Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/5EA238E4012811EEA97F422EC4F9AE02.roa
File: 5EA238E4012811EEA97F422EC4F9AE02.roa (raw, json)
Hash identifier: heeorcLc+TlYkXqhkGOHt5w4cNWGqCqr3+SxjBn8G0A=
Subject key identifier: 28:0F:51:55:C5:7B:A3:1B:E4:A2:79:40:A8:1E:3C:CB:E9:7E:BE:3C
Certificate issuer: /CN=A9143CB3/serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D
Certificate serial: 1965
Authority key identifier: 3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/5EA238E4012811EEA97F422EC4F9AE02.roa
Signing time: Fri 02 Jun 2023 09:32:19 +0000
ROA not before: Fri 02 Jun 2023 09:32:19 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 135061
IP address blocks: 157.255.168.0/21 maxlen: 21
157.255.176.0/20 maxlen: 20
157.255.224.0/20 maxlen: 20
157.255.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6501 (0x1965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D
Validity
Not Before: Jun 2 09:32:19 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6479b723-dd98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a3:a6:b2:44:98:e3:22:8a:72:ef:29:a6:e3:
3c:1a:f8:c8:fd:92:42:6d:e2:01:71:53:61:ea:a3:
bd:fb:f2:f4:05:01:5c:ce:8d:b4:08:3a:44:3f:f4:
2a:15:9e:1c:c1:ee:3f:5e:89:03:be:1a:4c:92:84:
d9:22:a2:13:f0:c4:ed:ed:9b:64:59:58:fd:30:0c:
9b:27:04:e3:63:ec:39:b1:85:6d:2c:a1:48:6e:69:
6d:29:5a:fb:5e:11:00:de:75:78:9f:09:6a:35:48:
11:3c:4d:51:c8:fd:f1:14:7c:d5:77:f4:13:b8:34:
0a:c7:29:e7:1b:fd:d5:6a:2f:13:0a:ab:21:a9:d9:
0e:88:2c:af:97:d4:5d:c9:77:10:a5:9d:34:dd:fc:
36:22:a2:f2:50:9d:bb:ec:4a:47:cb:fd:50:e7:fc:
ea:1d:e8:51:2f:61:46:90:8b:ef:e2:f8:b3:4d:92:
0d:e2:0c:7f:35:44:fa:b0:9b:78:08:c2:98:d4:66:
b0:05:8b:93:55:4e:6b:f5:27:c0:08:7c:6c:ff:ed:
7c:ce:93:59:26:c0:b6:17:7f:9f:ce:c1:59:e3:02:
98:e0:e3:d9:ad:f3:4c:76:5f:6c:a0:94:33:65:53:
ef:fa:70:d4:c8:af:f5:b9:3c:aa:4c:f9:ef:55:4e:
53:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0F:51:55:C5:7B:A3:1B:E4:A2:79:40:A8:1E:3C:CB:E9:7E:BE:3C
X509v3 Authority Key Identifier:
keyid:3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/5EA238E4012811EEA97F422EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.255.168.0-157.255.191.255
157.255.224.0-157.255.247.255
Signature Algorithm: sha256WithRSAEncryption
4c:7d:31:c5:7f:d6:0c:06:90:07:58:6f:99:43:9a:56:e5:e3:
58:01:aa:5e:7d:f3:d5:08:1f:8b:26:a3:7c:0d:8e:ee:33:d2:
f3:22:b8:40:63:03:98:5b:36:4f:4c:04:0b:e0:1f:43:42:47:
7d:56:ea:ff:6b:e6:49:bf:ca:54:38:fa:97:40:07:aa:6b:79:
d4:cc:4e:13:8b:6b:b6:d3:6e:24:06:88:0e:08:01:d0:f4:33:
c1:cc:cf:96:9d:41:b1:62:0d:ac:1d:21:c0:94:08:2a:e0:00:
f8:ea:8b:e9:67:a7:85:fb:25:27:ca:7a:af:5c:b5:bc:ae:46:
8c:cf:58:ce:0a:31:78:54:5e:bc:4b:d1:59:43:fd:01:c0:07:
cd:68:c9:29:95:18:3c:07:96:53:52:33:f7:9f:54:11:f4:32:
aa:b1:a9:52:f2:b9:18:d3:12:59:f6:c7:0b:9d:84:36:af:9f:
95:42:ce:ae:8c:6a:cd:13:dc:15:53:f9:92:1e:f8:d9:f0:90:
97:3b:7b:07:77:06:2d:01:fa:70:c9:4c:f1:06:6b:6f:69:30:
ab:06:74:dc:c0:09:32:c6:52:55:1c:1d:3d:8e:db:90:69:6d:
bb:c7:02:bc:c9:c8:68:b4:69:54:00:34:cf:b1:17:93:dd:6a:
7a:19:9a:4d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICGWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKDNDNTQ3MEU4MUZBNEExOTA4NzAyMUQwQUQ3N0QzMzZD
RUJFMkE2OEQwHhcNMjMwNjAyMDkzMjE5WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5YjcyMy1kZDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzaOmskSY4yKKcu8ppuM8GvjI/ZJCbeIBcVNh6qO9+/L0BQFczo20CDpEP/Qq
FZ4cwe4/XokDvhpMkoTZIqIT8MTt7ZtkWVj9MAybJwTjY+w5sYVtLKFIbmltKVr7
XhEA3nV4nwlqNUgRPE1RyP3xFHzVd/QTuDQKxynnG/3Vai8TCqshqdkOiCyvl9Rd
yXcQpZ003fw2IqLyUJ277EpHy/1Q5/zqHehRL2FGkIvv4vizTZIN4gx/NUT6sJt4
CMKY1GawBYuTVU5r9SfACHxs/+18zpNZJsC2F3+fzsFZ4wKY4OPZrfNMdl9soJQz
ZVPv+nDUyK/1uTyqTPnvVU5TiQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCgPUVXF
e6Mb5KJ5QKgePMvpfr48MB8GA1UdIwQYMBaAFDxUcOgfpKGQhwIdCtd9M2zr4qaN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xNTE2Njc5RTI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29aQ0hBaDBLMTMwemJPdmlw
bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1BGUnc2Qi1rb1pDSEFoMEsxMzB6Yk92aXBvMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMTUxNjY3OUUyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvNUVBMjM4RTQw
MTI4MTFFRUE5N0Y0MjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEA53/qAMEBp3/gDAMAwQFnf/gAwQDnf/wMA0GCSqGSIb3
DQEBCwUAA4IBAQBMfTHFf9YMBpAHWG+ZQ5pW5eNYAapeffPVCB+LJqN8DY7uM9Lz
IrhAYwOYWzZPTAQL4B9DQkd9Vur/a+ZJv8pUOPqXQAeqa3nUzE4Ti2u2024kBogO
CAHQ9DPBzM+WnUGxYg2sHSHAlAgq4AD46ovpZ6eF+yUnynqvXLW8rkaMz1jOCjF4
VF68S9FZQ/0BwAfNaMkplRg8B5ZTUjP3n1QR9DKqsalS8rkY0xJZ9scLnYQ2r5+V
Qs6ujGrNE9wVU/mSHvjZ8JCXO3sHdwYtAfpwyUzxBmtvaTCrBnTcwAkyxlJVHB09
jtuQaW27xwK8ychotGlUADTPsReT3Wp6GZpN
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org