Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/5F1B9E32FC5B11ECBF463862C4F9AE02.roa
File: 5F1B9E32FC5B11ECBF463862C4F9AE02.roa (raw, json)
Hash identifier: rAEbBa1uGtk9Pg/4rSGnYZGZvhJvbTN5vV1T1ED1ht4=
Subject key identifier: E9:78:EE:EB:C5:32:E0:04:0E:5F:C3:57:3C:16:CA:AC:20:1C:35:4B
Certificate issuer: /CN=A91DF93A/serialNumber=07A1C08545CACC65E0882D49E9F2F8CFD2BE8260
Certificate serial: 05D0
Authority key identifier: 07:A1:C0:85:45:CA:CC:65:E0:88:2D:49:E9:F2:F8:CF:D2:BE:82:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B6HAhUXKzGXgiC1J6fL4z9K-gmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/5F1B9E32FC5B11ECBF463862C4F9AE02.roa
Signing time: Tue 05 Jul 2022 12:09:52 +0000
ROA not before: Tue 05 Jul 2022 12:09:52 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 212879
IP address blocks: 164.90.125.0/24 maxlen: 24
164.90.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1488 (0x5d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF93A/serialNumber=07A1C08545CACC65E0882D49E9F2F8CFD2BE8260
Validity
Not Before: Jul 5 12:09:52 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62c42a0f-2b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a6:eb:79:18:4d:29:79:af:67:f7:8c:09:1a:
c5:02:6e:b0:13:25:8f:6d:6b:de:85:5b:01:f0:5c:
79:b4:cb:b6:b3:8f:54:d3:2e:25:09:b1:9d:b1:7a:
1c:c8:7d:50:c6:62:69:a5:53:09:c0:81:0f:47:a1:
ed:3b:61:cf:e4:5d:4a:ec:d9:35:77:2f:bc:78:76:
14:ca:fa:98:93:f9:5e:9c:c7:3c:99:a4:03:c1:9a:
5b:b0:bf:12:90:41:b6:57:79:31:4f:dd:b4:d1:1f:
84:a6:5a:de:7d:8b:01:ca:a0:90:2b:cb:6b:76:be:
6e:a2:8b:ac:ad:b1:7d:9a:e4:c8:26:28:a2:a9:5d:
b3:db:c4:b6:47:b0:12:1e:2d:a7:89:4e:0b:45:2c:
28:d2:5f:5f:82:8e:c8:df:0a:a4:10:64:83:ec:07:
95:6b:09:1b:8b:61:03:d3:94:58:19:44:45:95:5c:
1a:04:03:28:3d:a2:0d:bb:f0:3f:c7:6f:4f:50:d4:
e7:05:16:21:b4:f5:e3:95:8f:c4:f7:be:bb:62:ed:
17:25:8f:e9:74:df:63:a8:58:e3:a2:78:b6:56:67:
30:ec:6e:61:0b:90:4b:43:a8:c3:1c:82:ab:cf:73:
be:e8:80:4a:6a:5f:20:ee:df:47:14:10:3a:e3:27:
e4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:78:EE:EB:C5:32:E0:04:0E:5F:C3:57:3C:16:CA:AC:20:1C:35:4B
X509v3 Authority Key Identifier:
keyid:07:A1:C0:85:45:CA:CC:65:E0:88:2D:49:E9:F2:F8:CF:D2:BE:82:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/B6HAhUXKzGXgiC1J6fL4z9K-gmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B6HAhUXKzGXgiC1J6fL4z9K-gmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/FF51E59EE5F311EAB3A91561C4F9AE02/5F1B9E32FC5B11ECBF463862C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
