Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/F2A5069844A311E9AEF6F25AC4F9AE02.roa
File: F2A5069844A311E9AEF6F25AC4F9AE02.roa (raw, json)
Hash identifier: TTsbIKoWiokxEcWco0XK7wYdqbIoPMD82StiSTS96Sg=
Subject key identifier: 83:EF:68:B5:E0:CD:42:97:4B:78:57:98:49:02:35:75:15:AA:12:F1
Certificate issuer: /CN=A91275FD/serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5
Certificate serial: 20FE
Authority key identifier: 4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/F2A5069844A311E9AEF6F25AC4F9AE02.roa
Signing time: Fri 14 May 2021 04:21:55 +0000
ROA not before: Fri 14 May 2021 04:21:55 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 9386
IP address blocks: 124.158.32.0/19 maxlen: 19
124.158.34.0/24 maxlen: 24
202.8.224.0/19 maxlen: 19
202.128.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8446 (0x20fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91275FD/serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5
Validity
Not Before: May 14 04:21:55 2021 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=609dfae2-a95b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:69:39:4e:57:60:e5:01:cc:56:d4:2b:ee:d8:
45:f9:76:f1:30:37:72:78:40:1c:d8:c7:25:50:a0:
5f:ea:87:f2:1d:5e:88:2e:0f:4f:9b:ce:fa:c7:3a:
0f:ff:2e:1a:4a:a6:3f:f4:39:c6:80:b5:4b:21:eb:
6b:6a:da:a3:63:12:33:c5:9a:3b:d8:3b:c1:f8:f8:
7f:ec:ea:9c:6b:92:fc:9d:09:29:8e:73:99:93:cd:
4a:4d:27:f3:9b:61:5a:e6:55:99:07:fa:17:5a:68:
2e:90:0c:b3:ce:79:10:9d:1e:a4:50:3a:0a:e2:01:
2b:0d:78:4f:e1:fb:3f:01:5d:ed:61:c8:f6:43:83:
16:e1:06:e3:52:9d:18:5f:60:9b:db:65:0a:d6:ce:
f7:cb:a3:a5:23:1d:b9:3a:67:81:9b:ae:fc:68:02:
2e:bd:54:66:ba:f5:9f:6b:5c:8e:d9:74:e1:a3:23:
d2:df:ba:37:cc:ab:b1:72:35:26:cf:5b:22:bc:b5:
b5:83:6e:80:3d:df:78:c6:a0:47:3f:a6:9a:fa:e3:
16:5b:bc:43:5b:68:86:2b:97:38:f0:64:c9:bd:83:
15:a0:e7:d1:91:10:60:4d:53:39:26:df:9a:f5:a9:
90:73:80:dd:cc:7b:2f:6e:d6:99:10:fd:df:f7:90:
8c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EF:68:B5:E0:CD:42:97:4B:78:57:98:49:02:35:75:15:AA:12:F1
X509v3 Authority Key Identifier:
keyid:4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/F2A5069844A311E9AEF6F25AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
124.158.32.0/19
202.8.224.0/19
202.128.32.0/19
Signature Algorithm: sha256WithRSAEncryption
6f:57:22:47:18:d3:1b:92:6a:fb:f0:1f:ce:db:d8:c2:f2:10:
b5:68:b9:19:96:f8:9a:9d:e2:0c:05:50:03:bb:e4:6d:b6:3f:
4b:e9:5e:1c:05:f1:b0:14:2c:b6:ce:2b:5d:8f:17:d7:1d:58:
75:db:2a:61:32:b3:37:94:02:8c:ec:6a:be:bc:59:4e:9e:54:
76:e2:03:fa:57:d9:d7:c4:cf:3e:a2:b5:10:45:5a:f5:09:39:
6c:9b:f5:b2:35:d5:02:a2:aa:b9:1f:08:7c:13:c8:65:60:32:
a4:77:ef:ab:52:e2:9e:45:51:8b:10:6c:b6:40:68:5c:70:24:
ed:6a:f4:89:82:7d:ef:0e:92:60:47:bf:5e:e0:8a:7c:0f:c3:
6f:48:a9:d1:67:05:b9:53:55:b2:e4:66:a4:ef:c4:0c:6c:b4:
7e:97:27:6b:60:e5:af:d1:d9:75:5b:97:45:d7:ed:a2:7e:a9:
7a:6c:8b:08:70:20:14:a1:cd:20:ce:52:d2:c3:f2:69:93:c5:
fa:52:12:52:bc:35:eb:69:5f:9d:3e:64:a1:57:40:c7:03:cb:
79:99:0f:48:08:c8:57:e6:94:dd:a2:f6:31:0d:17:f6:08:10:
32:b1:f1:5b:fe:77:7a:03:93:5d:18:b1:f8:49:fb:80:c4:56:
d2:5f:b7:b5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICIP4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1RkQxMTAvBgNVBAUTKDRFMTBGMTNGMjk1RkJGMkIzNTlDODREREQxNjUxQkM4
NTFBQThBRjUwHhcNMjEwNTE0MDQyMTU1WhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDlkZmFlMi1hOTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwGk5Tldg5QHMVtQr7thF+XbxMDdyeEAc2MclUKBf6ofyHV6ILg9Pm876xzoP
/y4aSqY/9DnGgLVLIetratqjYxIzxZo72DvB+Ph/7Oqca5L8nQkpjnOZk81KTSfz
m2Fa5lWZB/oXWmgukAyzznkQnR6kUDoK4gErDXhP4fs/AV3tYcj2Q4MW4QbjUp0Y
X2Cb22UK1s73y6OlIx25OmeBm678aAIuvVRmuvWfa1yO2XThoyPS37o3zKuxcjUm
z1sivLW1g26APd94xqBHP6aa+uMWW7xDW2iGK5c48GTJvYMVoOfRkRBgTVM5Jt+a
9amQc4DdzHsvbtaZEP3f95CM1wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFIPvaLXg
zUKXS3hXmEkCNXUVqhLxMB8GA1UdIwQYMBaAFE4Q8T8pX78rNZyE3dFlG8hRqor1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9FMUVGRDlCNkRF
Q0UxMUU0QTE0RjAwNjhDNEY5QUUwMi9UaER4UHlsZnZ5czFuSVRkMFdVYnlGR3Fp
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RoRHhQeWxmdnlzMW5JVGQwV1VieUZHcWl2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1RkQvRTFFRkQ5QjZERUNFMTFFNEExNEYwMDY4QzRGOUFFMDIvRjJBNTA2OTg0
NEEzMTFFOUFFRjZGMjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAV8niADBAXKCOADBAXKgCAwDQYJKoZIhvcNAQELBQADggEB
AG9XIkcY0xuSavvwH87b2MLyELVouRmW+Jqd4gwFUAO75G22P0vpXhwF8bAULLbO
K12PF9cdWHXbKmEyszeUAozsar68WU6eVHbiA/pX2dfEzz6itRBFWvUJOWyb9bI1
1QKiqrkfCHwTyGVgMqR376tS4p5FUYsQbLZAaFxwJO1q9ImCfe8OkmBHv17ginwP
w29IqdFnBblTVbLkZqTvxAxstH6XJ2tg5a/R2XVbl0XX7aJ+qXpsiwhwIBShzSDO
UtLD8mmTxfpSElK8NetpX50+ZKFXQMcDy3mZD0gIyFfmlN2i9jENF/YIEDKx8Vv+
d3oDk10YsfhJ+4DEVtJft7U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:57 2024 by rpki-client on console-fra.rpki-client.org