Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91632D7/F97959C2241711ED9C0C700DC4F9AE02/5498C3A6C14D11EDBB60292BC4F9AE02.roa
File: 5498C3A6C14D11EDBB60292BC4F9AE02.roa (raw, json)
Hash identifier: LWdsa3gHsmcT+z2m+/s9YQtD3jt0eBj7GHoogRveCyA=
Subject key identifier: 3F:B0:D9:AD:41:86:BC:E7:70:D9:A1:2A:88:92:D7:BC:55:C9:92:A5
Certificate issuer: /CN=A91632D7/serialNumber=4E07378667EC79D53D650E524D1E8F98B08C28E1
Certificate serial: A2
Authority key identifier: 4E:07:37:86:67:EC:79:D5:3D:65:0E:52:4D:1E:8F:98:B0:8C:28:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Tgc3hmfsedU9ZQ5STR6PmLCMKOE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91632D7/F97959C2241711ED9C0C700DC4F9AE02/5498C3A6C14D11EDBB60292BC4F9AE02.roa
Signing time: Mon 13 Mar 2023 03:15:40 +0000
ROA not before: Mon 13 Mar 2023 03:15:40 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 150803
IP address blocks: 125.62.68.0/24 maxlen: 24
125.62.69.0/24 maxlen: 24
125.62.70.0/24 maxlen: 24
125.62.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162 (0xa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91632D7/serialNumber=4E07378667EC79D53D650E524D1E8F98B08C28E1
Validity
Not Before: Mar 13 03:15:40 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=640e955b-d0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:17:77:f3:9b:d9:bf:bd:15:4c:58:44:81:0c:
8a:1b:f3:42:bd:06:9a:77:24:08:83:e8:d6:37:80:
3f:80:99:42:82:88:9b:5d:d1:70:2d:7c:13:ae:7e:
3b:27:ef:c3:bc:56:54:b5:a5:d1:d3:c0:ed:a9:d7:
75:f3:6c:21:48:39:a9:bf:6d:3e:ea:95:2e:82:f2:
4b:86:97:5b:2f:16:09:dd:89:16:e7:5d:a7:21:13:
fa:87:6e:6b:40:a1:73:67:61:b1:1d:af:63:f6:ba:
72:94:bf:84:dc:02:28:4f:a0:68:98:4c:f2:3f:40:
d9:ca:5d:51:8b:7a:3f:42:c3:74:1e:d0:8c:b8:39:
c5:50:c1:17:5b:84:94:a5:d5:00:60:0a:e5:2f:da:
23:a3:9f:9c:15:7c:19:fe:7d:72:a4:4c:bb:f0:e6:
50:b2:e2:4b:3b:b8:d3:3d:a0:87:b3:0f:06:72:8c:
47:ab:33:52:e8:77:f3:30:84:57:79:2a:c5:bb:d9:
cc:e0:81:ac:4a:15:a3:72:79:2d:67:70:c2:2f:49:
a1:01:de:5a:48:16:cd:39:75:69:95:07:08:6f:83:
b7:f3:5c:62:86:0e:2e:de:e4:e9:d4:3b:d4:a4:b3:
1e:81:b0:28:26:5e:26:2e:19:59:50:bf:b7:68:60:
69:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B0:D9:AD:41:86:BC:E7:70:D9:A1:2A:88:92:D7:BC:55:C9:92:A5
X509v3 Authority Key Identifier:
keyid:4E:07:37:86:67:EC:79:D5:3D:65:0E:52:4D:1E:8F:98:B0:8C:28:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91632D7/F97959C2241711ED9C0C700DC4F9AE02/Tgc3hmfsedU9ZQ5STR6PmLCMKOE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Tgc3hmfsedU9ZQ5STR6PmLCMKOE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91632D7/F97959C2241711ED9C0C700DC4F9AE02/5498C3A6C14D11EDBB60292BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.62.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:f3:28:b7:ee:a5:e0:8a:f5:36:cd:0d:7a:46:f1:99:e4:88:
c0:bf:04:8b:36:e2:da:f4:b8:df:0e:5d:f5:7a:b2:17:b5:23:
93:58:9a:76:e8:14:ce:78:94:2d:d8:f5:09:a1:9d:a0:ea:6a:
aa:e1:b9:51:bd:46:8c:4f:4e:b3:48:0b:4f:24:bb:99:a0:72:
0d:7d:f1:7e:c0:22:d2:10:15:82:d9:6e:6b:c6:b9:aa:07:fd:
0b:d5:8d:11:41:e1:7f:00:b1:a1:1f:30:64:6c:14:be:1b:b2:
80:bf:c6:64:e0:1e:b8:cf:37:54:25:72:9e:ed:47:fe:6f:9c:
93:93:d4:c6:56:dd:13:36:f9:0a:83:93:a4:7c:fd:ed:ce:35:
fb:98:be:25:9b:a5:cb:58:56:72:90:be:ff:e8:d1:2f:af:85:
ea:74:47:23:c6:8f:e0:43:98:04:5a:28:8e:ba:73:09:9c:3d:
0f:6c:43:c0:94:e8:fc:37:5f:c1:d8:87:5f:7f:26:15:af:e1:
d3:d0:85:94:1f:f4:e6:52:39:0e:d1:ef:0a:dd:d6:f5:f1:e3:
89:3d:73:dd:86:9b:77:31:fc:2c:31:02:0e:34:d7:b6:48:56:
ad:94:ff:8a:43:f5:e2:e6:bc:bc:59:57:6c:d8:f7:8a:0c:e4:
28:42:26:6d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjMyRDcxMTAvBgNVBAUTKDRFMDczNzg2NjdFQzc5RDUzRDY1MEU1MjREMUU4Rjk4
QjA4QzI4RTEwHhcNMjMwMzEzMDMxNTQwWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDBlOTU1Yi1kMGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Rd385vZv70VTFhEgQyKG/NCvQaadyQIg+jWN4A/gJlCgoibXdFwLXwTrn47
J+/DvFZUtaXR08Dtqdd182whSDmpv20+6pUugvJLhpdbLxYJ3YkW512nIRP6h25r
QKFzZ2GxHa9j9rpylL+E3AIoT6BomEzyP0DZyl1Ri3o/QsN0HtCMuDnFUMEXW4SU
pdUAYArlL9ojo5+cFXwZ/n1ypEy78OZQsuJLO7jTPaCHsw8GcoxHqzNS6HfzMIRX
eSrFu9nM4IGsShWjcnktZ3DCL0mhAd5aSBbNOXVplQcIb4O381xihg4u3uTp1DvU
pLMegbAoJl4mLhlZUL+3aGBpAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD+w2a1B
hrzncNmhKoiS17xVyZKlMB8GA1UdIwQYMBaAFE4HN4Zn7HnVPWUOUk0ej5iwjCjh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzJENy9GOTc5NTlDMjI0
MTcxMUVEOUMwQzcwMERDNEY5QUUwMi9UZ2MzaG1mc2VkVTlaUTVTVFI2UG1MQ01L
T0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RnYzNobWZzZWRVOVpRNVNUUjZQbUxDTUtPRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjMyRDcvRjk3OTU5QzIyNDE3MTFFRDlDMEM3MDBEQzRGOUFFMDIvNTQ5OEMzQTZD
MTREMTFFREJCNjAyOTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJ9PkQwDQYJKoZIhvcNAQELBQADggEBAF3zKLfupeCK9TbN
DXpG8ZnkiMC/BIs24tr0uN8OXfV6she1I5NYmnboFM54lC3Y9QmhnaDqaqrhuVG9
RoxPTrNIC08ku5mgcg198X7AItIQFYLZbmvGuaoH/QvVjRFB4X8AsaEfMGRsFL4b
soC/xmTgHrjPN1Qlcp7tR/5vnJOT1MZW3RM2+QqDk6R8/e3ONfuYviWbpctYVnKQ
vv/o0S+vhep0RyPGj+BDmARaKI66cwmcPQ9sQ8CU6Pw3X8HYh19/JhWv4dPQhZQf
9OZSOQ7R7wrd1vXx44k9c92Gm3cx/CwxAg4017ZIVq2U/4pD9eLmvLxZV2zY94oM
5ChCJm0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org