Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/4D2CC4228F0E11ECBFD9DB7EC4F9AE02.roa
File: 4D2CC4228F0E11ECBFD9DB7EC4F9AE02.roa (raw, json)
Hash identifier: ygdRyQfQUGzPZaelxKSDg6qld8HuxpdVQ1e0QT5Htkg=
Subject key identifier: 2A:1C:97:2F:EC:25:8C:E8:65:84:EF:A2:1F:CF:2A:44:FB:F1:2F:49
Certificate issuer: /CN=A917F247/serialNumber=904A235CB4747E08600FC1D26B93F51C4674EBAA
Certificate serial: 09
Authority key identifier: 90:4A:23:5C:B4:74:7E:08:60:0F:C1:D2:6B:93:F5:1C:46:74:EB:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/4D2CC4228F0E11ECBFD9DB7EC4F9AE02.roa
Signing time: Wed 16 Feb 2022 09:53:33 +0000
ROA not before: Wed 16 Feb 2022 09:53:33 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 135409
IP address blocks: 14.137.32.0/19 maxlen: 19
202.5.112.0/20 maxlen: 20
203.2.130.0/23 maxlen: 23
203.8.206.0/23 maxlen: 23
203.21.140.0/22 maxlen: 22
203.24.104.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F247/serialNumber=904A235CB4747E08600FC1D26B93F51C4674EBAA
Validity
Not Before: Feb 16 09:53:33 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=620cc99d-19fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e0:57:91:e7:14:4a:53:1c:3e:57:44:5e:a8:
2e:eb:a4:3e:4d:3a:6c:33:89:bd:43:b3:d6:e8:3d:
56:ab:3f:cd:b4:09:74:96:a1:7e:b6:31:6e:c9:f5:
c9:ae:ab:2f:5b:47:d8:78:a6:f1:89:62:e8:ce:32:
c6:89:68:7a:6d:9a:39:a2:ac:cf:3f:2f:10:11:12:
53:cd:3f:61:76:68:61:1b:4d:9b:66:4e:01:27:d8:
6c:70:74:56:9b:3e:c7:6a:51:9e:a7:16:bb:16:9b:
26:c5:ad:a9:72:3f:1b:d5:c0:fa:e5:28:bb:4e:2c:
03:f8:eb:d6:b9:d8:c1:90:02:12:7e:80:82:dc:da:
39:63:2f:22:10:e8:72:28:2e:66:99:ef:f1:0a:a5:
4d:39:94:2a:5c:0b:41:5b:81:03:51:d9:6b:d8:0c:
9f:76:63:25:dd:16:a3:f8:12:a7:d3:aa:88:fe:b2:
25:d0:9c:f6:c6:24:be:37:8f:f3:07:ba:63:96:f5:
c9:56:0a:ba:0f:58:d4:41:83:11:70:ef:d4:59:a6:
92:4b:28:f9:08:61:de:ae:8e:0c:55:d2:d4:81:7b:
7e:69:c1:b7:b4:00:9b:0e:b7:4f:6b:a8:23:09:9e:
34:ca:69:c7:44:7d:14:7b:ef:29:67:77:a3:75:bd:
89:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:1C:97:2F:EC:25:8C:E8:65:84:EF:A2:1F:CF:2A:44:FB:F1:2F:49
X509v3 Authority Key Identifier:
keyid:90:4A:23:5C:B4:74:7E:08:60:0F:C1:D2:6B:93:F5:1C:46:74:EB:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/4D2CC4228F0E11ECBFD9DB7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.32.0/19
202.5.112.0/20
203.2.130.0/23
203.8.206.0/23
203.21.140.0/22
203.24.104.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:9a:20:35:0a:2d:b4:cb:25:19:e7:b4:c4:1e:7f:a4:56:0b:
72:95:f7:d1:cd:0a:b8:71:2e:1a:07:aa:18:fb:36:31:4c:18:
b7:a3:9c:ab:0d:9d:49:2c:0b:e9:f4:91:b0:e6:05:0c:88:ac:
04:2a:16:a0:86:84:4f:2d:4e:d5:f8:db:6f:7d:4d:d7:54:e7:
2a:58:a8:7c:f8:4a:5e:a3:89:a9:8f:66:82:2e:a1:65:fa:da:
5f:e3:8e:29:ce:05:2e:fa:28:46:45:1f:8e:8f:02:27:9a:15:
09:f1:4b:72:df:f9:16:11:d1:d4:71:77:df:20:aa:41:01:f8:
9a:7d:30:ab:2a:55:db:02:9b:11:85:be:ee:37:a4:83:5a:a1:
0d:db:b2:33:13:c4:c1:13:23:20:c8:32:39:21:66:30:2d:b4:
0d:69:0b:70:33:2d:55:6c:1e:c9:6e:80:23:01:b8:e2:e7:a8:
64:72:be:2a:01:ee:15:37:aa:fa:8e:07:c9:ba:7b:9b:e5:32:
c2:06:dd:2e:4b:d9:b5:06:33:ed:31:98:a8:16:87:a1:a4:31:
25:b4:4e:e8:1e:18:ba:73:39:ec:ed:00:e6:74:4b:e4:b8:2c:
c2:8e:d0:ac:27:a7:92:d1:e6:8c:d2:92:b2:28:c9:3e:08:6c:
30:72:51:fb
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RjI0NzExMC8GA1UEBRMoOTA0QTIzNUNCNDc0N0UwODYwMEZDMUQyNkI5M0Y1MUM0
Njc0RUJBQTAeFw0yMjAyMTYwOTUzMzNaFw0yMzAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMGNjOTlkLTE5ZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC64FeR5xRKUxw+V0ReqC7rpD5NOmwzib1Ds9boPVarP820CXSWoX62MW7J9cmu
qy9bR9h4pvGJYujOMsaJaHptmjmirM8/LxARElPNP2F2aGEbTZtmTgEn2GxwdFab
PsdqUZ6nFrsWmybFralyPxvVwPrlKLtOLAP469a52MGQAhJ+gILc2jljLyIQ6HIo
LmaZ7/EKpU05lCpcC0FbgQNR2WvYDJ92YyXdFqP4EqfTqoj+siXQnPbGJL43j/MH
umOW9clWCroPWNRBgxFw79RZppJLKPkIYd6ujgxV0tSBe35pwbe0AJsOt09rqCMJ
njTKacdEfRR77ylnd6N1vYmDAgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUKhyXL+wl
jOhlhO+iH88qRPvxL0kwHwYDVR0jBBgwFoAUkEojXLR0fghgD8HSa5P1HEZ066ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdGMjQ3LzZEMjJFQUYwOEYw
MzExRUNBNUM5RkUxMkM0RjlBRTAyL2tFb2pYTFIwZmdoZ0Q4SFNhNVAxSEVaMDY2
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva0VvalhMUjBmZ2hnRDhIU2E1UDFIRVowNjZvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RjI0Ny82RDIyRUFGMDhGMDMxMUVDQTVDOUZFMTJDNEY5QUUwMi80RDJDQzQyMjhG
MEUxMUVDQkZEOURCN0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA9BggrBgEFBQcBBwEB/wQu
MCwwKgQCAAEwJAMEBQ6JIAMEBMoFcAMEAcsCggMEAcsIzgMEAssVjAMEAssYaDAN
BgkqhkiG9w0BAQsFAAOCAQEAbpogNQottMslGee0xB5/pFYLcpX30c0KuHEuGgeq
GPs2MUwYt6Ocqw2dSSwL6fSRsOYFDIisBCoWoIaETy1O1fjbb31N11TnKliofPhK
XqOJqY9mgi6hZfraX+OOKc4FLvooRkUfjo8CJ5oVCfFLct/5FhHR1HF33yCqQQH4
mn0wqypV2wKbEYW+7jekg1qhDduyMxPEwRMjIMgyOSFmMC20DWkLcDMtVWweyW6A
IwG44ueoZHK+KgHuFTeq+o4Hybp7m+UywgbdLkvZtQYz7TGYqBaHoaQxJbRO6B4Y
unM57O0A5nRL5Lgswo7QrCenktHmjNKSsijJPghsMHJR+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org