Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/F55BA3FEA52311EC9C9CB26FC4F9AE02.roa
File: F55BA3FEA52311EC9C9CB26FC4F9AE02.roa (raw, json)
Hash identifier: 0AZOxW8fhK/YOY+IwWQJvX36vb2z7qhUc5SfHcjXmlg=
Subject key identifier: E3:53:8B:DF:5A:66:95:08:DE:0E:05:4D:05:A1:ED:0A:E2:56:76:88
Certificate issuer: /CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Certificate serial: 1027
Authority key identifier: DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/F55BA3FEA52311EC9C9CB26FC4F9AE02.roa
Signing time: Wed 16 Mar 2022 12:41:34 +0000
ROA not before: Wed 16 Mar 2022 12:41:34 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 4755
IP address blocks: 130.248.112.0/24 maxlen: 24
130.248.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4135 (0x1027)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Validity
Not Before: Mar 16 12:41:34 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6231dafe-b519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6a:08:85:4e:90:27:9a:c9:a3:f7:71:7a:86:
41:f8:35:f3:54:f5:40:d4:16:53:b2:32:29:d5:c0:
76:46:38:31:20:77:94:36:cd:a3:13:15:39:b6:d4:
f5:c1:6e:8a:78:73:4e:98:3d:c1:58:f0:ef:3e:0e:
f1:aa:b4:b7:d2:28:81:79:25:c9:73:c6:bf:70:b3:
4b:c8:23:3e:bb:67:00:53:f8:cb:82:c1:cd:15:a0:
bd:89:99:38:0a:48:80:de:32:0a:a3:af:65:fe:9d:
a0:75:0c:42:a0:f8:18:f7:7d:04:05:bc:dc:3d:da:
ef:36:ca:cf:c9:ea:2e:f6:35:11:04:11:34:eb:b3:
4f:c5:d2:2d:b5:63:ff:d3:0f:51:88:78:fb:39:f3:
ef:ca:0e:ff:28:4b:0a:b8:a7:91:69:52:77:25:40:
74:d8:00:5d:83:2a:8f:62:de:4c:6c:96:e3:d0:ca:
73:3c:37:be:5e:eb:6c:d8:22:f1:fd:3a:51:21:5e:
6d:d5:da:b0:2f:31:13:66:bf:bd:ac:21:f7:a0:9f:
42:86:fa:0a:12:01:4e:58:bf:f4:ab:16:23:51:45:
d5:49:e5:98:4f:cf:78:c1:51:3e:21:d3:24:f5:c2:
11:23:c0:ac:2b:83:9e:a4:2d:d9:83:14:9a:9a:fa:
0b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:53:8B:DF:5A:66:95:08:DE:0E:05:4D:05:A1:ED:0A:E2:56:76:88
X509v3 Authority Key Identifier:
keyid:DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/F55BA3FEA52311EC9C9CB26FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.248.112.0/24
130.248.115.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:4f:ad:24:e3:12:b2:35:3d:d2:85:00:47:e6:b8:69:39:4e:
8d:74:12:00:6a:98:cb:bd:d9:d9:99:25:53:09:8e:e7:08:22:
fb:22:76:7f:20:10:bc:18:bd:a4:7c:6f:4f:6b:05:2a:c0:64:
39:a5:f0:a6:03:73:a3:65:e9:f1:85:30:69:f7:0b:58:84:f7:
bf:8a:c5:cb:47:f0:16:d6:b1:c0:ae:da:9f:01:65:6e:f6:1c:
52:cd:70:31:7c:0d:93:47:0c:c2:2f:77:ef:fe:06:4f:08:61:
73:f3:07:22:7b:63:65:77:c9:6c:09:12:68:3b:1e:df:c3:86:
18:3e:96:dc:4a:bc:e6:e8:68:5d:fd:54:53:00:02:ea:25:b1:
ed:d6:4d:22:c8:6a:95:a6:24:b8:47:31:20:07:fc:4f:dd:c6:
a7:f9:27:de:23:49:5c:82:a3:de:80:61:a9:ed:b2:50:4f:d2:
9a:6e:df:91:8a:b1:67:39:51:98:af:a4:dc:68:78:b9:e4:76:
af:05:ea:40:2d:d8:3e:fc:33:1c:e8:21:45:2d:f7:60:ac:4f:
f6:a7:a5:0a:ab:bb:f3:a3:16:88:f6:f0:7b:80:b9:cc:5f:d5:
fb:d8:62:1b:cb:8f:be:14:d9:77:e4:1b:08:02:ac:93:d1:15:
f7:48:0d:a3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICECcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5QkQxMTAvBgNVBAUTKERBNEI1QzIxMjNCQTlEMEY4MDIzNzhEQURERDQ4MDFC
NTY3MEEzRUQwHhcNMjIwMzE2MTI0MTM0WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMxZGFmZS1iNTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1moIhU6QJ5rJo/dxeoZB+DXzVPVA1BZTsjIp1cB2RjgxIHeUNs2jExU5ttT1
wW6KeHNOmD3BWPDvPg7xqrS30iiBeSXJc8a/cLNLyCM+u2cAU/jLgsHNFaC9iZk4
CkiA3jIKo69l/p2gdQxCoPgY930EBbzcPdrvNsrPyeou9jURBBE067NPxdIttWP/
0w9RiHj7OfPvyg7/KEsKuKeRaVJ3JUB02ABdgyqPYt5MbJbj0MpzPDe+Xuts2CLx
/TpRIV5t1dqwLzETZr+9rCH3oJ9ChvoKEgFOWL/0qxYjUUXVSeWYT894wVE+IdMk
9cIRI8CsK4OepC3ZgxSamvoL4QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFONTi99a
ZpUI3g4FTQWh7QriVnaIMB8GA1UdIwQYMBaAFNpLXCEjup0PgCN42t3UgBtWcKPt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wNzQ5NTg5MDkx
ODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5RLUFJM2phM2RTQUcxWndv
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJrdGNJU082blEtQUkzamEzZFNBRzFad28tMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5QkQvMDc0OTU4OTA5MTgyMTFFODkxQzRFQzEwQzRGOUFFMDIvRjU1QkEzRkVB
NTIzMTFFQzlDOUNCMjZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACC+HADBACC+HMwDQYJKoZIhvcNAQELBQADggEBAKdPrSTj
ErI1PdKFAEfmuGk5To10EgBqmMu92dmZJVMJjucIIvsidn8gELwYvaR8b09rBSrA
ZDml8KYDc6Nl6fGFMGn3C1iE97+KxctH8BbWscCu2p8BZW72HFLNcDF8DZNHDMIv
d+/+Bk8IYXPzByJ7Y2V3yWwJEmg7Ht/Dhhg+ltxKvOboaF39VFMAAuolse3WTSLI
apWmJLhHMSAH/E/dxqf5J94jSVyCo96AYantslBP0ppu35GKsWc5UZivpNxoeLnk
dq8F6kAt2D78MxzoIUUt92CsT/anpQqru/OjFoj28HuAucxf1fvYYhvLj74U2Xfk
GwgCrJPRFfdIDaM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-ams.rpki-client.org