Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/9BD9020CA32C11ECBB84C066C4F9AE02.roa
File: 9BD9020CA32C11ECBB84C066C4F9AE02.roa (raw, json)
Hash identifier: l3eEWh/HcBbl1KUMhAYdih7f2zkFW7nuWOTyR/yaJ7M=
Subject key identifier: 68:FF:75:0F:13:01:3D:A4:E5:7B:BC:40:CA:01:87:85:82:84:81:8A
Certificate issuer: /CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Certificate serial: 317D
Authority key identifier: 58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/9BD9020CA32C11ECBB84C066C4F9AE02.roa
Signing time: Mon 14 Mar 2022 00:20:53 +0000
ROA not before: Mon 14 Mar 2022 00:20:53 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 1239
IP address blocks: 117.121.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12669 (0x317d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8C90/serialNumber=58A196A7BF06F2E16E909D277141BA44911F1F4F
Validity
Not Before: Mar 14 00:20:53 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=622e8a65-4f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:57:f2:78:4e:f8:6c:a3:69:11:ed:28:d4:80:
7a:b5:4b:b6:61:34:a0:d2:b1:3f:24:c9:28:b5:87:
0a:c6:6f:dc:82:79:55:a0:d4:36:2b:2d:df:ea:b5:
da:38:84:5c:0a:a2:d1:77:00:32:a8:ef:94:4d:50:
61:4b:10:16:d2:fd:3d:31:05:30:7a:80:8f:17:b7:
be:f3:a2:c2:0b:77:29:dc:fe:a9:88:81:eb:9a:00:
87:22:d6:1b:24:e7:85:b0:af:7a:1c:2a:54:8a:cb:
dc:bb:a9:92:04:82:89:ed:f4:39:0f:81:e7:ec:bf:
e2:c0:ae:e0:84:cd:72:a4:df:d8:64:79:e9:fc:5a:
03:0f:c7:98:22:fd:47:c0:a4:16:78:6d:2c:4c:c2:
a9:a6:09:20:33:7b:78:c0:e6:52:98:c8:16:0d:dc:
f8:b3:6b:5c:f2:5c:83:6c:36:45:1d:2a:d0:37:1f:
ec:72:1a:00:1e:d3:67:1f:d3:75:d7:a5:0c:ef:e6:
53:6c:17:b3:c9:1d:94:ff:25:6c:ae:26:e8:ea:fb:
db:43:90:2c:59:9d:b5:9e:c5:3b:0b:fd:77:60:a9:
31:48:a2:b2:c0:6b:f3:79:e6:cf:6f:5b:4a:ce:14:
3f:2f:ab:12:51:cf:8c:cb:ee:61:4d:a7:b1:ce:58:
70:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FF:75:0F:13:01:3D:A4:E5:7B:BC:40:CA:01:87:85:82:84:81:8A
X509v3 Authority Key Identifier:
keyid:58:A1:96:A7:BF:06:F2:E1:6E:90:9D:27:71:41:BA:44:91:1F:1F:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/WKGWp78G8uFukJ0ncUG6RJEfH08.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKGWp78G8uFukJ0ncUG6RJEfH08.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C90/2D1BEBE41D9511E288E6B3FA08B02CD2/9BD9020CA32C11ECBB84C066C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.121.245.0/24
Signature Algorithm: sha256WithRSAEncryption
