Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/4DB3ABFEE4D411E99A65E973C4F9AE02.roa
File: 4DB3ABFEE4D411E99A65E973C4F9AE02.roa (raw, json)
Hash identifier: sNGn9jZDMc1ZyXTWUDJemI0/EkQ4GrwoC14M5qayeSI=
Subject key identifier: 29:A1:56:0C:88:79:00:EC:87:7C:EA:9D:A7:F2:76:75:2B:89:2E:8F
Certificate issuer: /CN=A915F89C/serialNumber=466F112442C5D02E60F24699193AE215195B3BA9
Certificate serial: 0B1D
Authority key identifier: 46:6F:11:24:42:C5:D0:2E:60:F2:46:99:19:3A:E2:15:19:5B:3B:A9
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Rm8RJELF0C5g8kaZGTriFRlbO6k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/4DB3ABFEE4D411E99A65E973C4F9AE02.roa
Signing time: Mon 22 Aug 2022 02:30:42 +0000
ROA not before: Mon 22 Aug 2022 02:30:42 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 9506
IP address blocks: 151.192.64.0/18 maxlen: 18
151.192.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2845 (0xb1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C/serialNumber=466F112442C5D02E60F24699193AE215195B3BA9
Validity
Not Before: Aug 22 02:30:42 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6302ea51-ab08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d6:ab:a8:90:a6:c9:ce:0d:de:a2:93:e3:20:
af:ac:94:d1:50:e6:49:4e:e9:16:47:7e:7e:25:1d:
fb:ea:11:70:ce:2a:a6:d3:85:84:c0:f9:c8:20:73:
14:4b:20:f1:6b:65:7a:3b:a4:c9:74:a8:a2:21:31:
c2:94:7e:ab:7a:46:af:63:0d:fd:5d:45:01:de:74:
55:85:a4:2b:10:4c:ac:dd:f0:aa:df:aa:a1:23:f4:
a2:ea:b6:06:0a:5f:2d:0d:c4:7f:e9:8c:5d:ba:c4:
35:9a:0a:e4:41:ed:e6:25:75:b2:2f:0a:fb:ba:53:
ae:95:f0:41:1c:bf:99:5c:81:3a:36:26:df:02:cc:
30:00:25:93:b8:eb:82:a6:00:c2:d8:a7:f6:d6:47:
14:ed:d6:b4:08:75:4c:ce:25:b6:f2:9c:8c:7c:99:
7c:53:25:07:f9:c2:c3:02:19:b8:8e:c6:1b:ed:41:
7a:cf:85:c5:dc:f9:87:be:0e:6a:1e:13:ee:2e:0d:
ec:a7:4d:a9:a6:51:c9:34:c6:6c:70:97:75:fc:9e:
f3:ca:ec:82:e4:5b:2d:29:10:91:6d:59:ba:e5:93:
45:77:f2:1b:a7:52:ba:d2:e8:1d:73:c3:6e:0f:1f:
23:cf:5b:cc:82:fb:61:d3:ce:7c:37:1d:77:ca:22:
cf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A1:56:0C:88:79:00:EC:87:7C:EA:9D:A7:F2:76:75:2B:89:2E:8F
X509v3 Authority Key Identifier:
keyid:46:6F:11:24:42:C5:D0:2E:60:F2:46:99:19:3A:E2:15:19:5B:3B:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/Rm8RJELF0C5g8kaZGTriFRlbO6k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Rm8RJELF0C5g8kaZGTriFRlbO6k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/4DB3ABFEE4D411E99A65E973C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.192.64.0-151.192.255.255
