Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/A854A202117611EEBCFD161CC4F9AE02.roa
File: A854A202117611EEBCFD161CC4F9AE02.roa (raw, json)
Hash identifier: ilanOSeiXnSnJUgFdXwd3hffgsnIkm1wQnYAiUDVrvQ=
Subject key identifier: 1F:30:17:8A:F7:EF:13:41:5B:0F:D7:51:45:07:82:79:89:50:68:72
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: D0
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/A854A202117611EEBCFD161CC4F9AE02.roa
Signing time: Fri 23 Jun 2023 03:33:02 +0000
ROA not before: Fri 23 Jun 2023 03:33:02 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 49999
IP address blocks: 218.33.68.0/22 maxlen: 24
218.33.112.0/22 maxlen: 24
218.33.116.0/22 maxlen: 24
218.33.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 208 (0xd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Jun 23 03:33:02 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6495126e-e723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:60:3b:bf:0f:42:32:d6:8a:3f:6d:56:38:64:
87:7c:3c:bf:77:ef:8c:ad:ab:bf:9f:19:e3:4b:fd:
b9:39:d0:49:c4:0e:25:e5:2c:25:98:bc:ed:e6:a3:
17:e9:84:90:87:c5:d2:8d:88:4a:ba:83:02:fa:10:
98:dc:ed:3e:30:84:2c:d6:c3:d3:39:19:33:0e:93:
42:60:6f:d6:28:b7:43:99:f9:4d:04:0c:c4:42:83:
02:6b:36:ca:04:5f:03:28:3b:59:e1:ce:fc:b7:6e:
5d:2d:a7:b3:a9:7d:c8:72:cf:69:33:43:1c:80:81:
46:e0:c0:55:b2:d5:7a:92:33:3d:aa:10:2f:05:c1:
21:88:1c:bc:9e:ae:48:40:08:52:96:45:78:f3:5d:
8f:1d:25:b8:81:99:41:26:43:7f:57:ad:03:fb:88:
eb:0d:f2:13:9c:b3:88:f7:b7:17:c5:e2:24:1f:5b:
bf:37:26:67:5f:7a:c9:57:d1:8a:1f:67:53:1e:62:
d2:2d:ca:34:d5:b3:fd:93:15:2c:7e:51:db:e1:ed:
28:26:65:65:da:e3:76:80:0f:d0:9d:b7:31:59:40:
25:6a:3c:8f:dd:bd:5f:7a:f4:5e:f5:18:c7:c1:bd:
1b:70:8e:3c:71:c7:c8:d8:1f:30:ee:4c:ab:ff:42:
34:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:30:17:8A:F7:EF:13:41:5B:0F:D7:51:45:07:82:79:89:50:68:72
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/A854A202117611EEBCFD161CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.68.0/22
218.33.112.0/21
218.33.124.0/22
Signature Algorithm: sha256WithRSAEncryption
26:4a:66:23:bd:4e:35:9e:29:c1:88:e9:ae:45:52:7c:f7:96:
3b:10:3b:23:db:b3:fe:23:35:04:8e:6a:41:9c:5d:a5:93:3e:
f1:5e:71:8e:35:8e:81:d3:16:83:2f:24:b9:b3:8e:cf:f4:d3:
97:28:07:b8:ff:37:22:3e:2b:03:f9:3b:cc:23:1c:bb:b9:5c:
f3:94:5b:a5:0f:aa:98:b4:68:88:69:76:74:b3:6a:ac:96:9a:
92:9b:c0:f5:d2:4b:fc:41:49:5e:b6:1a:e8:cd:a2:0b:10:99:
cb:61:64:8f:40:e5:63:90:bb:24:70:4c:12:72:ed:e1:c7:79:
ae:f8:fa:7b:5f:61:52:77:19:9b:dc:ff:fe:51:fb:82:20:09:
ff:9a:c4:4e:9c:6d:43:89:c4:14:d3:92:1b:64:c6:cd:de:f3:
30:6b:4f:fe:71:65:ec:94:73:c8:51:49:e6:e3:04:62:10:a3:
69:30:27:73:ae:2e:c1:49:16:65:40:b8:8d:1d:75:ac:d6:bd:
0e:4f:6d:41:3a:fe:41:41:d0:c1:dd:1f:5b:bf:ec:7d:b2:f7:
5f:0a:7b:7a:4f:e7:55:8d:2f:ce:5a:f8:fc:44:44:87:21:48:
d8:37:c3:20:f7:cb:8d:18:0c:74:2d:23:84:81:bd:51:ee:15:
4e:5a:9e:09
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICANAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjMwNjIzMDMzMzAyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk1MTI2ZS1lNzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA12A7vw9CMtaKP21WOGSHfDy/d++Mrau/nxnjS/25OdBJxA4l5SwlmLzt5qMX
6YSQh8XSjYhKuoMC+hCY3O0+MIQs1sPTORkzDpNCYG/WKLdDmflNBAzEQoMCazbK
BF8DKDtZ4c78t25dLaezqX3Ics9pM0McgIFG4MBVstV6kjM9qhAvBcEhiBy8nq5I
QAhSlkV4812PHSW4gZlBJkN/V60D+4jrDfITnLOI97cXxeIkH1u/NyZnX3rJV9GK
H2dTHmLSLco01bP9kxUsflHb4e0oJmVl2uN2gA/QnbcxWUAlajyP3b1fevRe9RjH
wb0bcI48ccfI2B8w7kyr/0I08wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFB8wF4r3
7xNBWw/XUUUHgnmJUGhyMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvQTg1NEEyMDIx
MTc2MTFFRUJDRkQxNjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBALaIUQDBAPaIXADBALaIXwwDQYJKoZIhvcNAQELBQADggEB
ACZKZiO9TjWeKcGI6a5FUnz3ljsQOyPbs/4jNQSOakGcXaWTPvFecY41joHTFoMv
JLmzjs/005coB7j/NyI+KwP5O8wjHLu5XPOUW6UPqpi0aIhpdnSzaqyWmpKbwPXS
S/xBSV62GujNogsQmcthZI9A5WOQuyRwTBJy7eHHea74+ntfYVJ3GZvc//5R+4Ig
Cf+axE6cbUOJxBTTkhtkxs3e8zBrT/5xZeyUc8hRSebjBGIQo2kwJ3OuLsFJFmVA
uI0ddazWvQ5PbUE6/kFB0MHdH1u/7H2y918Ke3pP51WNL85a+PxERIchSNg3wyD3
y40YDHQtI4SBvVHuFU5angk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org