Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/0EA2FD9C83CA11ECA6A7236BC4F9AE02.roa
File: 0EA2FD9C83CA11ECA6A7236BC4F9AE02.roa (raw, json)
Hash identifier: 0okts5QArb6O5ULnEQEqugYjMB9REZZNhZFXk/FmPYc=
Subject key identifier: 34:A9:19:78:C6:1A:4D:A0:41:19:4C:2B:67:5B:AB:04:36:BF:11:CE
Certificate issuer: /CN=A914247C/serialNumber=D5A0250634DFC03DC9CFCABA9795180FF05158FC
Certificate serial: 0737
Authority key identifier: D5:A0:25:06:34:DF:C0:3D:C9:CF:CA:BA:97:95:18:0F:F0:51:58:FC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/0EA2FD9C83CA11ECA6A7236BC4F9AE02.roa
Signing time: Wed 02 Feb 2022 01:47:19 +0000
ROA not before: Wed 02 Feb 2022 01:47:19 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 24436
IP address blocks: 131.244.0.0/15 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1847 (0x737)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914247C/serialNumber=D5A0250634DFC03DC9CFCABA9795180FF05158FC
Validity
Not Before: Feb 2 01:47:19 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=61f9e2a7-b1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9d:14:d7:3d:e7:1b:52:0f:e5:74:30:70:d5:
71:b4:2a:a7:39:4a:ce:36:a1:a1:2c:c8:d8:ed:10:
20:57:5a:9f:5e:5d:d4:ac:33:ff:bb:ba:c7:01:97:
42:de:8a:02:0e:b6:3d:d7:cc:b8:74:26:10:28:be:
68:82:97:b9:82:9c:69:f1:d3:9c:cd:e8:16:6d:3a:
64:1f:6b:b1:a5:f9:8b:ff:00:9d:13:dd:01:52:f0:
41:7e:18:63:75:b1:3c:27:46:bf:70:c8:a3:c0:77:
50:87:d5:e2:0d:bf:6a:5e:40:7c:ca:45:03:de:9e:
c7:b8:c4:f6:5f:7b:4d:d6:3b:15:ea:f8:20:0d:14:
e1:8e:2a:df:61:5f:86:a8:33:56:1a:7d:61:1a:d3:
82:5d:f3:9f:37:7a:19:5b:75:46:4e:75:79:d8:90:
d6:28:bc:36:66:a2:a4:6e:18:78:d3:44:9b:cb:c5:
35:70:ab:2a:b5:b4:9a:da:0a:e8:b8:22:f8:d9:97:
82:4f:3d:86:fd:56:43:9a:54:92:a2:09:ca:b8:0e:
f4:c0:c0:52:d9:ed:68:0a:b9:32:0b:f7:df:5c:c1:
27:cc:4a:97:27:57:5e:b3:cb:a4:e6:91:d3:51:b2:
4d:61:79:27:97:ab:b3:10:25:75:0e:97:bd:a3:38:
b5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A9:19:78:C6:1A:4D:A0:41:19:4C:2B:67:5B:AB:04:36:BF:11:CE
X509v3 Authority Key Identifier:
keyid:D5:A0:25:06:34:DF:C0:3D:C9:CF:CA:BA:97:95:18:0F:F0:51:58:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/0EA2FD9C83CA11ECA6A7236BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
131.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
77:01:d1:ef:80:e4:f7:a6:25:9c:0f:13:37:6c:a4:13:4d:57:
de:0e:7d:ed:4c:96:56:77:1c:1d:7f:03:3f:cc:4f:69:98:60:
d2:f6:0e:38:fd:6a:07:d1:f7:f2:39:7f:f3:ab:84:a7:95:e9:
65:9d:98:9a:f2:8d:bd:11:1b:1f:42:96:3a:68:6e:82:22:5c:
e3:e2:a6:92:02:fa:e7:77:d5:71:e3:e0:09:f7:9a:e5:c4:3d:
f6:b3:c5:f5:b7:e0:5f:86:c6:d0:06:51:a3:f5:e8:a8:71:8f:
58:4a:95:48:4a:43:44:cf:0d:3f:49:7e:6a:e2:ad:9f:07:fe:
40:43:3f:97:d0:3c:a4:95:42:08:ef:b9:46:91:2d:53:f5:56:
fc:8e:04:7e:16:34:b6:97:fb:c4:af:90:21:3c:7d:cf:3d:75:
68:06:62:a8:47:02:d6:55:ce:aa:7e:1e:7d:bd:e2:07:c2:08:
08:5b:fb:d9:08:2e:d9:7f:dc:d2:3f:58:09:01:57:e9:c7:ac:
98:11:f5:4d:fa:50:27:eb:3c:01:dd:29:85:03:c5:77:7c:c9:
c8:b0:2d:b3:24:33:a0:4f:6e:6c:84:53:9d:76:98:40:54:aa:
7e:8c:70:c5:c6:1a:65:0f:51:cf:47:29:72:91:a5:63:79:9f:
b4:b8:1d:36
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICBzcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI0N0MxMTAvBgNVBAUTKEQ1QTAyNTA2MzRERkMwM0RDOUNGQ0FCQTk3OTUxODBG
RjA1MTU4RkMwHhcNMjIwMjAyMDE0NzE5WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY5ZTJhNy1iMWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzp0U1z3nG1IP5XQwcNVxtCqnOUrONqGhLMjY7RAgV1qfXl3UrDP/u7rHAZdC
3ooCDrY918y4dCYQKL5ogpe5gpxp8dOczegWbTpkH2uxpfmL/wCdE90BUvBBfhhj
dbE8J0a/cMijwHdQh9XiDb9qXkB8ykUD3p7HuMT2X3tN1jsV6vggDRThjirfYV+G
qDNWGn1hGtOCXfOfN3oZW3VGTnV52JDWKLw2ZqKkbhh400Sby8U1cKsqtbSa2gro
uCL42ZeCTz2G/VZDmlSSognKuA70wMBS2e1oCrkyC/ffXMEnzEqXJ1des8uk5pHT
UbJNYXknl6uzECV1Dpe9ozi1JwIDAQABo4IClDCCApAwHQYDVR0OBBYEFDSpGXjG
Gk2gQRlMK2dbqwQ2vxHOMB8GA1UdIwQYMBaAFNWgJQY038A9yc/KupeVGA/wUVj8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjQ3Qy84QTFDNDYxNjQz
MEExMUVBODU4Q0RDNzZDNEY5QUUwMi8xYUFsQmpUZndEM0p6OHE2bDVVWURfQlJX
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFhQWxCalRmd0QzSno4cTZsNVVZRF9CUldQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI0N0MvOEExQzQ2MTY0MzBBMTFFQTg1OENEQzc2QzRGOUFFMDIvMEVBMkZEOUM4
M0NBMTFFQ0E2QTcyMzZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwGD9DANBgkqhkiG9w0BAQsFAAOCAQEAdwHR74Dk96YlnA8T
N2ykE01X3g597UyWVnccHX8DP8xPaZhg0vYOOP1qB9H38jl/86uEp5XpZZ2YmvKN
vREbH0KWOmhugiJc4+KmkgL653fVcePgCfea5cQ99rPF9bfgX4bG0AZRo/XoqHGP
WEqVSEpDRM8NP0l+auKtnwf+QEM/l9A8pJVCCO+5RpEtU/VW/I4EfhY0tpf7xK+Q
ITx9zz11aAZiqEcC1lXOqn4efb3iB8IICFv72Qgu2X/c0j9YCQFX6cesmBH1TfpQ
J+s8Ad0phQPFd3zJyLAtsyQzoE9ubIRTnXaYQFSqfoxwxcYaZQ9Rz0cpcpGlY3mf
tLgdNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org