Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/9A15BAE4703811ED8A5D2B67C4F9AE02.roa
File: 9A15BAE4703811ED8A5D2B67C4F9AE02.roa (raw, json)
Hash identifier: O9vlb3itQRy7fAUBPBOHCbcZoP/p0/1Us67QmSg6RTc=
Subject key identifier: 9E:6B:62:06:61:2A:30:B8:25:1B:66:83:C2:0B:90:30:C5:58:BB:F6
Certificate issuer: /CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
Certificate serial: 01C4
Authority key identifier: 6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/9A15BAE4703811ED8A5D2B67C4F9AE02.roa
Signing time: Wed 22 Feb 2023 22:54:17 +0000
ROA not before: Wed 22 Feb 2023 22:54:17 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 133556
IP address blocks: 125.254.110.0/23 maxlen: 23
125.254.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452 (0x1c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1216/serialNumber=6DBD5C4D0121FCB318E78C451B6F567320986002
Validity
Not Before: Feb 22 22:54:17 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=63f69d19-9ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:23:07:f4:47:e1:ce:8e:fc:3a:7c:26:ed:f5:
a6:38:b2:b2:42:30:3b:98:e6:8a:ba:c6:82:0a:b1:
fc:a2:10:2f:72:9c:27:b8:a0:68:29:3f:b1:17:b2:
3f:5d:24:f4:c0:5e:26:95:20:c5:95:53:f0:e1:19:
bb:57:e2:e6:ff:e2:07:08:21:f5:23:43:c8:c8:0d:
a2:0d:92:b9:94:52:55:a1:dc:3c:ad:65:55:d5:a8:
85:1f:84:14:91:ae:7f:e1:f8:84:24:01:4a:c1:09:
68:b9:99:a5:39:7b:ad:a1:9d:fc:7a:bd:69:f2:13:
19:da:2c:08:29:40:b4:d9:40:8e:7a:64:7d:6d:0b:
2e:a0:00:2b:b7:fc:71:11:bc:bc:d4:28:73:de:f5:
47:e3:e5:d5:ca:db:a9:4a:63:bb:84:d4:d4:ed:62:
af:ad:98:97:e4:43:5e:0f:2a:f7:72:3b:f8:fd:ee:
03:83:ea:10:02:fb:b5:f1:a5:c6:c6:bc:2e:96:66:
36:83:a6:cc:f9:65:d9:05:42:4a:f6:60:dd:69:b8:
82:57:82:c5:a3:14:8f:d8:41:de:fb:e5:17:27:4a:
8b:92:fd:b4:b1:76:f1:43:b3:d2:b1:e8:a3:0a:c4:
79:fe:9a:a3:dc:fd:c8:f3:9f:69:1e:41:5b:03:0f:
1e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6B:62:06:61:2A:30:B8:25:1B:66:83:C2:0B:90:30:C5:58:BB:F6
X509v3 Authority Key Identifier:
keyid:6D:BD:5C:4D:01:21:FC:B3:18:E7:8C:45:1B:6F:56:73:20:98:60:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/bb1cTQEh_LMY54xFG29WcyCYYAI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bb1cTQEh_LMY54xFG29WcyCYYAI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1216/DC78268CB94B11EC832B7419C4F9AE02/9A15BAE4703811ED8A5D2B67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.254.110.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:7d:58:ea:ae:f0:b7:c3:19:ec:d6:54:38:40:47:0b:25:a6:
a0:41:10:fa:ee:8f:85:f5:f5:37:ce:0a:92:9b:72:b3:44:b4:
79:b6:cf:5f:d9:31:a5:76:f2:79:11:f6:5b:e6:99:ea:cd:cb:
ac:76:28:ac:0f:4b:d8:34:54:3b:3b:a6:cf:ba:90:c4:86:bf:
2e:44:d3:98:a1:ca:51:cf:a6:3a:39:d7:7f:2d:99:45:07:f8:
c6:3c:a1:59:c1:7e:b0:22:b7:d1:fd:1e:a3:6b:a6:c8:81:44:
3e:7b:1a:65:18:fc:00:38:75:9d:ba:36:19:41:aa:99:93:cd:
b1:6a:4f:f7:c4:35:e8:04:c5:f0:ce:fe:64:34:2f:14:1d:40:
fa:f7:c8:3d:9b:c1:ae:8d:cd:ce:9f:c1:1a:0d:b8:c9:05:61:
c7:34:8a:3e:e1:7a:b8:5c:23:cc:7f:35:55:cc:c4:42:61:54:
51:56:6e:08:1b:f2:68:f7:21:42:23:88:5e:0d:a5:0a:40:14:
6f:62:e4:07:b3:22:0e:85:41:20:02:ed:28:5f:9a:60:2f:67:
a6:83:63:43:db:79:6a:ef:77:28:8c:10:3e:b2:81:ac:76:8a:
64:da:56:13:90:3c:dd:29:5d:ef:8d:52:b8:d9:ce:76:8a:68:
88:27:b3:c1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDEyMTYxMTAvBgNVBAUTKDZEQkQ1QzREMDEyMUZDQjMxOEU3OEM0NTFCNkY1Njcz
MjA5ODYwMDIwHhcNMjMwMjIyMjI1NDE3WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Y2OWQxOS05ZWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzyMH9Efhzo78Onwm7fWmOLKyQjA7mOaKusaCCrH8ohAvcpwnuKBoKT+xF7I/
XST0wF4mlSDFlVPw4Rm7V+Lm/+IHCCH1I0PIyA2iDZK5lFJVodw8rWVV1aiFH4QU
ka5/4fiEJAFKwQlouZmlOXutoZ38er1p8hMZ2iwIKUC02UCOemR9bQsuoAArt/xx
Eby81Chz3vVH4+XVytupSmO7hNTU7WKvrZiX5ENeDyr3cjv4/e4Dg+oQAvu18aXG
xrwulmY2g6bM+WXZBUJK9mDdabiCV4LFoxSP2EHe++UXJ0qLkv20sXbxQ7PSseij
CsR5/pqj3P3I859pHkFbAw8ecwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ5rYgZh
KjC4JRtmg8ILkDDFWLv2MB8GA1UdIwQYMBaAFG29XE0BIfyzGOeMRRtvVnMgmGAC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTIxNi9EQzc4MjY4Q0I5
NEIxMUVDODMyQjc0MTlDNEY5QUUwMi9iYjFjVFFFaF9MTVk1NHhGRzI5V2N5Q1lZ
QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JiMWNUUUVoX0xNWTU0eEZHMjlXY3lDWVlBSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDEyMTYvREM3ODI2OENCOTRCMTFFQzgzMkI3NDE5QzRGOUFFMDIvOUExNUJBRTQ3
MDM4MTFFRDhBNUQyQjY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAF9/m4wDQYJKoZIhvcNAQELBQADggEBAF19WOqu8LfDGezW
VDhARwslpqBBEPruj4X19TfOCpKbcrNEtHm2z1/ZMaV28nkR9lvmmerNy6x2KKwP
S9g0VDs7ps+6kMSGvy5E05ihylHPpjo5138tmUUH+MY8oVnBfrAit9H9HqNrpsiB
RD57GmUY/AA4dZ26NhlBqpmTzbFqT/fENegExfDO/mQ0LxQdQPr3yD2bwa6Nzc6f
wRoNuMkFYcc0ij7herhcI8x/NVXMxEJhVFFWbggb8mj3IUIjiF4NpQpAFG9i5Aez
Ig6FQSAC7ShfmmAvZ6aDY0PbeWrvdyiMED6ygax2imTaVhOQPN0pXe+NUrjZznaK
aIgns8E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org