Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CF66F3F2551711EDA9F4E555C4F9AE02.roa
File: CF66F3F2551711EDA9F4E555C4F9AE02.roa (raw, json)
Hash identifier: hQ8gZk0EX7HgKXKzfdQDc5BpT8hBqA7HSTUAI8FVE6A=
Subject key identifier: 5D:4A:29:D9:94:5B:F7:FA:7B:48:0C:4E:41:76:92:90:6B:C1:1C:52
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 3381
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CF66F3F2551711EDA9F4E555C4F9AE02.roa
Signing time: Wed 26 Oct 2022 10:20:27 +0000
ROA not before: Wed 26 Oct 2022 10:20:27 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 149009
IP address blocks: 175.29.114.0/24 maxlen: 24
175.29.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13185 (0x3381)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Oct 26 10:20:27 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=635909eb-3fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e7:a3:35:da:ce:85:90:fe:f7:ba:ee:ac:6f:
d6:4a:f8:19:1a:94:d6:8a:f1:b7:a4:a7:8c:e7:5d:
e1:bf:d3:c5:84:9c:4e:1f:bb:67:90:68:17:7c:e6:
f9:9a:30:cd:02:5b:70:33:ec:60:2e:d0:70:73:b0:
46:71:47:98:e7:35:bd:7c:87:ad:da:e1:90:3d:ed:
ef:d4:db:fe:3c:6a:f9:ce:d9:64:60:43:2e:41:9e:
f3:52:c8:3b:c7:bb:c0:53:40:9e:be:b6:ad:3a:46:
0a:c8:7f:bc:bf:52:e4:2a:c4:95:d3:cd:bf:14:35:
c3:61:6b:9d:1a:9b:3c:57:13:1c:e1:9a:9d:33:58:
c0:93:a8:ff:65:01:ff:81:57:d9:5b:b1:93:82:c5:
01:ad:50:4e:0a:be:ae:40:99:82:f9:2f:9d:ac:b1:
c8:23:a1:5c:02:2e:7f:d9:e9:58:5f:d9:9f:68:b7:
ab:36:c7:f8:68:d2:48:74:42:9f:ed:23:41:3e:15:
85:0b:d2:d4:01:8e:c9:57:a0:e7:9c:f9:60:20:0b:
43:7e:0c:f1:c6:51:ce:a1:8e:a6:d3:72:ca:34:16:
16:01:ff:2a:8a:df:ea:4d:f5:c4:6f:6f:72:18:c7:
76:6b:f4:85:e8:fd:9b:f0:48:30:2c:fa:a5:0a:c1:
3e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4A:29:D9:94:5B:F7:FA:7B:48:0C:4E:41:76:92:90:6B:C1:1C:52
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/CF66F3F2551711EDA9F4E555C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.114.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:d2:2b:2f:7e:18:8b:96:ca:d2:01:8d:2f:e4:67:cf:95:c2:
f5:97:0a:44:40:11:c7:c2:54:28:15:e4:d1:58:5d:49:58:df:
69:e0:8d:ef:2c:d5:e0:77:5d:72:5d:b4:7a:28:d8:5b:58:24:
81:37:b4:dd:fe:9f:57:22:6e:e9:55:b9:8f:19:52:9c:57:60:
81:4c:07:86:53:a5:4e:be:f2:5a:5e:97:1b:dd:df:7e:57:bb:
3a:eb:6e:0b:d7:b4:6a:c7:2c:73:d7:27:76:cb:a5:96:b9:34:
f5:a0:ae:c6:0e:71:fb:e5:a5:70:ba:0a:8a:1f:62:88:47:f6:
6a:59:bf:2a:c6:87:7c:f8:f4:c4:71:2c:2d:a0:69:2d:2b:4c:
4f:77:d0:39:f0:98:2a:da:62:5f:07:19:ec:83:18:34:9a:77:
4b:96:55:9e:f3:24:64:45:77:69:a6:e0:45:e2:60:26:cf:dc:
52:a2:47:cb:3b:23:36:57:e2:47:f9:57:b3:d1:1e:5e:ed:17:
da:22:79:c8:69:d2:8f:56:ae:94:59:58:71:c8:9b:fa:80:80:
e0:4d:33:e3:cf:39:d6:52:19:c2:4b:5a:51:e0:8b:9b:20:63:
b9:9d:e4:0d:54:cd:db:65:a7:05:fb:2d:f2:f3:bc:03:04:7f:
f0:2c:73:4a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICM4EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjIxMDI2MTAyMDI3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU5MDllYi0zZmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2uejNdrOhZD+97rurG/WSvgZGpTWivG3pKeM513hv9PFhJxOH7tnkGgXfOb5
mjDNAltwM+xgLtBwc7BGcUeY5zW9fIet2uGQPe3v1Nv+PGr5ztlkYEMuQZ7zUsg7
x7vAU0CevratOkYKyH+8v1LkKsSV082/FDXDYWudGps8VxMc4ZqdM1jAk6j/ZQH/
gVfZW7GTgsUBrVBOCr6uQJmC+S+drLHII6FcAi5/2elYX9mfaLerNsf4aNJIdEKf
7SNBPhWFC9LUAY7JV6DnnPlgIAtDfgzxxlHOoY6m03LKNBYWAf8qit/qTfXEb29y
GMd2a/SF6P2b8EgwLPqlCsE+uwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF1KKdmU
W/f6e0gMTkF2kpBrwRxSMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvQ0Y2NkYzRjI1
NTE3MTFFREE5RjRFNTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGvHXIwDQYJKoZIhvcNAQELBQADggEBABvSKy9+GIuWytIB
jS/kZ8+VwvWXCkRAEcfCVCgV5NFYXUlY32ngje8s1eB3XXJdtHoo2FtYJIE3tN3+
n1cibulVuY8ZUpxXYIFMB4ZTpU6+8lpelxvd335XuzrrbgvXtGrHLHPXJ3bLpZa5
NPWgrsYOcfvlpXC6CoofYohH9mpZvyrGh3z49MRxLC2gaS0rTE930DnwmCraYl8H
GeyDGDSad0uWVZ7zJGRFd2mm4EXiYCbP3FKiR8s7IzZX4kf5V7PRHl7tF9oiechp
0o9WrpRZWHHIm/qAgOBNM+PPOdZSGcJLWlHgi5sgY7md5A1UzdtlpwX7LfLzvAME
f/Asc0o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org