Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/269E0F5A74BB11EBA6B8716FC4F9AE02.roa
File: 269E0F5A74BB11EBA6B8716FC4F9AE02.roa (raw, json)
Hash identifier: cHPIMolKTbyCMyC03vFpMw3/T/wZN/OGqKiNRXKjPH4=
Subject key identifier: 09:E8:3E:7D:F7:E6:F6:5A:56:F9:4E:67:6F:61:75:FF:DA:C6:21:06
Certificate issuer: /CN=A9186E8A/serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Certificate serial: 05E4
Authority key identifier: BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/269E0F5A74BB11EBA6B8716FC4F9AE02.roa
Signing time: Wed 01 Mar 2023 00:50:30 +0000
ROA not before: Wed 01 Mar 2023 00:50:30 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 10001
IP address blocks: 152.32.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1508 (0x5e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186E8A
Validity
Not Before: Mar 1 00:50:30 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=63fea155-2242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0e:3d:04:bd:26:f1:a1:19:7f:49:e6:6d:a0:
6a:bf:09:af:89:ed:9e:a7:bb:0d:1a:6d:47:50:56:
b9:8e:80:1d:3b:91:ba:53:94:0c:88:0f:2f:bd:f9:
13:e1:0c:d7:32:6a:81:33:28:0d:9b:0b:55:ab:a9:
77:c2:80:4f:28:9d:49:c6:50:86:63:ee:7a:76:93:
4c:5d:4f:3c:80:79:77:37:7f:3d:06:7d:14:90:29:
e0:75:4d:5a:05:fd:6a:89:bd:8e:bf:3e:f5:6f:53:
a0:ae:a4:92:f0:57:5a:0d:db:6a:e0:66:01:bc:0e:
31:c1:c4:c5:84:aa:d0:7d:a7:3e:8c:d5:19:09:20:
be:57:d0:a8:e0:ee:ed:22:51:df:82:ff:84:9d:3a:
f9:9f:c3:07:1f:0f:39:94:16:49:81:6c:b5:64:8a:
9c:94:b0:53:2e:6b:0f:84:8d:0e:a9:c2:57:21:84:
fb:7e:33:d9:25:6a:d5:a1:eb:dc:ef:33:70:52:01:
71:27:40:68:1c:7f:25:c2:d8:1b:2e:cb:04:51:8d:
c8:56:ca:77:6b:74:15:3b:83:9b:1d:bd:57:51:21:
99:db:10:6a:9a:ff:88:b8:1a:62:ce:c0:78:18:ce:
71:60:cf:7a:6d:ad:83:cf:40:e9:0f:b5:e3:61:55:
b3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E8:3E:7D:F7:E6:F6:5A:56:F9:4E:67:6F:61:75:FF:DA:C6:21:06
X509v3 Authority Key Identifier:
keyid:BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/269E0F5A74BB11EBA6B8716FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.32.242.0/24
Signature Algorithm: sha256WithRSAEncryption
41:42:30:54:65:98:5e:ea:7e:79:ca:96:10:db:c8:6e:db:24:
23:eb:f0:0f:5e:98:36:8c:fd:47:d0:1c:3f:fe:47:1b:15:ec:
dd:2c:c9:8a:4a:f6:88:13:66:67:39:ff:5e:b2:fb:0c:95:8a:
7f:46:a7:5e:72:cf:df:bf:cd:56:dc:ea:6a:a2:d7:0f:48:d7:
83:0b:e2:f7:6d:1b:42:7d:3c:10:31:e6:65:08:63:de:c4:bc:
13:8b:c0:44:55:88:23:75:7a:a3:7d:96:67:d5:97:0e:0c:24:
19:9f:bc:7c:a6:13:09:e3:98:d2:77:cb:83:a2:91:50:1a:09:
a0:19:23:a4:94:85:b5:c9:5f:57:74:5d:42:6d:3b:ac:1c:91:
8d:ab:6d:6a:0b:24:91:b7:76:a9:25:30:47:ec:c4:00:07:0f:
31:dc:27:f9:77:6a:37:90:22:7f:12:b1:cc:4a:81:40:2c:ff:
f6:3d:ec:74:8b:ca:1d:b2:e9:a3:be:63:d5:18:31:07:bf:6b:
7d:b4:bb:54:f1:25:49:dc:41:f7:2e:a9:93:a1:d2:53:ef:e4:
69:bf:26:cc:b7:e0:3c:2b:d8:14:8a:cb:d8:ec:c8:88:94:24:
0b:e0:eb:e5:f3:57:f5:c0:cc:d4:42:e6:b3:9a:82:f9:67:e4:
80:9e:a8:42
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBeQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZFOEExMTAvBgNVBAUTKEJERDVFOUE3NkYxQUM0QzhFNTE3OTdFQ0U5OUUzRENF
RUNFRTc0OTMwHhcNMjMwMzAxMDA1MDMwWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZlYTE1NS0yMjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQ49BL0m8aEZf0nmbaBqvwmvie2ep7sNGm1HUFa5joAdO5G6U5QMiA8vvfkT
4QzXMmqBMygNmwtVq6l3woBPKJ1JxlCGY+56dpNMXU88gHl3N389Bn0UkCngdU1a
Bf1qib2Ovz71b1OgrqSS8FdaDdtq4GYBvA4xwcTFhKrQfac+jNUZCSC+V9Co4O7t
IlHfgv+EnTr5n8MHHw85lBZJgWy1ZIqclLBTLmsPhI0OqcJXIYT7fjPZJWrVoevc
7zNwUgFxJ0BoHH8lwtgbLssEUY3IVsp3a3QVO4ObHb1XUSGZ2xBqmv+IuBpizsB4
GM5xYM96ba2Dz0DpD7XjYVWzuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAnoPn33
5vZaVvlOZ29hdf/axiEGMB8GA1UdIwQYMBaAFL3V6advGsTI5ReX7OmePc7s7nST
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4QS8zMTQ4REM5RTJE
RkYxMUVCODY4QTkxMzVDNEY5QUUwMi92ZFhwcDI4YXhNamxGNWZzNlo0OXp1enVk
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZkWHBwMjhheE1qbEY1ZnM2WjQ5enV6dWRKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFOEEvMzE0OERDOUUyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvMjY5RTBGNUE3
NEJCMTFFQkE2Qjg3MTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACYIPIwDQYJKoZIhvcNAQELBQADggEBAEFCMFRlmF7qfnnK
lhDbyG7bJCPr8A9emDaM/UfQHD/+RxsV7N0syYpK9ogTZmc5/16y+wyVin9Gp15y
z9+/zVbc6mqi1w9I14ML4vdtG0J9PBAx5mUIY97EvBOLwERViCN1eqN9lmfVlw4M
JBmfvHymEwnjmNJ3y4OikVAaCaAZI6SUhbXJX1d0XUJtO6wckY2rbWoLJJG3dqkl
MEfsxAAHDzHcJ/l3ajeQIn8SscxKgUAs//Y97HSLyh2y6aO+Y9UYMQe/a320u1Tx
JUncQfcuqZOh0lPv5Gm/Jsy34Dwr2BSKy9jsyIiUJAvg6+XzV/XAzNRC5rOagvln
5ICeqEI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:48:54 2025 by rpki-client