Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/F62169A4A52311EC9C9CB26FC4F9AE02.roa
File: F62169A4A52311EC9C9CB26FC4F9AE02.roa (raw, json)
Hash identifier: liufbegoduXEtUwOcDjjU6GvOcLh3Y/S6lElZX1RXmI=
Subject key identifier: 1B:D3:A0:E9:D0:A4:E4:49:83:6C:43:E1:81:42:94:D3:1E:C0:57:26
Certificate issuer: /CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Certificate serial: 102B
Authority key identifier: DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/F62169A4A52311EC9C9CB26FC4F9AE02.roa
Signing time: Wed 16 Mar 2022 13:04:16 +0000
ROA not before: Wed 16 Mar 2022 13:04:16 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 6453
IP address blocks: 130.248.112.0/24 maxlen: 24
130.248.115.0/24 maxlen: 24
130.248.122.0/24 maxlen: 24
130.248.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4139 (0x102b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA9BD/serialNumber=DA4B5C2123BA9D0F802378DADDD4801B5670A3ED
Validity
Not Before: Mar 16 13:04:16 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6231e050-0680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f8:cc:0f:4a:e6:01:3c:88:3e:7e:85:69:df:
0a:a4:fc:07:f4:db:11:74:e2:da:20:64:9f:3f:85:
93:fd:06:28:40:14:bd:39:06:b9:dc:db:2c:88:5e:
3e:9e:ee:f6:63:2a:66:9e:2c:90:bb:4d:ab:1d:9a:
df:00:5e:da:bb:a0:e2:57:67:98:68:a8:95:16:7e:
8b:46:1b:fe:9d:38:dd:80:f3:ab:95:30:f2:12:c2:
6e:e6:88:e4:20:f1:6e:32:c8:b2:24:2a:da:e8:1d:
c0:96:36:40:a9:65:bb:ad:5e:f3:82:98:52:e5:14:
a0:59:ff:a9:2f:3c:dd:ee:d9:33:b4:48:3c:f0:e4:
ef:8c:b9:6f:4f:ad:0f:8f:6c:fe:0c:2a:6e:37:32:
ae:22:49:85:39:28:9b:9b:c6:23:8f:8b:94:72:50:
33:29:43:61:80:55:7e:f2:24:64:05:0f:2d:52:66:
81:b1:80:9d:f9:52:f1:b5:36:e1:d8:f7:99:0c:40:
08:e4:8a:7c:78:9e:27:4d:cd:6a:14:71:95:c5:1c:
86:98:73:e8:7e:aa:0a:ef:0b:76:53:19:48:de:d1:
0a:9e:4d:f9:40:f9:f9:83:10:91:89:5f:19:c8:28:
50:34:fd:72:42:89:4c:27:6f:75:26:13:0b:0a:aa:
03:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D3:A0:E9:D0:A4:E4:49:83:6C:43:E1:81:42:94:D3:1E:C0:57:26
X509v3 Authority Key Identifier:
keyid:DA:4B:5C:21:23:BA:9D:0F:80:23:78:DA:DD:D4:80:1B:56:70:A3:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2ktcISO6nQ-AI3ja3dSAG1Zwo-0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9BD/07495890918211E891C4EC10C4F9AE02/F62169A4A52311EC9C9CB26FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.248.112.0/24
130.248.115.0/24
130.248.122.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:7e:b7:ef:8c:e8:a5:aa:ef:97:0c:0a:34:34:9f:4a:e2:9c:
