Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/37EFC154F4B111EDAEB75345C4F9AE02.roa
File: 37EFC154F4B111EDAEB75345C4F9AE02.roa (raw, json)
Hash identifier: qyCXhTteIkBeuRIEE+T2n4pH5KqcrdAjRwSDVqKqFxU=
Subject key identifier: 62:45:54:73:38:F9:F5:5C:DC:FC:15:1F:41:47:D5:BF:BA:84:AA:E8
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 052B
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/37EFC154F4B111EDAEB75345C4F9AE02.roa
Signing time: Mon 31 Jul 2023 14:05:23 +0000
ROA not before: Mon 31 Jul 2023 14:05:23 +0000
ROA not after: Tue 28 May 2024 00:00:00 +0000
asID: 45820
IP address blocks: 14.194.0.0/18 maxlen: 24
14.194.64.0/18 maxlen: 24
14.194.128.0/18 maxlen: 24
14.194.192.0/18 maxlen: 24
49.200.0.0/14 maxlen: 14
49.249.0.0/17 maxlen: 24
49.249.128.0/18 maxlen: 24
182.156.0.0/18 maxlen: 22
182.156.0.0/22 maxlen: 24
182.156.4.0/23 maxlen: 24
182.156.8.0/21 maxlen: 24
182.156.16.0/22 maxlen: 24
182.156.22.0/23 maxlen: 24
182.156.24.0/21 maxlen: 24
182.156.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1323 (0x52b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Jul 31 14:05:23 2023 GMT
Not After : May 28 00:00:00 2024 GMT
Subject: CN=64c7bfa3-e052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:d6:c5:0b:f7:88:ef:5f:f5:01:40:b6:04:
9c:f7:ec:be:de:4b:01:d7:fb:58:d8:e7:e2:ed:0a:
24:29:0f:99:c1:43:57:1f:6c:58:15:af:82:9d:78:
bd:f3:1e:d4:ea:17:a9:ac:9b:08:29:f5:af:f6:9c:
99:1f:c1:53:1f:4e:39:7d:82:b0:27:13:78:af:27:
95:2b:16:a5:71:cb:2f:11:f9:dc:5e:8f:8f:1e:be:
45:9f:7a:7c:7e:c4:bf:6e:87:f1:2f:6b:1f:c2:16:
88:76:f8:38:e4:b1:94:10:96:76:43:92:fe:f5:0d:
0d:64:8d:56:fe:c0:d1:d0:12:d6:5f:72:82:d7:f1:
4b:86:af:69:89:6e:f2:4c:4a:b9:8c:76:5e:4f:db:
d6:fc:3c:78:df:88:35:dc:34:63:d2:8a:82:55:67:
aa:a2:07:cd:53:60:24:04:ec:d0:23:85:f1:74:18:
d3:9d:c4:5e:88:80:36:8f:37:c4:95:69:4e:4a:83:
08:f8:a7:b3:6f:d2:05:11:5c:02:11:30:49:2d:69:
8c:da:e6:5f:62:1d:c4:22:49:b1:1c:b5:8d:e6:13:
ed:73:59:fd:9e:15:c9:54:71:da:b5:23:6e:0d:87:
6e:53:63:05:dd:ad:d2:ba:0f:88:02:bf:5a:db:89:
3e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:45:54:73:38:F9:F5:5C:DC:FC:15:1F:41:47:D5:BF:BA:84:AA:E8
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/37EFC154F4B111EDAEB75345C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.194.0.0/16
49.200.0.0/14
49.249.0.0-49.249.191.255
182.156.0.0/18
Signature Algorithm: sha256WithRSAEncryption
3f:07:cd:1b:6e:66:4b:27:4e:4d:9d:51:87:07:8f:b2:9f:ed:
ed:35:e7:72:0b:09:6e:17:59:51:6e:2a:f0:2d:f9:45:86:68:
1d:47:45:68:ac:ef:68:c8:16:e7:d6:9c:ab:6a:b4:e2:d8:3a:
9e:27:7b:cb:c0:49:1d:df:0c:26:2e:ec:ef:d7:69:88:31:16:
02:3d:a7:5d:35:ba:d0:1b:13:f6:7c:bb:1a:03:ea:7c:7c:83:
96:59:3d:87:4e:79:50:0a:68:4e:b1:2f:b8:23:15:10:b8:f7:
bb:5f:1b:16:66:54:21:19:1d:b0:ef:b9:90:e0:93:b6:f3:37:
f7:d3:2e:7f:ab:ec:c0:23:79:a5:20:ca:1f:32:27:fa:9a:77:
fe:2f:55:e9:e7:47:d9:01:43:d6:0b:83:c9:07:95:07:5b:42:
dd:fe:10:99:1b:76:d0:16:66:04:10:b1:61:79:a6:c4:24:98:
f5:62:2b:69:f6:1e:0e:cc:35:2c:b6:0a:31:f3:f0:95:92:19:
48:32:e7:dc:ae:1f:7d:f1:71:27:ce:ae:c3:d9:d7:80:47:15:
4c:05:68:35:80:e3:79:46:10:71:06:d9:f7:dd:35:d2:d9:ad:
4c:24:f1:ec:23:aa:93:e9:28:d9:73:60:65:7e:a6:da:40:9b:
b9:79:55:ca
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjMwNzMxMTQwNTIzWhcNMjQwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM3YmZhMy1lMDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuiPWxQv3iO9f9QFAtgSc9+y+3ksB1/tY2Ofi7QokKQ+ZwUNXH2xYFa+CnXi9
8x7U6heprJsIKfWv9pyZH8FTH045fYKwJxN4ryeVKxalccsvEfncXo+PHr5Fn3p8
fsS/bofxL2sfwhaIdvg45LGUEJZ2Q5L+9Q0NZI1W/sDR0BLWX3KC1/FLhq9piW7y
TEq5jHZeT9vW/Dx434g13DRj0oqCVWeqogfNU2AkBOzQI4XxdBjTncReiIA2jzfE
lWlOSoMI+Kezb9IFEVwCETBJLWmM2uZfYh3EIkmxHLWN5hPtc1n9nhXJVHHatSNu
DYduU2MF3a3Sug+IAr9a24k+cwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFGJFVHM4
+fVc3PwVH0FH1b+6hKroMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMzdFRkMxNTRG
NEIxMTFFREFFQjc1MzQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMCMEAgABMB0DAwAOwgMDAjHIMAsDAwAx+QMEBjH5gAMEBracADANBgkqhkiG
9w0BAQsFAAOCAQEAPwfNG25mSydOTZ1RhwePsp/t7TXncgsJbhdZUW4q8C35RYZo
HUdFaKzvaMgW59acq2q04tg6nid7y8BJHd8MJi7s79dpiDEWAj2nXTW60BsT9ny7
GgPqfHyDllk9h055UApoTrEvuCMVELj3u18bFmZUIRkdsO+5kOCTtvM399Muf6vs
wCN5pSDKHzIn+pp3/i9V6edH2QFD1guDyQeVB1tC3f4QmRt20BZmBBCxYXmmxCSY
9WIrafYeDsw1LLYKMfPwlZIZSDLn3K4fffFxJ86uw9nXgEcVTAVoNYDjeUYQcQbZ
99010tmtTCTx7COqk+ko2XNgZX6m2kCbuXlVyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org