Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FAFD007C538711EA81ECEB2EC4F9AE02.roa
File: FAFD007C538711EA81ECEB2EC4F9AE02.roa (raw, json)
Hash identifier: 6iPn/LEspqXIsC9yAwn3L4bY0AsojGC5JVHEoGEhpGc=
Subject key identifier: 74:BD:C8:DA:6F:E6:FD:C6:C6:62:F0:5C:A7:40:A8:1C:42:7F:0E:E6
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 13DA
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FAFD007C538711EA81ECEB2EC4F9AE02.roa
Signing time: Fri 18 Feb 2022 06:24:36 +0000
ROA not before: Fri 18 Feb 2022 06:24:36 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 17819
IP address blocks: 49.255.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5082 (0x13da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 18 06:24:36 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=620f3ba4-9cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:71:d9:68:79:be:ba:98:63:d2:c2:9e:56:6e:
cf:9c:08:0b:90:6c:fb:a4:5c:4c:7f:5a:9b:6b:b4:
33:ff:63:d2:81:71:94:8b:8f:46:f6:9d:e5:72:da:
74:df:95:22:92:40:81:8c:07:90:ef:09:cb:bb:b3:
97:be:22:94:a9:dc:84:33:f7:1d:54:29:8c:8d:b5:
39:54:b7:4f:ed:21:d2:06:70:3e:56:e6:39:d5:4e:
c3:75:43:88:25:93:e3:ef:da:dd:17:a9:57:98:02:
8b:f6:6c:2b:b3:ee:8a:32:b7:a3:1c:80:35:b9:b3:
9c:3f:ed:ee:99:fa:ce:fc:0b:9a:db:85:01:10:e6:
7d:b7:fe:46:67:07:64:c1:7c:08:89:f7:79:0b:a0:
31:6d:35:12:c9:a2:39:e6:43:52:97:3c:4a:fe:8a:
d5:8d:09:45:0e:19:83:48:ce:01:b5:82:f5:97:f4:
68:86:b8:70:5e:32:3d:1d:0d:c6:06:2e:bc:01:b1:
98:28:d1:b1:70:c5:25:ae:59:47:63:bd:1f:fc:88:
42:64:9d:66:5c:01:ed:a0:9e:26:34:13:55:28:2e:
a8:03:fa:70:e8:e7:45:ed:78:d3:bd:23:04:4c:4e:
f3:f4:7c:d6:4c:ee:61:b9:3d:fd:5f:fa:8f:9f:c4:
3e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BD:C8:DA:6F:E6:FD:C6:C6:62:F0:5C:A7:40:A8:1C:42:7F:0E:E6
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FAFD007C538711EA81ECEB2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.255.8.0/24
Signature Algorithm: sha256WithRSAEncryption
25:98:ae:f3:04:7c:a0:20:29:10:7c:95:a9:a4:45:a0:22:8d:
6b:87:1c:25:e7:79:50:ba:5e:74:58:2b:68:bc:e5:17:cc:80:
56:20:5d:ee:a7:a6:58:09:9b:3e:4d:49:1f:06:36:2a:57:cc:
e6:33:01:6b:dc:5e:54:8f:68:34:b3:51:15:fd:7c:8b:65:43:
73:2e:69:35:8e:6f:4c:f0:e6:9a:b0:61:2f:32:cf:f5:6c:e1:
37:c1:9b:fb:19:ec:04:5c:2b:0f:e2:7f:2d:56:c3:b9:45:50:
a6:0d:5d:77:f8:22:0b:e6:9e:58:a6:85:dd:d0:8c:1a:c7:cf:
86:f3:c7:63:38:45:92:de:e3:03:df:9d:df:5e:ba:ec:85:d1:
6b:3c:1b:db:f3:91:d5:c1:4a:37:0d:fa:3c:b4:f1:29:84:d4:
11:50:88:a2:d5:a7:ed:87:f2:d7:fb:e9:a6:f6:9c:03:d2:fa:
11:12:11:e4:c8:ca:34:c7:c0:30:a4:50:25:e0:6b:25:7e:8f:
6d:2a:69:c5:83:f2:b5:a4:6c:59:01:b9:d8:52:2d:ab:8d:e8:
9c:28:fe:1c:06:4f:24:05:85:50:d5:51:fa:20:3c:3b:57:10:
da:a7:7c:94:87:84:17:78:2b:38:17:20:5f:c2:60:11:83:3a:
ba:96:e3:e7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICE9owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjIwMjE4MDYyNDM2WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBmM2JhNC05Y2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA33HZaHm+uphj0sKeVm7PnAgLkGz7pFxMf1qba7Qz/2PSgXGUi49G9p3lctp0
35UikkCBjAeQ7wnLu7OXviKUqdyEM/cdVCmMjbU5VLdP7SHSBnA+VuY51U7DdUOI
JZPj79rdF6lXmAKL9mwrs+6KMrejHIA1ubOcP+3umfrO/Aua24UBEOZ9t/5GZwdk
wXwIifd5C6AxbTUSyaI55kNSlzxK/orVjQlFDhmDSM4BtYL1l/RohrhwXjI9HQ3G
Bi68AbGYKNGxcMUlrllHY70f/IhCZJ1mXAHtoJ4mNBNVKC6oA/pw6OdF7XjTvSME
TE7z9HzWTO5huT39X/qPn8Q+2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHS9yNpv
5v3GxmLwXKdAqBxCfw7mMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvRkFGRDAwN0M1
Mzg3MTFFQTgxRUNFQjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAx/wgwDQYJKoZIhvcNAQELBQADggEBACWYrvMEfKAgKRB8
lamkRaAijWuHHCXneVC6XnRYK2i85RfMgFYgXe6nplgJmz5NSR8GNipXzOYzAWvc
XlSPaDSzURX9fItlQ3MuaTWOb0zw5pqwYS8yz/Vs4TfBm/sZ7ARcKw/ify1Ww7lF
UKYNXXf4Igvmnlimhd3QjBrHz4bzx2M4RZLe4wPfnd9euuyF0Ws8G9vzkdXBSjcN
+jy08SmE1BFQiKLVp+2H8tf76ab2nAPS+hESEeTIyjTHwDCkUCXgayV+j20qacWD
8rWkbFkBudhSLauN6Jwo/hwGTyQFhVDVUfogPDtXENqnfJSHhBd4KzgXIF/CYBGD
OrqW4+c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org