Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/57DF28F205A911EEAAC9A54DC4F9AE02.roa
File: 57DF28F205A911EEAAC9A54DC4F9AE02.roa (raw, json)
Hash identifier: pmA1ffEKRGpoxFUpQ8WDckNtr4QYG/8leF3llckdJfA=
Subject key identifier: 39:8F:87:06:18:30:47:86:FA:63:F2:10:C3:C2:76:14:E2:EA:21:8A
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 198F
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/57DF28F205A911EEAAC9A54DC4F9AE02.roa
Signing time: Thu 08 Jun 2023 03:05:38 +0000
ROA not before: Thu 08 Jun 2023 03:05:38 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 139007
IP address blocks: 218.21.252.0/23 maxlen: 23
218.21.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6543 (0x198f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 03:05:38 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64814582-bd08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2f:8a:6a:f3:99:f4:b4:4d:da:37:29:99:69:
48:ab:ff:9b:10:5f:92:34:bf:cd:2b:c2:89:53:d3:
e6:a0:2e:46:c1:5c:c3:b4:97:c6:1d:7a:5a:62:66:
96:c4:31:73:0f:4c:5e:cd:c9:5c:5e:1f:9d:92:fa:
16:e9:fb:c0:7e:ad:44:02:ed:5c:32:5c:c1:4a:f4:
ba:29:71:04:1a:91:a1:05:c7:65:f4:21:ba:52:9a:
00:8c:35:13:48:be:2f:d7:bb:29:f0:2f:d0:dd:e3:
54:c3:ae:8b:c6:75:6c:e3:b3:20:62:0e:81:80:b5:
5b:6d:57:f9:c9:09:48:2d:40:66:05:90:bd:3b:17:
2d:48:de:b6:f2:1c:b6:8c:b5:6f:46:28:3a:5d:f1:
46:0d:d2:c7:ff:f7:b6:40:67:b4:7c:96:30:f5:7b:
a1:4a:40:0d:f5:49:4f:7e:a7:cc:3d:1e:4f:55:b0:
30:e2:1c:f5:e0:bf:32:e7:ca:ef:88:85:5e:f5:61:
24:48:9b:80:ff:72:93:64:a5:ce:fc:c7:19:20:42:
c4:4b:a8:c9:3b:c3:34:2f:47:be:ff:cf:7c:7d:60:
39:e8:3a:15:3a:7f:84:de:1e:56:6c:64:82:1e:b6:
1a:29:6f:52:e7:61:c9:33:93:9f:40:14:93:4d:6c:
d0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8F:87:06:18:30:47:86:FA:63:F2:10:C3:C2:76:14:E2:EA:21:8A
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/57DF28F205A911EEAAC9A54DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.21.252.0-218.21.254.255
Signature Algorithm: sha256WithRSAEncryption
51:d7:21:17:1f:54:73:2f:2c:e8:d7:88:b2:b1:4b:43:87:09:
17:fc:f9:97:7c:b3:8d:a5:48:c4:71:e1:aa:18:5c:0b:75:74:
bc:63:46:f9:83:8a:95:ed:4c:27:93:36:69:43:a5:09:51:fc:
4c:6b:c2:b8:b0:83:2d:c4:96:3c:7c:0c:c1:75:16:b8:06:18:
d4:42:73:f2:b3:f3:ea:b3:89:c9:1f:aa:41:98:d9:f7:63:88:
c7:75:70:77:29:40:67:72:0d:54:e1:42:92:88:1d:8f:7c:0e:
93:9f:3d:fd:f1:4b:c0:51:b1:50:06:72:c9:48:03:b9:64:ac:
71:c1:bd:15:16:c8:a4:6a:07:c1:28:80:95:ad:d4:8f:a6:f0:
a7:f0:1a:be:f4:40:9e:e2:61:25:b6:1e:d0:e4:83:2d:df:e8:
fd:8f:e4:9c:8a:f7:35:34:85:46:cc:7a:25:81:b2:a4:88:44:
0a:ea:84:7c:a9:40:66:9c:63:80:df:3e:8f:aa:b1:b1:ed:73:
41:18:de:55:8e:dc:e9:ac:dc:eb:c1:e9:78:32:7c:b0:b6:03:
69:20:d6:ca:a5:25:37:60:37:bb:c1:46:91:2f:76:ed:8b:14:
81:a8:08:17:8a:7a:0c:3d:bf:74:6a:8e:64:99:49:71:d2:c3:
bd:7a:79:3b
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICGY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDMwNTM4WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxNDU4Mi1iZDA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsC+KavOZ9LRN2jcpmWlIq/+bEF+SNL/NK8KJU9PmoC5GwVzDtJfGHXpaYmaW
xDFzD0xezclcXh+dkvoW6fvAfq1EAu1cMlzBSvS6KXEEGpGhBcdl9CG6UpoAjDUT
SL4v17sp8C/Q3eNUw66LxnVs47MgYg6BgLVbbVf5yQlILUBmBZC9OxctSN628hy2
jLVvRig6XfFGDdLH//e2QGe0fJYw9XuhSkAN9UlPfqfMPR5PVbAw4hz14L8y58rv
iIVe9WEkSJuA/3KTZKXO/McZIELES6jJO8M0L0e+/898fWA56DoVOn+E3h5WbGSC
HrYaKW9S52HJM5OfQBSTTWzQYQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFDmPhwYY
MEeG+mPyEMPCdhTi6iGKMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvNTdERjI4RjIw
NUE5MTFFRUFBQzlBNTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAtoV/AMEANoV/jANBgkqhkiG9w0BAQsFAAOCAQEAUdch
Fx9Ucy8s6NeIsrFLQ4cJF/z5l3yzjaVIxHHhqhhcC3V0vGNG+YOKle1MJ5M2aUOl
CVH8TGvCuLCDLcSWPHwMwXUWuAYY1EJz8rPz6rOJyR+qQZjZ92OIx3VwdylAZ3IN
VOFCkogdj3wOk589/fFLwFGxUAZyyUgDuWSsccG9FRbIpGoHwSiAla3Uj6bwp/Aa
vvRAnuJhJbYe0OSDLd/o/Y/knIr3NTSFRsx6JYGypIhECuqEfKlAZpxjgN8+j6qx
se1zQRjeVY7c6azc68HpeDJ8sLYDaSDWyqUlN2A3u8FGkS927YsUgagIF4p6DD2/
dGqOZJlJcdLDvXp5Ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org