Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CABAF848ED4411ECA329BA62C4F9AE02.roa
File: CABAF848ED4411ECA329BA62C4F9AE02.roa (raw, json)
Hash identifier: Zg7jOlKuFoOiezqQZ8g8+EVEIMXYB2bvR3hCCSkMCIM=
Subject key identifier: 6B:3F:5D:2D:C0:D1:3C:A7:A8:56:B3:7C:C0:A6:60:4B:44:6B:4C:58
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 3260
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CABAF848ED4411ECA329BA62C4F9AE02.roa
Signing time: Thu 16 Jun 2022 07:20:26 +0000
ROA not before: Thu 16 Jun 2022 07:20:26 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 3356
IP address blocks: 175.29.112.0/21 maxlen: 24
175.29.128.0/21 maxlen: 24
175.29.200.0/21 maxlen: 24
203.76.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12896 (0x3260)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Jun 16 07:20:26 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62aad9b9-8fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3c:3e:92:fc:79:4e:05:fe:ef:a0:8a:23:3c:
bb:18:45:87:6f:a0:77:6c:b1:f5:34:52:0b:04:5c:
c6:70:1d:70:0f:62:3f:96:90:25:95:e4:60:52:e6:
93:a1:fe:38:aa:a5:96:2d:e3:4c:b0:4d:b7:00:7e:
3c:0e:68:43:3c:62:01:c1:b2:ba:d1:23:08:fa:65:
b7:35:cb:d5:81:5b:b0:d3:13:0e:5f:59:e4:36:fd:
97:d1:94:03:bc:8a:b3:1c:d6:87:6e:6e:81:08:77:
66:7b:b4:ea:c9:bf:a6:d6:ec:48:fc:1a:e6:8b:39:
bf:24:f7:90:47:ab:5f:e0:d2:50:9e:ce:08:8d:18:
54:4a:19:dd:af:db:5a:a1:a6:4c:b1:b3:78:1e:fa:
0c:3b:f0:ba:da:ca:d5:b7:89:6c:a6:e0:e4:28:04:
99:d4:ce:10:d5:3d:96:d1:71:3b:67:a2:03:e8:4a:
7c:e8:69:71:e9:e5:3e:1e:05:f1:83:1f:bd:31:60:
c8:a8:ad:b8:21:d4:53:ae:ad:ef:48:cc:3a:df:50:
b5:31:80:ce:1e:38:8d:c2:63:bb:10:47:0c:94:f2:
41:ce:05:93:ef:aa:b3:5e:2d:3b:70:97:9d:dd:5d:
d4:f8:3f:32:e7:6f:d2:7e:9b:37:7b:7f:9d:9b:b3:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:3F:5D:2D:C0:D1:3C:A7:A8:56:B3:7C:C0:A6:60:4B:44:6B:4C:58
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CABAF848ED4411ECA329BA62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.112.0/21
175.29.128.0/21
175.29.200.0/21
203.76.152.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:37:49:f0:07:17:d0:8a:00:a6:79:5a:19:6d:f5:22:05:65:
f0:16:0a:e0:60:98:db:60:07:ea:a4:b7:5c:52:bb:95:fa:0b:
c0:cb:34:a5:7a:16:92:65:a8:7b:03:3d:86:a8:4a:d7:82:8a:
5b:5b:cc:ef:f1:0e:00:a4:3e:ec:10:f6:11:cc:3f:4c:f6:e5:
8a:fd:6f:70:f7:f5:1d:c3:a9:7a:a8:28:fc:5a:c2:d5:b3:ad:
79:3d:60:b4:be:33:e0:23:1a:d0:c2:24:8c:1b:b8:55:a5:02:
00:6c:48:a6:cb:3c:ef:ee:22:cd:74:9c:9f:43:fa:11:c9:a9:
c5:bc:43:c8:fe:49:31:7b:0b:5a:c6:80:4d:6c:6e:e8:fa:c5:
9e:29:d4:31:87:47:9b:fc:db:06:14:c9:96:e2:36:de:50:ae:
41:eb:8b:d3:db:25:49:ea:42:3f:5d:74:2e:8d:42:f1:da:2f:
13:5b:ec:75:cb:b1:35:e7:77:83:67:66:24:fa:04:e7:4b:ed:
14:03:33:6d:49:d8:46:0b:ce:81:35:76:25:56:2b:83:1a:f5:
60:95:ce:b9:ca:49:9f:4f:55:a7:15:d1:dc:b4:30:35:7d:9b:
c1:41:c2:d3:0a:0b:d2:47:e6:4e:8a:e2:d8:48:82:44:1d:23:
e3:f4:c4:44
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICMmAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIwNjE2MDcyMDI2WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmFhZDliOS04ZmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Dw+kvx5TgX+76CKIzy7GEWHb6B3bLH1NFILBFzGcB1wD2I/lpAlleRgUuaT
of44qqWWLeNMsE23AH48DmhDPGIBwbK60SMI+mW3NcvVgVuw0xMOX1nkNv2X0ZQD
vIqzHNaHbm6BCHdme7Tqyb+m1uxI/Brmizm/JPeQR6tf4NJQns4IjRhUShndr9ta
oaZMsbN4HvoMO/C62srVt4lspuDkKASZ1M4Q1T2W0XE7Z6ID6Ep86Glx6eU+HgXx
gx+9MWDIqK24IdRTrq3vSMw631C1MYDOHjiNwmO7EEcMlPJBzgWT76qzXi07cJed
3V3U+D8y52/Sfps3e3+dm7M0EwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFGs/XS3A
0TynqFazfMCmYEtEa0xYMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvQ0FCQUY4NDhF
RDQ0MTFFQ0EzMjlCQTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAOvHXADBAOvHYADBAOvHcgDBAPLTJgwDQYJKoZIhvcNAQEL
BQADggEBAIw3SfAHF9CKAKZ5Whlt9SIFZfAWCuBgmNtgB+qkt1xSu5X6C8DLNKV6
FpJlqHsDPYaoSteCiltbzO/xDgCkPuwQ9hHMP0z25Yr9b3D39R3DqXqoKPxawtWz
rXk9YLS+M+AjGtDCJIwbuFWlAgBsSKbLPO/uIs10nJ9D+hHJqcW8Q8j+STF7C1rG
gE1sbuj6xZ4p1DGHR5v82wYUyZbiNt5QrkHri9PbJUnqQj9ddC6NQvHaLxNb7HXL
sTXnd4NnZiT6BOdL7RQDM21J2EYLzoE1diVWK4Ma9WCVzrnKSZ9PVacV0dy0MDV9
m8FBwtMKC9JH5k6K4thIgkQdI+P0xEQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org