Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/1DEBF326754B11ED86ED0022C4F9AE02.roa
File: 1DEBF326754B11ED86ED0022C4F9AE02.roa (raw, json)
Hash identifier: db9N1PqWbQar+b2KRDaFdZISwQiU9UIEBFtY6wCvanY=
Subject key identifier: 8D:3D:47:BD:7D:F4:2A:BF:BC:4D:FD:82:FC:79:58:14:A7:B4:94:24
Certificate issuer: /CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Certificate serial: 07CD
Authority key identifier: BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/1DEBF326754B11ED86ED0022C4F9AE02.roa
Signing time: Tue 06 Dec 2022 09:48:21 +0000
ROA not before: Tue 06 Dec 2022 09:48:21 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 136969
IP address blocks: 125.62.88.0/24 maxlen: 24
125.62.89.0/24 maxlen: 24
125.62.90.0/24 maxlen: 24
125.62.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1997 (0x7cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913DE7A/serialNumber=BFD41FCFD2561B53AC4CD2F83D11B0470A66A055
Validity
Not Before: Dec 6 09:48:21 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=638f0fe4-b384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:61:45:27:c2:af:45:c6:a3:13:84:a6:73:d4:
83:97:0f:cf:17:6c:e2:bc:f6:af:bd:ca:63:a1:e2:
b8:25:f9:fe:7d:da:b0:43:0e:e2:96:e9:b0:4d:e7:
c9:0c:0a:3e:6b:39:72:19:dc:33:26:3c:aa:59:b0:
e2:66:0d:7d:67:d7:9e:7e:9a:24:70:dc:bd:b4:0f:
e4:e4:97:a9:1b:f0:c0:1f:45:e0:4a:4e:b5:01:c2:
d2:4e:f6:84:d6:ba:18:c7:ae:18:f4:dc:04:2a:c4:
70:09:04:20:bb:3a:d1:43:0b:dc:47:b7:46:09:93:
5c:11:cb:48:da:f2:a0:f4:99:2f:63:8b:87:0e:34:
38:bb:b9:d9:dc:ac:c0:eb:cf:0b:5c:6a:c7:83:56:
3c:d0:7a:06:47:e1:a2:73:87:ef:34:81:c4:cb:c0:
ba:3d:42:ef:82:a2:95:e2:8f:cb:65:2e:90:81:a5:
fb:94:74:b4:6a:84:64:0a:6b:a9:ff:0c:8f:2a:6f:
a4:29:3c:9b:10:ac:98:77:4b:43:6e:c3:89:c8:ac:
77:f2:8b:9b:76:cb:81:bf:24:ab:92:82:a5:03:ea:
7c:0d:1a:a9:e6:34:a2:1f:02:7a:7c:92:27:31:40:
fa:f7:f6:0c:86:07:86:52:50:3c:f6:10:f5:23:60:
ba:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3D:47:BD:7D:F4:2A:BF:BC:4D:FD:82:FC:79:58:14:A7:B4:94:24
X509v3 Authority Key Identifier:
keyid:BF:D4:1F:CF:D2:56:1B:53:AC:4C:D2:F8:3D:11:B0:47:0A:66:A0:55
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v9Qfz9JWG1OsTNL4PRGwRwpmoFU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DE7A/BC71ECC68D4511EA87FAF858C4F9AE02/1DEBF326754B11ED86ED0022C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.62.88.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:75:2f:a3:74:65:5b:99:bd:12:58:75:40:93:3a:6e:b9:72:
e6:72:46:e0:35:4c:65:6f:8c:76:d8:f2:86:bc:c9:e3:95:21:
88:b9:0e:d2:62:1c:44:07:5b:05:4f:c4:af:68:bd:f7:a0:64:
35:c8:40:fd:c7:8c:43:c3:e3:f1:bd:7c:e2:e5:0f:be:99:8f:
e4:f3:33:53:b4:84:db:7f:50:8b:76:e1:94:f6:da:3f:97:a7:
15:a4:9f:c7:88:5e:2a:20:39:53:f2:c0:52:a7:0f:ac:aa:d7:
f9:a6:a8:15:4d:2d:8e:96:7b:88:a9:f2:86:7c:a9:2b:c3:fe:
53:7c:e4:bd:44:dd:0b:d8:3e:87:f2:34:93:5c:f5:f7:00:9f:
2c:38:88:46:fd:df:f2:35:c8:9d:b7:68:5d:20:b5:1d:88:4e:
cf:57:e5:f4:56:5e:83:7a:39:8a:e5:de:25:03:96:db:17:cd:
3b:30:f3:53:ae:3d:ed:e8:03:4a:5d:e5:35:1b:a0:11:7a:88:
68:2f:7b:f0:1c:a9:21:fa:00:33:b4:fb:22:9b:bd:84:e8:fa:
07:e0:07:ae:0e:a2:bf:ae:3f:fb:f1:c4:27:7b:3e:f3:64:cf:
c7:cf:1e:bb:96:e0:49:f6:a2:13:d9:61:23:ec:44:e9:2d:07:
da:b4:4a:5f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB80wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RFN0ExMTAvBgNVBAUTKEJGRDQxRkNGRDI1NjFCNTNBQzRDRDJGODNEMTFCMDQ3
MEE2NkEwNTUwHhcNMjIxMjA2MDk0ODIxWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhmMGZlNC1iMzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4GFFJ8KvRcajE4Smc9SDlw/PF2zivPavvcpjoeK4Jfn+fdqwQw7ilumwTefJ
DAo+azlyGdwzJjyqWbDiZg19Z9eefpokcNy9tA/k5JepG/DAH0XgSk61AcLSTvaE
1roYx64Y9NwEKsRwCQQguzrRQwvcR7dGCZNcEctI2vKg9JkvY4uHDjQ4u7nZ3KzA
688LXGrHg1Y80HoGR+Gic4fvNIHEy8C6PULvgqKV4o/LZS6QgaX7lHS0aoRkCmup
/wyPKm+kKTybEKyYd0tDbsOJyKx38oubdsuBvySrkoKlA+p8DRqp5jSiHwJ6fJIn
MUD69/YMhgeGUlA89hD1I2C6uQIDAQABo4IClTCCApEwHQYDVR0OBBYEFI09R719
9Cq/vE39gvx5WBSntJQkMB8GA1UdIwQYMBaAFL/UH8/SVhtTrEzS+D0RsEcKZqBV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREU3QS9CQzcxRUNDNjhE
NDUxMUVBODdGQUY4NThDNEY5QUUwMi92OVFmejlKV0cxT3NUTkw0UFJHd1J3cG1v
RlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y5UWZ6OUpXRzFPc1ROTDRQUkd3UndwbW9GVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RFN0EvQkM3MUVDQzY4RDQ1MTFFQTg3RkFGODU4QzRGOUFFMDIvMURFQkYzMjY3
NTRCMTFFRDg2RUQwMDIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ9PlgwDQYJKoZIhvcNAQELBQADggEBAA91L6N0ZVuZvRJY
dUCTOm65cuZyRuA1TGVvjHbY8oa8yeOVIYi5DtJiHEQHWwVPxK9ovfegZDXIQP3H
jEPD4/G9fOLlD76Zj+TzM1O0hNt/UIt24ZT22j+XpxWkn8eIXiogOVPywFKnD6yq
1/mmqBVNLY6We4ip8oZ8qSvD/lN85L1E3QvYPofyNJNc9fcAnyw4iEb93/I1yJ23
aF0gtR2ITs9X5fRWXoN6OYrl3iUDltsXzTsw81OuPe3oA0pd5TUboBF6iGgve/Ac
qSH6ADO0+yKbvYTo+gfgB64Oor+uP/vxxCd7PvNkz8fPHruW4En2ohPZYSPsROkt
B9q0Sl8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-ams.rpki-client.org