Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A7FEB628456E11EDAB57D384C4F9AE02.roa
File: A7FEB628456E11EDAB57D384C4F9AE02.roa (raw, json)
Hash identifier: y7KdKaLsqufdvdPhVD4K0gIuG4c/Y7OeJTNgdVlQcXk=
Subject key identifier: F6:B4:97:E3:7B:EB:79:30:19:83:BA:9A:15:F7:AC:63:48:30:02:63
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5E3D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A7FEB628456E11EDAB57D384C4F9AE02.roa
Signing time: Thu 06 Oct 2022 12:01:49 +0000
ROA not before: Thu 06 Oct 2022 12:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137409
IP address blocks: 139.5.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24125 (0x5e3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 6 12:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=633ec3ac-6560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:89:60:e4:a7:2e:20:f2:93:53:c0:c4:4e:a4:
72:23:93:b5:2b:e4:94:eb:e5:64:83:94:bd:39:f8:
ad:2d:2f:f2:31:df:63:2b:3d:71:fa:23:6a:37:cd:
af:00:5b:fe:63:5c:51:87:41:91:b0:64:15:f5:7c:
da:a0:2a:05:f8:e0:11:53:17:4c:ec:ca:57:db:e6:
e9:98:07:6f:05:5d:11:1d:54:c9:3f:b8:99:cd:e4:
d2:17:30:71:8d:f7:57:11:5d:3b:e3:ba:36:c3:7c:
70:eb:dd:5d:bf:d1:99:4c:09:e1:f4:00:62:6b:20:
58:75:d9:d6:83:9d:b8:19:f9:41:13:4c:c1:e4:f1:
1c:dc:77:33:eb:e7:0b:aa:e2:04:02:da:2f:99:ab:
36:c1:f3:76:8a:25:07:3c:b9:7b:99:12:86:f3:aa:
6c:d9:6e:80:18:58:30:fd:b5:7e:67:b4:ff:79:cd:
6d:13:56:59:28:98:f3:5e:19:2e:cf:c0:6a:e1:2e:
b1:40:8f:fb:57:21:da:f4:a5:8c:b2:a3:f4:a1:fc:
84:11:4f:be:ed:10:a8:3b:a1:a5:ae:77:72:a2:67:
6a:af:22:74:f8:7a:59:9a:f6:52:d9:73:46:ad:69:
5f:a1:1f:51:2c:7d:ed:9d:a4:ee:d2:5a:5c:6a:ea:
f5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B4:97:E3:7B:EB:79:30:19:83:BA:9A:15:F7:AC:63:48:30:02:63
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A7FEB628456E11EDAB57D384C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.5.232.0/22
Signature Algorithm: sha256WithRSAEncryption
01:60:34:16:b5:b3:e5:63:be:f5:35:ed:67:35:71:6f:93:a9:
fe:a8:58:d6:84:17:a7:e6:a0:e6:01:32:6e:f1:ae:27:a3:73:
8f:40:09:87:73:83:ba:b9:5d:69:e1:c4:e0:e1:1d:c0:ac:25:
9b:d5:be:10:bf:66:77:b7:eb:1d:88:98:4f:75:c6:63:f4:a5:
b7:f5:ca:d9:5d:c4:7f:d2:77:88:23:7d:63:61:20:1b:7f:18:
db:34:4a:76:b8:a3:a2:91:c7:bd:b5:11:f4:3e:6e:e6:27:d4:
7d:6e:87:da:5e:e1:ee:58:35:6d:d3:6a:6f:9c:1f:b7:3e:a9:
1a:f5:32:e5:ab:fa:aa:1c:11:24:5a:25:01:0b:c6:4c:3e:6c:
6b:b1:98:a1:fa:a5:89:e6:18:e1:57:21:ad:c8:8c:bb:16:1b:
50:d8:91:8a:21:be:fe:42:3a:ae:48:e8:86:95:69:cb:a5:b5:
d1:50:9c:5c:49:00:19:06:98:28:cc:76:20:7b:d8:f8:b1:68:
7d:54:47:44:0b:32:c5:76:8e:be:c2:f7:8e:36:e0:ee:68:98:
53:0c:e6:bf:37:eb:6c:03:9d:23:6b:51:3f:07:08:22:d9:71:
fb:28:44:2e:fb:fb:a0:96:82:0c:9e:fa:fa:66:06:0f:9b:cf:
2c:43:1b:11
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICXj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMDA2MTIwMTQ5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNlYzNhYy02NTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl4lg5KcuIPKTU8DETqRyI5O1K+SU6+Vkg5S9OfitLS/yMd9jKz1x+iNqN82v
AFv+Y1xRh0GRsGQV9XzaoCoF+OARUxdM7MpX2+bpmAdvBV0RHVTJP7iZzeTSFzBx
jfdXEV0747o2w3xw691dv9GZTAnh9ABiayBYddnWg524GflBE0zB5PEc3Hcz6+cL
quIEAtovmas2wfN2iiUHPLl7mRKG86ps2W6AGFgw/bV+Z7T/ec1tE1ZZKJjzXhku
z8Bq4S6xQI/7VyHa9KWMsqP0ofyEEU++7RCoO6GlrndyomdqryJ0+HpZmvZS2XNG
rWlfoR9RLH3tnaTu0lpcaur1owIDAQABo4IClTCCApEwHQYDVR0OBBYEFPa0l+N7
63kwGYO6mhX3rGNIMAJjMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQTdGRUI2Mjg0
NTZFMTFFREFCNTdEMzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLBegwDQYJKoZIhvcNAQELBQADggEBAAFgNBa1s+VjvvU1
7Wc1cW+Tqf6oWNaEF6fmoOYBMm7xriejc49ACYdzg7q5XWnhxODhHcCsJZvVvhC/
Zne36x2ImE91xmP0pbf1ytldxH/Sd4gjfWNhIBt/GNs0Sna4o6KRx721EfQ+buYn
1H1uh9pe4e5YNW3Tam+cH7c+qRr1MuWr+qocESRaJQELxkw+bGuxmKH6pYnmGOFX
Ia3IjLsWG1DYkYohvv5COq5I6IaVacultdFQnFxJABkGmCjMdiB72PixaH1UR0QL
MsV2jr7C94424O5omFMM5r8362wDnSNrUT8HCCLZcfsoRC77+6CWggye+vpmBg+b
zyxDGxE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org