Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/2DCCAA7C2E4E11ED807CB02FC4F9AE02.roa
File: 2DCCAA7C2E4E11ED807CB02FC4F9AE02.roa (raw, json)
Hash identifier: YzKJukBabrT9o9XXTwxWfED7n0b7JRkaE3sxijbdiBQ=
Subject key identifier: 1E:28:3D:6D:54:12:03:B7:9B:52:8D:3E:6C:65:CF:0C:F7:C0:8E:F6
Certificate issuer: /CN=A9164D60/serialNumber=E0BA228EAF9812F067D2FF3BF806895698C93977
Certificate serial: 0407
Authority key identifier: E0:BA:22:8E:AF:98:12:F0:67:D2:FF:3B:F8:06:89:56:98:C9:39:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Loijq-YEvBn0v87-AaJVpjJOXc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/2DCCAA7C2E4E11ED807CB02FC4F9AE02.roa
Signing time: Wed 07 Sep 2022 01:41:23 +0000
ROA not before: Wed 07 Sep 2022 01:41:23 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 15083
IP address blocks: 115.126.25.0/24 maxlen: 24
115.126.26.0/24 maxlen: 24
115.126.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1031 (0x407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164D60/serialNumber=E0BA228EAF9812F067D2FF3BF806895698C93977
Validity
Not Before: Sep 7 01:41:23 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=6317f6c3-8c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:31:b8:13:6e:86:6b:b9:2a:27:fa:9b:ff:61:
8f:f8:9b:22:de:1c:a6:c7:70:6f:c6:2f:58:cc:79:
c4:68:e6:72:55:4d:a0:f8:db:fe:48:01:39:f5:9b:
39:3c:af:5b:83:f9:a3:b9:8a:e1:95:38:95:a3:d5:
b4:2f:ec:1c:79:02:06:11:4c:f7:b4:58:71:5d:e6:
0c:57:44:b2:de:d9:52:9a:69:95:df:68:3d:1a:95:
6d:0f:a6:b5:29:01:9c:83:06:c2:c8:f0:91:aa:8c:
f5:53:4d:4f:fd:a1:23:4e:50:1e:a8:67:2e:e1:f2:
ee:c6:6b:6a:fc:96:2d:b8:2d:33:49:e5:5c:60:4c:
1f:0f:99:20:37:e5:83:b5:a6:5f:53:55:2d:4d:f3:
5a:34:09:bc:41:ea:be:3d:51:8c:45:41:5c:65:17:
22:4c:37:d9:46:d7:d4:12:be:24:55:52:99:25:3f:
7a:3d:99:04:32:12:b5:93:da:85:79:d1:e6:50:bc:
88:cc:d4:1b:ea:04:75:42:31:ed:00:1f:2d:83:24:
b4:ee:87:ce:aa:96:88:54:eb:b9:ba:5a:64:38:85:
8d:5b:61:af:e8:d7:51:6d:c4:da:a0:71:6e:b4:4b:
06:07:b7:1c:e9:14:12:8b:a1:53:b6:1b:12:f6:d0:
5e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:28:3D:6D:54:12:03:B7:9B:52:8D:3E:6C:65:CF:0C:F7:C0:8E:F6
X509v3 Authority Key Identifier:
keyid:E0:BA:22:8E:AF:98:12:F0:67:D2:FF:3B:F8:06:89:56:98:C9:39:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/4Loijq-YEvBn0v87-AaJVpjJOXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Loijq-YEvBn0v87-AaJVpjJOXc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/2DCCAA7C2E4E11ED807CB02FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.126.25.0-115.126.26.255
