Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9183898/2091B01AB83811EB9D7EA24FC4F9AE02/5EA5A580C31411ED86F35C63C4F9AE02.roa
File: 5EA5A580C31411ED86F35C63C4F9AE02.roa (raw, json)
Hash identifier: 6a5WEADDEwgF3f21AmoEdCkaoVfrLONPp33+n0BkTbY=
Subject key identifier: 5C:B4:FE:28:5B:F1:8D:65:6A:D9:39:5F:19:29:F4:00:48:FD:CE:62
Certificate issuer: /CN=A9183898/serialNumber=B47674313B943EC6CBEF7562BD1970D5C733EA5B
Certificate serial: 0444
Authority key identifier: B4:76:74:31:3B:94:3E:C6:CB:EF:75:62:BD:19:70:D5:C7:33:EA:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tHZ0MTuUPsbL73VivRlw1ccz6ls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9183898/2091B01AB83811EB9D7EA24FC4F9AE02/5EA5A580C31411ED86F35C63C4F9AE02.roa
Signing time: Wed 15 Mar 2023 09:32:58 +0000
ROA not before: Wed 15 Mar 2023 09:32:57 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 38829
IP address blocks: 118.127.168.0/21 maxlen: 21
118.127.176.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1092 (0x444)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9183898/serialNumber=B47674313B943EC6CBEF7562BD1970D5C733EA5B
Validity
Not Before: Mar 15 09:32:57 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=641190c9-69da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:32:29:e9:0f:a4:e6:5e:01:80:3a:10:9c:65:
f4:5d:a7:b7:79:0d:0f:3f:22:76:f1:70:82:b3:f7:
c4:96:39:0c:65:aa:ef:60:3f:4a:1f:53:7d:36:69:
20:b9:5f:96:43:7e:f7:31:01:d6:8e:53:10:be:f5:
62:a7:58:74:28:66:b9:8b:9a:47:1d:4e:26:ff:cf:
f1:29:94:ed:76:66:c1:b1:20:87:02:51:d1:77:ab:
f0:d5:b5:c8:63:7f:de:f1:4b:03:a5:bc:8c:c4:32:
6d:90:ed:84:22:09:60:58:f7:b1:a3:96:c9:df:21:
34:64:ab:9a:94:80:de:3a:71:d8:28:6e:f8:1a:3c:
dd:29:03:62:1a:35:b9:6a:be:c2:7f:6a:71:ca:84:
dc:b5:a1:3e:31:da:78:13:86:fe:e7:25:59:c7:2f:
7e:e6:22:58:01:92:38:a4:b6:df:a0:31:9e:16:bc:
f1:38:ba:51:f6:95:8f:e2:84:df:9d:3b:2f:14:d2:
91:67:dc:ca:36:1f:87:f3:2f:fe:de:ef:a3:d3:39:
e0:d9:f4:82:2c:ec:4f:81:99:93:4b:d7:49:79:f4:
ad:0e:00:b4:4d:36:42:9b:12:1e:59:a2:44:3d:eb:
40:26:77:75:33:ed:bf:ed:8c:bd:19:8c:6c:57:de:
60:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B4:FE:28:5B:F1:8D:65:6A:D9:39:5F:19:29:F4:00:48:FD:CE:62
X509v3 Authority Key Identifier:
keyid:B4:76:74:31:3B:94:3E:C6:CB:EF:75:62:BD:19:70:D5:C7:33:EA:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9183898/2091B01AB83811EB9D7EA24FC4F9AE02/tHZ0MTuUPsbL73VivRlw1ccz6ls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tHZ0MTuUPsbL73VivRlw1ccz6ls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183898/2091B01AB83811EB9D7EA24FC4F9AE02/5EA5A580C31411ED86F35C63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.127.168.0-118.127.191.255
