Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/C14AF9001F8611EEB6F13847C4F9AE02.roa
File: C14AF9001F8611EEB6F13847C4F9AE02.roa (raw, json)
Hash identifier: HwU1n1HKs1n01oakn3OaxFHG3mPyfs6Zvzz0n7BnwCw=
Subject key identifier: 06:E1:2A:D1:C5:10:23:73:85:75:B0:BC:AE:B2:7F:8C:D9:6C:BB:03
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: DD
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/C14AF9001F8611EEB6F13847C4F9AE02.roa
Signing time: Tue 11 Jul 2023 01:03:32 +0000
ROA not before: Tue 11 Jul 2023 01:03:32 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 49999
IP address blocks: 218.33.68.0/22 maxlen: 24
218.33.112.0/22 maxlen: 24
218.33.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221 (0xdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Jul 11 01:03:32 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64acaa64-fd68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5e:23:5a:0d:10:24:0a:84:be:2e:a9:6e:16:
d6:66:4a:c9:2d:e9:d9:ad:00:da:2b:93:88:a2:89:
2f:33:3f:16:9e:57:8a:13:c0:5d:33:42:d4:3c:ec:
ea:73:2e:90:12:5c:71:17:01:fd:81:03:d0:94:5b:
4a:16:7e:69:c3:e0:1a:d3:ed:74:b4:f4:ba:f4:7b:
55:c2:93:0d:5b:ff:aa:f1:27:f0:f1:f2:e9:c1:1a:
50:d3:e5:2a:dc:39:db:b6:ac:16:c6:ea:c0:92:06:
50:f3:00:8a:0f:c1:4e:2e:52:23:78:04:e1:42:d5:
73:60:f4:c3:af:a1:ae:7c:f6:6e:34:2f:d8:6d:87:
df:d2:2f:3d:0e:f0:5f:77:0d:9f:77:8e:73:7e:14:
c6:76:1a:6f:64:f1:b1:d9:ed:f2:6f:d7:4c:25:4b:
86:2c:ee:f3:e0:d5:c4:8c:4c:67:a2:67:e1:4c:39:
86:66:28:eb:dc:4a:6d:55:f4:d4:a8:30:51:03:88:
15:0a:5c:52:96:f1:3e:66:31:f5:d8:d1:92:67:40:
44:c8:bc:4a:65:e2:19:8e:d1:b3:18:ad:ef:78:84:
79:a6:f3:74:aa:00:69:10:f1:ee:72:27:52:a7:b4:
9a:b9:4f:a5:ea:51:5e:d6:1a:d8:4a:bc:87:e2:85:
97:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E1:2A:D1:C5:10:23:73:85:75:B0:BC:AE:B2:7F:8C:D9:6C:BB:03
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/C14AF9001F8611EEB6F13847C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.68.0/22
218.33.112.0/22
218.33.124.0/22
Signature Algorithm: sha256WithRSAEncryption
85:82:b3:78:1d:e0:87:5c:12:40:47:6f:f8:3d:88:bf:bf:c0:
79:3f:0b:55:3d:34:23:9b:8a:04:45:8a:da:78:e7:43:ec:91:
d5:b1:81:45:e4:01:d6:b3:3e:8d:81:fb:45:70:69:e1:23:ec:
38:54:40:92:61:b9:6c:cb:ed:37:0c:61:a7:3c:a5:b3:6a:fe:
69:20:3c:fa:0a:99:1d:ba:84:12:b3:ab:f1:a1:71:10:15:3e:
68:b5:12:f2:11:d9:69:64:c2:3f:94:e4:9c:50:25:41:6a:39:
c2:af:d0:ab:9f:87:94:e9:92:50:19:52:ea:7f:be:5b:17:58:
0f:c1:df:97:af:a5:bd:b6:c8:0d:fd:e0:87:cb:c9:e1:10:d0:
98:d3:c3:d5:1e:6e:c2:eb:7f:cf:01:39:5c:17:8c:37:5d:46:
99:1b:7a:38:12:47:31:f8:a7:da:84:aa:66:da:ab:e8:f9:fd:
11:ad:f3:1d:39:b2:cb:cb:12:de:a6:ef:39:a2:6f:e6:14:15:
ff:b4:35:f0:53:26:b5:2e:d2:ae:08:9f:eb:10:eb:cb:45:19:
01:e9:d0:14:bf:f2:69:0c:7e:4c:e1:89:92:2d:1b:5f:42:73:
12:90:a4:6c:29:b7:1d:9b:a5:8c:dd:f8:f9:e0:ff:2b:3a:cb:
9e:69:c8:98
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjMwNzExMDEwMzMyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFjYWE2NC1mZDY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2l4jWg0QJAqEvi6pbhbWZkrJLenZrQDaK5OIookvMz8WnleKE8BdM0LUPOzq
cy6QElxxFwH9gQPQlFtKFn5pw+Aa0+10tPS69HtVwpMNW/+q8Sfw8fLpwRpQ0+Uq
3DnbtqwWxurAkgZQ8wCKD8FOLlIjeAThQtVzYPTDr6GufPZuNC/YbYff0i89DvBf
dw2fd45zfhTGdhpvZPGx2e3yb9dMJUuGLO7z4NXEjExnomfhTDmGZijr3EptVfTU
qDBRA4gVClxSlvE+ZjH12NGSZ0BEyLxKZeIZjtGzGK3veIR5pvN0qgBpEPHucidS
p7SauU+l6lFe1hrYSryH4oWX0QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAbhKtHF
ECNzhXWwvK6yf4zZbLsDMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvQzE0QUY5MDAx
Rjg2MTFFRUI2RjEzODQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBALaIUQDBALaIXADBALaIXwwDQYJKoZIhvcNAQELBQADggEB
AIWCs3gd4IdcEkBHb/g9iL+/wHk/C1U9NCObigRFitp450PskdWxgUXkAdazPo2B
+0VwaeEj7DhUQJJhuWzL7TcMYac8pbNq/mkgPPoKmR26hBKzq/GhcRAVPmi1EvIR
2Wlkwj+U5JxQJUFqOcKv0Kufh5TpklAZUup/vlsXWA/B35evpb22yA394IfLyeEQ
0JjTw9UebsLrf88BOVwXjDddRpkbejgSRzH4p9qEqmbaq+j5/RGt8x05ssvLEt6m
7zmib+YUFf+0NfBTJrUu0q4In+sQ68tFGQHp0BS/8mkMfkzhiZItG19CcxKQpGwp
tx2bpYzd+Png/ys6y55pyJg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org