Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/CCAFC8C45F0711EDB42DC97FC4F9AE02.roa
File: CCAFC8C45F0711EDB42DC97FC4F9AE02.roa (raw, json)
Hash identifier: UsdYkw64+pIaWxz8xHT/YCDEsc+7vMylm7yaAV0rA1Y=
Subject key identifier: 82:60:5A:3D:72:03:80:2A:14:40:0D:9D:7E:90:A0:5E:8A:39:AB:73
Certificate issuer: /CN=A9164D60/serialNumber=E0BA228EAF9812F067D2FF3BF806895698C93977
Certificate serial: 0450
Authority key identifier: E0:BA:22:8E:AF:98:12:F0:67:D2:FF:3B:F8:06:89:56:98:C9:39:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Loijq-YEvBn0v87-AaJVpjJOXc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/CCAFC8C45F0711EDB42DC97FC4F9AE02.roa
Signing time: Tue 08 Nov 2022 01:51:02 +0000
ROA not before: Tue 08 Nov 2022 01:51:02 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 32181
IP address blocks: 118.99.26.0/24 maxlen: 24
118.99.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1104 (0x450)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164D60/serialNumber=E0BA228EAF9812F067D2FF3BF806895698C93977
Validity
Not Before: Nov 8 01:51:02 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=6369b606-408e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:2c:32:78:8e:c6:cb:ed:72:f1:ef:cc:33:2c:
b0:fe:12:cf:14:ff:3c:96:2c:75:f6:85:6e:76:71:
59:0f:f4:f1:cb:44:cd:e3:79:01:1a:dc:6e:1f:1b:
b1:fd:46:c7:47:3c:1d:aa:d6:b3:91:f2:f1:e8:64:
c8:c9:bc:5f:23:fe:50:02:84:76:f3:a0:d3:bc:fd:
05:41:68:05:2f:6d:08:b3:af:53:2c:07:67:f9:d9:
ee:81:fc:76:aa:03:66:b7:b9:92:eb:e1:43:d9:93:
38:60:91:f8:c9:10:35:e1:9e:13:47:c0:c7:96:18:
58:4e:c2:00:00:af:72:33:74:73:12:5f:b1:2f:8a:
48:3e:37:fd:d0:b3:81:06:44:5d:bf:53:7f:0c:91:
66:81:ee:9c:fa:5d:0f:b5:83:38:97:5f:a2:56:ff:
f3:29:c1:25:dc:17:1f:2a:35:7a:39:f8:57:0f:8a:
9e:73:22:1e:79:c9:0d:1b:40:90:2c:3f:ff:26:f6:
42:e9:d6:b2:50:b9:9b:27:0a:fb:fa:1e:8e:0d:b5:
11:05:94:c6:b1:c3:f6:67:22:ca:88:73:b0:d3:63:
e7:0e:57:c6:59:79:94:5e:1e:a6:df:a1:56:bd:f7:
e0:95:4f:60:28:07:16:e9:3f:3d:3b:e6:1d:7c:12:
12:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:60:5A:3D:72:03:80:2A:14:40:0D:9D:7E:90:A0:5E:8A:39:AB:73
X509v3 Authority Key Identifier:
keyid:E0:BA:22:8E:AF:98:12:F0:67:D2:FF:3B:F8:06:89:56:98:C9:39:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/4Loijq-YEvBn0v87-AaJVpjJOXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Loijq-YEvBn0v87-AaJVpjJOXc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/CCAFC8C45F0711EDB42DC97FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.99.26.0/24
