.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12413 (0x307d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Oct 21 14:40:30 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=61717bdd-776d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2c:b0:7f:6f:a9:2a:8c:81:0b:99:cf:82:cb:
b9:ab:19:1a:29:7d:39:81:9d:c5:68:80:15:28:78:
fb:db:02:1e:a9:5c:8a:59:b0:6b:1b:9c:19:43:0c:
0f:29:73:4b:8e:08:89:79:bd:82:2e:43:02:08:b9:
e8:9a:f2:08:aa:44:2e:34:bb:e6:13:c8:1b:8e:2a:
56:45:3e:86:14:42:92:48:25:97:5f:65:69:89:53:
3e:4e:df:9d:02:87:71:d5:6e:88:86:1e:51:3a:87:
e9:6f:ab:cd:b1:e5:6f:f0:3d:e1:aa:ec:a3:bd:29:
ee:ea:0a:12:e8:33:da:70:8b:4d:2d:0e:a2:58:5b:
5c:3e:43:b9:6d:79:05:a4:17:13:00:6d:ac:ee:ba:
e9:1c:a9:08:df:8a:6a:cc:ce:b8:d0:b4:61:f3:78:
69:35:cb:f2:45:fc:85:28:f0:43:04:f4:7a:c8:34:
54:12:ce:6c:7f:8c:3d:a4:a0:24:a2:9f:10:30:f3:
a2:f6:bd:56:ee:7a:67:ba:c1:2f:d7:a0:46:d5:0d:
7b:07:ff:62:4f:29:54:0a:af:0d:f8:f6:66:5b:13:
aa:88:53:a7:42:54:7c:51:29:78:73:af:bf:1c:01:
77:2e:cb:2a:17:aa:78:b3:4b:34:a4:df:24:82:cc:
71:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9C:AE:57:82:93:74:DA:4A:37:8F:50:B8:03:8C:B2:1A:A8:5C:11
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/DB1EB5B8CFA311EBB517402CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.112.0/21
175.29.128.0/21
175.29.200.0/21
175.29.224.0/19
203.76.152.0/21
Signature Algorithm: sha256WithRSAEncryption
18:76:33:a8:49:65:92:59:7f:32:b2:e7:5a:3b:d3:cf:11:af:
b6:1b:54:36:92:4a:4f:3f:f2:41:ae:0e:f2:12:df:41:01:8d:
a4:ed:30:d0:08:e7:02:74:da:14:5d:17:1c:94:bd:96:4b:52:
b7:d9:be:d6:9b:66:0a:44:18:58:d1:41:ad:9b:fe:e5:38:05:
2f:df:a3:91:31:1b:0a:0d:b2:40:80:e6:49:8a:af:a8:7e:a6:
16:0b:fc:ac:38:d1:86:8e:ec:75:6d:fa:07:83:90:97:46:5a:
22:6c:1b:ec:80:92:a0:c0:77:f5:c3:74:cb:1c:31:6f:de:18:
51:02:29:b9:78:ec:57:75:e5:5b:32:d9:30:fb:68:fe:0c:83:
ee:c8:28:b0:29:c1:83:f6:18:ad:52:0d:f1:09:ba:1d:11:ce:
d1:16:fc:19:a1:c0:61:47:7b:be:58:55:01:57:fb:be:e6:cb:
1f:1c:e9:aa:70:8e:45:a0:6f:8b:65:41:de:a6:19:36:70:69:
fc:ff:e1:0e:71:ee:86:02:99:0c:de:d6:fb:6c:eb:15:cc:84:
0c:26:0f:c9:00:12:00:66:2f:2a:b7:66:59:93:39:1a:e5:68:
70:12:e8:d0:9f:c4:f2:ab:1f:2e:3a:36:ef:c5:af:71:41:7b:
82:20:da:3d
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICMH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjExMDIxMTQ0MDMwWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTcxN2JkZC03NzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvCywf2+pKoyBC5nPgsu5qxkaKX05gZ3FaIAVKHj72wIeqVyKWbBrG5wZQwwP
KXNLjgiJeb2CLkMCCLnomvIIqkQuNLvmE8gbjipWRT6GFEKSSCWXX2VpiVM+Tt+d
Aodx1W6Ihh5ROofpb6vNseVv8D3hquyjvSnu6goS6DPacItNLQ6iWFtcPkO5bXkF
pBcTAG2s7rrpHKkI34pqzM640LRh83hpNcvyRfyFKPBDBPR6yDRUEs5sf4w9pKAk
op8QMPOi9r1W7npnusEv16BG1Q17B/9iTylUCq8N+PZmWxOqiFOnQlR8USl4c6+/
HAF3LssqF6p4s0s0pN8kgsxx8wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPScrleC
k3TaSjePULgDjLIaqFwRMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvREIxRUI1QjhD
RkEzMTFFQkI1MTc0MDJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAOvHXADBAOvHYADBAOvHcgDBAWvHeADBAPLTJgwDQYJKoZI
hvcNAQELBQADggEBABh2M6hJZZJZfzKy51o7088Rr7YbVDaSSk8/8kGuDvIS30EB
jaTtMNAI5wJ02hRdFxyUvZZLUrfZvtabZgpEGFjRQa2b/uU4BS/fo5ExGwoNskCA
5kmKr6h+phYL/Kw40YaO7HVt+geDkJdGWiJsG+yAkqDAd/XDdMscMW/eGFECKbl4
7Fd15Vsy2TD7aP4Mg+7IKLApwYP2GK1SDfEJuh0RztEW/BmhwGFHe75YVQFX+77m
yx8c6apwjkWgb4tlQd6mGTZwafz/4Q5x7oYCmQze1vts6xXMhAwmD8kAEgBmLyq3
ZlmTORrlaHAS6NCfxPKrHy46Nu/Fr3FBe4Ig2j0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org