Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/E126080C430F11EAA60DB885C4F9AE02.roa
File: E126080C430F11EAA60DB885C4F9AE02.roa (raw, json)
Hash identifier: RTArUQPENuMmuIsa8G8FNtc806Mu0KPQqlJXvCmwH2Q=
Subject key identifier: 13:1A:6F:66:A1:80:0D:A9:CC:4C:3F:7F:7B:77:0B:11:D6:18:DB:74
Certificate issuer: /CN=A914247C/serialNumber=D5A0250634DFC03DC9CFCABA9795180FF05158FC
Certificate serial: 05F0
Authority key identifier: D5:A0:25:06:34:DF:C0:3D:C9:CF:CA:BA:97:95:18:0F:F0:51:58:FC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/E126080C430F11EAA60DB885C4F9AE02.roa
Signing time: Fri 27 Aug 2021 09:37:26 +0000
ROA not before: Fri 27 Aug 2021 09:37:26 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 24014
IP address blocks: 192.48.109.0/24 maxlen: 24
192.48.110.0/24 maxlen: 24
192.88.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1520 (0x5f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914247C/serialNumber=D5A0250634DFC03DC9CFCABA9795180FF05158FC
Validity
Not Before: Aug 27 09:37:26 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6128b255-29e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:fd:39:7c:d7:78:73:15:bf:13:f1:4d:59:
14:03:21:c4:80:35:1b:78:4d:2b:f4:e1:9f:4b:1e:
bd:6c:8f:ce:4d:6c:05:df:12:4d:ba:a7:70:91:da:
cd:c4:43:7b:10:b0:7a:fa:ee:b8:1a:05:23:19:5a:
77:dc:ef:6b:90:c1:ce:68:14:4d:1c:48:7a:8c:1e:
f4:48:71:06:d5:6b:4a:a0:56:13:87:ab:9f:95:bb:
ae:a1:bf:27:92:17:b1:ff:68:41:c9:a2:50:f7:e8:
04:cb:5b:e4:58:bb:93:0e:8b:dd:c6:d6:66:1d:79:
d8:8c:96:30:26:41:54:6b:14:ee:1f:94:a1:75:08:
45:5a:94:ff:b8:6a:70:1b:38:cb:11:c1:25:c2:74:
5c:62:44:61:b7:d3:7b:0c:4e:b4:71:37:90:05:1b:
e6:77:4a:96:16:4c:c7:4e:2c:39:f2:25:9c:2e:50:
3e:24:7c:b2:0f:32:ad:cc:c5:8a:ee:5b:1f:41:6e:
62:56:18:84:c1:28:16:38:ea:fb:c8:27:0f:f7:c6:
e8:49:eb:af:af:54:b7:3b:55:8d:62:c8:32:5a:98:
c7:db:cc:56:9f:e4:f8:f0:eb:40:62:df:37:7a:55:
28:20:e8:a2:ff:8c:09:a8:91:4f:3e:d7:ee:3c:42:
d2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1A:6F:66:A1:80:0D:A9:CC:4C:3F:7F:7B:77:0B:11:D6:18:DB:74
X509v3 Authority Key Identifier:
keyid:D5:A0:25:06:34:DF:C0:3D:C9:CF:CA:BA:97:95:18:0F:F0:51:58:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1aAlBjTfwD3Jz8q6l5UYD_BRWPw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914247C/8A1C4616430A11EA858CDC76C4F9AE02/E126080C430F11EAA60DB885C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.48.109.0-192.48.110.255
192.88.187.0/24
Signature Algorithm: sha256WithRSAEncryption