d1:f7:3f:e1:b7:16:92:82:bc:c4:7f:7a:74:71:47:d3:c1:4d:
ca:44:cd:d5:9f:a2:0e:f7:34:05:ec:74:b7:6f:e7:87:6e:ae:
4f:d9:2d:e0:d6:35:6d:2a:3b:e5:bd:7b:4c:ca:fb:31:90:1b:
80:f3:5b:38:ef:c3:5a:6b:69:77:f3:df:e0:1f:f2:0e:63:f2:
36:30:2c:e4:c1:44:61:17:31:44:0f:2c:ec:a4:e6:59:49:c9:
67:e1:0e:c1:45:46:fd:52:1c:ec:ea:38:82:d7:fd:68:d6:cb:
0f:01:d2:59:76:c1:5c:1b:c1:53:1c:c6:3c:90:4d:cd:2e:54:
8a:08:42:08:cd:9f:65:e4:8f:b7:5c:6e:65:d1:1f:4b:dd:86:
87:d7:54:0c:0f:36:e4:3b:97:e7:72:a2:37:0f:c3:54:46:d6:
dc:b3:18:b8:dc:25:d9:49:52:76:1b:7e:05:43:a2:12:99:85:
9b:6a:59:b9:35:62:62:5e:a8:ab:81:7a:db:6b:08:74:e0:13:
f0:ba:80:e7:e7:f3:16:ea:75:19:38:f7:c8:6d:39:26:a5:35:
af:59:cb:06:52:2b:37:41:7b:91:19:ec:2e:49:7a:57:3f:c7:
5d:0a:42:b4
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICECswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5QkQxMTAvBgNVBAUTKERBNEI1QzIxMjNCQTlEMEY4MDIzNzhEQURERDQ4MDFC
NTY3MEEzRUQwHhcNMjIwMzE2MTMwNDE2WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMxZTA1MC0wNjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxfjMD0rmATyIPn6Fad8KpPwH9NsRdOLaIGSfP4WT/QYoQBS9OQa53NssiF4+
nu72YypmniyQu02rHZrfAF7au6DiV2eYaKiVFn6LRhv+nTjdgPOrlTDyEsJu5ojk
IPFuMsiyJCra6B3AljZAqWW7rV7zgphS5RSgWf+pLzzd7tkztEg88OTvjLlvT60P
j2z+DCpuNzKuIkmFOSibm8Yjj4uUclAzKUNhgFV+8iRkBQ8tUmaBsYCd+VLxtTbh
2PeZDEAI5Ip8eJ4nTc1qFHGVxRyGmHPofqoK7wt2UxlI3tEKnk35QPn5gxCRiV8Z
yChQNP1yQolMJ291JhMLCqoDMwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFBvToOnQ
pORJg2xD4YFClNMewFcmMB8GA1UdIwQYMBaAFNpLXCEjup0PgCN42t3UgBtWcKPt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTlCRC8wNzQ5NTg5MDkx
ODIxMUU4OTFDNEVDMTBDNEY5QUUwMi8ya3RjSVNPNm5RLUFJM2phM2RTQUcxWndv
LTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzJrdGNJU082blEtQUkzamEzZFNBRzFad28tMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5QkQvMDc0OTU4OTA5MTgyMTFFODkxQzRFQzEwQzRGOUFFMDIvRjYyMTY5QTRB
NTIzMTFFQzlDOUNCMjZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBACC+HADBACC+HMDBAGC+HowDQYJKoZIhvcNAQELBQADggEB
AF5+t++M6KWq75cMCjQ0n0rinNH3P+G3FpKCvMR/enRxR9PBTcpEzdWfog73NAXs
dLdv54durk/ZLeDWNW0qO+W9e0zK+zGQG4DzWzjvw1praXfz3+Af8g5j8jYwLOTB
RGEXMUQPLOyk5llJyWfhDsFFRv1SHOzqOILX/WjWyw8B0ll2wVwbwVMcxjyQTc0u
VIoIQgjNn2Xkj7dcbmXRH0vdhofXVAwPNuQ7l+dyojcPw1RG1tyzGLjcJdlJUnYb
fgVDohKZhZtqWbk1YmJeqKuBettrCHTgE/C6gOfn8xbqdRk498htOSalNa9ZywZS
KzdBe5EZ7C5Jelc/x10KQrQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-ams.rpki-client.org