Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/A2EBEB0E7A4011EDB2649A3BC4F9AE02.roa
File: A2EBEB0E7A4011EDB2649A3BC4F9AE02.roa (raw, json)
Hash identifier: YB24jHLzOxZ5wkg4Dr8fdqlwgkC/dMng+lnKscYJsHo=
Subject key identifier: 5A:BB:F8:18:8D:2E:73:4A:87:EB:F4:08:23:6C:EA:43:10:AB:3A:D6
Certificate issuer: /CN=A918D0AA/serialNumber=60BADC042C377B86C0DC9EEB89512725CE3E2336
Certificate serial: 02
Authority key identifier: 60:BA:DC:04:2C:37:7B:86:C0:DC:9E:EB:89:51:27:25:CE:3E:23:36
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YLrcBCw3e4bA3J7riVEnJc4-IzY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/A2EBEB0E7A4011EDB2649A3BC4F9AE02.roa
Signing time: Mon 12 Dec 2022 17:15:55 +0000
ROA not before: Mon 12 Dec 2022 17:15:55 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 703
IP address blocks: 152.91.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D0AA/serialNumber=60BADC042C377B86C0DC9EEB89512725CE3E2336
Validity
Not Before: Dec 12 17:15:55 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=639761cb-bc3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:86:7a:79:3c:44:5f:d3:18:ff:23:a4:44:
f6:28:bf:d8:bc:6a:50:9c:7c:58:ed:ab:63:3b:b9:
85:7d:71:43:72:f8:0b:33:44:5a:5a:37:48:4a:87:
31:77:b9:8b:62:16:6b:02:b2:bd:c2:1f:df:da:76:
e0:56:bb:4a:04:88:80:16:21:06:5d:e2:3a:b5:0e:
fb:9e:cd:54:ef:82:84:3e:a0:eb:4d:45:8d:8e:d4:
bd:37:3c:20:0a:34:55:58:2e:66:50:18:8f:27:03:
00:20:d4:9a:18:18:fc:82:78:80:6e:42:67:a7:99:
cf:51:b3:9e:0d:f9:bd:62:b8:b4:96:f6:c8:16:56:
46:00:37:82:51:04:2c:76:2d:da:0b:86:95:0b:74:
ec:63:43:78:0f:7f:ca:c3:6a:8c:41:95:e6:93:c7:
76:88:18:f0:87:a8:d9:53:f1:bf:68:2f:10:c7:7f:
d4:be:2d:a2:8f:a1:3a:0a:a9:05:55:78:f3:b1:19:
62:a8:b2:03:7a:8d:60:aa:af:61:e3:53:5f:5b:a4:
1b:2d:c8:81:59:6c:27:11:b0:44:cb:fb:83:d6:dd:
d5:2b:24:9a:bb:52:d7:58:9c:f9:85:54:c6:75:21:
2e:50:c2:7f:8e:66:d9:0e:cb:01:0d:f8:da:65:a9:
e7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BB:F8:18:8D:2E:73:4A:87:EB:F4:08:23:6C:EA:43:10:AB:3A:D6
X509v3 Authority Key Identifier:
keyid:60:BA:DC:04:2C:37:7B:86:C0:DC:9E:EB:89:51:27:25:CE:3E:23:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/YLrcBCw3e4bA3J7riVEnJc4-IzY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YLrcBCw3e4bA3J7riVEnJc4-IzY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0AA/2C75FEC87A3C11ED861B2933C4F9AE02/A2EBEB0E7A4011EDB2649A3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.91.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:20:71:4d:4d:98:4a:ee:83:f3:dd:57:22:2a:b4:00:95:a8:
03:8a:c9:80:69:82:f9:2e:b7:4e:c1:79:5e:8d:dc:f4:28:d2:
18:25:e9:20:2b:44:c0:da:3b:c0:27:c5:1d:2a:5f:31:1b:40:
9a:70:7b:46:e1:6b:be:b0:af:6a:cb:aa:9d:77:5b:e1:ff:94:
81:7b:17:9d:f3:52:4c:51:3a:c6:d0:d2:93:b2:c7:3e:5f:1f:
4a:35:1a:ce:54:cf:57:1f:37:e8:a5:9c:1a:bb:d6:88:d6:51:
e0:c9:3f:63:06:f9:c6:cb:b1:4b:85:e4:08:33:f3:81:ad:32:
20:ef:bd:48:62:78:fb:71:84:61:e5:df:5d:4d:47:f0:79:62:
dc:38:28:b0:67:69:57:9a:b2:82:fe:b4:a0:37:4e:36:9d:2a:
e5:4d:4e:18:bb:8e:3d:e1:fc:55:63:dc:a3:fc:03:a2:99:6c:
2c:2a:32:ac:b3:2d:df:11:69:e9:8a:41:69:08:60:cc:53:34:
b0:7f:e2:66:70:84:bb:cf:58:8c:3b:f8:9d:c3:e9:f4:84:41:
90:fd:49:b5:ca:25:e9:f5:4e:01:7f:71:83:9f:bf:46:97:37:
46:0e:7f:4f:55:0b:f6:63:9b:b3:c6:43:a2:d9:32:da:af:7c:
04:65:7a:97
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
RDBBQTExMC8GA1UEBRMoNjBCQURDMDQyQzM3N0I4NkMwREM5RUVCODk1MTI3MjVD
RTNFMjMzNjAeFw0yMjEyMTIxNzE1NTVaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzOTc2MWNiLWJjM2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGw4Z6eTxEX9MY/yOkRPYov9i8alCcfFjtq2M7uYV9cUNy+AszRFpaN0hKhzF3
uYtiFmsCsr3CH9/aduBWu0oEiIAWIQZd4jq1DvuezVTvgoQ+oOtNRY2O1L03PCAK
NFVYLmZQGI8nAwAg1JoYGPyCeIBuQmenmc9Rs54N+b1iuLSW9sgWVkYAN4JRBCx2
LdoLhpULdOxjQ3gPf8rDaoxBleaTx3aIGPCHqNlT8b9oLxDHf9S+LaKPoToKqQVV
ePOxGWKosgN6jWCqr2HjU19bpBstyIFZbCcRsETL+4PW3dUrJJq7UtdYnPmFVMZ1
IS5Qwn+OZtkOywEN+NplqeeLAgMBAAGjggKUMIICkDAdBgNVHQ4EFgQUWrv4GI0u
c0qH6/QII2zqQxCrOtYwHwYDVR0jBBgwFoAUYLrcBCw3e4bA3J7riVEnJc4+IzYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThEMEFBLzJDNzVGRUM4N0Ez
QzExRUQ4NjFCMjkzM0M0RjlBRTAyL1lMcmNCQ3czZTRiQTNKN3JpVkVuSmM0LUl6
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWUxyY0JDdzNlNGJBM0o3cmlWRW5KYzQtSXpZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RDBBQS8yQzc1RkVDODdBM0MxMUVEODYxQjI5MzNDNEY5QUUwMi9BMkVCRUIwRTdB
NDAxMUVEQjI2NDlBM0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAJhbMA0GCSqGSIb3DQEBCwUAA4IBAQA/IHFNTZhK7oPz3Vci
KrQAlagDismAaYL5LrdOwXlejdz0KNIYJekgK0TA2jvAJ8UdKl8xG0CacHtG4Wu+
sK9qy6qdd1vh/5SBexed81JMUTrG0NKTssc+Xx9KNRrOVM9XHzfopZwau9aI1lHg
yT9jBvnGy7FLheQIM/OBrTIg771IYnj7cYRh5d9dTUfweWLcOCiwZ2lXmrKC/rSg
N042nSrlTU4Yu4494fxVY9yj/AOimWwsKjKssy3fEWnpikFpCGDMUzSwf+JmcIS7
z1iMO/idw+n0hEGQ/Um1yiXp9U4Bf3GDn79GlzdGDn9PVQv2Y5uzxkOi2TLar3wE
ZXqX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:47 2023 by rpki-client on console-ams.rpki-client.org