Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/A344F2F6CC5E11ED8812DA68C4F9AE02.roa
File: A344F2F6CC5E11ED8812DA68C4F9AE02.roa (raw, json)
Hash identifier: ICTmNCQQby5AqDMsyh+LlkOfQtLMdza5BHMMI2/bxYg=
Subject key identifier: AE:D1:44:B8:9C:63:31:84:EF:CE:10:CB:F8:CF:9F:39:33:15:09:1E
Certificate issuer: /CN=A912DD15/serialNumber=468C6A792ABB3E45FEEE2228D28E78031372B455
Certificate serial: 05
Authority key identifier: 46:8C:6A:79:2A:BB:3E:45:FE:EE:22:28:D2:8E:78:03:13:72:B4:55
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RoxqeSq7PkX-7iIo0o54AxNytFU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/A344F2F6CC5E11ED8812DA68C4F9AE02.roa
Signing time: Tue 28 Mar 2023 05:17:11 +0000
ROA not before: Tue 28 Mar 2023 05:17:11 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 9328
IP address blocks: 161.152.0.0/16 maxlen: 16
192.112.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912DD15/serialNumber=468C6A792ABB3E45FEEE2228D28E78031372B455
Validity
Not Before: Mar 28 05:17:11 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=64227856-10b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a2:b7:07:d0:be:2c:4e:78:12:c0:28:20:eb:
ad:51:d9:73:69:93:ad:ea:18:a2:33:e7:5f:d7:bc:
d7:b6:81:c6:12:97:7d:04:a3:a1:05:fa:5b:74:6c:
ac:d7:53:f5:60:95:f9:05:b0:bb:49:13:66:cb:31:
bc:02:69:8c:49:ce:83:00:f8:cc:83:8c:55:20:a3:
bc:87:e2:58:dd:cd:c7:fe:86:ae:15:24:aa:1a:0e:
ba:48:a8:f6:b0:b8:37:d3:01:58:bb:70:eb:18:83:
4c:41:57:50:a3:10:76:c0:d3:a3:f2:1f:4d:1a:67:
31:ff:11:fa:ed:11:a7:0c:c4:da:b9:aa:eb:a9:84:
03:bf:0e:80:5f:ea:d2:fd:a2:36:97:88:a8:64:b0:
65:0c:45:43:3f:9c:e4:bf:cd:16:d6:e0:af:ce:8c:
fe:0d:f6:75:6d:f7:63:4a:94:ed:af:fd:b8:12:c3:
d9:58:37:3d:3a:6e:53:96:d8:e5:87:cf:b8:a2:c3:
4e:43:eb:c8:16:3c:1f:cd:9d:83:79:cd:21:8b:e5:
4d:66:d3:0a:6d:b5:f9:0b:02:e0:a3:6d:58:88:4e:
2d:7c:56:6a:9b:cc:c8:f8:38:1d:0e:0d:a3:17:4e:
10:d1:05:f6:07:a8:ba:f9:0e:8b:ba:f5:5f:80:4e:
0f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D1:44:B8:9C:63:31:84:EF:CE:10:CB:F8:CF:9F:39:33:15:09:1E
X509v3 Authority Key Identifier:
keyid:46:8C:6A:79:2A:BB:3E:45:FE:EE:22:28:D2:8E:78:03:13:72:B4:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/RoxqeSq7PkX-7iIo0o54AxNytFU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RoxqeSq7PkX-7iIo0o54AxNytFU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912DD15/BDADA860CC5211EDA8291D10C4F9AE02/A344F2F6CC5E11ED8812DA68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.152.0.0/16
