Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/DCA9684C103411EDBEAC892CC4F9AE02.roa
File: DCA9684C103411EDBEAC892CC4F9AE02.roa (raw, json)
Hash identifier: ZNWzRmXXjGZARPyrTqLqj+NJ5D8Cipa2kYd+Wz9xKUI=
Subject key identifier: 31:4E:10:C3:DA:8E:E1:48:23:68:AB:3B:9F:8B:3F:E4:3C:9C:A9:31
Certificate issuer: /CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986
Certificate serial: 0B7D
Authority key identifier: C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/DCA9684C103411EDBEAC892CC4F9AE02.roa
Signing time: Sat 30 Jul 2022 18:24:35 +0000
ROA not before: Sat 30 Jul 2022 18:24:35 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 133542
IP address blocks: 59.152.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2941 (0xb7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919B06C/serialNumber=C83493C0297CCB58D2837946D6063F14A7DEE986
Validity
Not Before: Jul 30 18:24:35 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=62e57762-efec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:90:1c:3b:f5:b2:03:72:47:76:7f:23:f9:
de:c1:25:a9:bf:02:ec:31:18:8f:b6:22:9b:a4:59:
01:57:99:7f:72:83:7f:de:1d:4d:62:93:bf:1d:01:
69:f7:75:4e:2b:1e:10:20:e9:7a:8a:41:89:c6:1e:
01:96:ff:d4:6e:9b:49:c1:fe:9b:81:36:05:5f:b1:
60:25:4e:d3:2f:49:39:12:19:4b:6c:64:8e:da:c2:
21:1f:55:d1:bb:5a:33:1f:18:32:e2:68:66:64:5d:
8d:c9:e3:2f:b9:4e:06:1a:1f:c1:a6:8c:fa:c6:0a:
9f:a7:11:09:d7:16:7e:47:52:f8:0f:b9:fc:d0:e8:
96:58:34:0b:85:8a:08:31:df:ee:6c:7d:4c:82:aa:
a9:73:3f:ce:00:ae:06:3b:ce:f1:ec:31:35:c1:4a:
12:8f:94:42:0a:c5:99:1b:60:a4:d4:1b:ec:03:c1:
1b:c7:fb:37:af:c7:0a:eb:04:f0:8e:d6:62:44:64:
25:2a:15:70:c2:67:5a:68:bf:02:d6:68:fa:bc:4c:
af:71:11:27:c2:bb:5e:f0:91:6d:35:95:54:3e:f7:
e0:c4:39:03:a1:3e:08:58:ea:eb:30:07:9a:1d:55:
43:c0:43:41:0f:f7:20:e2:57:ef:30:b4:50:4e:d0:
32:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:4E:10:C3:DA:8E:E1:48:23:68:AB:3B:9F:8B:3F:E4:3C:9C:A9:31
X509v3 Authority Key Identifier:
keyid:C8:34:93:C0:29:7C:CB:58:D2:83:79:46:D6:06:3F:14:A7:DE:E9:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/yDSTwCl8y1jSg3lG1gY_FKfe6YY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yDSTwCl8y1jSg3lG1gY_FKfe6YY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B06C/E9D62E74FEAE11E8910D4D66C4F9AE02/DCA9684C103411EDBEAC892CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.11.0/24
Signature Algorithm: sha256WithRSAEncryption
