Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/75CBFEFC444711EA9EC8AD5CC4F9AE02.roa
File: 75CBFEFC444711EA9EC8AD5CC4F9AE02.roa (raw, json)
Hash identifier: GQXwVOm5cacPJEC67oJMT0rmHtAGt2k1ql39Jh1aJC4=
Subject key identifier: BA:B5:D0:B2:91:6A:CE:81:9B:91:36:3A:58:BD:9A:9C:B4:8D:2E:30
Certificate issuer: /CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F
Certificate serial: 07FD
Authority key identifier: DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/75CBFEFC444711EA9EC8AD5CC4F9AE02.roa
Signing time: Wed 12 Jan 2022 08:57:45 +0000
ROA not before: Wed 12 Jan 2022 08:57:45 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 3910
IP address blocks: 116.251.204.0/24 maxlen: 24
116.251.205.0/24 maxlen: 24
116.251.206.0/24 maxlen: 24
116.251.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2045 (0x7fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158568/serialNumber=DF253484DCE52C4137CBD1C8ED44D9CB2557F43F
Validity
Not Before: Jan 12 08:57:45 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61de9809-a33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:d6:ad:7b:ee:d0:59:d5:72:66:cd:bf:4b:
5a:57:2b:b1:a1:8b:cf:61:f4:0c:a9:2c:0a:78:c7:
27:72:e7:af:bb:c9:4a:4f:c8:4f:4c:82:96:d9:29:
3b:92:6c:2a:07:cf:50:23:8f:30:23:6d:20:3b:67:
f5:2c:29:22:47:00:6e:ba:b4:cc:3e:2c:15:22:a9:
25:c7:a3:b4:46:3a:93:e7:e0:ce:34:c4:24:1e:03:
13:b0:b4:9e:28:62:31:f8:b0:9c:3b:38:6f:68:d8:
77:2e:d3:a0:58:9d:5b:1d:38:e3:13:75:ce:6c:7e:
a2:36:f9:b3:92:5d:a4:0b:be:7e:74:b2:7a:91:93:
b5:df:19:64:2a:be:4c:2a:34:76:8a:54:23:08:f1:
44:01:e9:4b:6c:eb:fb:01:8d:2c:65:9d:74:53:a6:
c0:9b:90:45:fb:d6:50:3b:12:63:5d:c3:2d:7a:1e:
23:2b:0b:73:53:d0:a5:d0:36:f4:d9:e9:7d:32:65:
28:66:f8:96:89:63:84:5b:9b:25:a2:ae:2b:4d:0c:
f3:90:16:df:00:65:bb:1d:ad:55:fc:14:f8:8f:44:
b5:86:d2:cd:50:dd:c6:3d:83:e8:33:46:ec:f5:a9:
37:bc:b9:78:f3:a8:6a:bb:29:66:ad:1f:49:57:f4:
72:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B5:D0:B2:91:6A:CE:81:9B:91:36:3A:58:BD:9A:9C:B4:8D:2E:30
X509v3 Authority Key Identifier:
keyid:DF:25:34:84:DC:E5:2C:41:37:CB:D1:C8:ED:44:D9:CB:25:57:F4:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/3yU0hNzlLEE3y9HI7UTZyyVX9D8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3yU0hNzlLEE3y9HI7UTZyyVX9D8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/D3130676185711EA9863415EC4F9AE02/75CBFEFC444711EA9EC8AD5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.251.204.0/22
