Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/74B4B248563D11ECB4E7F20BC4F9AE02.roa
File: 74B4B248563D11ECB4E7F20BC4F9AE02.roa (raw, json)
Hash identifier: 2sYhKgjEV3gMCDYqMCKQibkyJewEyum7aqO71J4Q9xA=
Subject key identifier: 30:70:DA:34:F7:16:08:7E:2C:A1:15:D7:10:2B:05:71:55:E5:D7:E6
Certificate issuer: /CN=A918C661/serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32
Certificate serial: 07EE
Authority key identifier: 8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/74B4B248563D11ECB4E7F20BC4F9AE02.roa
Signing time: Tue 08 Nov 2022 22:08:05 +0000
ROA not before: Tue 08 Nov 2022 22:08:05 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 64050
IP address blocks: 134.122.128.0/17 maxlen: 24
137.220.128.0/17 maxlen: 24
143.92.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2030 (0x7ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=8BF7E2930CFC6EEB916E7390F893E0100BA93B32
Validity
Not Before: Nov 8 22:08:05 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=636ad345-8a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d5:88:90:20:00:68:b9:23:b8:d1:fd:01:05:
5d:8e:30:02:3c:ad:6c:b6:5f:53:b4:74:72:c7:f7:
a1:a0:e3:6e:7b:86:11:bf:7f:38:7c:68:77:f0:13:
0c:7b:55:4f:67:a4:a3:35:7d:eb:10:17:5d:21:9c:
89:1c:10:47:20:e6:4f:58:5a:dc:b5:cb:cb:c8:f7:
a1:c1:d3:7a:5e:04:e7:79:2d:f7:cf:dc:00:c3:ef:
8f:43:3a:9a:2a:f9:e5:d3:48:8b:cb:97:ae:d8:51:
02:f5:71:38:6a:52:a7:7d:81:82:46:19:b7:bf:82:
20:5b:37:76:b5:87:10:61:bf:48:20:7c:c6:e9:c9:
19:69:56:62:56:39:05:56:5a:f4:44:63:04:ab:9f:
5e:1b:6b:12:76:63:47:26:a5:71:fd:72:83:bc:ee:
4b:0a:87:98:78:61:fa:17:9d:7c:2a:9d:a8:6f:c4:
83:b4:2f:f0:1c:7e:c8:0e:4e:a4:73:70:ac:69:1f:
8c:b6:90:8c:84:63:35:56:20:94:4d:7a:ae:6a:1d:
85:5c:a5:94:b9:38:bf:ad:21:ab:b9:22:d5:cb:8b:
9c:1f:8d:ad:7f:09:81:c9:e6:d9:14:48:77:13:70:
be:77:86:04:1b:51:2d:7d:36:ec:8c:8e:b1:21:2b:
80:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:70:DA:34:F7:16:08:7E:2C:A1:15:D7:10:2B:05:71:55:E5:D7:E6
X509v3 Authority Key Identifier:
keyid:8B:F7:E2:93:0C:FC:6E:EB:91:6E:73:90:F8:93:E0:10:0B:A9:3B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/i_fikwz8buuRbnOQ-JPgEAupOzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i_fikwz8buuRbnOQ-JPgEAupOzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/04AAB29E836D11EAB4A2D76DC4F9AE02/74B4B248563D11ECB4E7F20BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
134.122.128.0/17
137.220.128.0/17
143.92.32.0/20
Signature Algorithm: sha256WithRSAEncryption
93:8f:4f:29:7d:74:b2:ed:c4:f9:e8:14:25:40:92:f2:6f:ba:
a4:aa:9b:06:69:0f:0c:bf:3f:0c:98:c2:df:95:e0:af:8a:f8:
03:5e:23:ce:53:00:ec:df:c9:d8:37:2d:2c:9a:b2:ef:f8:c9:
6f:79:bb:9a:ab:45:40:f0:3f:dd:cd:b4:a2:69:c0:1c:da:f8:
5c:d3:2e:5a:eb:79:3e:74:a8:2c:41:2d:8a:95:32:91:27:f6:
76:74:db:3b:b5:cd:a9:aa:be:7a:d3:2f:04:b4:5b:da:7f:94:
39:74:da:1e:ef:1b:fa:d5:49:e3:83:a7:2f:ee:8a:0b:4c:b2:
5c:13:2e:23:67:29:a7:e5:f9:08:67:36:65:a1:07:7d:d6:ac:
5e:ea:e6:b6:7d:6d:e1:c0:6f:6f:85:76:9e:d8:a5:ed:0c:62:
81:26:82:a6:28:35:0a:31:67:55:d7:7c:c5:e0:d4:7e:d2:e6:
77:9d:8a:b8:f6:26:e1:b1:1b:47:b6:85:88:68:bf:39:08:fd:
0b:ec:df:b8:e8:89:d2:aa:61:05:e0:8e:61:21:63:20:7b:d6:
e5:ea:31:1f:d6:d7:29:f3:c4:f7:bc:64:f6:9d:8c:4a:6b:d8:
e2:be:37:6e:d8:de:66:5c:59:7e:0d:c8:ff:a3:22:57:24:cf:
e2:69:5b:00
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICB+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDhCRjdFMjkzMENGQzZFRUI5MTZFNzM5MEY4OTNFMDEw
MEJBOTNCMzIwHhcNMjIxMTA4MjIwODA1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZhZDM0NS04YTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsdWIkCAAaLkjuNH9AQVdjjACPK1stl9TtHRyx/ehoONue4YRv384fGh38BMM
e1VPZ6SjNX3rEBddIZyJHBBHIOZPWFrctcvLyPehwdN6XgTneS33z9wAw++PQzqa
Kvnl00iLy5eu2FEC9XE4alKnfYGCRhm3v4IgWzd2tYcQYb9IIHzG6ckZaVZiVjkF
Vlr0RGMEq59eG2sSdmNHJqVx/XKDvO5LCoeYeGH6F518Kp2ob8SDtC/wHH7IDk6k
c3CsaR+MtpCMhGM1ViCUTXquah2FXKWUuTi/rSGruSLVy4ucH42tfwmByebZFEh3
E3C+d4YEG1EtfTbsjI6xISuAvQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDBw2jT3
Fgh+LKEV1xArBXFV5dfmMB8GA1UdIwQYMBaAFIv34pMM/G7rkW5zkPiT4BALqTsy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wNEFBQjI5RTgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9pX2Zpa3d6OGJ1dVJibk9RLUpQZ0VBdXBP
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lfZmlrd3o4YnV1UmJuT1EtSlBnRUF1cE96SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMDRBQUIyOUU4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvNzRCNEIyNDg1
NjNEMTFFQ0I0RTdGMjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAeGeoADBAeJ3IADBASPXCAwDQYJKoZIhvcNAQELBQADggEB
AJOPTyl9dLLtxPnoFCVAkvJvuqSqmwZpDwy/PwyYwt+V4K+K+ANeI85TAOzfydg3
LSyasu/4yW95u5qrRUDwP93NtKJpwBza+FzTLlrreT50qCxBLYqVMpEn9nZ02zu1
zamqvnrTLwS0W9p/lDl02h7vG/rVSeODpy/uigtMslwTLiNnKafl+QhnNmWhB33W
rF7q5rZ9beHAb2+Fdp7Ype0MYoEmgqYoNQoxZ1XXfMXg1H7S5nedirj2JuGxG0e2
hYhovzkI/Qvs37joidKqYQXgjmEhYyB71uXqMR/W1ynzxPe8ZPadjEpr2OK+N27Y
3mZcWX4NyP+jIlckz+JpWwA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org