27:ed:5e:63:74:a9:c2:b4:fd:1a:6f:1a:b7:64:04:19:e5:a3:
88:74:97:e4:8f:a5:d4:04:62:b1:5b:d1:7f:83:4f:88:73:63:
9b:1d:d8:52:4e:8c:61:f5:d7:a5:db:99:55:bc:d9:cb:73:d7:
7f:82:9d:77:99:e7:bb:b4:ed:33:8e:24:86:ca:c3:e3:9b:0a:
79:f9:22:f2:08:bb:f6:01:2e:48:69:0f:e5:54:dd:ef:3a:90:
d7:08:7a:39:a7:24:05:4d:bb:c1:88:27:75:e0:52:e0:47:3d:
2f:62:f3:28:04:1b:8e:11:81:47:a6:d4:1a:2f:7b:a1:07:44:
79:7e:e5:54:34:f8:39:8c:98:0f:b9:ef:63:fd:31:c2:50:b0:
e8:29:04:6b:cb:c1:0f:67:3c:e7:68:37:19:14:4f:5c:10:35:
f9:6e:f7:3a:5f:bb:cf:0c:26:60:09:6e:0a:10:38:0a:88:f7:
4e:bd:40:c5:bf:ef:09:56:ba:87:d7:4f:0a:f9:13:2f:cc:07:
4c:14:f3:a3:44:35:86:b1:8c:a6:17:b7:12:91:1e:81:04:f9:
8e:3c:ac:2d:99:15:82:04:ae:31:69:ff:4e:c0:cd:51:e2:6c:
fd:1f:47:3e:12:57:ed:95:85:5f:3d:ab:23:39:0a:42:d2:ee:
0d:81:29:0a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUIwNkMxMTAvBgNVBAUTKEM4MzQ5M0MwMjk3Q0NCNThEMjgzNzk0NkQ2MDYzRjE0
QTdERUU5ODYwHhcNMjIwNzMwMTgyNDM1WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU1Nzc2Mi1lZmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzqQHDv1sgNyR3Z/I/newSWpvwLsMRiPtiKbpFkBV5l/coN/3h1NYpO/HQFp
93VOKx4QIOl6ikGJxh4Blv/UbptJwf6bgTYFX7FgJU7TL0k5EhlLbGSO2sIhH1XR
u1ozHxgy4mhmZF2NyeMvuU4GGh/Bpoz6xgqfpxEJ1xZ+R1L4D7n80OiWWDQLhYoI
Md/ubH1Mgqqpcz/OAK4GO87x7DE1wUoSj5RCCsWZG2Ck1BvsA8Ebx/s3r8cK6wTw
jtZiRGQlKhVwwmdaaL8C1mj6vEyvcREnwrte8JFtNZVUPvfgxDkDoT4IWOrrMAea
HVVDwENBD/cg4lfvMLRQTtAyrwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDFOEMPa
juFII2irO5+LP+Q8nKkxMB8GA1UdIwQYMBaAFMg0k8ApfMtY0oN5RtYGPxSn3umG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjA2Qy9FOUQ2MkU3NEZF
QUUxMUU4OTEwRDRENjZDNEY5QUUwMi95RFNUd0NsOHkxalNnM2xHMWdZX0ZLZmU2
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lEU1R3Q2w4eTFqU2czbEcxZ1lfRktmZTZZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUIwNkMvRTlENjJFNzRGRUFFMTFFODkxMEQ0RDY2QzRGOUFFMDIvRENBOTY4NEMx
MDM0MTFFREJFQUM4OTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAA7mAswDQYJKoZIhvcNAQELBQADggEBACftXmN0qcK0/Rpv
GrdkBBnlo4h0l+SPpdQEYrFb0X+DT4hzY5sd2FJOjGH116XbmVW82ctz13+CnXeZ
57u07TOOJIbKw+ObCnn5IvIIu/YBLkhpD+VU3e86kNcIejmnJAVNu8GIJ3XgUuBH
PS9i8ygEG44RgUem1Bove6EHRHl+5VQ0+DmMmA+572P9McJQsOgpBGvLwQ9nPOdo
NxkUT1wQNflu9zpfu88MJmAJbgoQOAqI9069QMW/7wlWuofXTwr5Ey/MB0wU86NE
NYaxjKYXtxKRHoEE+Y48rC2ZFYIErjFp/07AzVHibP0fRz4SV+2VhV89qyM5CkLS
7g2BKQo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-ams.rpki-client.org