Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1912F54A3B5411EABAC6EE18C4F9AE02.roa
File: 1912F54A3B5411EABAC6EE18C4F9AE02.roa (raw, json)
Hash identifier: jHfUVYRJveY15I8OPkH2BHhWkKfBsz2250M3IEAs8Qg=
Subject key identifier: 74:4D:CF:03:C5:62:8C:E9:53:85:CA:1B:14:1F:FC:F8:80:29:74:B0
Certificate issuer: /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Certificate serial: 19B0
Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1912F54A3B5411EABAC6EE18C4F9AE02.roa
Signing time: Fri 10 Dec 2021 04:52:59 +0000
ROA not before: Fri 10 Dec 2021 04:52:59 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 134963
IP address blocks: 8.208.0.0/12 maxlen: 15
8.208.0.0/16 maxlen: 24
8.209.0.0/16 maxlen: 24
8.210.0.0/16 maxlen: 24
8.211.0.0/16 maxlen: 24
8.212.0.0/16 maxlen: 24
8.213.0.0/16 maxlen: 24
8.214.0.0/16 maxlen: 24
8.215.0.0/16 maxlen: 24
8.216.0.0/16 maxlen: 24
8.217.0.0/16 maxlen: 16
8.218.0.0/16 maxlen: 24
8.219.0.0/16 maxlen: 24
8.220.0.0/16 maxlen: 24
8.221.0.0/16 maxlen: 24
8.223.0.0/16 maxlen: 24
149.129.0.0/16 maxlen: 16
161.117.0.0/16 maxlen: 24
170.33.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6576 (0x19b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Validity
Not Before: Dec 10 04:52:59 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61b2dd2b-85bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ef:3a:1f:a5:d3:a0:9f:09:70:b1:58:42:a4:
b1:04:77:9e:50:68:54:05:67:0a:d7:88:44:4c:ca:
11:7b:60:c8:27:74:b1:14:06:df:98:1b:06:aa:1e:
4b:b5:73:e0:2f:d5:51:95:e4:9d:2c:fa:8a:8f:fe:
1c:52:da:2e:9a:e3:5b:05:6b:e8:60:28:4c:b8:02:
20:de:81:75:c5:a5:7d:45:32:74:d4:14:11:87:a8:
5a:e3:4e:7c:0c:25:64:a5:b7:c2:99:b7:b6:bb:6b:
f3:62:d3:b0:2e:42:f3:10:6f:2c:7f:ec:51:f9:40:
8a:a1:ab:6c:8a:07:34:ea:66:8e:43:c1:62:dd:bc:
8b:3e:32:dc:9d:11:19:cb:a6:ae:e8:6c:66:94:68:
4c:ad:36:4f:f2:04:c3:19:6b:1e:86:9c:52:da:12:
77:d3:30:61:cd:14:ea:58:20:52:90:ae:5d:da:80:
67:04:a0:5d:c1:47:02:eb:1b:35:18:4e:84:05:87:
ce:4d:5c:33:3d:3c:fd:c5:7a:a2:7c:a2:d0:72:8d:
19:c0:69:df:58:7b:f0:1e:68:45:cb:eb:23:12:a0:
dc:5b:27:36:18:09:37:00:f4:90:28:5a:d2:62:8f:
5b:f7:56:8a:16:9f:63:00:d2:33:c9:e3:08:a7:d6:
9c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4D:CF:03:C5:62:8C:E9:53:85:CA:1B:14:1F:FC:F8:80:29:74:B0
X509v3 Authority Key Identifier:
keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1912F54A3B5411EABAC6EE18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
8.208.0.0/12
149.129.0.0/16
161.117.0.0/16
170.33.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d1:58:81:b1:50:2c:c3:38:ba:36:be:e1:07:35:e2:32:af:58:
6a:24:73:77:3d:6e:07:99:c4:97:cd:f0:65:cc:14:71:25:14:
6a:5f:73:b3:cc:40:21:67:31:45:9e:78:f2:e4:9e:61:bd:ab:
d0:2a:27:b1:26:a0:df:c7:d7:30:9b:56:b9:2e:72:25:49:b0:
a0:f7:4a:35:64:e0:a2:80:fb:72:60:78:69:01:92:d4:5b:9c:
77:a8:02:a2:58:a0:fa:b2:21:27:f0:3c:85:c2:02:77:2e:8f:
61:e2:c5:18:82:88:18:ab:11:14:1e:d0:55:3a:ed:d7:52:c7:
98:ee:68:f2:9f:ef:1c:6e:39:39:d2:31:16:06:c4:a5:8d:6b:
aa:6d:6d:79:79:23:c7:68:4f:13:98:55:74:ea:f8:92:a1:3a:
e8:e8:1b:1e:42:ec:66:37:52:0e:bb:c6:5f:2a:ff:66:15:46:
04:64:d7:22:19:01:98:79:b4:ed:15:21:8c:1a:d1:26:30:40:
87:c7:30:c5:7b:56:15:c6:eb:e9:d5:40:59:55:21:e5:4a:ea:
f7:07:0a:6a:96:2b:86:34:7d:97:53:12:98:44:ec:33:72:5b:
c4:5a:ce:62:3d:e7:5c:b9:5f:0f:21:0e:a5:6b:ff:04:76:0a:
3e:b1:85:c6
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICGbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx
NzA3N0U2MzIwHhcNMjExMjEwMDQ1MjU5WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWIyZGQyYi04NWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuu86H6XToJ8JcLFYQqSxBHeeUGhUBWcK14hETMoRe2DIJ3SxFAbfmBsGqh5L
tXPgL9VRleSdLPqKj/4cUtoumuNbBWvoYChMuAIg3oF1xaV9RTJ01BQRh6ha4058
DCVkpbfCmbe2u2vzYtOwLkLzEG8sf+xR+UCKoatsigc06maOQ8Fi3byLPjLcnREZ
y6au6GxmlGhMrTZP8gTDGWsehpxS2hJ30zBhzRTqWCBSkK5d2oBnBKBdwUcC6xs1
GE6EBYfOTVwzPTz9xXqifKLQco0ZwGnfWHvwHmhFy+sjEqDcWyc2GAk3APSQKFrS
Yo9b91aKFp9jANIzyeMIp9acjQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFHRNzwPF
YozpU4XKGxQf/PiAKXSwMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1
MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvMTkxMkY1NEEz
QjU0MTFFQUJBQzZFRTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDAwQI0AMDAJWBAwMAoXUDAwCqITANBgkqhkiG9w0BAQsFAAOC
AQEA0ViBsVAswzi6Nr7hBzXiMq9YaiRzdz1uB5nEl83wZcwUcSUUal9zs8xAIWcx
RZ548uSeYb2r0ConsSag38fXMJtWuS5yJUmwoPdKNWTgooD7cmB4aQGS1Fucd6gC
olig+rIhJ/A8hcICdy6PYeLFGIKIGKsRFB7QVTrt11LHmO5o8p/vHG45OdIxFgbE
pY1rqm1teXkjx2hPE5hVdOr4kqE66OgbHkLsZjdSDrvGXyr/ZhVGBGTXIhkBmHm0
7RUhjBrRJjBAh8cwxXtWFcbr6dVAWVUh5Urq9wcKapYrhjR9l1MSmETsM3JbxFrO
Yj3nXLlfDyEOpWv/BHYKPrGFxg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-ams.rpki-client.org