Signature Algorithm: sha256WithRSAEncryption
4d:c4:b6:fb:40:25:8d:8b:1b:37:d6:6e:62:1e:5e:ca:46:4c:
a2:9b:33:8d:00:dc:a9:b5:2c:d9:02:8c:5c:d5:4f:a5:88:49:
23:29:cf:2a:07:03:aa:98:68:ec:66:d7:83:20:2a:a7:f5:9f:
d0:c1:77:32:16:cb:45:7a:55:81:24:82:e5:8d:af:40:4d:77:
63:07:2e:dc:54:6f:54:37:68:74:f6:b3:bc:1d:dd:09:c1:2e:
9f:8b:8b:55:53:c4:16:02:90:dd:19:16:27:4a:1d:4d:2b:5c:
95:ff:b1:55:20:29:5e:08:99:7f:42:81:1b:f0:98:ce:d0:7f:
1c:1f:24:b3:c3:d0:05:21:48:2a:3b:e4:68:c4:a8:ea:ce:7b:
25:95:b3:c1:9f:80:ba:8a:ae:4a:91:6a:97:2a:a2:18:21:8d:
1d:50:31:cd:79:1a:67:14:80:42:97:e0:1f:15:2d:b6:fb:bf:
20:b8:35:f9:3e:4c:dd:f9:cb:32:19:62:b4:58:e8:83:c2:45:
ab:21:ae:2b:e0:d3:50:f3:9d:60:e5:bc:03:61:bb:37:66:e7:
60:1c:cc:c2:23:35:38:d7:6c:31:be:e6:76:17:96:58:79:6d:
f5:cc:aa:1a:13:8e:1f:b4:b3:69:52:7d:0f:89:e4:f7:4d:61:
6a:17:c2:82
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgICCx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKDQ2NkYxMTI0NDJDNUQwMkU2MEYyNDY5OTE5M0FFMjE1
MTk1QjNCQTkwHhcNMjIwODIyMDIzMDQyWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzAyZWE1MS1hYjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArNarqJCmyc4N3qKT4yCvrJTRUOZJTukWR35+JR376hFwziqm04WEwPnIIHMU
SyDxa2V6O6TJdKiiITHClH6rekavYw39XUUB3nRVhaQrEEys3fCq36qhI/Si6rYG
Cl8tDcR/6YxdusQ1mgrkQe3mJXWyLwr7ulOulfBBHL+ZXIE6NibfAswwACWTuOuC
pgDC2Kf21kcU7da0CHVMziW28pyMfJl8UyUH+cLDAhm4jsYb7UF6z4XF3PmHvg5q
HhPuLg3sp02pplHJNMZscJd1/J7zyuyC5FstKRCRbVm65ZNFd/Ibp1K60ugdc8Nu
Dx8jz1vMgvth0858Nx13yiLPSQIDAQABo4ICnDCCApgwHQYDVR0OBBYEFCmhVgyI
eQDsh3zqnafydnUriS6PMB8GA1UdIwQYMBaAFEZvESRCxdAuYPJGmRk64hUZWzup
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy8wMUIwNjlGNkNF
QkIxMUU5OUIxRjdEM0VDNEY5QUUwMi9SbThSSkVMRjBDNWc4a2FaR1RyaUZSbGJP
NmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1JtOFJKRUxGMEM1ZzhrYVpHVHJpRlJsYk82ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvMDFCMDY5RjZDRUJCMTFFOTlCMUY3RDNFQzRGOUFFMDIvNERCM0FCRkVF
NEQ0MTFFOTlBNjVFOTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E
FzAVMBMEAgABMA0wCwMEBpfAQAMDAJfAMA0GCSqGSIb3DQEBCwUAA4IBAQBNxLb7
QCWNixs31m5iHl7KRkyimzONANyptSzZAoxc1U+liEkjKc8qBwOqmGjsZteDICqn
9Z/QwXcyFstFelWBJILlja9ATXdjBy7cVG9UN2h09rO8Hd0JwS6fi4tVU8QWApDd
GRYnSh1NK1yV/7FVICleCJl/QoEb8JjO0H8cHySzw9AFIUgqO+RoxKjqznsllbPB
n4C6iq5KkWqXKqIYIY0dUDHNeRpnFIBCl+AfFS22+78guDX5Pkzd+csyGWK0WOiD
wkWrIa4r4NNQ851g5bwDYbs3ZudgHMzCIzU412wxvuZ2F5ZYeW31zKoaE44ftLNp
Un0PieT3TWFqF8KC
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org