25:e6:96:cc:c2:9a:bb:6c:ec:da:c6:94:86:42:a5:b6:e6:02:
bb:7e:ba:25:08:55:ba:3b:dd:3e:44:d3:01:bd:4f:ef:24:51:
06:e7:39:a2:67:46:5f:3e:96:28:64:7e:4b:a4:8b:98:f6:14:
7c:36:eb:cd:b6:1e:f6:cf:fd:11:6b:fc:de:8f:c8:1f:20:b2:
77:f0:45:2d:68:a9:c5:6d:6f:d0:2a:db:31:d3:0e:e1:5a:61:
c1:a2:48:f0:74:eb:0f:e0:78:57:12:bb:e2:00:c9:77:c2:3a:
7d:b7:61:32:2e:23:47:ef:b1:fc:33:ab:1b:c7:71:cf:89:62:
ff:ad:fc:f9:20:98:08:b8:13:b2:46:d3:e0:de:f6:52:49:8b:
6a:ad:f1:a6:41:8b:6c:f4:5c:32:fa:38:92:d7:11:ab:86:59:
e4:f4:2e:25:6f:b0:5a:1f:ee:0a:9c:6f:99:e5:1e:e6:e3:41:
fb:cf:c9:39:f0:fb:1c:7c:28:64:b2:c9:c6:a5:0e:18:af:6e:
9a:4d:e4:c9:63:67:ee:34:ba:3d:ca:2a:e5:04:10:84:ae:af:
f7:a7:be:54:8c:e8:45:5b:6f:86:10:fe:0e:d4:02:a0:8b:0a:
57:55:88:73:69:28:b0:ba:ce:c6:e4:d4:d5:9f:ec:38:f2:19:
61:67:6a:11
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBfAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI0N0MxMTAvBgNVBAUTKEQ1QTAyNTA2MzRERkMwM0RDOUNGQ0FCQTk3OTUxODBG
RjA1MTU4RkMwHhcNMjEwODI3MDkzNzI2WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTI4YjI1NS0yOWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr3H9OXzXeHMVvxPxTVkUAyHEgDUbeE0r9OGfSx69bI/OTWwF3xJNuqdwkdrN
xEN7ELB6+u64GgUjGVp33O9rkMHOaBRNHEh6jB70SHEG1WtKoFYTh6uflbuuob8n
khex/2hByaJQ9+gEy1vkWLuTDovdxtZmHXnYjJYwJkFUaxTuH5ShdQhFWpT/uGpw
GzjLEcElwnRcYkRht9N7DE60cTeQBRvmd0qWFkzHTiw58iWcLlA+JHyyDzKtzMWK
7lsfQW5iVhiEwSgWOOr7yCcP98boSeuvr1S3O1WNYsgyWpjH28xWn+T48OtAYt83
elUoIOii/4wJqJFPPtfuPELSRQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFBMab2ah
gA2pzEw/f3t3CxHWGNt0MB8GA1UdIwQYMBaAFNWgJQY038A9yc/KupeVGA/wUVj8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjQ3Qy84QTFDNDYxNjQz
MEExMUVBODU4Q0RDNzZDNEY5QUUwMi8xYUFsQmpUZndEM0p6OHE2bDVVWURfQlJX
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFhQWxCalRmd0QzSno4cTZsNVVZRF9CUldQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI0N0MvOEExQzQ2MTY0MzBBMTFFQTg1OENEQzc2QzRGOUFFMDIvRTEyNjA4MEM0
MzBGMTFFQUE2MERCODg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAMAwbQMEAMAwbgMEAMBYuzANBgkqhkiG9w0BAQsFAAOC
AQEAJeaWzMKau2zs2saUhkKltuYCu366JQhVujvdPkTTAb1P7yRRBuc5omdGXz6W
KGR+S6SLmPYUfDbrzbYe9s/9EWv83o/IHyCyd/BFLWipxW1v0CrbMdMO4VphwaJI
8HTrD+B4VxK74gDJd8I6fbdhMi4jR++x/DOrG8dxz4li/638+SCYCLgTskbT4N72
UkmLaq3xpkGLbPRcMvo4ktcRq4ZZ5PQuJW+wWh/uCpxvmeUe5uNB+8/JOfD7HHwo
ZLLJxqUOGK9umk3kyWNn7jS6Pcoq5QQQhK6v96e+VIzoRVtvhhD+DtQCoIsKV1WI
c2kosLrOxuTU1Z/sOPIZYWdqEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org