Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/10DC78C2CB5511ECA652C12DC4F9AE02.roa
File: 10DC78C2CB5511ECA652C12DC4F9AE02.roa (raw, json)
Hash identifier: QarDayF9QukmOa2a2fSSFXgsBpP/CpfGGzMxGFbdvas=
Subject key identifier: 25:93:3B:7E:C7:79:34:57:E9:D7:9C:C2:3D:1E:C2:AB:E0:4B:81:F7
Certificate issuer: /CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Certificate serial: 03B7
Authority key identifier: ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/10DC78C2CB5511ECA652C12DC4F9AE02.roa
Signing time: Thu 26 May 2022 13:00:17 +0000
ROA not before: Thu 26 May 2022 13:00:16 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 36.255.196.0/24 maxlen: 24
36.255.198.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 951 (0x3b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E1FE/serialNumber=EDEB96F04C8D3EDCCBEEBA40C4242922A8136B53
Validity
Not Before: May 26 13:00:16 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=628f79e0-c9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d0:d8:cb:0f:ec:63:0a:41:4f:1a:3a:c4:e1:
1d:95:cd:1a:43:90:d1:8c:47:5e:fd:bd:94:92:ca:
65:3d:1e:6b:eb:7c:fa:dc:b7:b2:ec:16:ee:5e:25:
53:a7:83:e9:87:04:dd:73:e7:ba:aa:66:19:e9:24:
68:0d:64:3b:70:88:70:77:e9:b1:85:44:dd:ae:2f:
0a:ed:49:ff:fd:03:e9:12:2a:75:40:68:f3:f8:f1:
12:dd:3a:4c:d8:89:8c:00:18:7e:49:ec:62:a0:a9:
45:09:1d:48:e3:38:8b:4c:2c:f5:ae:89:2a:1d:dc:
7d:06:bd:fa:f8:5a:a8:d5:5f:10:26:4a:21:c3:4e:
f7:57:a2:49:5d:a1:7e:07:76:0a:7e:89:6a:fa:15:
a6:76:69:d3:3e:4c:da:c3:bf:f4:6c:5a:cc:84:4e:
98:88:4f:67:1b:65:2a:75:f6:13:49:76:92:30:d8:
3c:49:3e:97:82:3a:43:da:f7:59:8b:b2:6c:f5:d9:
f5:7b:bb:e5:0e:c0:ef:83:c3:8b:40:9f:dd:3a:62:
41:99:6d:f5:53:94:d4:75:45:e0:bf:80:6c:57:3b:
98:c9:7c:02:f1:19:16:0e:b7:ed:f6:d4:e2:2a:8a:
dc:2c:70:0e:38:70:4a:06:b1:aa:ed:56:08:69:1e:
4e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:93:3B:7E:C7:79:34:57:E9:D7:9C:C2:3D:1E:C2:AB:E0:4B:81:F7
X509v3 Authority Key Identifier:
keyid:ED:EB:96:F0:4C:8D:3E:DC:CB:EE:BA:40:C4:24:29:22:A8:13:6B:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/7euW8EyNPtzL7rpAxCQpIqgTa1M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7euW8EyNPtzL7rpAxCQpIqgTa1M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E1FE/386235F06F8811EBA86BF64AC4F9AE02/10DC78C2CB5511ECA652C12DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.196.0/24
36.255.198.0/23
Signature Algorithm: sha256WithRSAEncryption
