Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/DA1D2C9E3E2011EC8B8C6253C4F9AE02.roa
File: DA1D2C9E3E2011EC8B8C6253C4F9AE02.roa (raw, json)
Hash identifier: 7ldnC5RWIYSXomUfE147OKFxuh76Y7hB/DlDuUX256o=
Subject key identifier: C2:44:B9:48:18:ED:0F:F7:D1:4B:78:B9:F5:8A:BB:46:13:9A:E2:59
Certificate issuer: /CN=A91E78E8/serialNumber=F192D4AD86CE10FC96827FC93480F3FBDEF5EA61
Certificate serial: 01A6
Authority key identifier: F1:92:D4:AD:86:CE:10:FC:96:82:7F:C9:34:80:F3:FB:DE:F5:EA:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ZLUrYbOEPyWgn_JNIDz-9716mE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/DA1D2C9E3E2011EC8B8C6253C4F9AE02.roa
Signing time: Wed 01 Jun 2022 16:30:42 +0000
ROA not before: Wed 01 Jun 2022 16:30:42 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 38623
IP address blocks: 220.158.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 422 (0x1a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E78E8/serialNumber=F192D4AD86CE10FC96827FC93480F3FBDEF5EA61
Validity
Not Before: Jun 1 16:30:42 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62979432-c863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ec:32:bd:44:a9:50:76:5e:f7:61:77:cd:df:
41:4b:28:4d:3b:93:6c:2f:07:48:1b:79:be:82:13:
f2:6e:3c:5f:eb:ca:3b:3a:a2:68:44:02:86:4c:59:
a4:0d:31:ea:24:f5:5c:ea:de:a8:8c:ac:f5:b4:38:
d1:b6:13:1f:86:3f:91:f6:fd:02:3f:dc:6b:d3:d2:
fc:d4:ef:24:6a:ca:9e:72:9b:20:f5:dd:61:09:86:
b1:a5:3d:63:f4:fd:4b:68:4e:ec:35:46:54:41:f4:
e5:d1:46:6e:53:2e:f2:a3:cf:f5:05:84:35:05:0e:
39:23:bb:67:b8:89:d4:8a:3a:f5:4e:78:ad:89:5d:
94:52:49:23:5f:16:09:4d:10:98:a8:04:0f:b3:03:
90:e6:3d:5a:3d:7d:f8:ac:86:7f:40:47:58:ea:ac:
4a:1a:26:f8:f4:89:67:f9:06:20:11:12:e0:8b:88:
30:e7:cd:ca:16:f7:18:36:1b:17:8c:ba:32:54:d6:
f4:32:5d:3e:09:da:aa:d2:96:d3:52:2a:85:ec:ce:
7c:7c:62:c1:d6:06:08:77:02:17:f7:30:e3:25:b7:
bb:0b:01:a2:e1:bf:18:92:27:2d:9f:2b:d0:f7:9c:
62:6b:d0:48:8a:b9:5c:f8:17:19:f0:5a:3e:09:b1:
2f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:44:B9:48:18:ED:0F:F7:D1:4B:78:B9:F5:8A:BB:46:13:9A:E2:59
X509v3 Authority Key Identifier:
keyid:F1:92:D4:AD:86:CE:10:FC:96:82:7F:C9:34:80:F3:FB:DE:F5:EA:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/8ZLUrYbOEPyWgn_JNIDz-9716mE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8ZLUrYbOEPyWgn_JNIDz-9716mE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E78E8/B89EB6903E1C11ECB8B0A24AC4F9AE02/DA1D2C9E3E2011EC8B8C6253C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.158.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:cf:74:92:37:93:ac:dc:76:d3:2d:a1:21:fb:72:f9:8d:70:
ae:61:f1:56:b3:77:74:20:e1:89:cc:64:a4:3b:c2:7a:20:53:
06:d2:62:27:1b:b8:da:c8:fc:41:1a:4d:71:b9:bf:cd:85:1a:
b9:40:39:82:53:3b:8a:8f:24:fd:0e:35:82:89:86:5e:33:93:
31:ba:bc:a1:01:d4:94:09:82:d8:02:83:5a:54:cd:fa:b4:5d:
2c:55:df:2f:d1:e9:98:3c:98:e8:95:86:cb:6e:e0:aa:10:87:
94:17:82:2f:68:1d:3e:aa:87:86:3a:54:99:51:4a:9e:13:40:
a4:fa:74:1b:72:2b:49:40:22:bb:22:0e:6e:c8:00:ad:43:bc:
be:f0:c7:00:93:4a:e5:eb:39:29:d6:d0:33:df:0b:27:e7:7b:
e7:1f:55:cc:d7:47:8e:b3:f3:64:4b:f4:2f:d0:d8:7e:75:d7:
2c:8b:a5:5a:b3:e7:ca:7e:8a:75:c7:89:fd:fd:78:c0:cd:31:
f5:fa:b4:8f:ff:51:05:0c:55:9f:87:c9:40:ae:96:13:2c:e5:
96:71:d6:65:0a:dc:70:e6:46:b8:6c:0f:18:e2:ea:7e:74:d2:
f3:dd:fb:ba:19:cb:8d:ed:9f:d1:b5:ac:95:cb:b7:3c:62:0e:
ea:2b:a9:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc4RTgxMTAvBgNVBAUTKEYxOTJENEFEODZDRTEwRkM5NjgyN0ZDOTM0ODBGM0ZC
REVGNUVBNjEwHhcNMjIwNjAxMTYzMDQyWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk3OTQzMi1jODYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyewyvUSpUHZe92F3zd9BSyhNO5NsLwdIG3m+ghPybjxf68o7OqJoRAKGTFmk
DTHqJPVc6t6ojKz1tDjRthMfhj+R9v0CP9xr09L81O8kasqecpsg9d1hCYaxpT1j
9P1LaE7sNUZUQfTl0UZuUy7yo8/1BYQ1BQ45I7tnuInUijr1TnitiV2UUkkjXxYJ
TRCYqAQPswOQ5j1aPX34rIZ/QEdY6qxKGib49Iln+QYgERLgi4gw583KFvcYNhsX
jLoyVNb0Ml0+Cdqq0pbTUiqF7M58fGLB1gYIdwIX9zDjJbe7CwGi4b8YkictnyvQ
95xia9BIirlc+BcZ8Fo+CbEvRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMJEuUgY
7Q/30Ut4ufWKu0YTmuJZMB8GA1UdIwQYMBaAFPGS1K2GzhD8loJ/yTSA8/ve9eph
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzhFOC9CODlFQjY5MDNF
MUMxMUVDQjhCMEEyNEFDNEY5QUUwMi84WkxVclliT0VQeVdnbl9KTklEei05NzE2
bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhaTFVyWWJPRVB5V2duX0pOSUR6LTk3MTZtRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc4RTgvQjg5RUI2OTAzRTFDMTFFQ0I4QjBBMjRBQzRGOUFFMDIvREExRDJDOUUz
RTIwMTFFQzhCOEM2MjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALcnugwDQYJKoZIhvcNAQELBQADggEBAC7PdJI3k6zcdtMt
oSH7cvmNcK5h8Vazd3Qg4YnMZKQ7wnogUwbSYicbuNrI/EEaTXG5v82FGrlAOYJT
O4qPJP0ONYKJhl4zkzG6vKEB1JQJgtgCg1pUzfq0XSxV3y/R6Zg8mOiVhstu4KoQ
h5QXgi9oHT6qh4Y6VJlRSp4TQKT6dBtyK0lAIrsiDm7IAK1DvL7wxwCTSuXrOSnW
0DPfCyfne+cfVczXR46z82RL9C/Q2H511yyLpVqz58p+inXHif39eMDNMfX6tI//
UQUMVZ+HyUCulhMs5ZZx1mUK3HDmRrhsDxji6n500vPd+7oZy43tn9G1rJXLtzxi
Duorqac=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org