Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/864D4F22D86011E9AA427365C4F9AE02.roa
File: 864D4F22D86011E9AA427365C4F9AE02.roa (raw, json)
Hash identifier: D3SFiLdot9T2NoRzG+77n+JVa9ALG/f3ZOqjinAbcfM=
Subject key identifier: EB:25:C5:44:0D:97:F7:ED:B6:26:FD:D3:1C:19:25:DA:AF:1F:30:AC
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 240C
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/864D4F22D86011E9AA427365C4F9AE02.roa
Signing time: Fri 31 Dec 2021 04:32:50 +0000
ROA not before: Fri 31 Dec 2021 04:32:50 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 45806
IP address blocks: 49.229.16.0/24 maxlen: 24
202.80.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9228 (0x240c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Validity
Not Before: Dec 31 04:32:50 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61ce87f2-b058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2c:07:05:5d:36:d7:c2:51:f3:99:45:d4:88:
ec:fa:02:e9:67:c1:f3:c1:1a:02:cf:db:97:0e:5d:
36:99:00:b0:a8:ee:60:1c:fd:20:8e:af:d8:bb:b3:
a4:8a:23:4e:8f:f8:71:7d:2b:5c:24:b5:c5:e6:b4:
5e:72:83:a3:8a:87:08:bd:78:fa:f7:c6:0e:30:21:
20:d0:e4:1c:ed:f3:0d:3d:a0:6b:a4:db:15:8c:77:
c6:21:a8:99:20:a0:f5:72:b3:f0:28:f9:74:55:d9:
d2:e2:b8:57:9f:30:60:eb:82:54:4e:fe:f2:52:ca:
f0:1b:d6:bf:95:5d:b3:b7:6f:bb:7a:56:5d:f8:12:
b6:54:42:48:2e:16:a2:a5:ba:b1:47:af:12:d4:c2:
8a:df:72:85:c5:e1:93:0f:61:38:48:4f:37:c2:1c:
98:b0:cd:a7:02:66:97:0b:89:41:58:38:ec:d5:40:
6c:51:ae:4c:dc:0b:7a:6f:86:3f:30:06:1c:45:df:
2c:f0:b5:17:96:d0:1b:40:30:69:94:24:ed:eb:4b:
63:57:14:93:ec:f5:90:d7:53:3d:84:c6:22:bb:44:
86:20:5b:19:60:17:06:22:e4:4a:69:81:87:ef:3b:
4f:8a:02:9b:90:e4:3b:54:fb:9b:5a:40:c3:3c:24:
b6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:25:C5:44:0D:97:F7:ED:B6:26:FD:D3:1C:19:25:DA:AF:1F:30:AC
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/864D4F22D86011E9AA427365C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.229.16.0/24
202.80.230.0/24
Signature Algorithm: sha256WithRSAEncryption
17:71:bd:bb:f6:94:76:a2:dd:34:53:fc:b3:4c:93:fe:31:a9:
38:07:24:b8:68:57:ae:84:f2:a2:94:f0:d3:4f:d6:af:e5:c4:
4b:56:be:9b:5c:64:b3:73:5d:f0:b4:44:71:8f:55:a2:35:2c:
f8:91:5d:92:e5:2d:0a:52:4a:b1:c4:b7:ae:dc:65:19:aa:f9:
fa:6c:31:00:19:1f:96:68:a4:e8:c6:21:d4:8f:7e:0c:ce:33:
61:64:29:c7:ba:ff:8e:9c:86:83:11:85:a9:44:c8:5c:82:99:
96:1b:3d:73:02:93:ef:95:99:cb:a6:56:5a:62:df:12:66:6f:
7e:b4:fb:cb:70:f2:7f:87:30:f4:b3:44:4d:3d:51:77:12:25:
c2:6f:b0:67:45:01:a4:47:68:5f:9c:79:a5:4a:95:79:2d:54:
5f:f5:5d:f7:22:4c:f6:55:1d:a1:ae:7a:44:7e:d8:ee:7b:7a:
3b:35:ad:00:47:c7:43:ec:7b:1c:6a:bf:8c:0d:12:3f:fa:b2:
3f:b6:7c:d3:aa:a0:69:40:b1:b1:3f:74:a2:0a:95:81:be:74:
98:4d:e6:66:51:98:ba:15:7c:c9:e1:7f:c1:9d:5e:99:44:9f:
9d:ac:0f:5c:dc:07:5a:6e:80:b7:39:06:63:bd:ca:f8:14:72:
f1:ab:51:5f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICJAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjExMjMxMDQzMjUwWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNlODdmMi1iMDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtiwHBV0218JR85lF1Ijs+gLpZ8HzwRoCz9uXDl02mQCwqO5gHP0gjq/Yu7Ok
iiNOj/hxfStcJLXF5rRecoOjiocIvXj698YOMCEg0OQc7fMNPaBrpNsVjHfGIaiZ
IKD1crPwKPl0VdnS4rhXnzBg64JUTv7yUsrwG9a/lV2zt2+7elZd+BK2VEJILhai
pbqxR68S1MKK33KFxeGTD2E4SE83whyYsM2nAmaXC4lBWDjs1UBsUa5M3At6b4Y/
MAYcRd8s8LUXltAbQDBplCTt60tjVxST7PWQ11M9hMYiu0SGIFsZYBcGIuRKaYGH
7ztPigKbkOQ7VPubWkDDPCS25wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOslxUQN
l/fttib90xwZJdqvHzCsMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvODY0RDRGMjJE
ODYwMTFFOUFBNDI3MzY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAx5RADBADKUOYwDQYJKoZIhvcNAQELBQADggEBABdxvbv2
lHai3TRT/LNMk/4xqTgHJLhoV66E8qKU8NNP1q/lxEtWvptcZLNzXfC0RHGPVaI1
LPiRXZLlLQpSSrHEt67cZRmq+fpsMQAZH5ZopOjGIdSPfgzOM2FkKce6/46choMR
halEyFyCmZYbPXMCk++VmcumVlpi3xJmb360+8tw8n+HMPSzRE09UXcSJcJvsGdF
AaRHaF+ceaVKlXktVF/1XfciTPZVHaGuekR+2O57ejs1rQBHx0Psexxqv4wNEj/6
sj+2fNOqoGlAsbE/dKIKlYG+dJhN5mZRmLoVfMnhf8GdXplEn52sD1zcB1pugLc5
BmO9yvgUcvGrUV8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org