Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/748716189FB111ECBFE07521C4F9AE02.roa
File: 748716189FB111ECBFE07521C4F9AE02.roa (raw, json)
Hash identifier: +lNTwy6Px+3qz5Xw2FC7VcSUvrUePfjCWTBwKAGAurs=
Subject key identifier: 46:68:6E:AE:25:51:82:08:99:ED:D1:12:AF:DC:D7:F6:E8:6F:0B:A2
Certificate issuer: /CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Certificate serial: 1028
Authority key identifier: DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/748716189FB111ECBFE07521C4F9AE02.roa
Signing time: Wed 16 Mar 2022 12:41:35 +0000
ROA not before: Wed 16 Mar 2022 12:41:35 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 58664
IP address blocks: 130.248.112.0/24 maxlen: 24
130.248.113.0/24 maxlen: 24
130.248.115.0/24 maxlen: 24
130.248.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4136 (0x1028)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Validity
Not Before: Mar 16 12:41:35 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6231daff-c855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:0b:fb:33:3a:25:e0:08:52:59:e1:ad:31:
71:33:77:8f:4f:cb:61:58:13:23:0b:46:26:ce:70:
99:94:05:40:d8:87:3c:49:ff:16:df:f5:bd:dc:77:
e7:c9:d6:89:82:6e:1f:87:21:57:48:68:84:89:73:
31:10:af:55:d8:82:c0:f2:72:58:53:89:c3:c4:77:
4c:f5:d3:9c:cd:b0:14:6b:da:be:88:8f:a6:a3:12:
49:07:0e:74:20:e3:37:70:fd:6c:86:84:8d:33:3c:
cc:e4:bf:10:6b:13:9a:44:cd:08:15:f5:64:d0:7f:
7e:e5:b0:99:55:9c:2a:d1:0e:14:27:8c:bd:16:dd:
56:b4:d5:02:46:60:5b:cc:04:81:39:fe:9b:2d:76:
c4:a7:51:55:c4:fa:04:3d:4a:fc:42:bd:20:9f:10:
65:1e:a4:50:b2:2f:b6:f1:c7:41:4e:0d:04:ef:16:
4f:a6:4d:8f:60:08:a0:a7:c9:31:52:d3:db:1a:f5:
6b:17:5b:cf:27:03:b8:d1:88:fe:55:df:cd:7d:c9:
73:8c:92:33:0d:25:ed:7a:16:50:59:7c:69:17:49:
1f:91:38:b6:9c:95:a8:fd:e6:f8:be:8d:00:2a:76:
89:b6:02:b4:a0:09:ea:24:07:a5:b3:b0:1f:8e:e5:
72:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:68:6E:AE:25:51:82:08:99:ED:D1:12:AF:DC:D7:F6:E8:6F:0B:A2
X509v3 Authority Key Identifier:
keyid:DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/748716189FB111ECBFE07521C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.248.112.0/23
130.248.115.0/24
130.248.127.0/24
Signature Algorithm: sha256WithRSAEncryption
14:72:ec:44:65:fa:7f:dd:ad:b9:f7:1d:7b:f0:05:96:d5:9f:
64:46:4c:74:9e:c3:9c:7c:5a:8b:73:30:8b:9e:4f:2f:20:6c:
2b:98:c2:71:dd:63:7a:00:4e:d2:2c:ea:04:8f:28:50:1f:9a:
34:49:3d:5a:f0:66:d0:7b:6f:09:a9:ae:11:b5:2a:ad:16:c5:
43:2a:ac:bf:b9:48:41:04:30:47:24:33:af:56:68:fb:85:83:
99:c1:2c:60:f5:6e:a7:78:e0:f0:87:23:0c:91:f6:5b:d8:43:
e6:f3:d0:ef:b2:71:a5:27:31:2c:d6:d3:ce:a4:a6:e9:90:cc:
22:d3:83:52:c6:5d:b7:50:f0:aa:66:01:30:b7:f4:27:f5:87:
0d:62:ab:f2:fb:fa:20:af:92:2d:a6:df:fa:36:b1:82:2d:5f:
8a:bc:24:9e:a6:4e:ca:85:2b:3f:61:db:e3:8e:fc:0f:54:54:
38:2e:bf:03:4b:d8:e4:92:20:4c:ee:6d:39:3b:d8:e1:92:38:
34:5a:b1:e2:74:e4:78:f7:cd:a0:d1:73:dd:89:9b:e1:a6:ae:
60:e1:40:bf:c9:24:52:4f:a5:c9:c8:48:16:be:72:c0:0f:85:
f9:5c:87:85:c7:81:ab:d3:de:22:ae:7a:cc:4b:b6:79:48:09:
0c:f6:83:9e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICECgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5QkQxMTAvBgNVBAUTKERBNEI1QzIxMjNCQTlEMEY4MDIzNzhEQURERDQ4MDFC
NTY3MEEzRUQwHhcNMjIwMzE2MTI0MTM1WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMxZGFmZi1jODU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvecL+zM6JeAIUlnhrTFxM3ePT8thWBMjC0YmznCZlAVA2Ic8Sf8W3/W93Hfn
ydaJgm4fhyFXSGiEiXMxEK9V2ILA8nJYU4nDxHdM9dOczbAUa9q+iI+moxJJBw50
IOM3cP1shoSNMzzM5L8QaxOaRM0IFfVk0H9+5bCZVZwq0Q4UJ4y9Ft1WtNUCRmBb
zASBOf6bLXbEp1FVxPoEPUr8Qr0gnxBlHqRQsi+28cdBTg0E7xZPpk2PYAigp8kx
UtPbGvVrF1vPJwO40Yj+Vd/NfclzjJIzDSXtehZQWXxpF0kfkTi2nJWo/eb4vo0A
KnaJtgK0oAnqJAels7AfjuVyiwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFEZobq4l
UYIIme3REq/c1/bobwuiMB8GA1UdIwQYMBaAFNpLXCEjup0PgCN42t3UgBtWcKPt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wNzQ5NTg5MDkx
ODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5RLUFJM2phM2RTQUcxWndv
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJrdGNJU082blEtQUkzamEzZFNBRzFad28tMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5QkQvMDc0OTU4OTA5MTgyMTFFODkxQzRFQzEwQzRGOUFFMDIvNzQ4NzE2MTg5
RkIxMTFFQ0JGRTA3NTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAGC+HADBACC+HMDBACC+H8wDQYJKoZIhvcNAQELBQADggEB
ABRy7ERl+n/drbn3HXvwBZbVn2RGTHSew5x8WotzMIueTy8gbCuYwnHdY3oATtIs
6gSPKFAfmjRJPVrwZtB7bwmprhG1Kq0WxUMqrL+5SEEEMEckM69WaPuFg5nBLGD1
bqd44PCHIwyR9lvYQ+bz0O+ycaUnMSzW086kpumQzCLTg1LGXbdQ8KpmATC39Cf1
hw1iq/L7+iCvki2m3/o2sYItX4q8JJ6mTsqFKz9h2+OO/A9UVDguvwNL2OSSIEzu
bTk72OGSODRaseJ05Hj3zaDRc92Jm+GmrmDhQL/JJFJPpcnISBa+csAPhflch4XH
gavT3iKuesxLtnlICQz2g54=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org