Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/782E3F3AA5FF11EDB2FCE23BC4F9AE02.roa
File: 782E3F3AA5FF11EDB2FCE23BC4F9AE02.roa (raw, json)
Hash identifier: y4aK8aW976Ck01fp2xdLFVByvM2ZypDe0yi8hk0VJJ8=
Subject key identifier: 0B:95:80:3C:4B:7E:EF:C0:95:B3:DD:33:27:23:17:E9:18:98:74:54
Certificate issuer: /CN=A915F89C/serialNumber=466F112442C5D02E60F24699193AE215195B3BA9
Certificate serial: 0BB8
Authority key identifier: 46:6F:11:24:42:C5:D0:2E:60:F2:46:99:19:3A:E2:15:19:5B:3B:A9
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Rm8RJELF0C5g8kaZGTriFRlbO6k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/782E3F3AA5FF11EDB2FCE23BC4F9AE02.roa
Signing time: Mon 06 Feb 2023 09:20:17 +0000
ROA not before: Mon 06 Feb 2023 09:20:17 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 9506
IP address blocks: 151.192.64.0/18 maxlen: 19
151.192.64.0/19 maxlen: 24
151.192.96.0/20 maxlen: 20
151.192.96.0/21 maxlen: 21
151.192.96.0/22 maxlen: 24
151.192.100.0/24 maxlen: 24
151.192.101.0/24 maxlen: 24
151.192.104.0/24 maxlen: 24
151.192.105.0/24 maxlen: 24
151.192.106.0/23 maxlen: 23
151.192.108.0/23 maxlen: 23
151.192.110.0/23 maxlen: 23
151.192.112.0/23 maxlen: 24
151.192.114.0/23 maxlen: 24
151.192.116.0/22 maxlen: 24
151.192.120.0/21 maxlen: 24
151.192.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3000 (0xbb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C/serialNumber=466F112442C5D02E60F24699193AE215195B3BA9
Validity
Not Before: Feb 6 09:20:17 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63e0c651-dfa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c4:13:9b:c5:5d:c5:88:2e:50:6e:ed:08:0d:
f0:46:db:48:d2:60:a2:41:89:5f:63:fc:a7:00:0a:
aa:df:8d:2c:73:2d:8d:c0:0d:96:fd:43:e0:71:98:
56:d7:dd:b2:68:01:81:75:c2:5b:d9:82:21:7c:3a:
05:90:b5:80:22:5c:28:7d:6d:5f:a9:85:94:0f:92:
03:19:b9:2c:12:5d:20:5d:35:39:10:86:56:67:43:
01:3e:17:b2:08:52:02:2b:9d:ff:be:42:f2:61:18:
9b:8a:f1:f6:49:51:4b:04:10:49:0c:b5:87:9e:e2:
c0:47:4a:ad:db:b0:69:7a:0a:fc:cf:29:6f:11:d8:
06:ca:08:6d:9a:84:a5:61:36:7a:b1:8e:ca:f8:a3:
a9:c9:f7:e3:dd:fd:d7:9e:ba:cf:cb:0d:de:ff:d6:
3e:83:cf:cd:00:26:59:52:c7:dc:70:9b:35:e1:3e:
e1:cf:17:59:79:f5:6b:03:a7:62:5d:f5:41:e6:35:
fa:eb:37:7d:e5:19:db:85:e4:42:b0:95:e7:18:43:
fc:f6:0a:11:66:8e:2a:f6:3f:0b:e8:82:ea:32:15:
45:c6:02:9a:55:a9:18:c8:38:de:ab:88:fe:1e:84:
c6:d1:91:74:ab:bc:cd:0c:0e:14:91:84:ad:4a:22:
6b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:95:80:3C:4B:7E:EF:C0:95:B3:DD:33:27:23:17:E9:18:98:74:54
X509v3 Authority Key Identifier:
keyid:46:6F:11:24:42:C5:D0:2E:60:F2:46:99:19:3A:E2:15:19:5B:3B:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/Rm8RJELF0C5g8kaZGTriFRlbO6k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Rm8RJELF0C5g8kaZGTriFRlbO6k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/01B069F6CEBB11E99B1F7D3EC4F9AE02/782E3F3AA5FF11EDB2FCE23BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.192.64.0-151.192.255.255
Signature Algorithm: sha256WithRSAEncryption
a9:a5:55:1a:3c:6b:93:81:a5:76:1c:66:43:91:9b:29:38:54:
11:a4:4e:93:ff:b6:42:2c:93:bc:6f:eb:f8:72:87:2c:21:cc:
7a:85:a8:c8:31:9b:a7:f0:67:cd:5f:e6:d6:a0:5d:71:ca:aa:
25:35:2f:d0:2d:86:c9:cb:39:03:14:5d:25:7d:d0:73:a1:e2:
c8:08:3b:90:4c:82:48:83:d4:15:0d:95:ff:49:60:26:66:f1:
d1:50:5f:7c:f0:87:fc:09:67:ba:e0:b7:d2:b0:f1:a1:ef:2e:
fc:20:66:8e:b0:0a:b4:37:46:e2:f5:38:c2:e4:d2:30:ef:fd:
dd:d3:a5:6e:70:04:72:2e:d4:8f:78:90:38:8f:23:70:f1:7e:
08:96:dc:78:c4:d5:a2:25:68:96:89:b8:16:a8:7f:52:0b:08:
e7:5c:0a:8b:d2:73:19:4a:a6:47:06:53:98:98:89:82:04:4d:
55:79:3a:4f:3d:0e:79:84:00:60:47:a7:e1:3b:9c:b4:75:a9:
3e:8a:72:c8:d7:da:cb:e3:1f:4d:aa:3a:81:43:77:80:ac:30:
fc:d1:d5:e7:45:59:af:39:a8:cc:59:e4:77:70:65:53:3e:f7:
95:41:2c:80:ac:54:55:7a:4a:e1:6e:9b:82:62:a0:3b:14:e7:
6f:d8:53:4e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgICC7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKDQ2NkYxMTI0NDJDNUQwMkU2MEYyNDY5OTE5M0FFMjE1
MTk1QjNCQTkwHhcNMjMwMjA2MDkyMDE3WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UwYzY1MS1kZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucQTm8VdxYguUG7tCA3wRttI0mCiQYlfY/ynAAqq340scy2NwA2W/UPgcZhW
192yaAGBdcJb2YIhfDoFkLWAIlwofW1fqYWUD5IDGbksEl0gXTU5EIZWZ0MBPhey
CFICK53/vkLyYRibivH2SVFLBBBJDLWHnuLAR0qt27Bpegr8zylvEdgGyghtmoSl
YTZ6sY7K+KOpyffj3f3XnrrPyw3e/9Y+g8/NACZZUsfccJs14T7hzxdZefVrA6di
XfVB5jX66zd95RnbheRCsJXnGEP89goRZo4q9j8L6ILqMhVFxgKaVakYyDjeq4j+
HoTG0ZF0q7zNDA4UkYStSiJrwwIDAQABo4ICnDCCApgwHQYDVR0OBBYEFAuVgDxL
fu/AlbPdMycjF+kYmHRUMB8GA1UdIwQYMBaAFEZvESRCxdAuYPJGmRk64hUZWzup
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy8wMUIwNjlGNkNF
QkIxMUU5OUIxRjdEM0VDNEY5QUUwMi9SbThSSkVMRjBDNWc4a2FaR1RyaUZSbGJP
NmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1JtOFJKRUxGMEM1ZzhrYVpHVHJpRlJsYk82ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvMDFCMDY5RjZDRUJCMTFFOTlCMUY3RDNFQzRGOUFFMDIvNzgyRTNGM0FB
NUZGMTFFREIyRkNFMjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E
FzAVMBMEAgABMA0wCwMEBpfAQAMDAJfAMA0GCSqGSIb3DQEBCwUAA4IBAQCppVUa
PGuTgaV2HGZDkZspOFQRpE6T/7ZCLJO8b+v4cocsIcx6hajIMZun8GfNX+bWoF1x
yqolNS/QLYbJyzkDFF0lfdBzoeLICDuQTIJIg9QVDZX/SWAmZvHRUF988If8CWe6
4LfSsPGh7y78IGaOsAq0N0bi9TjC5NIw7/3d06VucARyLtSPeJA4jyNw8X4Iltx4
xNWiJWiWibgWqH9SCwjnXAqL0nMZSqZHBlOYmImCBE1VeTpPPQ55hABgR6fhO5y0
dak+inLI19rL4x9NqjqBQ3eArDD80dXnRVmvOajMWeR3cGVTPveVQSyArFRVekrh
bpuCYqA7FOdv2FNO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org