Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/D6E4EE72F67211EBA0F18818C4F9AE02.roa
File: D6E4EE72F67211EBA0F18818C4F9AE02.roa (raw, json)
Hash identifier: RQt+rqOJ9aYs/xyws/WUWhqJaMOr8n+Sp9Tas278aMg=
Subject key identifier: 8A:36:BE:34:3D:A7:C0:89:61:38:85:F5:5B:80:6A:72:71:28:73:0D
Certificate issuer: /CN=A9174685/serialNumber=A5F065FCC9EDA11DCA4D0DFC6D7C99075298D7FF
Certificate serial: 0430
Authority key identifier: A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/D6E4EE72F67211EBA0F18818C4F9AE02.roa
Signing time: Wed 29 Sep 2021 11:30:01 +0000
ROA not before: Wed 29 Sep 2021 11:30:01 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 9441
IP address blocks: 202.58.252.0/24 maxlen: 24
202.58.253.0/24 maxlen: 24
202.58.254.0/24 maxlen: 24
202.58.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1072 (0x430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174685/serialNumber=A5F065FCC9EDA11DCA4D0DFC6D7C99075298D7FF
Validity
Not Before: Sep 29 11:30:01 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=61544e39-fbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6b:0d:5b:af:7b:b0:f0:b9:07:1b:9c:8a:00:
45:12:37:97:a5:36:d3:98:6f:50:1f:67:57:94:08:
c7:e6:3f:4f:73:37:ad:23:cc:d4:2a:a8:71:fb:17:
c0:cf:e5:f3:74:4d:5a:ab:44:48:02:19:a3:5d:ab:
d5:b1:0f:9d:6e:b1:6a:2b:a8:e9:3d:65:70:8a:ca:
82:f6:39:55:aa:ed:fe:75:8b:c9:2d:3e:5c:db:bd:
c6:80:25:ff:eb:ae:38:81:d5:2e:a1:57:00:14:8d:
eb:5e:d6:52:0e:5a:a0:60:2e:b1:db:6b:d2:51:11:
5e:f5:11:01:c5:9b:06:3a:8f:fb:07:ea:d1:fb:02:
8a:9a:5e:cf:4b:75:d7:7b:f3:58:b5:7f:9f:43:a9:
03:a1:f4:e8:1b:8c:73:08:60:cb:46:d0:fa:4d:d1:
d8:9d:3b:1b:bb:c9:fe:fb:63:a2:8b:fb:95:a2:34:
2f:df:a8:a7:6d:b8:29:5c:96:d6:0e:eb:f9:bd:2f:
6a:ce:f7:f6:33:88:c1:c6:11:3b:8e:4a:08:27:34:
32:ae:a0:6b:f4:17:be:64:50:5f:bf:aa:d5:31:4a:
c7:b9:86:87:98:a0:70:24:bf:fe:2a:99:d9:b7:8b:
e7:d6:7f:17:33:04:ad:10:68:e9:fb:45:5c:98:37:
e9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:36:BE:34:3D:A7:C0:89:61:38:85:F5:5B:80:6A:72:71:28:73:0D
X509v3 Authority Key Identifier:
keyid:A5:F0:65:FC:C9:ED:A1:1D:CA:4D:0D:FC:6D:7C:99:07:52:98:D7:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/pfBl_MntoR3KTQ38bXyZB1KY1_8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pfBl_MntoR3KTQ38bXyZB1KY1_8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174685/2D159182A97311EA9AABE923C4F9AE02/D6E4EE72F67211EBA0F18818C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.58.252.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:14:27:92:a1:0d:25:2d:d2:bc:58:8a:a2:fa:bd:ac:72:42:
