Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/ED74A052027D11ED97C66B29C4F9AE02.roa
File: ED74A052027D11ED97C66B29C4F9AE02.roa (raw, json)
Hash identifier: SEJfl34qAx8lJ4A2A5SuOtbS8xAkV/+nUuS70SSAhYY=
Subject key identifier: F1:BD:DB:D6:76:3E:90:F0:7A:F8:F6:FD:62:E6:28:0B:8A:32:BD:B3
Certificate issuer: /CN=A914284F/serialNumber=27B7AA8E511E70D8A30BB36D02CAF085790C99C3
Certificate serial: 0300
Authority key identifier: 27:B7:AA:8E:51:1E:70:D8:A3:0B:B3:6D:02:CA:F0:85:79:0C:99:C3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J7eqjlEecNijC7NtAsrwhXkMmcM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/ED74A052027D11ED97C66B29C4F9AE02.roa
Signing time: Wed 13 Jul 2022 07:32:20 +0000
ROA not before: Wed 13 Jul 2022 07:32:20 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 141468
IP address blocks: 158.40.0.0/16 maxlen: 16
158.40.0.0/24 maxlen: 24
158.40.1.0/24 maxlen: 24
158.40.2.0/23 maxlen: 24
158.40.4.0/23 maxlen: 24
158.40.6.0/23 maxlen: 24
158.40.8.0/23 maxlen: 24
158.40.10.0/23 maxlen: 23
158.40.12.0/22 maxlen: 22
158.40.16.0/20 maxlen: 20
158.40.32.0/19 maxlen: 19
158.40.64.0/18 maxlen: 18
158.40.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 768 (0x300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914284F/serialNumber=27B7AA8E511E70D8A30BB36D02CAF085790C99C3
Validity
Not Before: Jul 13 07:32:20 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62ce7503-f453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a0:10:72:df:1a:d2:a2:6a:73:76:24:ae:78:
da:69:75:6c:d9:96:11:b1:df:a5:ba:99:ed:51:5e:
28:2a:cf:de:31:ee:06:3c:0b:d4:11:af:26:bc:16:
0b:e7:7b:6f:2f:24:5f:96:30:3b:1b:d5:ae:df:52:
be:ce:81:7a:08:43:55:67:b2:78:99:02:cf:bc:de:
0c:76:76:e0:92:dd:86:25:d5:fc:c4:f8:fc:f2:4b:
25:31:fd:46:52:96:d5:e3:47:13:fe:67:a2:f3:e8:
67:2d:e3:22:39:15:de:83:60:bd:0d:f9:89:80:ad:
02:ba:57:e7:a4:ad:5b:5a:0c:be:4c:b2:af:48:75:
f3:77:46:16:86:0a:49:0d:52:b8:c3:c6:bb:39:20:
c1:65:8e:80:42:82:f3:a2:d9:19:95:bc:24:1e:c8:
88:bd:bc:84:dd:d4:63:1a:e2:c9:ee:12:20:cb:ba:
9c:8f:7d:4d:f5:bd:17:37:e5:60:9f:46:ca:56:41:
19:cb:4e:11:b6:3b:18:36:0c:e2:e0:e1:ff:70:29:
0f:56:b5:22:f1:86:8b:32:37:b9:7a:7b:d4:e7:dc:
9b:78:b3:0b:08:2b:2b:ab:29:53:00:8a:d7:58:13:
ae:6e:96:32:24:fe:45:b5:b7:f0:1d:e3:20:67:b9:
63:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BD:DB:D6:76:3E:90:F0:7A:F8:F6:FD:62:E6:28:0B:8A:32:BD:B3
X509v3 Authority Key Identifier:
keyid:27:B7:AA:8E:51:1E:70:D8:A3:0B:B3:6D:02:CA:F0:85:79:0C:99:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/J7eqjlEecNijC7NtAsrwhXkMmcM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J7eqjlEecNijC7NtAsrwhXkMmcM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/ED74A052027D11ED97C66B29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
