Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/DE1B0DC054DB11EDBBA33D71C4F9AE02.roa
File: DE1B0DC054DB11EDBBA33D71C4F9AE02.roa (raw, json)
Hash identifier: PoCoC5BILLcQFr5yGV8aSQuihT9+nsT5X/PBNcDY9wA=
Subject key identifier: 09:6D:AB:D0:81:BC:1A:F3:A1:A1:71:F6:3A:EB:DC:B3:BF:86:16:F3
Certificate issuer: /CN=A914284F/serialNumber=27B7AA8E511E70D8A30BB36D02CAF085790C99C3
Certificate serial: 03B4
Authority key identifier: 27:B7:AA:8E:51:1E:70:D8:A3:0B:B3:6D:02:CA:F0:85:79:0C:99:C3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J7eqjlEecNijC7NtAsrwhXkMmcM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/DE1B0DC054DB11EDBBA33D71C4F9AE02.roa
Signing time: Wed 26 Oct 2022 03:11:22 +0000
ROA not before: Wed 26 Oct 2022 03:11:22 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 141468
IP address blocks: 158.40.0.0/16 maxlen: 16
158.40.0.0/24 maxlen: 24
158.40.1.0/24 maxlen: 24
158.40.2.0/23 maxlen: 24
158.40.4.0/23 maxlen: 24
158.40.6.0/23 maxlen: 24
158.40.8.0/23 maxlen: 24
158.40.10.0/23 maxlen: 23
158.40.12.0/22 maxlen: 22
158.40.16.0/20 maxlen: 20
158.40.32.0/19 maxlen: 19
158.40.64.0/18 maxlen: 18
158.40.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948 (0x3b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914284F/serialNumber=27B7AA8E511E70D8A30BB36D02CAF085790C99C3
Validity
Not Before: Oct 26 03:11:22 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6358a55a-ed65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fa:3a:3e:7c:bf:48:2d:63:57:4a:b4:a2:1e:
40:eb:66:84:6b:a6:18:37:17:50:1f:67:ec:b0:c9:
89:91:b1:dc:d8:8b:49:97:64:63:bc:6a:26:36:52:
c1:b0:22:1e:36:ed:0d:34:b9:3e:5c:02:a0:d6:53:
d2:af:c5:13:fc:7f:4b:aa:9c:da:d7:a8:ed:32:5a:
fa:f7:be:e9:f2:75:2e:17:8c:35:c4:89:d3:0d:9d:
66:45:21:58:a4:51:1a:73:db:f4:5f:e2:b1:81:b7:
43:32:ea:dc:fa:17:66:76:1a:22:db:f8:14:47:b6:
63:72:86:87:66:41:07:d7:ad:16:a0:e1:fb:3b:43:
c4:51:ba:17:4c:cd:23:18:c9:d5:4d:64:81:72:66:
03:49:de:db:09:c4:c2:96:39:b0:c3:f7:6e:af:da:
01:d7:c7:be:dd:62:09:c8:08:5c:b1:12:64:87:98:
2b:59:23:0a:2c:db:82:b4:62:c3:66:6c:13:f7:75:
58:7d:34:c8:3a:44:96:c8:dc:75:87:3f:bc:78:80:
71:33:32:07:ce:ed:9f:f3:08:bf:b7:5f:68:40:79:
5d:02:c6:5c:91:a9:4e:7b:c0:ff:0b:7b:a6:f4:4d:
df:6d:3c:fd:43:1e:f6:c6:92:a4:44:b0:d7:37:4a:
1f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6D:AB:D0:81:BC:1A:F3:A1:A1:71:F6:3A:EB:DC:B3:BF:86:16:F3
X509v3 Authority Key Identifier:
keyid:27:B7:AA:8E:51:1E:70:D8:A3:0B:B3:6D:02:CA:F0:85:79:0C:99:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/J7eqjlEecNijC7NtAsrwhXkMmcM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J7eqjlEecNijC7NtAsrwhXkMmcM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/DE1B0DC054DB11EDBBA33D71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