115.126.48.0/24
Signature Algorithm: sha256WithRSAEncryption
34:6a:b2:78:9c:bb:0b:3f:35:a1:0f:bf:94:be:64:a7:f6:5f:
12:93:0c:39:eb:ac:79:55:0b:50:4f:01:a4:ee:8c:b8:dc:aa:
36:1f:f2:c3:d5:cb:89:67:92:3e:a0:bf:7d:9f:79:00:ae:a7:
2d:8e:28:0a:30:ee:23:73:91:1c:bb:6a:21:cd:1a:36:a6:06:
7c:b5:95:18:f8:8f:e6:03:63:3b:72:d0:d5:b1:e8:06:12:ad:
b3:1d:74:14:02:0c:c6:a8:2f:44:94:aa:9e:f2:00:6f:67:a7:
4d:e9:60:f9:de:c2:7e:86:00:ef:87:b7:79:d8:ff:4a:24:04:
4d:34:aa:2b:51:9a:87:60:7f:3c:99:3f:de:4a:68:4c:b1:e8:
2d:0f:d8:29:4c:99:64:ee:01:79:e8:be:13:8f:1e:c5:12:d6:
05:ad:a8:4f:cb:6b:df:0a:27:f1:0c:64:7f:3c:92:74:c0:d8:
3a:d5:d7:3d:38:b2:0f:ef:32:bf:ff:7b:ec:da:1a:d5:82:b7:
9f:db:09:08:bf:1d:31:7e:7b:aa:a5:a6:fa:69:6c:ad:57:1c:
5c:c1:06:cc:ac:b3:bf:53:c2:7d:64:26:df:12:ef:1a:f3:63:
2d:59:e8:ee:20:58:2a:a8:14:2e:de:e0:f9:bf:06:03:49:8d:
07:b9:6f:11
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICBAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjRENjAxMTAvBgNVBAUTKEUwQkEyMjhFQUY5ODEyRjA2N0QyRkYzQkY4MDY4OTU2
OThDOTM5NzcwHhcNMjIwOTA3MDE0MTIzWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE3ZjZjMy04Yzc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4DG4E26Ga7kqJ/qb/2GP+Jsi3hymx3Bvxi9YzHnEaOZyVU2g+Nv+SAE59Zs5
PK9bg/mjuYrhlTiVo9W0L+wceQIGEUz3tFhxXeYMV0Sy3tlSmmmV32g9GpVtD6a1
KQGcgwbCyPCRqoz1U01P/aEjTlAeqGcu4fLuxmtq/JYtuC0zSeVcYEwfD5kgN+WD
taZfU1UtTfNaNAm8Qeq+PVGMRUFcZRciTDfZRtfUEr4kVVKZJT96PZkEMhK1k9qF
edHmULyIzNQb6gR1QjHtAB8tgyS07ofOqpaIVOu5ulpkOIWNW2Gv6NdRbcTaoHFu
tEsGB7cc6RQSi6FTthsS9tBekQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFB4oPW1U
EgO3m1KNPmxlzwz3wI72MB8GA1UdIwQYMBaAFOC6Io6vmBLwZ9L/O/gGiVaYyTl3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NEQ2MC85RTBERTM5MkI0
NUYxMUVCQjYxQjc2MENDNEY5QUUwMi80TG9panEtWUV2Qm4wdjg3LUFhSlZwakpP
WGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRMb2lqcS1ZRXZCbjB2ODctQWFKVnBqSk9YYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjRENjAvOUUwREUzOTJCNDVGMTFFQkI2MUI3NjBDQzRGOUFFMDIvMkRDQ0FBN0My
RTRFMTFFRDgwN0NCMDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAHN+GQMEAHN+GgMEAHN+MDANBgkqhkiG9w0BAQsFAAOC
AQEANGqyeJy7Cz81oQ+/lL5kp/ZfEpMMOeuseVULUE8BpO6MuNyqNh/yw9XLiWeS
PqC/fZ95AK6nLY4oCjDuI3ORHLtqIc0aNqYGfLWVGPiP5gNjO3LQ1bHoBhKtsx10
FAIMxqgvRJSqnvIAb2enTelg+d7CfoYA74e3edj/SiQETTSqK1Gah2B/PJk/3kpo
TLHoLQ/YKUyZZO4Beei+E48exRLWBa2oT8tr3won8QxkfzySdMDYOtXXPTiyD+8y
v/977Noa1YK3n9sJCL8dMX57qqWm+mlsrVccXMEGzKyzv1PCfWQm3xLvGvNjLVno
7iBYKqgULt7g+b8GA0mNB7lvEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-ams.rpki-client.org