Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/14CC8B90B73511EC8392922AC4F9AE02.roa
File: 14CC8B90B73511EC8392922AC4F9AE02.roa (raw, json)
Hash identifier: m2QJOu4gKZFQBPof6C3AMTiEB+ZAgHlpIKWV3dKCUQ0=
Subject key identifier: FF:A1:4A:82:AC:6C:A4:B5:91:2D:4B:D3:54:59:41:C0:88:08:10:2C
Certificate issuer: /CN=A913B6D4/serialNumber=0D5028986A356B69B4AF7D2F6649D6BBDCBE8BED
Certificate serial: 02DC
Authority key identifier: 0D:50:28:98:6A:35:6B:69:B4:AF:7D:2F:66:49:D6:BB:DC:BE:8B:ED
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DVAomGo1a2m0r30vZknWu9y-i-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/14CC8B90B73511EC8392922AC4F9AE02.roa
Signing time: Fri 08 Apr 2022 12:11:55 +0000
ROA not before: Fri 08 Apr 2022 12:11:55 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 7018
IP address blocks: 58.84.52.0/22 maxlen: 24
116.206.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 732 (0x2dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B6D4/serialNumber=0D5028986A356B69B4AF7D2F6649D6BBDCBE8BED
Validity
Not Before: Apr 8 12:11:55 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=6250268b-440a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:18:d9:69:cd:72:20:f0:a5:94:bf:11:68:87:
8d:8f:e8:09:5e:19:94:0c:ac:74:eb:b8:d9:23:4c:
65:e7:86:21:d7:38:53:89:60:f8:f5:8e:96:ac:cc:
b2:72:3e:ce:a2:da:03:ae:3e:06:34:4e:bc:9c:4c:
71:a4:c6:b6:d2:26:12:66:50:a7:7d:3d:a8:41:7c:
d7:db:22:5f:33:39:34:80:50:cd:e3:63:ff:54:fe:
72:fd:fb:cb:8e:09:c0:d2:53:52:e8:33:b7:fe:4a:
b0:34:14:2c:94:1f:29:52:31:b8:c9:1f:fb:53:56:
e4:af:71:79:04:3b:7c:d4:43:b7:ff:b0:fe:2a:c6:
7e:b3:b0:62:0a:61:5b:2c:8f:e9:84:fd:d8:3c:38:
fb:c1:5d:c5:bd:52:0c:08:dc:18:88:c4:55:9b:bb:
f4:9c:a6:e6:01:dd:be:ba:a4:fb:03:29:bd:b6:2e:
d1:ff:8e:d7:f8:e8:92:c1:9d:df:fa:a7:86:a4:d9:
7a:37:d6:28:38:fb:f9:67:11:93:e1:a2:9c:02:e7:
cb:4e:b8:90:64:c5:50:79:dc:a2:72:ad:72:1e:91:
de:54:12:4e:29:d5:03:0d:b3:94:f8:cb:ea:ce:fb:
13:69:77:46:3c:2b:15:a1:e0:e6:9e:75:00:54:e0:
d3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A1:4A:82:AC:6C:A4:B5:91:2D:4B:D3:54:59:41:C0:88:08:10:2C
X509v3 Authority Key Identifier:
keyid:0D:50:28:98:6A:35:6B:69:B4:AF:7D:2F:66:49:D6:BB:DC:BE:8B:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/DVAomGo1a2m0r30vZknWu9y-i-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DVAomGo1a2m0r30vZknWu9y-i-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B6D4/957253689E7911EB8F7A4487C4F9AE02/14CC8B90B73511EC8392922AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.84.52.0/22