67:24:c8:ac:55:2d:be:38:e6:dc:ae:bd:a8:e5:74:7d:53:61:
df:87:18:38:52:52:fb:c9:2d:c2:04:b9:58:0a:2b:a3:ee:f1:
42:1d:a4:06:85:b3:62:7d:85:76:63:bf:f8:9d:98:e9:fd:62:
66:45:38:b0:c9:95:7c:93:bf:36:de:a6:98:40:3f:22:d7:e5:
4b:7d:8c:92:3d:f6:88:c1:3e:79:9b:89:90:7e:d6:d9:50:af:
7c:10:50:18:02:1a:e8:ab:e5:56:72:e7:1d:ad:a3:95:a1:8c:
7a:84:67:19:6d:c5:57:ed:3f:6d:5b:ab:ad:28:1d:49:a7:90:
ba:2f:8c:7e:ff:e8:24:99:ee:ff:3b:f6:78:cb:02:1c:02:11:
bf:71:4a:df:7a:a6:18:3c:7d:ff:7e:23:84:a6:0f:1f:be:34:
06:4f:34:40:d6:c3:75:21:8d:9f:c6:75:7b:84:3e:b0:53:52:
f2:41:e2:51:e2:e3:40:1a:3c:b3:e4:f3:ed:51:7e:73:a8:d4:
56:45:ac:75:01:dd:25:24:b4:ad:60:d6:52:b0:52:98:90:15:
b2:1d:1d:d2:68:58:a9:57:d0:2c:63:d6:57:dc:8d:47:2e:3d:
68:6b:02:77:4b:ef:52:2b:81:1d:14:1f:02:85:7f:25:6a:3c:
87:ff:5f:7d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0UxRkUxMTAvBgNVBAUTKEVERUI5NkYwNEM4RDNFRENDQkVFQkE0MEM0MjQyOTIy
QTgxMzZCNTMwHhcNMjIwNTI2MTMwMDE2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjhmNzllMC1jOWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxdDYyw/sYwpBTxo6xOEdlc0aQ5DRjEde/b2UksplPR5r63z63Ley7BbuXiVT
p4PphwTdc+e6qmYZ6SRoDWQ7cIhwd+mxhUTdri8K7Un//QPpEip1QGjz+PES3TpM
2ImMABh+SexioKlFCR1I4ziLTCz1rokqHdx9Br36+Fqo1V8QJkohw073V6JJXaF+
B3YKfolq+hWmdmnTPkzaw7/0bFrMhE6YiE9nG2UqdfYTSXaSMNg8ST6XgjpD2vdZ
i7Js9dn1e7vlDsDvg8OLQJ/dOmJBmW31U5TUdUXgv4BsVzuYyXwC8RkWDrft9tTi
KorcLHAOOHBKBrGq7VYIaR5OIQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCWTO37H
eTRX6decwj0ewqvgS4H3MB8GA1UdIwQYMBaAFO3rlvBMjT7cy+66QMQkKSKoE2tT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTFGRS8zODYyMzVGMDZG
ODgxMUVCQTg2QkY2NEFDNEY5QUUwMi83ZXVXOEV5TlB0ekw3cnBBeENRcElxZ1Rh
MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdldVc4RXlOUHR6TDdycEF4Q1FwSXFnVGExTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0UxRkUvMzg2MjM1RjA2Rjg4MTFFQkE4NkJGNjRBQzRGOUFFMDIvMTBEQzc4QzJD
QjU1MTFFQ0E2NTJDMTJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAk/8QDBAEk/8YwDQYJKoZIhvcNAQELBQADggEBAGckyKxV
Lb445tyuvajldH1TYd+HGDhSUvvJLcIEuVgKK6Pu8UIdpAaFs2J9hXZjv/idmOn9
YmZFOLDJlXyTvzbepphAPyLX5Ut9jJI99ojBPnmbiZB+1tlQr3wQUBgCGuir5VZy
5x2to5WhjHqEZxltxVftP21bq60oHUmnkLovjH7/6CSZ7v879njLAhwCEb9xSt96
phg8ff9+I4SmDx++NAZPNEDWw3UhjZ/GdXuEPrBTUvJB4lHi40AaPLPk8+1RfnOo
1FZFrHUB3SUktK1g1lKwUpiQFbIdHdJoWKlX0Cxj1lfcjUcuPWhrAndL71IrgR0U
HwKFfyVqPIf/X30=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org