192.112.215.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ac:c4:b5:62:42:66:35:98:df:1d:38:c1:61:9e:2b:70:3e:
5f:9c:4f:e5:7c:63:60:dc:02:9c:e1:3a:ee:b3:b0:ae:9b:7b:
6f:84:f6:30:16:c3:e6:47:33:92:fe:84:4c:d7:07:44:d4:11:
ba:88:7b:d9:87:48:98:ea:ef:91:be:a3:4a:c6:b2:5d:c6:00:
9b:d0:64:c5:91:0d:05:74:25:42:b5:ab:98:78:07:c6:d8:73:
0f:a4:31:b6:73:00:be:1c:19:8c:da:a0:91:52:34:79:fb:d7:
88:74:ca:39:05:6f:45:ef:e8:06:c6:9c:01:59:44:fa:64:7b:
97:ba:81:8e:38:a4:73:bb:11:3d:4b:69:06:eb:00:4c:e7:b2:
02:2c:fc:21:9b:73:72:e7:ca:85:63:b6:f8:57:dc:64:99:c8:
e3:6a:c0:20:37:1e:e7:4d:3a:a3:ff:d8:94:fb:8e:58:10:7c:
f1:19:c9:93:9f:8d:bd:c6:d0:e2:27:2c:a5:d9:fc:e7:bf:1f:
e3:2b:54:97:4f:7d:bc:0f:41:a5:56:46:c2:1a:85:50:fa:ef:
60:20:cf:cd:9e:f0:61:d5:03:46:36:a5:10:30:64:e8:e4:3d:
5f:ab:8d:25:97:82:4d:1a:45:ba:e2:e3:73:c0:87:a3:db:ec:
b4:74:c4:0e
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
REQxNTExMC8GA1UEBRMoNDY4QzZBNzkyQUJCM0U0NUZFRUUyMjI4RDI4RTc4MDMx
MzcyQjQ1NTAeFw0yMzAzMjgwNTE3MTFaFw0yNDAzMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MjI3ODU2LTEwYjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDkorcH0L4sTngSwCgg661R2XNpk63qGKIz51/XvNe2gcYSl30Eo6EF+lt0bKzX
U/VglfkFsLtJE2bLMbwCaYxJzoMA+MyDjFUgo7yH4ljdzcf+hq4VJKoaDrpIqPaw
uDfTAVi7cOsYg0xBV1CjEHbA06PyH00aZzH/EfrtEacMxNq5quuphAO/DoBf6tL9
ojaXiKhksGUMRUM/nOS/zRbW4K/OjP4N9nVt92NKlO2v/bgSw9lYNz06blOW2OWH
z7iiw05D68gWPB/NnYN5zSGL5U1m0wpttfkLAuCjbViITi18VmqbzMj4OB0ODaMX
ThDRBfYHqLr5Dou69V+ATg+NAgMBAAGjggKaMIICljAdBgNVHQ4EFgQUrtFEuJxj
MYTvzhDL+M+fOTMVCR4wHwYDVR0jBBgwFoAURoxqeSq7PkX+7iIo0o54AxNytFUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJERDE1L0JEQURBODYwQ0M1
MjExRURBODI5MUQxMEM0RjlBRTAyL1JveHFlU3E3UGtYLTdpSW8wbzU0QXhOeXRG
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUm94cWVTcTdQa1gtN2lJbzBvNTRBeE55dEZVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
REQxNS9CREFEQTg2MENDNTIxMUVEQTgyOTFEMTBDNEY5QUUwMi9BMzQ0RjJGNkND
NUUxMUVEODgxMkRBNjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQV
MBMwEQQCAAEwCwMDAKGYAwQAwHDXMA0GCSqGSIb3DQEBCwUAA4IBAQAdrMS1YkJm
NZjfHTjBYZ4rcD5fnE/lfGNg3AKc4Trus7Cum3tvhPYwFsPmRzOS/oRM1wdE1BG6
iHvZh0iY6u+RvqNKxrJdxgCb0GTFkQ0FdCVCtauYeAfG2HMPpDG2cwC+HBmM2qCR
UjR5+9eIdMo5BW9F7+gGxpwBWUT6ZHuXuoGOOKRzuxE9S2kG6wBM57ICLPwhm3Ny
58qFY7b4V9xkmcjjasAgNx7nTTqj/9iU+45YEHzxGcmTn429xtDiJyyl2fznvx/j
K1SXT328D0GlVkbCGoVQ+u9gIM/NnvBh1QNGNqUQMGTo5D1fq40ll4JNGkW64uNz
wIej2+y0dMQO
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org