Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/8F0FB2364ABD11EC92951C1DC4F9AE02.roa
File: 8F0FB2364ABD11EC92951C1DC4F9AE02.roa (raw, json)
Hash identifier: giHa0nUDAkCs6zEYoypDI9zQKdh5KaiovCfbOW7cGis=
Subject key identifier: 7B:F1:46:70:F8:99:C6:02:51:B5:11:20:21:79:A0:5C:F9:23:37:B2
Certificate issuer: /CN=A914E93F/serialNumber=B2F8AB00D57464DD5D05A45A47C420F5F896B8FC
Certificate serial: 105B
Authority key identifier: B2:F8:AB:00:D5:74:64:DD:5D:05:A4:5A:47:C4:20:F5:F8:96:B8:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/svirANV0ZN1dBaRaR8Qg9fiWuPw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/8F0FB2364ABD11EC92951C1DC4F9AE02.roa
Signing time: Thu 28 Apr 2022 11:24:43 +0000
ROA not before: Thu 28 Apr 2022 11:24:43 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 135542
IP address blocks: 14.192.50.0/24 maxlen: 24
14.192.51.0/24 maxlen: 24
103.64.13.0/24 maxlen: 24
103.78.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4187 (0x105b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914E93F/serialNumber=B2F8AB00D57464DD5D05A45A47C420F5F896B8FC
Validity
Not Before: Apr 28 11:24:43 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=626a797a-89db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a4:6d:39:28:1f:67:ec:cc:4a:34:2e:ea:cf:
1a:0d:6d:d0:16:4f:cc:66:32:d8:f6:a0:e3:40:4d:
e6:42:1b:19:45:45:11:40:a6:26:d3:84:7d:b6:db:
11:8b:20:f0:57:23:c2:92:24:b4:9d:2c:2a:06:21:
4a:b7:cb:9d:ab:b5:ab:d2:90:31:94:46:71:f7:b3:
b6:57:80:78:cc:f2:a3:dd:04:bb:d2:68:32:e6:fe:
15:c0:d8:1d:94:f6:7a:09:6e:db:e7:c7:ae:0f:56:
e1:c4:68:87:f1:02:56:e3:83:4a:a7:02:78:61:0f:
9b:38:7d:06:eb:4e:70:4b:53:80:ee:38:80:9f:93:
f9:4c:64:e2:4d:d0:4b:08:b5:1d:bd:c2:b3:d8:16:
e2:a5:9a:cf:11:ef:0c:6e:15:4d:6d:b0:31:81:e7:
16:bf:61:9b:4f:d0:6d:e1:8d:8b:07:f6:a0:05:97:
45:bb:69:c3:ba:dc:ae:9a:24:b6:b5:9f:74:f1:be:
26:71:aa:0f:12:70:6b:92:12:89:ab:79:98:75:2c:
ea:cf:ac:de:56:b4:ea:53:b9:f4:91:21:d4:62:e8:
40:8f:88:b1:ec:68:3f:d2:0b:d6:a3:40:c5:09:5a:
38:bc:dc:4c:76:c2:87:88:d7:a4:70:e0:6d:b0:ab:
15:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F1:46:70:F8:99:C6:02:51:B5:11:20:21:79:A0:5C:F9:23:37:B2
X509v3 Authority Key Identifier:
keyid:B2:F8:AB:00:D5:74:64:DD:5D:05:A4:5A:47:C4:20:F5:F8:96:B8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/svirANV0ZN1dBaRaR8Qg9fiWuPw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/svirANV0ZN1dBaRaR8Qg9fiWuPw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E93F/2ED775DAA36C11E891405926C4F9AE02/8F0FB2364ABD11EC92951C1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.50.0/23