118.99.31.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:57:d6:5b:bb:4d:4e:da:88:f1:9e:b7:03:cd:f8:80:4b:a2:
73:ae:fe:b1:58:98:9a:27:a4:90:1d:bf:11:29:d1:f4:64:6c:
de:a1:94:f5:a3:45:64:1b:fd:86:f0:f2:12:6e:34:6b:1b:ab:
69:46:12:f0:e3:8d:0e:e9:2c:60:03:f6:01:a1:c3:3a:23:11:
15:a3:1e:05:ce:0e:86:f0:8d:dd:09:7c:79:f7:00:1a:e7:10:
69:ad:12:65:7c:00:93:cc:f8:1d:44:1d:0f:f0:b1:8b:3b:f6:
29:7e:e1:51:13:29:1c:59:4e:76:bf:88:b0:94:ce:4d:e7:96:
61:70:5b:bc:9f:5b:69:07:c7:c7:5e:90:7c:3a:8b:be:0b:86:
6f:d1:71:c3:62:0f:07:cd:83:ce:c4:c0:28:72:cc:a5:cf:e3:
7f:8f:cd:9e:aa:e4:98:f9:dc:17:06:b3:0b:ae:7c:55:41:06:
3f:2f:93:fd:32:10:83:6a:62:1a:37:da:3f:4c:c5:78:6d:4b:
bf:34:da:d3:f0:45:ac:e3:b3:38:da:a2:5c:40:14:b1:7b:b3:
2c:5c:96:db:b1:10:b6:18:1d:c3:51:ce:60:4f:d1:9c:7a:f9:
1f:0e:c5:b3:ac:4d:0c:b9:ae:f5:94:8f:b4:f3:b5:42:9a:ca:
9c:9c:85:49
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjRENjAxMTAvBgNVBAUTKEUwQkEyMjhFQUY5ODEyRjA2N0QyRkYzQkY4MDY4OTU2
OThDOTM5NzcwHhcNMjIxMTA4MDE1MTAyWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY5YjYwNi00MDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9CwyeI7Gy+1y8e/MMyyw/hLPFP88lix19oVudnFZD/Txy0TN43kBGtxuHxux
/UbHRzwdqtazkfLx6GTIybxfI/5QAoR286DTvP0FQWgFL20Is69TLAdn+dnugfx2
qgNmt7mS6+FD2ZM4YJH4yRA14Z4TR8DHlhhYTsIAAK9yM3RzEl+xL4pIPjf90LOB
BkRdv1N/DJFmge6c+l0PtYM4l1+iVv/zKcEl3BcfKjV6OfhXD4qecyIeeckNG0CQ
LD//JvZC6dayULmbJwr7+h6ODbURBZTGscP2ZyLKiHOw02PnDlfGWXmUXh6m36FW
vffglU9gKAcW6T89O+YdfBISuQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIJgWj1y
A4AqFEANnX6QoF6KOatzMB8GA1UdIwQYMBaAFOC6Io6vmBLwZ9L/O/gGiVaYyTl3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NEQ2MC85RTBERTM5MkI0
NUYxMUVCQjYxQjc2MENDNEY5QUUwMi80TG9panEtWUV2Qm4wdjg3LUFhSlZwakpP
WGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRMb2lqcS1ZRXZCbjB2ODctQWFKVnBqSk9YYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjRENjAvOUUwREUzOTJCNDVGMTFFQkI2MUI3NjBDQzRGOUFFMDIvQ0NBRkM4QzQ1
RjA3MTFFREI0MkRDOTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB2YxoDBAB2Yx8wDQYJKoZIhvcNAQELBQADggEBAKNX1lu7
TU7aiPGetwPN+IBLonOu/rFYmJonpJAdvxEp0fRkbN6hlPWjRWQb/Ybw8hJuNGsb
q2lGEvDjjQ7pLGAD9gGhwzojERWjHgXODobwjd0JfHn3ABrnEGmtEmV8AJPM+B1E
HQ/wsYs79il+4VETKRxZTna/iLCUzk3nlmFwW7yfW2kHx8dekHw6i74Lhm/RccNi
DwfNg87EwChyzKXP43+PzZ6q5Jj53BcGswuufFVBBj8vk/0yEINqYho32j9MxXht
S7802tPwRazjszjaolxAFLF7syxcltuxELYYHcNRzmBP0Zx6+R8OxbOsTQy5rvWU
j7TztUKaypychUk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org