73:5c:90:4d:20:73:ec:cf:e4:67:8d:35:5b:3a:7a:fa:2e:b8:
20:0c:6d:b0:0a:01:d9:3b:8b:08:64:f3:a8:2b:9f:63:b9:66:
17:1c:22:83:cf:6c:66:46:5a:a5:36:48:c4:97:e0:43:71:39:
d5:c5:44:f6:1e:95:c7:45:ff:e3:53:d4:f5:2b:9e:73:1d:0c:
45:29:21:bc:3c:54:ce:66:d8:bc:0e:c8:43:87:47:97:dc:ba:
54:98:ae:b4:3e:0d:42:fe:c5:c9:16:9c:54:99:17:73:30:26:
a9:ce:ea:5e:20:8c:c1:8c:3d:2b:92:b2:04:c1:c6:c5:f5:c0:
44:62:80:43:22:9c:2c:e2:e3:15:2f:db:b2:98:76:50:be:7a:
4d:17:f3:e1:17:cf:94:8b:dc:e2:f2:6d:92:65:ca:f2:b5:5d:
d5:9c:46:5a:7e:d1:94:d5:82:98:b2:e9:b7:ec:57:e4:e5:05:
72:98:0a:6a:fe:78:ef:06:26:49:6a:18:35:a1:78:ca:ec:13:
a0:06:4e:49:11:7b:b1:03:a3:1c:10:54:cc:9b:be:bc:d8:e1:
41:79:9e:db:08:82:e4:79:eb:a2:3a:9a:10:0c:68:01:bf:12:
b8:86:7c:c6:9f:2f:75:15:e9:c2:d7:98:e9:19:94:d3:2a:8f:
d7:f2:8b:30
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICMX0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThDOTAxMTAvBgNVBAUTKDU4QTE5NkE3QkYwNkYyRTE2RTkwOUQyNzcxNDFCQTQ0
OTExRjFGNEYwHhcNMjIwMzE0MDAyMDUzWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJlOGE2NS00ZjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5VfyeE74bKNpEe0o1IB6tUu2YTSg0rE/JMkotYcKxm/cgnlVoNQ2Ky3f6rXa
OIRcCqLRdwAyqO+UTVBhSxAW0v09MQUweoCPF7e+86LCC3cp3P6piIHrmgCHItYb
JOeFsK96HCpUisvcu6mSBIKJ7fQ5D4Hn7L/iwK7ghM1ypN/YZHnp/FoDD8eYIv1H
wKQWeG0sTMKppgkgM3t4wOZSmMgWDdz4s2tc8lyDbDZFHSrQNx/schoAHtNnH9N1
16UM7+ZTbBezyR2U/yVsribo6vvbQ5AsWZ21nsU7C/13YKkxSKKywGvzeebPb1tK
zhQ/L6sSUc+My+5hTaexzlhwhQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGj/dQ8T
AT2k5Xu8QMoBh4WChIGKMB8GA1UdIwQYMBaAFFihlqe/BvLhbpCdJ3FBukSRHx9P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM5MC8yRDFCRUJFNDFE
OTUxMUUyODhFNkIzRkEwOEIwMkNEMi9XS0dXcDc4Rzh1RnVrSjBuY1VHNlJKRWZI
MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLR1dwNzhHOHVGdWtKMG5jVUc2UkpFZkgwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDOTAvMkQxQkVCRTQxRDk1MTFFMjg4RTZCM0ZBMDhCMDJDRDIvOUJEOTAyMENB
MzJDMTFFQ0JCODRDMDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB1efUwDQYJKoZIhvcNAQELBQADggEBAHNckE0gc+zP5GeN
NVs6evouuCAMbbAKAdk7iwhk86grn2O5ZhccIoPPbGZGWqU2SMSX4ENxOdXFRPYe
lcdF/+NT1PUrnnMdDEUpIbw8VM5m2LwOyEOHR5fculSYrrQ+DUL+xckWnFSZF3Mw
JqnO6l4gjMGMPSuSsgTBxsX1wERigEMinCzi4xUv27KYdlC+ek0X8+EXz5SL3OLy
bZJlyvK1XdWcRlp+0ZTVgpiy6bfsV+TlBXKYCmr+eO8GJklqGDWheMrsE6AGTkkR
e7EDoxwQVMybvrzY4UF5ntsIguR566I6mhAMaAG/EriGfMafL3UV6cLXmOkZlNMq
j9fyizA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org