Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/157F2A8E754E11ED98BF8629C4F9AE02.roa
File: 157F2A8E754E11ED98BF8629C4F9AE02.roa (raw, json)
Hash identifier: +kjMEpcyLtrWyPlulpN6Si5qRYKKfBFiuZbLFzE3lE8=
Subject key identifier: DD:63:29:70:F6:AD:25:59:E7:C6:8D:99:BB:03:99:AB:78:24:9C:6F
Certificate issuer: /CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Certificate serial: 07D1
Authority key identifier: BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/157F2A8E754E11ED98BF8629C4F9AE02.roa
Signing time: Tue 06 Dec 2022 10:09:35 +0000
ROA not before: Tue 06 Dec 2022 10:09:35 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 140732
IP address blocks: 125.62.88.0/24 maxlen: 24
125.62.89.0/24 maxlen: 24
125.62.90.0/24 maxlen: 24
125.62.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2001 (0x7d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Validity
Not Before: Dec 6 10:09:35 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=638f14de-2db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bc:a6:d2:92:ef:fd:31:7d:70:3e:8e:fb:0d:
2d:2e:53:6a:9c:17:3f:91:31:15:dd:51:b7:cb:c5:
be:a7:f8:4d:36:28:c7:cf:68:05:c5:8e:e1:88:b9:
9b:c3:30:ab:03:90:9c:7f:0c:05:6c:6f:96:53:36:
f1:a3:a5:a8:bd:4f:a7:0c:ac:52:78:89:38:e1:b0:
00:85:02:c9:36:f3:90:6e:4b:75:f9:5f:f4:f4:b8:
76:60:f7:a2:3f:5d:bc:67:c2:79:05:14:1b:39:b2:
0e:c5:58:52:da:bf:bd:02:73:4f:8f:e5:2b:a1:3b:
3f:bc:35:51:9f:bb:f6:5b:e1:dd:d7:45:24:ee:80:
fc:36:89:4c:4d:d5:cb:1a:2d:00:b3:83:e1:22:7d:
f9:8d:c1:ca:22:b9:8c:41:2d:8b:c4:01:32:87:28:
82:f8:d8:d6:52:18:a3:95:90:79:54:e9:38:dd:5d:
48:06:9e:ae:7e:75:bd:d6:d0:0b:7d:8e:45:88:50:
7b:c3:03:d0:ca:34:54:19:92:2d:cd:f7:23:62:6a:
cc:1f:a2:63:96:33:51:48:13:9a:89:9e:74:7b:64:
08:a2:78:0b:ff:f3:4b:fc:e0:40:fb:06:0a:12:e2:
f0:a6:08:1f:fc:d4:db:ba:f7:c0:12:d3:c4:fb:ad:
03:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:63:29:70:F6:AD:25:59:E7:C6:8D:99:BB:03:99:AB:78:24:9C:6F
X509v3 Authority Key Identifier:
keyid:BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/157F2A8E754E11ED98BF8629C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.62.88.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:ae:eb:b1:49:16:82:a0:00:ca:66:1f:f5:90:c0:98:39:72:
59:1d:5a:d3:51:18:97:67:57:7b:19:75:c5:ef:ff:d4:75:81:
42:26:94:49:54:de:31:ab:e3:9b:54:3c:9c:9e:30:96:e1:58:
4a:f6:a0:e5:7a:89:ce:ac:eb:84:9f:80:5e:7a:8e:d7:e2:82:
a4:1c:6b:57:09:9c:34:4b:58:bb:9b:c6:7c:d5:ed:30:9e:f2:
b7:cc:50:74:e5:03:64:95:0f:55:be:ec:34:94:89:1a:6f:07:
12:70:77:7d:4c:36:e7:da:97:af:76:9b:af:84:7e:a4:f6:56:
89:dd:a8:d4:86:e2:6e:fa:d9:1e:f8:d8:84:cb:2e:ed:1a:fe:
e9:45:59:31:c3:3e:df:40:cd:30:2d:fa:43:fb:a1:05:81:bb:
a4:00:6a:a5:26:cd:31:78:ff:b3:26:77:25:dd:6d:5b:21:be:
6c:b3:6f:9b:e8:de:30:0a:18:c7:f7:5c:ca:ef:56:0f:12:af:
2f:70:37:ea:2f:cf:92:ea:f4:cf:91:05:52:b8:2d:b7:6c:28:
11:00:28:93:5d:bf:e8:89:b7:fb:89:6d:51:95:c4:50:6b:8e:
0a:09:66:1f:a6:6a:a4:49:e1:62:9c:e9:3b:5b:8a:e7:85:c0:
3c:42:fb:ce
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB9EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RFN0ExMTAvBgNVBAUTKEJGRDQxRkNGRDI1NjFCNTNBQzRDRDJGODNEMTFCMDQ3
MEE2NkEwNTUwHhcNMjIxMjA2MTAwOTM1WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhmMTRkZS0yZGI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsbym0pLv/TF9cD6O+w0tLlNqnBc/kTEV3VG3y8W+p/hNNijHz2gFxY7hiLmb
wzCrA5CcfwwFbG+WUzbxo6WovU+nDKxSeIk44bAAhQLJNvOQbkt1+V/09Lh2YPei
P128Z8J5BRQbObIOxVhS2r+9AnNPj+UroTs/vDVRn7v2W+Hd10Uk7oD8NolMTdXL
Gi0As4PhIn35jcHKIrmMQS2LxAEyhyiC+NjWUhijlZB5VOk43V1IBp6ufnW91tAL
fY5FiFB7wwPQyjRUGZItzfcjYmrMH6JjljNRSBOaiZ50e2QIongL//NL/OBA+wYK
EuLwpggf/NTbuvfAEtPE+60D2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFN1jKXD2
rSVZ58aNmbsDmat4JJxvMB8GA1UdIwQYMBaAFL/UH8/SVhtTrEzS+D0RsEcKZqBV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREU3QS9CQzcxRUNDNjhE
NDUxMUVBODdGQUY4NThDNEY5QUUwMi92OVFmejlKV0cxT3NUTkw0UFJHd1J3cG1v
RlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y5UWZ6OUpXRzFPc1ROTDRQUkd3UndwbW9GVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RFN0EvQkM3MUVDQzY4RDQ1MTFFQTg3RkFGODU4QzRGOUFFMDIvMTU3RjJBOEU3
NTRFMTFFRDk4QkY4NjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ9PlgwDQYJKoZIhvcNAQELBQADggEBADyu67FJFoKgAMpm
H/WQwJg5clkdWtNRGJdnV3sZdcXv/9R1gUImlElU3jGr45tUPJyeMJbhWEr2oOV6
ic6s64SfgF56jtfigqQca1cJnDRLWLubxnzV7TCe8rfMUHTlA2SVD1W+7DSUiRpv
BxJwd31MNufal692m6+EfqT2VondqNSG4m762R742ITLLu0a/ulFWTHDPt9AzTAt
+kP7oQWBu6QAaqUmzTF4/7MmdyXdbVshvmyzb5vo3jAKGMf3XMrvVg8Sry9wN+ov
z5Lq9M+RBVK4LbdsKBEAKJNdv+iJt/uJbVGVxFBrjgoJZh+maqRJ4WKc6TtbiueF
wDxC+84=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:39 2023 by rpki-client on console-fra.rpki-client.org