Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D6B7/1C16641C1D9711E296D0308008B02CD2/B8C4E09C3E1B11EBB769F759C4F9AE02.roa
File: B8C4E09C3E1B11EBB769F759C4F9AE02.roa (raw, json)
Hash identifier: lOeKFOpEvSW3fiI6yQLJc1ankb8YBJc5vZ0AYh2yy8g=
Subject key identifier: B6:83:F6:BD:C0:E6:F2:A6:8E:84:2D:FC:91:8F:AF:D1:7E:EA:5E:2B
Certificate issuer: /CN=A918D6B7/serialNumber=EEA8AE80D713E6B22DB0EC609157F0C59A52FD7F
Certificate serial: 30FA
Authority key identifier: EE:A8:AE:80:D7:13:E6:B2:2D:B0:EC:60:91:57:F0:C5:9A:52:FD:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7qiugNcT5rItsOxgkVfwxZpS_X8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D6B7/1C16641C1D9711E296D0308008B02CD2/B8C4E09C3E1B11EBB769F759C4F9AE02.roa
Signing time: Mon 14 Feb 2022 03:20:47 +0000
ROA not before: Mon 14 Feb 2022 03:20:47 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 45669
IP address blocks: 119.160.0.0/17 maxlen: 22
119.160.0.0/19 maxlen: 24
119.160.32.0/20 maxlen: 24
119.160.48.0/21 maxlen: 24
119.160.56.0/22 maxlen: 24
119.160.60.0/23 maxlen: 24
119.160.62.0/24 maxlen: 24
119.160.64.0/18 maxlen: 24
2404:3100::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12538 (0x30fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D6B7/serialNumber=EEA8AE80D713E6B22DB0EC609157F0C59A52FD7F
Validity
Not Before: Feb 14 03:20:47 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6209ca8f-3bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:5f:91:ee:e3:0a:a6:18:c1:aa:d3:29:7c:96:
4e:0d:47:5b:8d:1b:35:ba:a1:61:b3:d4:69:f3:ff:
c3:8c:ca:72:36:86:28:13:12:38:46:ef:d5:a0:25:
3a:da:59:2e:a7:14:69:a9:f8:fe:b3:04:54:4c:3d:
d1:37:f4:c1:70:4c:49:b6:24:bf:10:82:7a:90:1e:
3c:49:0e:2d:df:4f:03:9f:4b:98:16:e6:37:3c:b3:
2a:bb:34:c4:21:6a:0a:f4:74:e1:f1:79:d9:4c:e0:
12:f3:29:03:28:81:82:d4:63:d7:fe:a4:7d:cf:3e:
98:bd:ff:14:f7:5c:9c:f6:72:06:77:68:e5:ab:42:
b2:7b:87:fa:53:f5:99:93:f9:d7:85:a6:a9:0a:87:
75:35:d1:e5:35:44:dd:25:c3:a3:25:29:9d:ca:f9:
8f:35:95:37:72:ab:b2:86:ef:8f:9c:84:55:b5:b1:
7f:5b:ee:aa:ec:25:16:88:ef:93:f6:19:ab:8a:b6:
25:9a:0d:68:b3:a8:ef:47:26:07:96:55:5d:09:a3:
44:0f:83:8b:bd:71:0d:1c:c6:86:57:e0:35:04:c2:
03:69:36:e7:4e:bb:c7:4e:27:71:19:d0:60:de:37:
42:33:87:8e:f0:64:fe:47:7a:50:92:b5:17:1e:e0:
38:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:83:F6:BD:C0:E6:F2:A6:8E:84:2D:FC:91:8F:AF:D1:7E:EA:5E:2B
X509v3 Authority Key Identifier:
keyid:EE:A8:AE:80:D7:13:E6:B2:2D:B0:EC:60:91:57:F0:C5:9A:52:FD:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D6B7/1C16641C1D9711E296D0308008B02CD2/7qiugNcT5rItsOxgkVfwxZpS_X8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7qiugNcT5rItsOxgkVfwxZpS_X8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D6B7/1C16641C1D9711E296D0308008B02CD2/B8C4E09C3E1B11EBB769F759C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.160.0.0/17