Signature Algorithm: sha256WithRSAEncryption
a9:3f:db:dc:8e:c9:fa:e2:d4:98:98:94:f6:67:87:d7:fc:0c:
2a:b8:3a:c2:f6:c6:86:1e:50:bb:cf:fb:de:b4:88:20:79:fa:
cf:79:3a:78:c7:05:88:20:e2:9a:2f:6a:b3:dc:d5:ca:1b:c4:
cf:d9:ee:be:fe:95:e2:2e:52:d0:39:31:9c:7a:ee:22:a8:e1:
52:b6:6e:06:4e:d0:e6:07:a2:ab:a2:48:4b:a6:1d:d4:d7:be:
9c:c9:0b:1d:4d:44:b9:92:19:e1:bb:cc:39:ea:39:77:3e:26:
47:78:4b:ee:92:91:94:45:54:26:0f:0a:a0:7e:48:01:a6:0e:
45:a2:64:cb:4d:e2:23:86:9f:bb:74:62:17:85:2f:10:88:a1:
76:44:62:af:c1:b1:09:2f:8b:52:7c:ec:9a:4b:77:49:10:c6:
c7:01:0a:43:0f:10:05:14:33:bb:4a:4b:0f:99:6f:9a:bf:ca:
93:d4:6c:46:43:6d:10:ae:92:1b:c1:ef:20:7f:6a:cb:7e:bc:
24:ff:62:6e:fc:5d:f1:88:3c:d9:48:59:2b:4b:4d:2a:85:6b:
c7:f9:68:b9:e2:a0:d4:ee:21:84:8d:f9:d3:ac:65:2f:7a:ed:
46:dd:e3:6f:bd:1e:38:4b:3a:3f:01:f0:0e:4e:f3:48:d0:56:
14:c0:69:b0
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODM4OTgxMTAvBgNVBAUTKEI0NzY3NDMxM0I5NDNFQzZDQkVGNzU2MkJEMTk3MEQ1
QzczM0VBNUIwHhcNMjMwMzE1MDkzMjU3WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDExOTBjOS02OWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwjIp6Q+k5l4BgDoQnGX0Xae3eQ0PPyJ28XCCs/fEljkMZarvYD9KH1N9Nmkg
uV+WQ373MQHWjlMQvvVip1h0KGa5i5pHHU4m/8/xKZTtdmbBsSCHAlHRd6vw1bXI
Y3/e8UsDpbyMxDJtkO2EIglgWPexo5bJ3yE0ZKualIDeOnHYKG74GjzdKQNiGjW5
ar7Cf2pxyoTctaE+Mdp4E4b+5yVZxy9+5iJYAZI4pLbfoDGeFrzxOLpR9pWP4oTf
nTsvFNKRZ9zKNh+H8y/+3u+j0zng2fSCLOxPgZmTS9dJefStDgC0TTZCmxIeWaJE
PetAJnd1M+2/7Yy9GYxsV95gHQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFFy0/ihb
8Y1latk5Xxkp9ABI/c5iMB8GA1UdIwQYMBaAFLR2dDE7lD7Gy+91Yr0ZcNXHM+pb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Mzg5OC8yMDkxQjAxQUI4
MzgxMUVCOUQ3RUEyNEZDNEY5QUUwMi90SFowTVR1VVBzYkw3M1ZpdlJsdzFjY3o2
bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RIWjBNVHVVUHNiTDczVml2Umx3MWNjejZscy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODM4OTgvMjA5MUIwMUFCODM4MTFFQjlEN0VBMjRGQzRGOUFFMDIvNUVBNUE1ODBD
MzE0MTFFRDg2RjM1QzYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA3Z/qAMEBnZ/gDANBgkqhkiG9w0BAQsFAAOCAQEAqT/b
3I7J+uLUmJiU9meH1/wMKrg6wvbGhh5Qu8/73rSIIHn6z3k6eMcFiCDimi9qs9zV
yhvEz9nuvv6V4i5S0DkxnHruIqjhUrZuBk7Q5geiq6JIS6Yd1Ne+nMkLHU1EuZIZ
4bvMOeo5dz4mR3hL7pKRlEVUJg8KoH5IAaYORaJky03iI4afu3RiF4UvEIihdkRi
r8GxCS+LUnzsmkt3SRDGxwEKQw8QBRQzu0pLD5lvmr/Kk9RsRkNtEK6SG8HvIH9q
y368JP9ibvxd8Yg82UhZK0tNKoVrx/loueKg1O4hhI3506xlL3rtRt3jb70eOEs6
PwHwDk7zSNBWFMBpsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org