Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F28ADB768C5611E792848B4AC4F9AE02.roa
File: F28ADB768C5611E792848B4AC4F9AE02.roa (raw, json)
Hash identifier: hXE9Pm9uplnVNz0xY5QXbK54Rt+F+D9G1nL3J3WJVAY=
Subject key identifier: CE:8D:09:FE:A1:5E:DC:30:CC:5E:F3:74:52:AE:99:23:92:30:5D:43
Certificate issuer: /CN=A91DFB70/serialNumber=5D2DD154B5DCE21FB786C526DBDEF1B045928AB8
Certificate serial: 24C5
Authority key identifier: 5D:2D:D1:54:B5:DC:E2:1F:B7:86:C5:26:DB:DE:F1:B0:45:92:8A:B8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XS3RVLXc4h-3hsUm297xsEWSirg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F28ADB768C5611E792848B4AC4F9AE02.roa
Signing time: Thu 06 Apr 2023 16:33:15 +0000
ROA not before: Thu 06 Apr 2023 16:33:15 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 17811
IP address blocks: 210.5.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9413 (0x24c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DFB70/serialNumber=5D2DD154B5DCE21FB786C526DBDEF1B045928AB8
Validity
Not Before: Apr 6 16:33:15 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=642ef44a-38ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8a:b4:cd:7a:e3:a9:11:44:6d:55:34:c5:1a:
09:21:2e:0e:58:14:65:cf:41:4d:f8:74:c3:61:3f:
e8:35:a3:4f:4f:cd:39:6c:8c:c5:83:93:31:9e:b5:
80:84:22:44:ba:f8:b7:1b:54:54:f8:b5:d2:7b:15:
83:e4:3c:dc:c5:4f:14:23:4d:9b:86:b6:d4:e9:d3:
8e:02:67:b4:45:23:cb:b1:79:3f:85:12:94:7d:95:
a0:ca:16:90:bb:06:5b:b1:5b:00:67:7b:ce:ac:ca:
2c:18:96:94:f7:48:33:56:ef:f7:6c:b2:08:9c:d3:
32:87:78:73:d0:e6:dd:71:e8:e4:1e:ce:1a:b1:a5:
c0:2c:a2:1f:14:fa:b9:72:fd:c1:e5:8d:43:57:ab:
0b:4b:fd:d8:16:c1:2a:42:23:c6:70:cf:2c:1b:e8:
3f:53:81:1e:c0:0b:78:97:55:25:10:7b:15:94:6b:
46:35:5e:1f:93:ff:7a:fe:f0:ee:4b:e7:3d:01:be:
35:3d:33:4b:80:f8:eb:56:26:2a:bb:61:55:2a:d3:
4b:c3:01:42:f9:ae:21:d5:83:b7:9f:72:d5:eb:9c:
20:78:b0:ba:cc:3d:67:5e:f0:b1:98:39:b9:1a:c4:
dc:cb:ff:85:93:6d:01:0e:e0:58:86:99:86:4b:ad:
d7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8D:09:FE:A1:5E:DC:30:CC:5E:F3:74:52:AE:99:23:92:30:5D:43
X509v3 Authority Key Identifier:
keyid:5D:2D:D1:54:B5:DC:E2:1F:B7:86:C5:26:DB:DE:F1:B0:45:92:8A:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/XS3RVLXc4h-3hsUm297xsEWSirg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XS3RVLXc4h-3hsUm297xsEWSirg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F28ADB768C5611E792848B4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.5.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:6e:ca:bc:6c:20:d0:b0:a2:be:81:83:00:5e:8c:86:32:be:
4c:2a:6b:71:4f:ca:c5:df:77:b7:e8:43:7d:42:93:77:73:d9:
ee:2d:82:6b:5b:64:a4:b9:7c:04:12:8f:a5:96:01:0e:7e:a6:
a1:60:2d:8a:24:d1:bf:51:83:06:db:25:87:d3:b9:36:c7:50:
22:5b:79:35:56:bb:ba:62:25:d7:74:32:1e:fd:e9:81:ed:40:
d5:1a:31:03:d9:fc:a9:56:b9:27:be:a3:00:4c:a4:84:6d:ce:
9e:52:30:80:22:74:4b:16:ef:0e:99:aa:4f:52:ca:d6:01:e8:
1d:4b:a3:f1:84:65:8d:ec:0f:e9:49:6d:9c:35:88:70:37:57:
8c:96:e9:e5:c8:2d:12:83:8e:9d:a8:ce:b5:1e:df:f1:87:ba:
e8:da:32:a8:05:13:17:5c:10:b5:72:3f:05:a8:89:0e:17:40:
37:88:37:58:87:aa:ba:e1:17:35:07:cf:ab:9d:78:30:65:07:
94:98:93:66:37:e5:33:ba:69:8a:5a:c5:eb:53:4e:a8:89:6e:
1a:a4:8f:44:27:33:83:e3:1f:dc:14:d4:7c:75:3e:e8:f9:5d:
33:66:e9:2b:ed:84:c0:92:97:3c:7a:4b:57:94:42:85:52:c7:
3b:b0:e8:eb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REZCNzAxMTAvBgNVBAUTKDVEMkREMTU0QjVEQ0UyMUZCNzg2QzUyNkRCREVGMUIw
NDU5MjhBQjgwHhcNMjMwNDA2MTYzMzE1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJlZjQ0YS0zOGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuIq0zXrjqRFEbVU0xRoJIS4OWBRlz0FN+HTDYT/oNaNPT805bIzFg5MxnrWA
hCJEuvi3G1RU+LXSexWD5DzcxU8UI02bhrbU6dOOAme0RSPLsXk/hRKUfZWgyhaQ
uwZbsVsAZ3vOrMosGJaU90gzVu/3bLIInNMyh3hz0ObdcejkHs4asaXALKIfFPq5
cv3B5Y1DV6sLS/3YFsEqQiPGcM8sG+g/U4EewAt4l1UlEHsVlGtGNV4fk/96/vDu
S+c9Ab41PTNLgPjrViYqu2FVKtNLwwFC+a4h1YO3n3LV65wgeLC6zD1nXvCxmDm5
GsTcy/+Fk20BDuBYhpmGS63XLwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM6NCf6h
XtwwzF7zdFKumSOSMF1DMB8GA1UdIwQYMBaAFF0t0VS13OIft4bFJtve8bBFkoq4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERkI3MC8yOTgzNjQ3Qzgz
OEYxMUU1ODZGQzU4MTJDNEY5QUUwMi9YUzNSVkxYYzRoLTNoc1VtMjk3eHNFV1Np
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hTM1JWTFhjNGgtM2hzVW0yOTd4c0VXU2lyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REZCNzAvMjk4MzY0N0M4MzhGMTFFNTg2RkM1ODEyQzRGOUFFMDIvRjI4QURCNzY4
QzU2MTFFNzkyODQ4QjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADSBXkwDQYJKoZIhvcNAQELBQADggEBAAtuyrxsINCwor6B
gwBejIYyvkwqa3FPysXfd7foQ31Ck3dz2e4tgmtbZKS5fAQSj6WWAQ5+pqFgLYok
0b9RgwbbJYfTuTbHUCJbeTVWu7piJdd0Mh796YHtQNUaMQPZ/KlWuSe+owBMpIRt
zp5SMIAidEsW7w6Zqk9SytYB6B1Lo/GEZY3sD+lJbZw1iHA3V4yW6eXILRKDjp2o
zrUe3/GHuujaMqgFExdcELVyPwWoiQ4XQDeIN1iHqrrhFzUHz6udeDBlB5SYk2Y3
5TO6aYpaxetTTqiJbhqkj0QnM4PjH9wU1Hx1Puj5XTNm6SvthMCSlzx6S1eUQoVS
xzuw6Os=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org