Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/7513013E29CE11EEB7EBE749C4F9AE02.roa
File: 7513013E29CE11EEB7EBE749C4F9AE02.roa (raw, json)
Hash identifier: ONogtPkzyuMddSSmzp//mMfzeIoHHzS1b0LYIhn1iOM=
Subject key identifier: 44:0E:A8:39:44:B5:D0:7D:89:40:C2:F8:E2:69:90:55:93:34:8C:6D
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: E9
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/7513013E29CE11EEB7EBE749C4F9AE02.roa
Signing time: Mon 24 Jul 2023 03:02:00 +0000
ROA not before: Mon 24 Jul 2023 03:02:00 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 49999
IP address blocks: 218.33.112.0/22 maxlen: 24
218.33.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233 (0xe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Jul 24 03:02:00 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64bde9a8-3592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b0:70:52:5a:56:64:10:45:b4:f7:e8:00:f2:
e1:94:23:5b:c3:72:1a:66:22:1c:25:a7:32:75:fb:
8d:9b:6f:f3:42:ce:c3:d8:76:30:fb:e2:c9:f0:e1:
19:d3:4c:90:84:7d:f5:1d:9d:9b:79:03:b9:7d:f8:
17:9e:fa:80:7d:3f:40:5c:5b:e1:30:97:82:c3:68:
5e:06:2c:20:9c:33:f3:a1:9c:1e:60:98:ec:17:9b:
c5:e8:a1:06:23:c2:21:b8:84:7d:75:ef:8b:2b:07:
59:14:d9:f9:f6:36:67:cf:38:6a:ee:d9:ae:76:8c:
05:f0:47:9b:03:37:57:e9:ff:b5:da:0b:ee:4a:06:
81:38:0f:bc:3d:d2:d5:09:4f:7f:c5:db:ea:0b:f7:
03:e3:28:a2:c1:d7:2b:1b:03:22:8a:44:ea:78:03:
eb:1f:5e:4c:03:b5:70:29:24:bf:07:d4:6f:f4:76:
b8:40:40:b5:19:fd:2c:99:13:67:96:22:7e:30:ef:
b1:39:7c:35:80:d6:bf:6e:02:4b:60:5a:03:6a:41:
07:9e:47:47:28:7a:e0:10:75:a2:65:2f:33:1c:f4:
48:d2:f3:e4:1e:47:72:8e:bf:39:ae:6c:a0:e2:a5:
d4:dd:42:f6:6a:f1:f5:e6:94:85:b3:c8:ab:da:d5:
35:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0E:A8:39:44:B5:D0:7D:89:40:C2:F8:E2:69:90:55:93:34:8C:6D
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/7513013E29CE11EEB7EBE749C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.112.0/22
218.33.124.0/22
Signature Algorithm: sha256WithRSAEncryption
d7:55:28:da:79:15:8d:9f:e4:d9:9a:cc:42:24:d4:eb:f4:a6:
68:ea:2f:4e:89:43:aa:30:22:0e:6d:39:04:40:25:5e:8f:5c:
34:e7:84:00:46:1c:c5:89:8d:24:4a:44:f3:53:69:45:c7:07:
07:8b:a7:a9:3d:bc:d6:84:81:2a:34:b4:a7:1a:84:0e:90:82:
03:97:8f:27:fb:37:0c:63:17:04:fb:f0:b2:db:65:6f:46:2f:
a0:ec:f2:53:37:76:65:17:ab:75:0c:4a:ff:cf:e6:fe:44:04:
53:76:14:cd:58:4f:c2:9c:7f:fc:fd:92:86:45:b7:80:56:69:
c2:31:9c:7a:88:bb:43:7d:0a:de:cf:41:54:dd:d0:41:43:3c:
a9:a6:ab:b3:21:d0:0c:dd:e0:8f:55:7a:bb:7f:46:95:04:b3:
f3:50:59:81:b8:a5:52:4f:64:39:10:f1:2d:e7:07:0a:ae:37:
6a:3a:d4:ec:f5:c2:63:31:59:4b:2c:98:b3:fa:35:1b:11:db:
94:30:36:34:fa:b0:59:53:80:92:96:ca:dd:60:dd:13:ae:cd:
09:ca:39:f2:f7:63:17:8e:a8:ca:cd:0d:5c:5a:8e:19:fe:3d:
da:fb:96:a9:ad:c3:01:84:d0:8d:ae:fe:fe:82:7b:a6:5d:fd:
7a:18:7e:6b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjMwNzI0MDMwMjAwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGJkZTlhOC0zNTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqLBwUlpWZBBFtPfoAPLhlCNbw3IaZiIcJacydfuNm2/zQs7D2HYw++LJ8OEZ
00yQhH31HZ2beQO5ffgXnvqAfT9AXFvhMJeCw2heBiwgnDPzoZweYJjsF5vF6KEG
I8IhuIR9de+LKwdZFNn59jZnzzhq7tmudowF8EebAzdX6f+12gvuSgaBOA+8PdLV
CU9/xdvqC/cD4yiiwdcrGwMiikTqeAPrH15MA7VwKSS/B9Rv9Ha4QEC1Gf0smRNn
liJ+MO+xOXw1gNa/bgJLYFoDakEHnkdHKHrgEHWiZS8zHPRI0vPkHkdyjr85rmyg
4qXU3UL2avH15pSFs8ir2tU1iQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEQOqDlE
tdB9iUDC+OJpkFWTNIxtMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvNzUxMzAxM0Uy
OUNFMTFFRUI3RUJFNzQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBALaIXADBALaIXwwDQYJKoZIhvcNAQELBQADggEBANdVKNp5
FY2f5NmazEIk1Ov0pmjqL06JQ6owIg5tOQRAJV6PXDTnhABGHMWJjSRKRPNTaUXH
BweLp6k9vNaEgSo0tKcahA6QggOXjyf7NwxjFwT78LLbZW9GL6Ds8lM3dmUXq3UM
Sv/P5v5EBFN2FM1YT8Kcf/z9koZFt4BWacIxnHqIu0N9Ct7PQVTd0EFDPKmmq7Mh
0Azd4I9Vert/RpUEs/NQWYG4pVJPZDkQ8S3nBwquN2o61Oz1wmMxWUssmLP6NRsR
25QwNjT6sFlTgJKWyt1g3ROuzQnKOfL3YxeOqMrNDVxajhn+Pdr7lqmtwwGE0I2u
/v6Ce6Zd/XoYfms=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org