Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/45AADCCE2D8411ED9B301A6BC4F9AE02.roa
File: 45AADCCE2D8411ED9B301A6BC4F9AE02.roa (raw, json)
Hash identifier: QoH5OxqqcS0/qDx071aoIjLWzRg1dnvccGK5Eby4lOQ=
Subject key identifier: 72:70:E5:4C:75:3A:23:53:23:4E:4D:A9:51:0F:73:C6:37:65:5A:28
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0C64
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/45AADCCE2D8411ED9B301A6BC4F9AE02.roa
Signing time: Tue 06 Sep 2022 01:36:05 +0000
ROA not before: Tue 06 Sep 2022 01:36:05 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 137182
IP address blocks: 61.14.158.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3172 (0xc64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Validity
Not Before: Sep 6 01:36:05 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=6316a405-44d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d7:66:4b:9f:eb:c1:cc:fb:01:cf:c3:85:0f:
5c:a9:4a:91:a9:85:7b:a3:01:33:c8:5e:a6:e0:ed:
86:35:b6:5f:ab:03:74:a3:3c:bb:ac:3d:e3:b1:74:
39:3c:72:93:bb:c8:6e:a2:32:e7:a0:67:f7:cb:89:
87:b5:61:f4:36:5b:31:2b:4d:40:4f:61:c4:1d:6b:
ba:14:13:20:f6:7b:71:e2:3e:fd:c8:b9:07:24:10:
0c:11:27:d2:7f:80:22:7e:b0:15:e1:f7:63:1f:98:
66:83:13:5b:cd:db:16:45:ff:58:08:99:34:df:9a:
87:5a:3b:f4:88:b5:25:45:3c:f7:82:b7:cb:07:7a:
38:3f:c3:bb:90:23:3e:93:74:f0:56:76:f4:4b:01:
c7:f3:7d:fb:59:8f:8a:e4:47:c6:20:ae:24:33:de:
78:b9:ff:30:63:72:f7:8e:85:59:ef:8e:6d:d6:50:
9c:92:5d:cf:d8:52:96:0e:ad:1e:b0:1f:92:77:91:
7d:4c:8b:e6:73:34:66:29:c4:e7:29:66:45:21:ff:
61:ba:40:78:c8:d1:34:94:c2:ed:24:b6:16:2e:ef:
f0:83:fe:10:d7:77:7f:0e:e9:50:7a:93:89:88:98:
8b:d1:4f:74:0b:5f:49:f2:2e:dc:0f:21:28:e6:63:
14:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:70:E5:4C:75:3A:23:53:23:4E:4D:A9:51:0F:73:C6:37:65:5A:28
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/45AADCCE2D8411ED9B301A6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.14.158.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:ff:bf:71:22:9a:1b:51:9f:ec:63:d4:f6:4e:2e:d5:a3:ae:
64:d4:94:fc:29:c2:cd:d2:96:86:8a:23:14:d1:2f:b2:1c:ff:
72:db:3a:cf:2a:a7:7c:47:c2:66:7b:80:57:6b:01:7c:83:9e:
c2:98:b0:11:6d:41:82:be:f9:21:36:a4:56:ab:72:95:cb:44:
86:99:e2:9a:74:02:98:e1:a9:7e:5e:78:46:fd:51:a4:f7:ca:
fd:8c:26:0d:4e:b7:30:5f:1f:6a:56:ac:60:ce:65:f8:7d:e2:
31:6f:f7:10:17:1d:4d:19:cb:d1:e1:3b:47:e7:98:05:97:53:
e9:f6:8d:89:52:d4:a0:32:17:15:54:65:27:78:49:d9:28:cf:
3d:a5:bf:a3:3a:19:79:2a:7a:c1:0a:cc:af:c7:cf:cc:0b:7a:
02:50:1d:9f:01:86:f8:80:f1:46:2e:75:16:9e:36:1b:7d:8b:
39:8b:40:ca:e2:b0:c7:17:f7:66:ce:e9:36:68:6c:75:e4:88:
6a:b1:44:af:94:ae:be:1a:20:f8:7d:bf:d9:2d:e1:33:d0:ff:
14:bc:ac:fe:31:1d:38:d8:60:b4:91:8a:b1:91:c2:a2:c7:8b:
0d:24:fd:03:20:00:4a:0a:d6:76:3f:f8:90:a6:d2:d3:23:17:
53:b0:0d:ab
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDGQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjIwOTA2MDEzNjA1WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE2YTQwNS00NGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmNdmS5/rwcz7Ac/DhQ9cqUqRqYV7owEzyF6m4O2GNbZfqwN0ozy7rD3jsXQ5
PHKTu8huojLnoGf3y4mHtWH0NlsxK01AT2HEHWu6FBMg9ntx4j79yLkHJBAMESfS
f4AifrAV4fdjH5hmgxNbzdsWRf9YCJk035qHWjv0iLUlRTz3grfLB3o4P8O7kCM+
k3TwVnb0SwHH8337WY+K5EfGIK4kM954uf8wY3L3joVZ745t1lCckl3P2FKWDq0e
sB+Sd5F9TIvmczRmKcTnKWZFIf9hukB4yNE0lMLtJLYWLu/wg/4Q13d/DulQepOJ
iJiL0U90C19J8i7cDyEo5mMUsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHJw5Ux1
OiNTI05NqVEPc8Y3ZVooMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvNDVBQURDQ0Uy
RDg0MTFFRDlCMzAxQTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAE9Dp4wDQYJKoZIhvcNAQELBQADggEBAFr/v3EimhtRn+xj
1PZOLtWjrmTUlPwpws3SloaKIxTRL7Ic/3LbOs8qp3xHwmZ7gFdrAXyDnsKYsBFt
QYK++SE2pFarcpXLRIaZ4pp0ApjhqX5eeEb9UaT3yv2MJg1OtzBfH2pWrGDOZfh9
4jFv9xAXHU0Zy9HhO0fnmAWXU+n2jYlS1KAyFxVUZSd4Sdkozz2lv6M6GXkqesEK
zK/Hz8wLegJQHZ8BhviA8UYudRaeNht9izmLQMrisMcX92bO6TZobHXkiGqxRK+U
rr4aIPh9v9kt4TPQ/xS8rP4xHTjYYLSRirGRwqLHiw0k/QMgAEoK1nY/+JCm0tMj
F1OwDas=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org