Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/14D5996A754E11ED98BF8629C4F9AE02.roa
File: 14D5996A754E11ED98BF8629C4F9AE02.roa (raw, json)
Hash identifier: /BaSGfm7x/OfbH2rXjjvC4CVmKJ9cy8+RaRUm0/7hMY=
Subject key identifier: 21:42:0A:86:36:96:2C:CB:7D:89:B5:C5:E1:F5:07:7B:71:15:AD:69
Certificate issuer: /CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Certificate serial: 07D0
Authority key identifier: BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/14D5996A754E11ED98BF8629C4F9AE02.roa
Signing time: Tue 06 Dec 2022 10:09:34 +0000
ROA not before: Tue 06 Dec 2022 10:09:34 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 139088
IP address blocks: 125.62.88.0/24 maxlen: 24
125.62.89.0/24 maxlen: 24
125.62.90.0/24 maxlen: 24
125.62.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2000 (0x7d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Validity
Not Before: Dec 6 10:09:34 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=638f14dd-bbc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c7:5f:78:3b:af:cb:cd:14:47:d5:48:9e:a3:
f1:f0:5e:77:c8:ce:ab:05:c2:92:46:5a:ec:62:ea:
a3:a6:65:67:e5:49:f4:9a:8c:0f:21:fa:05:07:d1:
00:e6:b1:39:fd:44:01:69:54:25:21:40:c9:46:23:
16:d9:ac:8f:45:e5:4c:6e:3e:03:d8:41:d9:e1:df:
a1:df:59:f9:77:b6:6f:0b:29:f2:76:f4:4a:2c:3b:
87:11:d7:14:4b:ce:eb:39:da:e5:13:45:4b:d2:c9:
1c:3b:a2:f7:f7:01:7b:5b:b8:77:31:df:0c:a9:52:
bf:bd:1c:e4:94:f7:18:f1:4b:d1:43:a7:0f:ae:19:
f5:36:d9:f1:39:ed:5d:29:c1:6c:72:5a:53:4a:e2:
c6:52:65:6c:e5:be:ea:5b:f4:e2:aa:b9:42:4f:97:
16:a1:23:d8:e3:5a:08:4b:5b:46:4c:f6:5a:d9:6c:
b5:f9:d9:18:d8:7f:8a:37:ad:ec:0e:f1:e0:31:d5:
45:9d:2c:f7:51:30:8a:a6:a7:da:c6:bf:97:47:fd:
1d:13:43:82:f7:7e:d2:05:f9:bf:38:54:d7:3f:3c:
5b:19:1c:2b:aa:41:3e:bb:c7:d8:37:47:49:d6:c0:
9c:cb:b6:2b:3b:21:d0:20:4c:93:34:7a:f0:ab:4f:
08:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:42:0A:86:36:96:2C:CB:7D:89:B5:C5:E1:F5:07:7B:71:15:AD:69
X509v3 Authority Key Identifier:
keyid:BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/14D5996A754E11ED98BF8629C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.62.88.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:43:0c:cf:a4:80:be:ff:a5:df:e0:77:4a:11:78:b2:1c:18:
4c:d4:63:e3:08:3d:f3:29:1b:d4:bb:11:c0:5b:2f:57:60:a7:
1a:7e:0b:a4:fe:d6:9e:ca:e7:52:27:c5:f6:e6:2b:11:82:69:
fc:e9:88:9e:9c:61:2b:68:22:61:d0:e0:be:8b:90:51:f5:f4:
61:35:dc:b1:b2:d8:1b:4e:c9:02:24:9e:2c:86:ac:37:0f:14:
6c:f0:88:c6:8a:93:7f:49:9c:51:e9:ea:9c:84:28:3a:a3:5a:
e5:67:4a:98:18:b2:76:3c:c5:2e:a8:45:8d:a3:0d:07:a8:e9:
b4:1a:c5:73:09:17:13:5f:b6:8d:ec:71:1c:e7:f1:30:0f:5b:
fe:94:9d:33:34:60:da:3d:28:95:ca:8c:32:b9:99:ff:39:3a:
30:a2:cf:01:58:3f:03:36:67:4d:73:97:f6:1d:b4:07:ec:d8:
44:81:f9:e7:50:9b:d9:61:9a:f8:d4:ae:6f:8b:da:3f:1f:5f:
2d:b9:ce:aa:7d:b0:ea:4e:ca:9b:97:55:3d:e6:2a:b1:9c:1d:
c6:3e:51:92:b0:03:91:1c:77:e4:92:08:b1:03:97:61:29:1b:
91:72:3a:82:d1:c8:b4:d2:5b:c9:5c:f5:f6:30:30:f4:6e:e3:
a1:4d:af:9f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RFN0ExMTAvBgNVBAUTKEJGRDQxRkNGRDI1NjFCNTNBQzRDRDJGODNEMTFCMDQ3
MEE2NkEwNTUwHhcNMjIxMjA2MTAwOTM0WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhmMTRkZC1iYmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2sdfeDuvy80UR9VInqPx8F53yM6rBcKSRlrsYuqjpmVn5Un0mowPIfoFB9EA
5rE5/UQBaVQlIUDJRiMW2ayPReVMbj4D2EHZ4d+h31n5d7ZvCynydvRKLDuHEdcU
S87rOdrlE0VL0skcO6L39wF7W7h3Md8MqVK/vRzklPcY8UvRQ6cPrhn1NtnxOe1d
KcFsclpTSuLGUmVs5b7qW/TiqrlCT5cWoSPY41oIS1tGTPZa2Wy1+dkY2H+KN63s
DvHgMdVFnSz3UTCKpqfaxr+XR/0dE0OC937SBfm/OFTXPzxbGRwrqkE+u8fYN0dJ
1sCcy7YrOyHQIEyTNHrwq08I6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFCFCCoY2
lizLfYm1xeH1B3txFa1pMB8GA1UdIwQYMBaAFL/UH8/SVhtTrEzS+D0RsEcKZqBV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREU3QS9CQzcxRUNDNjhE
NDUxMUVBODdGQUY4NThDNEY5QUUwMi92OVFmejlKV0cxT3NUTkw0UFJHd1J3cG1v
RlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y5UWZ6OUpXRzFPc1ROTDRQUkd3UndwbW9GVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RFN0EvQkM3MUVDQzY4RDQ1MTFFQTg3RkFGODU4QzRGOUFFMDIvMTRENTk5NkE3
NTRFMTFFRDk4QkY4NjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ9PlgwDQYJKoZIhvcNAQELBQADggEBAI9DDM+kgL7/pd/g
d0oReLIcGEzUY+MIPfMpG9S7EcBbL1dgpxp+C6T+1p7K51InxfbmKxGCafzpiJ6c
YStoImHQ4L6LkFH19GE13LGy2BtOyQIkniyGrDcPFGzwiMaKk39JnFHp6pyEKDqj
WuVnSpgYsnY8xS6oRY2jDQeo6bQaxXMJFxNfto3scRzn8TAPW/6UnTM0YNo9KJXK
jDK5mf85OjCizwFYPwM2Z01zl/YdtAfs2ESB+edQm9lhmvjUrm+L2j8fXy25zqp9
sOpOypuXVT3mKrGcHcY+UZKwA5Ecd+SSCLEDl2EpG5FyOoLRyLTSW8lc9fYwMPRu
46FNr58=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-ams.rpki-client.org