Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/14EF9456C2B111EBABFFA212C4F9AE02.roa
File: 14EF9456C2B111EBABFFA212C4F9AE02.roa (raw, json)
Hash identifier: Zie4lXLHmbKJty2dKSJZlNK1j0T3XikHm7V0x3Fn4d4=
Subject key identifier: 67:75:9C:20:D3:06:66:9D:50:1F:9F:4D:07:99:1B:38:A6:93:8A:C4
Certificate issuer: /CN=A918C661/serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32
Certificate serial: 07ED
Authority key identifier: 8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/14EF9456C2B111EBABFFA212C4F9AE02.roa
Signing time: Tue 08 Nov 2022 22:08:04 +0000
ROA not before: Tue 08 Nov 2022 22:08:04 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 38197
IP address blocks: 137.220.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2029 (0x7ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32
Validity
Not Before: Nov 8 22:08:04 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=636ad344-d411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:13:0f:08:5e:4c:3d:04:c3:0d:68:83:bf:47:
11:42:2a:c9:48:f5:f6:8e:36:63:e6:e1:03:e3:3b:
c8:4b:ca:a8:3e:06:cd:62:80:98:09:ee:86:d4:c0:
e2:ca:b7:d6:23:b3:e8:66:4f:bd:32:da:cf:f6:2e:
e6:7f:7a:4f:f3:16:74:7c:8d:9c:1f:0f:d4:d8:82:
fa:9f:a8:80:ff:13:36:ed:05:6f:21:37:c7:5c:07:
4f:9b:2c:03:cf:2b:90:d2:02:fa:88:35:40:22:d1:
84:bc:cc:eb:2a:4a:52:4e:82:fe:2e:36:69:25:8a:
a6:d7:7f:1c:1b:bc:a0:98:f4:3d:bc:34:80:33:f6:
29:39:a3:28:a2:6f:cc:f0:36:14:d6:4e:d4:50:f4:
d5:fc:50:e6:47:01:d3:07:6b:75:fa:77:69:00:0c:
0a:b7:ad:35:90:fb:41:01:ae:d2:d8:4f:fc:ac:ec:
d3:3c:6f:4d:ac:35:4c:3e:f8:7d:5f:d6:10:be:5e:
fa:54:40:4f:e2:af:d9:77:aa:9b:03:71:79:7b:24:
98:1d:ea:34:4e:eb:c5:68:f7:15:a7:9d:5e:84:e2:
e6:0f:75:83:3d:dc:0d:07:86:15:80:c2:b0:1a:37:
99:80:f7:97:31:0e:57:ab:fa:5a:12:e3:55:c1:15:
a0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:75:9C:20:D3:06:66:9D:50:1F:9F:4D:07:99:1B:38:A6:93:8A:C4
X509v3 Authority Key Identifier:
keyid:8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/14EF9456C2B111EBABFFA212C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
137.220.130.0/24
Signature Algorithm: sha256WithRSAEncryption
13:29:c2:63:a1:94:5d:91:20:24:89:cc:5a:1a:b4:4d:b9:33:
38:53:51:08:82:b9:0e:68:4e:fd:d6:20:05:11:6a:06:f7:4c:
ff:80:05:2f:65:fd:7c:4d:fb:fa:cd:9d:d4:9a:26:52:92:03:
34:8d:d9:7b:fc:43:8e:e4:51:b4:de:59:5b:85:bf:1a:e1:78:
f3:64:62:a4:fc:91:44:ce:20:a3:de:2b:06:da:3d:bd:8f:58:
55:1c:2f:6d:ea:39:0d:36:f8:31:38:3f:cd:9c:70:52:45:aa:
a7:ce:eb:66:c9:4f:9e:11:7b:2f:e6:62:77:d7:0d:56:7f:e3:
8e:af:1c:b5:f2:4c:41:a9:f1:0c:36:42:87:f6:72:b1:a9:6c:
b7:b8:4b:99:29:29:14:f1:93:48:c2:69:dc:2d:95:8c:db:d8:
3e:46:da:93:40:b3:06:59:f7:fe:d9:83:50:7a:0a:af:07:23:
b6:63:d7:25:f3:b2:34:5e:fc:a7:0a:86:a3:9c:3e:72:35:de:
90:45:37:5f:c2:ba:e7:fc:f4:c8:84:d4:c3:5e:0f:30:56:2d:
12:f7:8b:a9:14:fd:70:bd:a2:8f:e8:cb:26:53:c6:ed:fc:a8:
3c:a0:3a:17:cb:de:32:b5:88:7c:ee:f8:06:a1:36:bd:98:10:
c3:01:24:52
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB+0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDhCRjdFMjkzMENGQzZFRUI5MTZFNzM5MEY4OTNFMDEw
MEJBOTNCMzIwHhcNMjIxMTA4MjIwODA0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZhZDM0NC1kNDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0xMPCF5MPQTDDWiDv0cRQirJSPX2jjZj5uED4zvIS8qoPgbNYoCYCe6G1MDi
yrfWI7PoZk+9MtrP9i7mf3pP8xZ0fI2cHw/U2IL6n6iA/xM27QVvITfHXAdPmywD
zyuQ0gL6iDVAItGEvMzrKkpSToL+LjZpJYqm138cG7ygmPQ9vDSAM/YpOaMoom/M
8DYU1k7UUPTV/FDmRwHTB2t1+ndpAAwKt601kPtBAa7S2E/8rOzTPG9NrDVMPvh9
X9YQvl76VEBP4q/Zd6qbA3F5eySYHeo0TuvFaPcVp51ehOLmD3WDPdwNB4YVgMKw
GjeZgPeXMQ5Xq/paEuNVwRWgMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGd1nCDT
BmadUB+fTQeZGzimk4rEMB8GA1UdIwQYMBaAFIv34pMM/G7rkW5zkPiT4BALqTsy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wNEFBQjI5RTgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9pX2Zpa3d6OGJ1dVJibk9RLUpQZ0VBdXBP
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lfZmlrd3o4YnV1UmJuT1EtSlBnRUF1cE96SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMDRBQUIyOUU4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvMTRFRjk0NTZD
MkIxMTFFQkFCRkZBMjEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACJ3IIwDQYJKoZIhvcNAQELBQADggEBABMpwmOhlF2RICSJ
zFoatE25MzhTUQiCuQ5oTv3WIAURagb3TP+ABS9l/XxN+/rNndSaJlKSAzSN2Xv8
Q47kUbTeWVuFvxrhePNkYqT8kUTOIKPeKwbaPb2PWFUcL23qOQ02+DE4P82ccFJF
qqfO62bJT54Rey/mYnfXDVZ/446vHLXyTEGp8Qw2Qof2crGpbLe4S5kpKRTxk0jC
adwtlYzb2D5G2pNAswZZ9/7Zg1B6Cq8HI7Zj1yXzsjRe/KcKhqOcPnI13pBFN1/C
uuf89MiE1MNeDzBWLRL3i6kU/XC9oo/oyyZTxu38qDygOhfL3jK1iHzu+AahNr2Y
EMMBJFI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org