164.90.125.0-164.90.126.255
Signature Algorithm: sha256WithRSAEncryption
0d:1c:2e:d7:ec:68:d0:80:b3:a2:e2:b3:f7:cb:69:c2:4c:06:
73:60:c1:d3:3e:ca:ac:a3:34:37:16:ee:52:2f:3c:44:02:ae:
7b:5d:7f:a1:da:64:d8:af:47:f0:86:ee:9a:da:03:42:f2:27:
38:84:7b:23:95:19:4a:06:58:73:90:c4:64:db:f1:b6:e1:92:
f2:5c:de:25:5f:c2:34:53:5b:8d:03:ce:8e:79:a5:66:8e:2c:
74:71:7a:31:46:b0:f6:c4:b2:95:63:16:b2:8b:53:c3:2a:cc:
9e:91:62:46:db:1d:cf:73:ac:07:74:96:74:05:94:35:de:cf:
db:81:5a:ad:23:50:7e:75:5b:a3:58:55:91:df:57:de:90:0f:
bc:52:db:75:0a:5e:f4:92:9a:46:8c:0a:b8:1c:72:76:32:fc:
a0:2a:ce:92:6a:21:b8:39:0c:5f:bf:12:fb:b9:ca:98:a9:21:
dd:ee:99:d8:0e:00:a7:0d:f8:8a:00:92:09:1a:a0:4b:9b:05:
c0:79:65:2a:93:41:6a:fa:26:b0:b3:8c:62:c9:b6:fb:3b:07:
44:74:71:12:2c:2c:f5:e1:41:5e:2d:57:db:fe:b1:a7:aa:02:
19:95:bb:00:79:ed:c9:64:6d:47:f5:ba:c7:a6:66:88:9a:2a:
b7:5f:95:9d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDA3QTFDMDg1NDVDQUNDNjVFMDg4MkQ0OUU5RjJGOENG
RDJCRTgyNjAwHhcNMjIwNzA1MTIwOTUyWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM0MmEwZi0yYjk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1KbreRhNKXmvZ/eMCRrFAm6wEyWPbWvehVsB8Fx5tMu2s49U0y4lCbGdsXoc
yH1QxmJppVMJwIEPR6HtO2HP5F1K7Nk1dy+8eHYUyvqYk/lenMc8maQDwZpbsL8S
kEG2V3kxT9200R+EplrefYsByqCQK8trdr5uoousrbF9muTIJiiiqV2z28S2R7AS
Hi2niU4LRSwo0l9fgo7I3wqkEGSD7AeVawkbi2ED05RYGURFlVwaBAMoPaINu/A/
x29PUNTnBRYhtPXjlY/E9767Yu0XJY/pdN9jqFjjoni2Vmcw7G5hC5BLQ6jDHIKr
z3O+6IBKal8g7t9HFBA64yfkKQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFOl47uvF
MuAEDl/DVzwWyqwgHDVLMB8GA1UdIwQYMBaAFAehwIVFysxl4IgtSeny+M/SvoJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GRjUxRTU5RUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9CNkhBaFVYS3pHWGdpQzFKNmZMNHo5Sy1n
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I2SEFoVVhLekdYZ2lDMUo2Zkw0ejlLLWdtQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRkY1MUU1OUVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvNUYxQjlFMzJG
QzVCMTFFQ0JGNDYzODYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAKRafQMEAKRafjANBgkqhkiG9w0BAQsFAAOCAQEADRwu
1+xo0ICzouKz98tpwkwGc2DB0z7KrKM0NxbuUi88RAKue11/odpk2K9H8IbumtoD
QvInOIR7I5UZSgZYc5DEZNvxtuGS8lzeJV/CNFNbjQPOjnmlZo4sdHF6MUaw9sSy
lWMWsotTwyrMnpFiRtsdz3OsB3SWdAWUNd7P24FarSNQfnVbo1hVkd9X3pAPvFLb
dQpe9JKaRowKuBxydjL8oCrOkmohuDkMX78S+7nKmKkh3e6Z2A4Apw34igCSCRqg
S5sFwHllKpNBavomsLOMYsm2+zsHRHRxEiws9eFBXi1X2/6xp6oCGZW7AHntyWRt
R/W6x6ZmiJoqt1+VnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:31 2024 by rpki-client on console-ams.rpki-client.org