116.206.100.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:58:e0:7e:b7:a0:c1:ec:09:89:30:a7:eb:2c:e0:b2:b7:04:
6e:4b:11:cc:3f:af:d0:03:e6:96:65:58:38:8a:e5:29:5c:fb:
6d:75:ae:95:13:8f:aa:3d:83:7f:42:47:f5:a8:3a:21:2a:54:
20:42:57:84:9b:c9:a2:57:46:1f:d6:f9:bc:07:56:83:e2:84:
27:da:42:dd:7e:17:05:8b:f9:78:84:3e:9a:86:d1:3e:f9:ef:
87:87:1c:c5:ce:aa:99:1b:0c:3a:f4:85:20:78:af:72:d7:61:
ee:04:7b:15:19:b5:2f:86:c6:34:a5:51:3a:58:5a:2f:82:03:
63:e4:29:41:d0:4a:46:ca:c0:ee:c9:be:dd:35:c8:8f:bd:b6:
1d:b5:8f:76:f6:77:69:b8:3f:a0:8d:b3:c7:1d:fb:71:c6:59:
f3:cf:73:79:68:39:be:fa:c4:39:83:d0:7c:d4:34:f1:68:3f:
a8:a6:05:f3:db:b8:61:b3:bf:cb:63:ed:96:49:42:a0:9c:d7:
96:ca:0f:9d:fc:75:bc:a4:2d:3b:46:d2:fe:cd:76:43:c9:5e:
70:a3:9d:d5:18:ca:9b:a3:64:05:19:54:93:42:14:a2:f4:a2:
09:c5:56:84:82:53:07:d6:9c:d9:2c:b6:a9:21:69:db:c1:a6:
6a:b1:d1:e6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAtwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I2RDQxMTAvBgNVBAUTKDBENTAyODk4NkEzNTZCNjlCNEFGN0QyRjY2NDlENkJC
RENCRThCRUQwHhcNMjIwNDA4MTIxMTU1WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjUwMjY4Yi00NDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqhjZac1yIPCllL8RaIeNj+gJXhmUDKx067jZI0xl54Yh1zhTiWD49Y6WrMyy
cj7OotoDrj4GNE68nExxpMa20iYSZlCnfT2oQXzX2yJfMzk0gFDN42P/VP5y/fvL
jgnA0lNS6DO3/kqwNBQslB8pUjG4yR/7U1bkr3F5BDt81EO3/7D+KsZ+s7BiCmFb
LI/phP3YPDj7wV3FvVIMCNwYiMRVm7v0nKbmAd2+uqT7Aym9ti7R/47X+OiSwZ3f
+qeGpNl6N9YoOPv5ZxGT4aKcAufLTriQZMVQedyicq1yHpHeVBJOKdUDDbOU+Mvq
zvsTaXdGPCsVoeDmnnUAVODTtQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFP+hSoKs
bKS1kS1L01RZQcCICBAsMB8GA1UdIwQYMBaAFA1QKJhqNWtptK99L2ZJ1rvcvovt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjZENC85NTcyNTM2ODlF
NzkxMUVCOEY3QTQ0ODdDNEY5QUUwMi9EVkFvbUdvMWEybTByMzB2WmtuV3U5eS1p
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RWQW9tR28xYTJtMHIzMHZaa25XdTl5LWktMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I2RDQvOTU3MjUzNjg5RTc5MTFFQjhGN0E0NDg3QzRGOUFFMDIvMTRDQzhCOTBC
NzM1MTFFQzgzOTI5MjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAI6VDQDBAJ0zmQwDQYJKoZIhvcNAQELBQADggEBALdY4H63
oMHsCYkwp+ss4LK3BG5LEcw/r9AD5pZlWDiK5Slc+211rpUTj6o9g39CR/WoOiEq
VCBCV4SbyaJXRh/W+bwHVoPihCfaQt1+FwWL+XiEPpqG0T7574eHHMXOqpkbDDr0
hSB4r3LXYe4EexUZtS+GxjSlUTpYWi+CA2PkKUHQSkbKwO7Jvt01yI+9th21j3b2
d2m4P6CNs8cd+3HGWfPPc3loOb76xDmD0HzUNPFoP6imBfPbuGGzv8tj7ZZJQqCc
15bKD538dbykLTtG0v7NdkPJXnCjndUYypujZAUZVJNCFKL0ognFVoSCUwfWnNks
tqkhadvBpmqx0eY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-ams.rpki-client.org