158.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:90:e3:03:75:8e:51:ef:9f:7a:24:e1:db:c3:38:8a:c5:f1:
b1:61:06:35:11:65:8b:bd:f6:65:85:9d:e8:7e:fc:e9:f5:4e:
68:aa:4c:69:fa:18:f6:58:25:53:f8:3e:27:22:56:bc:c0:c4:
bd:46:44:b6:b2:d5:18:60:f7:0f:e6:df:f0:69:aa:c5:31:7c:
27:55:e6:5b:48:86:e7:c4:cd:cd:d2:ab:21:df:2f:d7:b2:cc:
4a:74:06:dc:ba:ef:50:f4:46:d9:27:0c:62:9a:43:7e:65:7c:
55:ca:22:f2:bf:ce:8c:16:dd:c9:fe:19:af:50:3e:f8:14:41:
fb:b6:30:3c:e1:88:00:36:c6:7a:04:68:32:f9:d8:8a:05:1b:
5f:e5:0f:1e:d9:79:98:db:ee:21:dd:e3:fb:52:66:4b:fc:14:
9c:24:16:8c:e1:d9:98:42:fb:9d:42:0a:3c:ae:a4:1e:56:0e:
89:c1:e6:67:ac:3c:c8:81:7c:55:2a:a6:75:bc:67:72:d4:d8:
20:c2:84:9c:bf:f6:8c:cf:3a:59:6c:5c:fd:11:d7:df:21:f0:
c7:fe:f6:69:f1:29:17:86:e4:67:97:2a:75:ee:1b:e9:fd:ad:
e5:0e:63:e7:08:dd:d9:aa:01:d9:81:ad:93:d3:c8:b2:02:2b:
b3:fb:45:7e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICA7QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI4NEYxMTAvBgNVBAUTKDI3QjdBQThFNTExRTcwRDhBMzBCQjM2RDAyQ0FGMDg1
NzkwQzk5QzMwHhcNMjIxMDI2MDMxMTIyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU4YTU1YS1lZDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsPo6Pny/SC1jV0q0oh5A62aEa6YYNxdQH2fssMmJkbHc2ItJl2RjvGomNlLB
sCIeNu0NNLk+XAKg1lPSr8UT/H9Lqpza16jtMlr6977p8nUuF4w1xInTDZ1mRSFY
pFEac9v0X+KxgbdDMurc+hdmdhoi2/gUR7ZjcoaHZkEH160WoOH7O0PEUboXTM0j
GMnVTWSBcmYDSd7bCcTCljmww/dur9oB18e+3WIJyAhcsRJkh5grWSMKLNuCtGLD
ZmwT93VYfTTIOkSWyNx1hz+8eIBxMzIHzu2f8wi/t19oQHldAsZckalOe8D/C3um
9E3fbTz9Qx72xpKkRLDXN0ofyQIDAQABo4IClDCCApAwHQYDVR0OBBYEFAltq9CB
vBrzoaFx9jrr3LO/hhbzMB8GA1UdIwQYMBaAFCe3qo5RHnDYowuzbQLK8IV5DJnD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Mjg0Ri85MzA4NUM4MEQ3
QUUxMUVCQTVFQjMxNkNDNEY5QUUwMi9KN2VxamxFZWNOaWpDN050QXNyd2hYa01t
Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0o3ZXFqbEVlY05pakM3TnRBc3J3aFhrTW1jTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI4NEYvOTMwODVDODBEN0FFMTFFQkE1RUIzMTZDQzRGOUFFMDIvREUxQjBEQzA1
NERCMTFFREJCQTMzRDcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCeKDANBgkqhkiG9w0BAQsFAAOCAQEALZDjA3WOUe+feiTh
28M4isXxsWEGNRFli732ZYWd6H786fVOaKpMafoY9lglU/g+JyJWvMDEvUZEtrLV
GGD3D+bf8GmqxTF8J1XmW0iG58TNzdKrId8v17LMSnQG3LrvUPRG2ScMYppDfmV8
Vcoi8r/OjBbdyf4Zr1A++BRB+7YwPOGIADbGegRoMvnYigUbX+UPHtl5mNvuId3j
+1JmS/wUnCQWjOHZmEL7nUIKPK6kHlYOicHmZ6w8yIF8VSqmdbxnctTYIMKEnL/2
jM86WWxc/RHX3yHwx/72afEpF4bkZ5cqde4b6f2t5Q5j5wjd2aoB2YGtk9PIsgIr
s/tFfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org