Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/8E026630FC2A11EC98B19157C4F9AE02.roa
File: 8E026630FC2A11EC98B19157C4F9AE02.roa (raw, json)
Hash identifier: xeTSIVs1Zln46PJiAKzNxBjN7hE6Yxc4GvXUH96Xm6Y=
Subject key identifier: BE:86:6D:A4:D2:31:0F:13:AB:43:97:F5:39:D9:6B:EF:14:A9:B4:47
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 328D
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/8E026630FC2A11EC98B19157C4F9AE02.roa
Signing time: Tue 05 Jul 2022 06:20:24 +0000
ROA not before: Tue 05 Jul 2022 06:20:24 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 1239
IP address blocks: 175.29.232.0/21 maxlen: 24
175.29.240.0/21 maxlen: 24
175.29.248.0/21 maxlen: 24
203.76.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12941 (0x328d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Jul 5 06:20:24 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62c3d828-e45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:10:68:3a:53:83:53:c1:d1:af:4e:ec:3a:e1:
56:dc:40:29:88:58:d2:ff:27:db:c1:47:69:00:03:
b5:b5:b2:9c:88:28:e3:ca:3e:61:a5:cf:6f:30:ec:
c2:22:85:40:d3:9d:cc:9f:ed:6a:ad:21:9f:75:f9:
e5:f8:af:48:14:1e:9a:08:a5:f0:00:df:95:ad:fd:
5d:b4:f9:f1:84:4a:bc:c8:de:49:97:81:cd:17:5a:
4f:15:51:eb:18:47:a2:87:22:ca:b1:4a:c1:3a:46:
5a:6b:68:ab:d3:d7:81:16:be:d0:4d:e3:5b:a3:e8:
81:c1:19:c9:18:54:76:ba:67:df:2a:85:68:29:ce:
7b:f5:a3:39:2c:21:b9:40:c7:f8:31:ad:61:8e:9d:
ed:b9:fd:1a:bb:08:f7:18:f7:5b:58:52:9e:d4:93:
33:f1:80:81:23:61:8c:04:e9:be:66:38:9f:c8:46:
63:25:5e:e1:e2:0c:e7:3f:f2:d8:55:96:d8:8d:0d:
34:e2:70:15:0a:bc:17:8d:dc:b9:a9:eb:dc:35:e8:
5b:54:ac:55:72:22:6e:7f:36:91:06:04:52:ea:48:
98:ee:b3:b5:7a:6f:9a:0d:6e:3d:d2:83:fb:9b:fc:
1b:c8:e6:07:91:82:73:46:49:68:e7:75:63:6c:9e:
96:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:86:6D:A4:D2:31:0F:13:AB:43:97:F5:39:D9:6B:EF:14:A9:B4:47
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/8E026630FC2A11EC98B19157C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.232.0-175.29.255.255
203.76.152.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:8b:6f:e2:84:0d:bd:8c:e5:69:9c:95:1f:51:33:e3:9b:27:
f9:b3:0d:b2:84:96:0d:a3:92:d5:00:51:9e:85:47:6a:29:6c:
79:d8:4a:53:91:83:d1:ed:22:25:f2:4c:24:1d:e7:61:9e:1e:
09:35:48:aa:37:d1:0f:d3:78:72:2f:0b:92:bb:3a:57:2e:6d:
7b:07:ba:74:6c:01:46:68:de:34:f4:6f:26:f8:d1:2b:e0:da:
16:36:44:e1:8b:f1:6f:1c:ca:b7:a7:e5:40:b2:64:42:48:04:
d3:4e:d4:3b:a4:7a:31:c1:9d:00:10:e4:ca:a5:0c:51:29:9a:
08:a1:a1:e8:d1:8d:b6:f2:d1:72:92:a7:35:a3:98:0a:69:c7:
fb:15:4e:fa:4e:54:dd:ad:a0:f9:40:56:f5:a5:60:71:55:01:
23:ec:b8:4c:db:9d:5a:ed:64:7f:62:d3:18:95:4c:dc:4d:2b:
93:c0:23:0b:fc:59:7d:9c:3d:d2:54:bc:11:b2:d7:0a:6c:21:
e6:43:89:07:e6:3b:b6:d0:96:81:59:73:20:41:02:bf:10:e1:
6a:1b:4b:11:37:b3:bd:3c:d0:ea:ba:8c:a3:b3:17:a7:6e:ad:
87:ae:6d:f0:b2:78:29:21:8c:26:e6:78:a0:0b:c8:c6:13:46:
95:60:6c:ec
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgICMo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIwNzA1MDYyMDI0WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMzZDgyOC1lNDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0hBoOlODU8HRr07sOuFW3EApiFjS/yfbwUdpAAO1tbKciCjjyj5hpc9vMOzC
IoVA053Mn+1qrSGfdfnl+K9IFB6aCKXwAN+Vrf1dtPnxhEq8yN5Jl4HNF1pPFVHr
GEeihyLKsUrBOkZaa2ir09eBFr7QTeNbo+iBwRnJGFR2umffKoVoKc579aM5LCG5
QMf4Ma1hjp3tuf0auwj3GPdbWFKe1JMz8YCBI2GMBOm+ZjifyEZjJV7h4gznP/LY
VZbYjQ004nAVCrwXjdy5qevcNehbVKxVciJufzaRBgRS6kiY7rO1em+aDW490oP7
m/wbyOYHkYJzRklo53VjbJ6WfQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL6GbaTS
MQ8Tq0OX9TnZa+8UqbRHMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvOEUwMjY2MzBG
QzJBMTFFQzk4QjE5MTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLAYIKwYBBQUHAQcBAf8E
HTAbMBkEAgABMBMwCwMEA68d6AMDAa8cAwQDy0yYMA0GCSqGSIb3DQEBCwUAA4IB
AQCmi2/ihA29jOVpnJUfUTPjmyf5sw2yhJYNo5LVAFGehUdqKWx52EpTkYPR7SIl
8kwkHedhnh4JNUiqN9EP03hyLwuSuzpXLm17B7p0bAFGaN409G8m+NEr4NoWNkTh
i/FvHMq3p+VAsmRCSATTTtQ7pHoxwZ0AEOTKpQxRKZoIoaHo0Y228tFykqc1o5gK
acf7FU76TlTdraD5QFb1pWBxVQEj7LhM251a7WR/YtMYlUzcTSuTwCML/Fl9nD3S
VLwRstcKbCHmQ4kH5ju20JaBWXMgQQK/EOFqG0sRN7O9PNDquoyjsxenbq2Hrm3w
sngpIYwm5nigC8jGE0aVYGzs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-ams.rpki-client.org