Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/9A56F024B6AC11EA83CA9C85C4F9AE02.roa
File: 9A56F024B6AC11EA83CA9C85C4F9AE02.roa (raw, json)
Hash identifier: Zb6VgoSO07bMbJJPUcxFR5hLUeMYh+yOiTjDYR6z2bQ=
Subject key identifier: B9:A9:5A:45:D3:E4:B4:30:40:1F:CE:D0:8A:04:18:F6:82:2D:56:54
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 0807
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/9A56F024B6AC11EA83CA9C85C4F9AE02.roa
Signing time: Tue 08 Nov 2022 22:08:06 +0000
ROA not before: Tue 08 Nov 2022 22:08:06 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 138570
IP address blocks: 1.32.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2055 (0x807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Nov 8 22:08:06 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=636ad346-013b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c8:a1:ae:9d:52:31:8d:4e:e5:0b:9a:9f:b9:
20:a5:5c:89:42:54:78:5b:b0:b0:cb:0a:e9:9a:8c:
45:16:4c:5b:5a:1e:0b:ff:7a:51:49:4f:4b:9f:68:
50:ca:e4:24:96:e7:02:c8:c7:e7:60:06:db:91:2b:
4d:1e:9b:54:49:46:43:5a:2e:55:f8:4c:ec:1a:f7:
64:cd:67:e4:4c:40:63:cc:ce:e4:1b:ca:e5:0a:fd:
b9:16:43:55:7a:d0:15:8d:7c:db:3f:4c:ed:c4:d7:
72:64:bd:86:7e:74:29:0d:4a:3f:3b:11:9e:4c:e1:
fb:41:c5:da:b2:12:7c:56:24:be:57:6e:73:6c:ae:
2d:0e:b8:8f:ab:4a:91:1e:85:dc:7b:89:cd:69:d1:
e6:cd:3f:e8:b3:e6:db:53:2b:5f:dd:53:ca:16:bf:
dd:e9:a3:fb:c4:ce:47:ac:77:60:38:7d:83:27:fc:
87:30:45:c4:dc:3e:d3:ab:1a:80:2e:1c:bc:93:de:
0c:5b:2e:70:f8:6d:3b:93:5c:8d:2f:90:0f:f9:f8:
e7:9c:b1:7e:4e:0a:c9:e5:61:5d:80:b9:42:5f:7f:
b1:9c:55:ce:dd:04:6a:94:4a:8f:b6:9d:f1:1e:3f:
66:a2:be:31:25:48:01:5b:99:56:fc:99:84:a4:e9:
fd:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A9:5A:45:D3:E4:B4:30:40:1F:CE:D0:8A:04:18:F6:82:2D:56:54
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/9A56F024B6AC11EA83CA9C85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.32.219.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:cb:cd:6e:84:ee:c3:91:46:6f:2a:a1:7e:4d:31:4f:b6:37:
8d:71:25:f7:1d:cd:0d:4c:0a:24:90:4c:95:d5:5a:68:3c:79:
c2:b9:ef:aa:09:95:6f:25:d5:a4:09:66:fc:91:3d:6a:b7:a5:
aa:8b:5f:6e:d2:07:7d:f9:16:30:f7:c2:05:f5:41:a2:a7:2b:
bd:9f:b2:46:07:f2:e9:58:02:df:bb:10:4f:76:b3:f5:a5:5f:
4e:de:47:af:c6:9b:e8:d8:47:7d:42:04:b4:8e:02:7d:5e:08:
33:97:67:96:8f:4a:47:b2:9a:15:25:26:86:b1:ad:13:80:ad:
68:2b:cf:3c:99:6c:dd:bc:9c:c0:12:1a:70:ac:62:9c:bb:5a:
54:6c:cc:78:99:9b:74:13:21:a1:be:19:4f:86:11:7f:69:15:
35:02:6e:2d:12:6b:fc:c0:27:5d:c3:21:3d:73:c6:1a:2a:b9:
91:4f:79:a8:bc:e5:8b:da:68:cb:4c:fa:48:a7:bd:37:72:5d:
fb:08:47:a0:88:5d:c4:95:92:82:46:e3:55:5b:3d:c6:2c:d7:
15:2d:61:2d:60:e0:4f:ab:53:d2:58:7f:61:57:16:8d:56:79:
cc:fe:ae:fb:e3:45:77:3e:97:bc:ca:f9:76:8d:83:68:60:6f:
c4:7b:7f:a3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjIxMTA4MjIwODA2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZhZDM0Ni0wMTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx8ihrp1SMY1O5Quan7kgpVyJQlR4W7CwywrpmoxFFkxbWh4L/3pRSU9Ln2hQ
yuQklucCyMfnYAbbkStNHptUSUZDWi5V+EzsGvdkzWfkTEBjzM7kG8rlCv25FkNV
etAVjXzbP0ztxNdyZL2GfnQpDUo/OxGeTOH7QcXashJ8ViS+V25zbK4tDriPq0qR
HoXce4nNadHmzT/os+bbUytf3VPKFr/d6aP7xM5HrHdgOH2DJ/yHMEXE3D7TqxqA
Lhy8k94MWy5w+G07k1yNL5AP+fjnnLF+TgrJ5WFdgLlCX3+xnFXO3QRqlEqPtp3x
Hj9mor4xJUgBW5lW/JmEpOn94QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLmpWkXT
5LQwQB/O0IoEGPaCLVZUMB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvOUE1NkYwMjRC
NkFDMTFFQTgzQ0E5Qzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAABINswDQYJKoZIhvcNAQELBQADggEBAHzLzW6E7sORRm8q
oX5NMU+2N41xJfcdzQ1MCiSQTJXVWmg8ecK576oJlW8l1aQJZvyRPWq3paqLX27S
B335FjD3wgX1QaKnK72fskYH8ulYAt+7EE92s/WlX07eR6/Gm+jYR31CBLSOAn1e
CDOXZ5aPSkeymhUlJoaxrROArWgrzzyZbN28nMASGnCsYpy7WlRszHiZm3QTIaG+
GU+GEX9pFTUCbi0Sa/zAJ13DIT1zxhoquZFPeai85YvaaMtM+kinvTdyXfsIR6CI
XcSVkoJG41VbPcYs1xUtYS1g4E+rU9JYf2FXFo1Wecz+rvvjRXc+l7zK+XaNg2hg
b8R7f6M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org