Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/9014CF3AFC2A11EC98B19157C4F9AE02.roa
File: 9014CF3AFC2A11EC98B19157C4F9AE02.roa (raw, json)
Hash identifier: va2kINETBFMLv4pfKInKEBFqPamCPgeOZ9YrxSv8wBY=
Subject key identifier: 38:88:DF:88:3C:DA:F9:C5:78:B9:7C:AD:6E:52:03:FE:5D:FE:5A:55
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 328F
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/9014CF3AFC2A11EC98B19157C4F9AE02.roa
Signing time: Tue 05 Jul 2022 06:20:28 +0000
ROA not before: Tue 05 Jul 2022 06:20:28 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 7018
IP address blocks: 203.76.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12943 (0x328f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Jul 5 06:20:28 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62c3d82c-584e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:91:69:28:f9:3e:ff:4f:bf:1a:90:8d:4f:76:
2b:72:0f:32:b7:6d:23:fb:ff:ae:e9:78:10:5f:97:
ca:ca:ee:0c:84:56:ef:96:9b:fa:f0:c8:a0:f2:9e:
5b:cd:b9:00:da:01:71:b1:a3:fe:a0:36:3f:06:14:
e6:db:6d:88:10:8e:7f:24:6c:ac:6d:14:6a:0b:61:
90:d2:92:c6:32:40:a7:64:ab:78:bb:6c:c5:0a:8f:
05:20:9b:97:7c:a1:06:51:dd:02:67:fa:8f:10:cc:
29:f3:45:ac:5e:c3:4c:fe:3f:e1:4d:83:ef:25:95:
76:cc:ab:7e:41:20:df:f6:20:7c:32:89:25:e8:41:
50:3b:c4:4e:17:12:a2:9a:af:5f:55:d8:0e:08:fd:
e4:38:96:a3:bf:ec:fe:5a:20:66:35:e2:82:d4:7e:
06:ac:1b:d1:c8:35:93:33:21:18:8c:b6:5e:7a:1e:
9a:c4:3a:4a:a1:5f:3d:40:b0:c6:d1:6c:27:d3:1a:
43:a4:b1:72:17:9e:c8:1e:dd:5a:57:f1:05:ac:2b:
ad:0a:66:c1:60:3c:85:93:f6:85:ef:14:b9:05:ab:
0d:f2:a2:f9:c5:9b:aa:fc:87:1d:bb:b8:dc:8a:e2:
72:3f:ed:02:d2:78:ea:52:96:d7:6b:ec:5e:26:22:
42:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:88:DF:88:3C:DA:F9:C5:78:B9:7C:AD:6E:52:03:FE:5D:FE:5A:55
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/9014CF3AFC2A11EC98B19157C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.76.152.0/21
Signature Algorithm: sha256WithRSAEncryption
29:fe:ee:9e:10:89:38:5e:f5:3d:79:c5:66:d2:fb:d9:7e:d4:
7d:a8:66:ad:25:02:b7:9f:96:87:f2:f4:b2:fd:09:59:fc:d1:
6d:e7:ce:03:f5:fc:9c:d3:13:a3:12:f7:af:59:1f:d4:ba:16:
5f:3e:b1:27:57:49:d8:95:b3:42:34:b5:1a:a1:dc:08:2e:8e:
5d:71:35:71:73:1c:1a:be:c0:b9:0d:f5:a1:50:aa:1e:52:ff:
a4:57:64:7e:fd:9c:ad:65:78:f7:28:0a:2d:ab:11:0f:fd:8f:
a9:4c:fe:67:cb:cf:b1:32:0a:5d:50:ce:97:dd:8e:f6:f7:d4:
47:66:4b:7d:b2:98:f8:36:43:81:16:be:17:e7:00:70:1a:d4:
1e:f4:a7:95:65:14:48:72:11:fc:55:b5:89:94:5b:41:8c:65:
fa:0f:67:ca:2c:a2:b3:c1:0f:d1:c8:26:a0:a3:ed:6f:d6:65:
1b:a9:2a:fe:9f:bd:ed:22:13:ea:8f:7a:1b:40:dd:18:9e:27:
8a:f0:27:de:ae:96:0c:a9:b7:b3:14:9c:9f:af:2d:d1:7d:9e:
6d:ca:0c:8f:0d:e0:42:4a:71:1f:50:e8:58:91:24:4f:0e:77:
ee:bd:3a:84:87:0a:52:4a:cf:78:23:84:29:88:70:e0:bb:30:
e9:db:af:33
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIwNzA1MDYyMDI4WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMzZDgyYy01ODRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy5FpKPk+/0+/GpCNT3Yrcg8yt20j+/+u6XgQX5fKyu4MhFbvlpv68Mig8p5b
zbkA2gFxsaP+oDY/BhTm222IEI5/JGysbRRqC2GQ0pLGMkCnZKt4u2zFCo8FIJuX
fKEGUd0CZ/qPEMwp80WsXsNM/j/hTYPvJZV2zKt+QSDf9iB8Mokl6EFQO8ROFxKi
mq9fVdgOCP3kOJajv+z+WiBmNeKC1H4GrBvRyDWTMyEYjLZeeh6axDpKoV89QLDG
0Wwn0xpDpLFyF57IHt1aV/EFrCutCmbBYDyFk/aF7xS5BasN8qL5xZuq/Icdu7jc
iuJyP+0C0njqUpbXa+xeJiJCzQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDiI34g8
2vnFeLl8rW5SA/5d/lpVMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvOTAxNENGM0FG
QzJBMTFFQzk4QjE5MTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPLTJgwDQYJKoZIhvcNAQELBQADggEBACn+7p4QiThe9T15
xWbS+9l+1H2oZq0lAreflofy9LL9CVn80W3nzgP1/JzTE6MS969ZH9S6Fl8+sSdX
SdiVs0I0tRqh3Agujl1xNXFzHBq+wLkN9aFQqh5S/6RXZH79nK1lePcoCi2rEQ/9
j6lM/mfLz7EyCl1Qzpfdjvb31EdmS32ymPg2Q4EWvhfnAHAa1B70p5VlFEhyEfxV
tYmUW0GMZfoPZ8osorPBD9HIJqCj7W/WZRupKv6fve0iE+qPehtA3RieJ4rwJ96u
lgypt7MUnJ+vLdF9nm3KDI8N4EJKcR9Q6FiRJE8Od+69OoSHClJKz3gjhCmIcOC7
MOnbrzM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:05 2024 by rpki-client on console-ams.rpki-client.org