158.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:da:f7:a3:2a:6b:7d:57:50:25:2b:2f:b1:cc:24:a9:42:b7:
5e:f9:a4:30:97:6a:98:41:31:2c:a1:4d:73:41:14:63:e8:cc:
90:18:a0:b7:4a:42:ea:8c:6b:13:64:af:19:b1:6b:1c:5a:9b:
7e:84:2e:de:cc:c3:22:c1:5c:ff:94:2b:4f:a2:37:9d:67:42:
44:94:6b:6f:18:3d:46:ec:59:aa:21:d0:62:04:7b:f8:1e:51:
3b:5a:3c:89:b5:1c:9c:78:ba:4e:fe:f4:e8:a4:e0:a8:40:ea:
5b:36:02:b2:62:fd:d2:65:09:02:bb:1b:ee:8e:dc:0c:9e:1f:
a7:3e:8b:b8:e0:22:c5:ec:ca:bd:4b:9d:74:48:ed:88:fd:b6:
3a:d7:0e:77:42:1e:11:c5:0b:f5:a6:51:eb:1d:85:9f:57:af:
c3:1d:c6:de:27:af:75:30:be:44:14:49:43:54:17:a3:8f:e7:
e1:cc:81:ec:22:56:8f:e3:15:f5:0f:81:a8:6d:bd:a6:88:da:
b9:f7:26:ad:fc:10:6b:07:aa:1b:f7:14:69:90:c0:a3:49:3a:
c9:c0:2e:f0:17:40:7a:4c:9a:92:70:94:77:42:42:b7:09:64:
5f:d2:73:7b:9c:6c:c3:56:f7:d9:ab:e5:43:06:40:0c:eb:5d:
06:d6:47:a2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICAwAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI4NEYxMTAvBgNVBAUTKDI3QjdBQThFNTExRTcwRDhBMzBCQjM2RDAyQ0FGMDg1
NzkwQzk5QzMwHhcNMjIwNzEzMDczMjIwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmNlNzUwMy1mNDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv6AQct8a0qJqc3YkrnjaaXVs2ZYRsd+lupntUV4oKs/eMe4GPAvUEa8mvBYL
53tvLyRfljA7G9Wu31K+zoF6CENVZ7J4mQLPvN4Mdnbgkt2GJdX8xPj88kslMf1G
UpbV40cT/mei8+hnLeMiORXeg2C9DfmJgK0CulfnpK1bWgy+TLKvSHXzd0YWhgpJ
DVK4w8a7OSDBZY6AQoLzotkZlbwkHsiIvbyE3dRjGuLJ7hIgy7qcj31N9b0XN+Vg
n0bKVkEZy04RtjsYNgzi4OH/cCkPVrUi8YaLMje5envU59ybeLMLCCsrqylTAIrX
WBOubpYyJP5FtbfwHeMgZ7ljDQIDAQABo4IClDCCApAwHQYDVR0OBBYEFPG929Z2
PpDwevj2/WLmKAuKMr2zMB8GA1UdIwQYMBaAFCe3qo5RHnDYowuzbQLK8IV5DJnD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Mjg0Ri85MzA4NUM4MEQ3
QUUxMUVCQTVFQjMxNkNDNEY5QUUwMi9KN2VxamxFZWNOaWpDN050QXNyd2hYa01t
Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0o3ZXFqbEVlY05pakM3TnRBc3J3aFhrTW1jTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI4NEYvOTMwODVDODBEN0FFMTFFQkE1RUIzMTZDQzRGOUFFMDIvRUQ3NEEwNTIw
MjdEMTFFRDk3QzY2QjI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCeKDANBgkqhkiG9w0BAQsFAAOCAQEAEdr3oyprfVdQJSsv
scwkqUK3XvmkMJdqmEExLKFNc0EUY+jMkBigt0pC6oxrE2SvGbFrHFqbfoQu3szD
IsFc/5QrT6I3nWdCRJRrbxg9RuxZqiHQYgR7+B5RO1o8ibUcnHi6Tv706KTgqEDq
WzYCsmL90mUJArsb7o7cDJ4fpz6LuOAixezKvUuddEjtiP22OtcOd0IeEcUL9aZR
6x2Fn1evwx3G3ievdTC+RBRJQ1QXo4/n4cyB7CJWj+MV9Q+BqG29pojaufcmrfwQ
aweqG/cUaZDAo0k6ycAu8BdAekyaknCUd0JCtwlkX9Jze5xsw1b32avlQwZADOtd
BtZHog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org