103.64.13.0/24
103.78.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:46:a6:ee:27:96:68:a9:6f:40:e6:1f:42:36:b8:c2:db:3a:
bb:70:b2:1b:96:77:26:2f:ee:13:3b:96:73:da:90:8c:d2:6d:
1b:d3:b9:e2:a8:27:35:b1:9a:9c:7c:99:9b:57:d6:58:1b:c7:
9b:fc:21:77:6c:dd:3a:1b:6e:cf:45:35:fb:34:89:dd:04:4e:
07:5a:06:dd:51:35:e8:14:35:d9:f7:e2:c7:0e:bc:1d:2e:a7:
e0:88:5b:23:02:a8:ba:fe:83:64:ed:3e:93:e9:6b:7a:05:92:
5a:42:13:d2:2e:4d:9d:60:20:41:26:7c:0c:eb:73:69:04:58:
7d:65:a7:c2:2b:52:5f:20:37:c3:2d:df:fc:f4:be:57:8e:70:
e4:67:1e:32:a1:17:1e:25:c2:53:26:ca:34:aa:1c:76:5a:cf:
71:c2:88:12:87:4c:f3:60:e6:56:ed:06:8c:1b:40:12:4c:55:
fe:c3:b6:0d:96:64:e2:ea:3a:c2:cd:a8:00:4d:7d:e3:81:29:
4f:b8:6e:b4:d1:12:6b:79:c6:a0:f8:ab:48:8d:7a:90:6f:55:
ba:b7:55:c4:79:11:50:3e:81:3d:83:c2:aa:fb:65:3b:2f:3a:
64:f9:59:a6:ab:b2:16:9c:5b:f0:70:1f:d3:49:da:10:ba:96:
7e:e9:55:75
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICEFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEU5M0YxMTAvBgNVBAUTKEIyRjhBQjAwRDU3NDY0REQ1RDA1QTQ1QTQ3QzQyMEY1
Rjg5NkI4RkMwHhcNMjIwNDI4MTEyNDQzWhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZhNzk3YS04OWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2qRtOSgfZ+zMSjQu6s8aDW3QFk/MZjLY9qDjQE3mQhsZRUURQKYm04R9ttsR
iyDwVyPCkiS0nSwqBiFKt8udq7Wr0pAxlEZx97O2V4B4zPKj3QS70mgy5v4VwNgd
lPZ6CW7b58euD1bhxGiH8QJW44NKpwJ4YQ+bOH0G605wS1OA7jiAn5P5TGTiTdBL
CLUdvcKz2BbipZrPEe8MbhVNbbAxgecWv2GbT9Bt4Y2LB/agBZdFu2nDutyumiS2
tZ908b4mcaoPEnBrkhKJq3mYdSzqz6zeVrTqU7n0kSHUYuhAj4ix7Gg/0gvWo0DF
CVo4vNxMdsKHiNekcOBtsKsVuwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHvxRnD4
mcYCUbURICF5oFz5IzeyMB8GA1UdIwQYMBaAFLL4qwDVdGTdXQWkWkfEIPX4lrj8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTkzRi8yRUQ3NzVEQUEz
NkMxMUU4OTE0MDU5MjZDNEY5QUUwMi9zdmlyQU5WMFpOMWRCYVJhUjhRZzlmaVd1
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3N2aXJBTlYwWk4xZEJhUmFSOFFnOWZpV3VQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU5M0YvMkVENzc1REFBMzZDMTFFODkxNDA1OTI2QzRGOUFFMDIvOEYwRkIyMzY0
QUJEMTFFQzkyOTUxQzFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAEOwDIDBABnQA0DBABnTvIwDQYJKoZIhvcNAQELBQADggEB
AF9Gpu4nlmipb0DmH0I2uMLbOrtwshuWdyYv7hM7lnPakIzSbRvTueKoJzWxmpx8
mZtX1lgbx5v8IXds3Tobbs9FNfs0id0ETgdaBt1RNegUNdn34scOvB0up+CIWyMC
qLr+g2TtPpPpa3oFklpCE9IuTZ1gIEEmfAzrc2kEWH1lp8IrUl8gN8Mt3/z0vleO
cORnHjKhFx4lwlMmyjSqHHZaz3HCiBKHTPNg5lbtBowbQBJMVf7Dtg2WZOLqOsLN
qABNfeOBKU+4brTREmt5xqD4q0iNepBvVbq3VcR5EVA+gT2Dwqr7ZTsvOmT5Waar
shacW/BwH9NJ2hC6ln7pVXU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org