54:d0:4e:0f:c5:80:77:11:11:51:3d:43:70:73:a3:52:24:c8:
08:01:83:c2:bb:0f:0a:37:ad:db:c8:bb:26:8e:21:64:c8:9a:
56:80:d3:14:b8:54:ce:86:fd:6f:8c:cd:e3:91:27:9a:e5:23:
d8:3f:d9:8f:c5:42:ea:e7:fc:fb:0c:c3:4a:92:ec:51:43:af:
d1:85:f0:22:2b:ec:bc:85:84:07:52:fe:c3:39:bd:ea:3d:18:
e5:c8:a7:54:9e:32:2a:b0:f3:27:a9:1a:ef:7d:fd:28:c7:03:
c7:bf:4f:a7:ba:18:da:8d:45:00:e6:bc:68:a3:c1:a9:d5:07:
fa:ea:7a:19:23:ee:67:2a:59:6c:e5:0b:5f:e2:33:83:a1:50:
be:98:da:4d:29:d1:0f:4c:29:be:1a:1d:cb:7c:9d:d3:6d:fe:
90:05:55:eb:32:6c:48:7f:32:f4:1d:40:3d:6e:8f:c3:8c:e3:
23:a0:c3:64:ec:25:8f:f5:4c:65:8b:fa:55:44:f2:4f:81:27:
7a:22:5f:18:52:f2:85:fd:7e:a8:d3:60:35:bf:b7:ee:ba:8c:
01:67:9c:1b:49:71:16:ce:ad:15:e7:0e:7b:f0:5b:a3:88:8d:
16:0f:37:56
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ2ODUxMTAvBgNVBAUTKEE1RjA2NUZDQzlFREExMURDQTREMERGQzZEN0M5OTA3
NTI5OEQ3RkYwHhcNMjEwOTI5MTEzMDAxWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTU0NGUzOS1mYmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz2sNW697sPC5BxucigBFEjeXpTbTmG9QH2dXlAjH5j9PczetI8zUKqhx+xfA
z+XzdE1aq0RIAhmjXavVsQ+dbrFqK6jpPWVwisqC9jlVqu3+dYvJLT5c273GgCX/
6644gdUuoVcAFI3rXtZSDlqgYC6x22vSURFe9REBxZsGOo/7B+rR+wKKml7PS3XX
e/NYtX+fQ6kDofToG4xzCGDLRtD6TdHYnTsbu8n++2Oii/uVojQv36inbbgpXJbW
Duv5vS9qzvf2M4jBxhE7jkoIJzQyrqBr9Be+ZFBfv6rVMUrHuYaHmKBwJL/+KpnZ
t4vn1n8XMwStEGjp+0VcmDfp/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFIo2vjQ9
p8CJYTiF9VuAanJxKHMNMB8GA1UdIwQYMBaAFKXwZfzJ7aEdyk0N/G18mQdSmNf/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDY4NS8yRDE1OTE4MkE5
NzMxMUVBOUFBQkU5MjNDNEY5QUUwMi9wZkJsX01udG9SM0tUUTM4Ylh5WkIxS1kx
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BmQmxfTW50b1IzS1RRMzhiWHlaQjFLWTFfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ2ODUvMkQxNTkxODJBOTczMTFFQTlBQUJFOTIzQzRGOUFFMDIvRDZFNEVFNzJG
NjcyMTFFQkEwRjE4ODE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKOvwwDQYJKoZIhvcNAQELBQADggEBAC4UJ5KhDSUt0rxY
iqL6vaxyQlTQTg/FgHcREVE9Q3Bzo1IkyAgBg8K7Dwo3rdvIuyaOIWTImlaA0xS4
VM6G/W+MzeORJ5rlI9g/2Y/FQurn/PsMw0qS7FFDr9GF8CIr7LyFhAdS/sM5veo9
GOXIp1SeMiqw8yepGu99/SjHA8e/T6e6GNqNRQDmvGijwanVB/rqehkj7mcqWWzl
C1/iM4OhUL6Y2k0p0Q9MKb4aHct8ndNt/pAFVesybEh/MvQdQD1uj8OM4yOgw2Ts
JY/1TGWL+lVE8k+BJ3oiXxhS8oX9fqjTYDW/t+66jAFnnBtJcRbOrRXnDnvwW6OI
jRYPN1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org