Signature Algorithm: sha256WithRSAEncryption
01:54:96:4a:70:03:f2:d6:bf:59:8a:8c:09:d2:e7:7c:f2:29:
8e:68:e7:f4:3c:ca:94:64:f4:fc:6e:42:86:d8:4e:99:fe:ea:
7c:ef:73:63:6e:3a:d8:d3:a4:d7:60:24:7f:96:d9:7f:a0:00:
91:7f:0d:52:bd:a2:3a:0a:21:db:48:a8:da:ba:1d:06:f6:de:
aa:5b:a0:88:3d:ab:e7:1d:3f:b5:23:61:3d:fb:dc:41:e4:98:
68:32:53:0c:54:94:fe:20:13:9d:f4:ab:36:b0:d8:0e:65:78:
e3:8a:21:05:a8:94:2f:6c:fb:c6:88:a0:f1:de:50:45:41:5d:
3e:a5:7c:fe:09:6d:90:11:87:9c:4d:e5:a2:84:a7:8d:4e:e9:
45:5f:c7:55:ca:ca:be:69:98:53:ab:d6:e2:32:c2:10:39:a7:
2c:05:33:1f:e3:1b:aa:47:71:a8:45:16:08:ed:bc:b0:79:b4:
23:3f:70:3b:ad:e9:8e:0b:0a:c1:38:06:e3:89:af:85:8e:13:
b9:1e:19:53:8e:2d:07:c7:67:2b:d0:af:78:13:e0:a9:a3:97:
22:10:90:22:5e:c6:10:4d:de:ec:dd:fc:49:f7:54:89:ff:2a:
6c:b5:3e:f2:03:92:c8:39:fa:cd:29:19:b2:56:11:65:11:f6:
a7:56:5d:90
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg1NjgxMTAvBgNVBAUTKERGMjUzNDg0RENFNTJDNDEzN0NCRDFDOEVENDREOUNC
MjU1N0Y0M0YwHhcNMjIwMTEyMDg1NzQ1WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWRlOTgwOS1hMzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp5rWrXvu0FnVcmbNv0taVyuxoYvPYfQMqSwKeMcncuevu8lKT8hPTIKW2Sk7
kmwqB89QI48wI20gO2f1LCkiRwBuurTMPiwVIqklx6O0RjqT5+DONMQkHgMTsLSe
KGIx+LCcOzhvaNh3LtOgWJ1bHTjjE3XObH6iNvmzkl2kC75+dLJ6kZO13xlkKr5M
KjR2ilQjCPFEAelLbOv7AY0sZZ10U6bAm5BF+9ZQOxJjXcMteh4jKwtzU9Cl0Db0
2el9MmUoZviWiWOEW5sloq4rTQzzkBbfAGW7Ha1V/BT4j0S1htLNUN3GPYPoM0bs
9ak3vLl486hquylmrR9JV/RyQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLq10LKR
as6Bm5E2Oli9mpy0jS4wMB8GA1UdIwQYMBaAFN8lNITc5SxBN8vRyO1E2cslV/Q/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC9EMzEzMDY3NjE4
NTcxMUVBOTg2MzQxNUVDNEY5QUUwMi8zeVUwaE56bExFRTN5OUhJN1VUWnl5Vlg5
RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzN5VTBoTnpsTEVFM3k5SEk3VVRaeXlWWDlEOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTg1NjgvRDMxMzA2NzYxODU3MTFFQTk4NjM0MTVFQzRGOUFFMDIvNzVDQkZFRkM0
NDQ3MTFFQTlFQzhBRDVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ0+8wwDQYJKoZIhvcNAQELBQADggEBAAFUlkpwA/LWv1mK
jAnS53zyKY5o5/Q8ypRk9PxuQobYTpn+6nzvc2NuOtjTpNdgJH+W2X+gAJF/DVK9
ojoKIdtIqNq6HQb23qpboIg9q+cdP7UjYT373EHkmGgyUwxUlP4gE530qzaw2A5l
eOOKIQWolC9s+8aIoPHeUEVBXT6lfP4JbZARh5xN5aKEp41O6UVfx1XKyr5pmFOr
1uIywhA5pywFMx/jG6pHcahFFgjtvLB5tCM/cDut6Y4LCsE4BuOJr4WOE7keGVOO
LQfHZyvQr3gT4KmjlyIQkCJexhBN3uzd/En3VIn/Kmy1PvIDksg5+s0pGbJWEWUR
9qdWXZA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org