Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/656211F0DBA711EDADA71C28C4F9AE02.roa
File: 656211F0DBA711EDADA71C28C4F9AE02.roa (raw, json)
Hash identifier: Rwhlm2B8Dwp4fsKu7EAIzgcZOCCjT4dySkmZfkx6/Kw=
Subject key identifier: 13:91:BE:25:1F:8F:BB:C7:ED:3D:65:BF:83:C3:5C:5B:BC:71:CF:6A
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: A7
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/656211F0DBA711EDADA71C28C4F9AE02.roa
Signing time: Mon 24 Apr 2023 00:46:40 +0000
ROA not before: Mon 24 Apr 2023 00:46:40 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 49999
IP address blocks: 218.33.64.0/22 maxlen: 24
218.33.68.0/22 maxlen: 24
218.33.104.0/22 maxlen: 24
218.33.112.0/22 maxlen: 24
218.33.116.0/22 maxlen: 24
218.33.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167 (0xa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Apr 24 00:46:40 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6445d16f-154b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:08:9c:39:34:0a:20:ad:d8:11:14:5e:76:
97:a0:ab:ad:08:b8:8f:dc:ae:31:57:72:b7:9d:2f:
cb:5f:ae:ef:22:8f:3f:c0:f1:e3:a3:ab:9f:cd:e3:
cb:6d:9d:f1:68:20:11:6d:32:84:57:91:b0:3e:42:
6b:76:eb:bb:5c:1e:11:f8:00:a2:a3:6a:da:27:28:
93:00:8e:b5:43:15:5c:f9:66:74:52:ec:46:21:3d:
dd:93:1f:bc:7c:e5:f1:b7:09:e5:ef:e9:41:13:31:
f2:af:6e:9f:a7:50:2e:cc:57:8d:0e:a5:86:da:db:
21:fc:29:03:69:38:d4:24:e2:d8:a2:e9:af:56:54:
42:c2:da:63:51:38:07:31:c0:c5:8c:cd:5b:da:bd:
e6:e0:91:8d:2d:0c:2d:78:d6:13:8e:7f:bf:38:23:
b8:73:63:88:1d:d3:47:9e:22:24:fe:f8:5b:9f:b2:
da:94:d0:fa:6f:fb:36:da:08:af:9e:b8:a6:85:b9:
45:d5:98:5b:8c:11:18:53:63:be:08:c9:f0:96:1f:
4a:72:d1:35:bb:71:af:45:75:e9:ce:f0:3a:5e:ed:
26:3d:8e:67:fe:0f:12:fc:19:0f:d1:c1:97:bb:fd:
8c:83:9d:4a:91:d1:54:00:83:14:23:a9:8e:c0:20:
b4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:91:BE:25:1F:8F:BB:C7:ED:3D:65:BF:83:C3:5C:5B:BC:71:CF:6A
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/656211F0DBA711EDADA71C28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.64.0/21
218.33.104.0/22
218.33.112.0/21
218.33.124.0/22
Signature Algorithm: sha256WithRSAEncryption
07:a3:46:82:75:48:a7:2b:c7:94:f7:bc:2e:b7:5c:ee:09:c9:
44:64:d6:c5:36:fb:d6:79:fe:67:19:5d:5f:ec:c7:d3:20:bd:
8b:31:cd:46:e5:b6:74:2c:73:42:ca:ac:32:c5:cf:30:87:d9:
e9:a2:d8:97:53:9b:89:f9:f4:21:c4:15:e6:ee:e2:fe:6a:fd:
00:05:72:75:73:94:c5:9e:86:3d:72:0d:0d:75:33:aa:6e:1a:
6f:fd:d9:61:d0:b6:53:8b:ad:9f:30:25:05:40:53:6d:f3:ef:
04:b0:46:9d:ac:17:40:6a:92:67:19:fa:59:00:43:bf:23:ec:
0e:7b:9a:95:b6:5f:db:38:60:9c:d0:22:c6:43:19:b4:1f:b7:
30:59:d1:b7:7b:73:0c:79:61:06:78:1b:f6:f6:a6:26:5b:c0:
01:bc:80:93:71:bc:1a:d5:3c:2a:47:c6:61:6d:52:70:db:6f:
48:58:76:ce:35:9b:31:79:76:03:a0:f5:04:45:89:e3:45:f2:
7c:d2:b8:97:80:41:2e:a1:4c:db:d5:d5:93:20:16:2b:c0:b6:
a8:c4:7b:3a:77:d8:6e:81:12:c9:61:6b:d1:c9:78:f1:d1:40:
e1:24:fc:e9:c0:c6:9b:5b:02:1a:3c:53:a7:71:e8:e8:80:f3:
ad:ff:68:ed
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjMwNDI0MDA0NjQwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQ1ZDE2Zi0xNTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApk8InDk0CiCt2BEUXnaXoKutCLiP3K4xV3K3nS/LX67vIo8/wPHjo6ufzePL
bZ3xaCARbTKEV5GwPkJrduu7XB4R+ACio2raJyiTAI61QxVc+WZ0UuxGIT3dkx+8
fOXxtwnl7+lBEzHyr26fp1AuzFeNDqWG2tsh/CkDaTjUJOLYoumvVlRCwtpjUTgH
McDFjM1b2r3m4JGNLQwteNYTjn+/OCO4c2OIHdNHniIk/vhbn7LalND6b/s22giv
nrimhblF1ZhbjBEYU2O+CMnwlh9KctE1u3GvRXXpzvA6Xu0mPY5n/g8S/BkP0cGX
u/2Mg51KkdFUAIMUI6mOwCC0/wIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFBORviUf
j7vH7T1lv4PDXFu8cc9qMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvNjU2MjExRjBE
QkE3MTFFREFEQTcxQzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAPaIUADBALaIWgDBAPaIXADBALaIXwwDQYJKoZIhvcNAQEL
BQADggEBAAejRoJ1SKcrx5T3vC63XO4JyURk1sU2+9Z5/mcZXV/sx9MgvYsxzUbl
tnQsc0LKrDLFzzCH2emi2JdTm4n59CHEFebu4v5q/QAFcnVzlMWehj1yDQ11M6pu
Gm/92WHQtlOLrZ8wJQVAU23z7wSwRp2sF0BqkmcZ+lkAQ78j7A57mpW2X9s4YJzQ
IsZDGbQftzBZ0bd7cwx5YQZ4G/b2piZbwAG8gJNxvBrVPCpHxmFtUnDbb0hYds41
mzF5dgOg9QRFieNF8nzSuJeAQS6hTNvV1ZMgFivAtqjEezp32G6BEslha9HJePHR
QOEk/OnAxptbAho8U6dx6OiA863/aO0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org