Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/F37BE11CEAD211ECA35CE576C4F9AE02.roa
File: F37BE11CEAD211ECA35CE576C4F9AE02.roa (raw, json)
Hash identifier: yC6VsnJzXegntVaZTj90U5Y3QEP9SBGsRS+yZxAKKZc=
Subject key identifier: 7C:98:8F:9C:AF:11:22:63:4E:C7:17:62:71:25:CB:4F:E1:7B:0E:7B
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: C4
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/F37BE11CEAD211ECA35CE576C4F9AE02.roa
Signing time: Mon 13 Jun 2022 04:40:29 +0000
ROA not before: Mon 13 Jun 2022 04:40:29 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 43350
IP address blocks: 223.29.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196 (0xc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Validity
Not Before: Jun 13 04:40:29 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62a6bfbd-87ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c7:08:96:d0:b2:a8:c2:47:aa:9e:7c:02:d7:
3b:d1:45:95:3b:66:d3:a7:c4:f8:74:84:30:64:8a:
c0:7a:91:92:9c:23:76:e3:7b:7b:8f:30:72:51:59:
10:d1:ec:0c:18:bc:a8:a9:61:50:ea:d4:02:50:24:
02:6a:e5:87:b7:21:f5:b7:bf:9b:55:5a:bc:47:cc:
c3:de:65:5b:b3:8a:71:ed:0b:a4:b8:91:25:90:29:
d8:1b:03:72:fb:83:57:d6:83:79:d0:aa:1e:e0:f7:
b1:b7:56:6c:f3:70:f8:fc:7d:de:f0:82:e0:4e:1a:
d4:25:05:20:d7:20:dd:39:a5:fe:1c:24:f5:eb:1a:
5b:58:c2:ee:6c:19:82:33:a8:27:37:eb:92:eb:80:
84:52:97:2a:37:41:35:1e:dd:23:53:9a:ab:4c:a5:
25:76:86:87:14:b6:cb:28:44:bb:57:c4:6b:2a:d0:
4c:74:0b:95:b6:0b:92:3d:5c:a0:aa:fd:1d:e3:72:
53:52:dc:eb:e9:29:22:86:bb:46:c8:06:ac:63:bf:
4c:0f:7f:30:84:25:20:57:43:39:74:fc:2f:10:47:
6f:e9:3d:aa:84:49:7c:67:6b:a3:06:39:d3:88:a9:
dc:2b:23:7e:3a:47:1e:58:62:1a:fc:c6:0e:69:3e:
96:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:98:8F:9C:AF:11:22:63:4E:C7:17:62:71:25:CB:4F:E1:7B:0E:7B
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/F37BE11CEAD211ECA35CE576C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.152.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:d5:e3:ce:c4:c1:21:2b:45:5e:16:1e:0c:27:bb:b5:99:82:
0c:22:66:9c:f9:9e:08:5b:cc:4e:85:ba:22:87:45:ee:01:73:
ad:04:2f:fc:10:8e:45:d6:47:2a:75:7e:a8:24:f4:af:4f:c9:
11:d2:b6:4a:7c:4a:d8:8d:03:27:f1:51:3e:84:e7:79:7d:c3:
8d:4e:96:63:ef:b1:93:ec:25:ee:dc:94:38:1e:d7:ac:a8:c7:
a2:a6:3d:70:35:0a:28:85:ca:17:4a:70:d1:bc:ca:2c:36:d0:
4f:a1:7e:b7:03:0c:0e:3e:30:dd:36:4d:6c:3a:8f:c6:86:92:
a9:68:18:f0:b9:0c:70:14:31:ef:1e:50:6b:ee:a1:3e:25:ee:
ea:99:0b:80:6e:5f:60:db:27:55:27:f8:fe:82:e7:c5:35:35:
55:e2:75:c3:3b:1e:99:bd:63:7c:b7:92:07:f7:b8:05:73:a9:
1d:88:83:dc:8c:21:ed:53:8b:f2:d1:e6:41:43:f2:75:d3:7d:
be:e8:51:f5:7a:1b:7d:84:79:eb:fd:55:cd:8a:3a:e0:69:ba:
36:8e:80:e3:75:45:1f:d5:9b:97:b1:79:3b:12:54:bc:0f:cc:
47:81:ef:0b:20:96:7d:fa:98:f4:60:46:4d:d9:a9:bf:d8:53:
46:21:95:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjIwNjEzMDQ0MDI5WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmE2YmZiZC04N2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2ccIltCyqMJHqp58Atc70UWVO2bTp8T4dIQwZIrAepGSnCN243t7jzByUVkQ
0ewMGLyoqWFQ6tQCUCQCauWHtyH1t7+bVVq8R8zD3mVbs4px7QukuJElkCnYGwNy
+4NX1oN50Koe4Pext1Zs83D4/H3e8ILgThrUJQUg1yDdOaX+HCT16xpbWMLubBmC
M6gnN+uS64CEUpcqN0E1Ht0jU5qrTKUldoaHFLbLKES7V8RrKtBMdAuVtguSPVyg
qv0d43JTUtzr6SkihrtGyAasY79MD38whCUgV0M5dPwvEEdv6T2qhEl8Z2ujBjnT
iKncKyN+OkceWGIa/MYOaT6WfQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHyYj5yv
ESJjTscXYnEly0/hew57MB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvRjM3QkUxMUNF
QUQyMTFFQ0EzNUNFNTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALfHZgwDQYJKoZIhvcNAQELBQADggEBAB7V487EwSErRV4W
Hgwnu7WZggwiZpz5nghbzE6FuiKHRe4Bc60EL/wQjkXWRyp1fqgk9K9PyRHStkp8
StiNAyfxUT6E53l9w41OlmPvsZPsJe7clDge16yox6KmPXA1CiiFyhdKcNG8yiw2
0E+hfrcDDA4+MN02TWw6j8aGkqloGPC5DHAUMe8eUGvuoT4l7uqZC4BuX2DbJ1Un
+P6C58U1NVXidcM7Hpm9Y3y3kgf3uAVzqR2Ig9yMIe1Ti/LR5kFD8nXTfb7oUfV6
G32Eeev9Vc2KOuBpujaOgON1RR/Vm5exeTsSVLwPzEeB7wsgln36mPRgRk3Zqb/Y
U0Yhlak=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:36 2023 by rpki-client on console-ams.rpki-client.org