IPv6:
2404:3100::/32
Signature Algorithm: sha256WithRSAEncryption
b0:3a:dc:28:e0:ed:02:c4:68:84:f4:e0:a9:cc:67:27:08:49:
90:cf:48:1c:18:10:ea:11:67:9f:ff:a7:47:9c:89:a5:68:5a:
b7:99:e4:95:a5:b8:28:ee:53:c7:61:86:b6:f8:a1:a8:a3:1e:
66:76:a4:5c:08:03:67:2c:fa:fd:02:f2:f4:1b:79:0f:58:92:
62:64:ba:55:e4:68:24:37:14:1f:2b:fc:f0:86:7f:a2:dd:b8:
e2:04:b7:f3:f5:e2:fd:4b:74:70:3b:a5:2f:f4:b2:d7:9d:9d:
16:cd:fd:8e:de:dd:db:86:9e:8a:2c:13:ba:a3:da:8d:f8:13:
00:3f:40:57:ef:74:b8:f3:a0:7d:20:4d:b1:48:7f:70:fb:a6:
e2:31:0f:fc:20:80:94:60:5c:65:82:9b:e4:76:37:3f:14:61:
0d:0e:3a:f7:b7:21:4a:15:38:1d:83:5e:c9:70:ad:8d:ca:20:
1f:9b:4b:b8:09:e3:8f:83:02:6c:9e:cb:d9:ad:44:d3:d0:d7:
ab:fa:36:1b:04:2c:80:e2:67:f5:12:1c:ef:ae:ad:4d:92:10:
59:03:23:8a:ae:de:3b:1b:a9:f7:5e:9e:61:36:05:c8:14:50:
1a:2a:1c:e6:3d:b6:bb:47:c6:69:f0:ec:23:f7:bd:d7:df:17:
07:f1:c5:2e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICMPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ2QjcxMTAvBgNVBAUTKEVFQThBRTgwRDcxM0U2QjIyREIwRUM2MDkxNTdGMEM1
OUE1MkZEN0YwHhcNMjIwMjE0MDMyMDQ3WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA5Y2E4Zi0zYmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7l+R7uMKphjBqtMpfJZODUdbjRs1uqFhs9Rp8//DjMpyNoYoExI4Ru/VoCU6
2lkupxRpqfj+swRUTD3RN/TBcExJtiS/EIJ6kB48SQ4t308Dn0uYFuY3PLMquzTE
IWoK9HTh8XnZTOAS8ykDKIGC1GPX/qR9zz6Yvf8U91yc9nIGd2jlq0Kye4f6U/WZ
k/nXhaapCod1NdHlNUTdJcOjJSmdyvmPNZU3cquyhu+PnIRVtbF/W+6q7CUWiO+T
9hmrirYlmg1os6jvRyYHllVdCaNED4OLvXENHMaGV+A1BMIDaTbnTrvHTidxGdBg
3jdCM4eO8GT+R3pQkrUXHuA4nQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLaD9r3A
5vKmjoQt/JGPr9F+6l4rMB8GA1UdIwQYMBaAFO6oroDXE+ayLbDsYJFX8MWaUv1/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDZCNy8xQzE2NjQxQzFE
OTcxMUUyOTZEMDMwODAwOEIwMkNEMi83cWl1Z05jVDVySXRzT3hna1Zmd3hacFNf
WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdxaXVnTmNUNXJJdHNPeGdrVmZ3eFpwU19YOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ2QjcvMUMxNjY0MUMxRDk3MTFFMjk2RDAzMDgwMDhCMDJDRDIvQjhDNEUwOUMz
RTFCMTFFQkI3NjlGNzU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAd3oAAwDQQCAAIwBwMFACQEMQAwDQYJKoZIhvcNAQELBQAD
ggEBALA63Cjg7QLEaIT04KnMZycISZDPSBwYEOoRZ5//p0eciaVoWreZ5JWluCju
U8dhhrb4oaijHmZ2pFwIA2cs+v0C8vQbeQ9YkmJkulXkaCQ3FB8r/PCGf6LduOIE
t/P14v1LdHA7pS/0stednRbN/Y7e3duGnoosE7qj2o34EwA/QFfvdLjzoH0gTbFI
f3D7puIxD/wggJRgXGWCm+R2Nz8UYQ0OOve3IUoVOB2DXslwrY3KIB+bS7gJ44+D
Amyey9mtRNPQ16v6NhsELIDiZ/USHO+urU2SEFkDI4qu3jsbqfdenmE2BcgUUBoq
HOY9trtHxmnw7CP3vdffFwfxxS4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:50 2023 by rpki-client on console-fra.rpki-client.org