Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/09801CBA5CD011EE80BF6972C4F9AE02.roa
File: 09801CBA5CD011EE80BF6972C4F9AE02.roa (raw, json)
Hash identifier: qpt39JkHUDGKaIPbOK/u9rPygjMNuHRXmV7embXyrTA=
Subject key identifier: 2D:92:EE:8A:F6:9D:D0:50:3A:05:B2:C4:DC:FA:7E:A5:5A:6C:A0:8D
Certificate issuer: /CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
Certificate serial: F7
Authority key identifier: 17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/09801CBA5CD011EE80BF6972C4F9AE02.roa
Signing time: Wed 27 Sep 2023 00:51:48 +0000
ROA not before: Wed 27 Sep 2023 00:51:48 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 3758
IP address blocks: 166.120.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 247 (0xf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
Validity
Not Before: Sep 27 00:51:48 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65137ca4-cc8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:9b:23:ab:df:5d:e4:88:e6:9d:c7:01:3f:c5:
bb:95:19:62:c0:6a:3d:f3:cf:22:88:9f:2a:31:07:
bf:94:a4:1c:39:21:b5:2a:2c:b4:42:65:d8:7b:f4:
68:fd:5e:10:cb:3f:12:4b:e7:ea:43:43:51:e8:68:
ed:61:19:12:51:e3:38:f7:91:1e:65:17:87:53:94:
3d:05:ae:23:2a:b3:f6:79:5d:df:f3:0a:5a:68:49:
69:4f:87:94:0f:46:ce:9d:aa:79:24:fb:7d:20:87:
ba:9f:84:07:b9:35:4a:ca:4e:d8:37:ed:af:4d:0a:
a6:93:fd:dd:7a:17:cc:80:81:3b:0f:21:b6:98:a8:
31:c2:e6:0c:d9:8a:ca:08:3e:e8:54:f3:37:70:dc:
74:8e:41:72:69:5e:af:10:c9:cd:b2:d1:13:f7:9d:
f4:a2:00:c8:8d:cf:3e:05:f2:2b:31:ea:6c:ce:0b:
42:91:af:7a:27:c6:38:3d:04:0a:02:ca:07:20:44:
87:08:82:26:df:81:e4:fd:e1:43:e0:c1:96:e2:b9:
51:ae:25:e0:30:0e:b3:67:94:df:0d:95:1a:73:16:
a3:5b:d2:d4:a0:92:a8:11:17:15:3d:54:41:a6:20:
4e:68:14:8a:09:a0:07:5f:0a:c6:41:f5:2c:f4:af:
4b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:92:EE:8A:F6:9D:D0:50:3A:05:B2:C4:DC:FA:7E:A5:5A:6C:A0:8D
X509v3 Authority Key Identifier:
keyid:17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/09801CBA5CD011EE80BF6972C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.120.129.0/24
Signature Algorithm: sha256WithRSAEncryption
42:fc:fe:f1:7e:57:cd:88:3c:ca:56:b6:36:5a:ce:12:65:81:
6b:3d:5e:24:70:d5:f8:6b:42:f7:a2:56:60:64:2e:ae:25:49:
59:5b:c7:38:66:d9:29:f2:b7:f5:a6:42:44:0c:5a:08:b7:16:
c0:16:25:b4:60:0a:1e:bb:62:25:ee:c8:9b:d1:44:15:d5:86:
4b:5a:16:24:ae:79:f0:ba:82:d8:a7:65:70:0b:03:22:95:e7:
b7:b1:dc:b8:be:86:6c:e4:70:af:af:69:86:0e:ea:d6:7c:32:
b3:0e:10:17:34:6f:78:6a:21:08:2e:f6:8d:36:a8:ce:24:79:
bf:48:53:4c:52:d7:28:4d:94:57:dd:f5:41:3c:02:2f:db:19:
a7:d5:e6:b5:bc:46:0b:5e:f3:1e:69:2d:0d:48:53:1a:14:1f:
31:34:fe:9f:1b:05:00:b6:50:8d:b6:cf:5b:5e:ff:4e:c0:b8:
c7:a4:be:8e:2d:ef:bc:d4:32:5d:30:03:7f:c5:be:49:3e:f4:
b4:68:25:24:e0:b9:92:54:51:cc:3d:1d:d7:bb:ab:d5:e5:2a:
6f:31:d1:ff:86:8c:31:ed:2d:dd:37:1c:3b:aa:65:85:3c:7f:
da:ba:09:2a:b3:f2:f5:da:53:86:78:2b:70:a7:e8:bd:72:6b:
4a:e6:b6:cd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJCNDcxMTAvBgNVBAUTKDE3RDVGRTMyM0VCRkQ5QThEMzQ0RTc3QjczNzk5QThF
NzU2MjQzNTIwHhcNMjMwOTI3MDA1MTQ4WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEzN2NhNC1jYzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8Jsjq99d5IjmnccBP8W7lRliwGo9888iiJ8qMQe/lKQcOSG1Kiy0QmXYe/Ro
/V4Qyz8SS+fqQ0NR6GjtYRkSUeM495EeZReHU5Q9Ba4jKrP2eV3f8wpaaElpT4eU
D0bOnap5JPt9IIe6n4QHuTVKyk7YN+2vTQqmk/3dehfMgIE7DyG2mKgxwuYM2YrK
CD7oVPM3cNx0jkFyaV6vEMnNstET9530ogDIjc8+BfIrMepszgtCka96J8Y4PQQK
AsoHIESHCIIm34Hk/eFD4MGW4rlRriXgMA6zZ5TfDZUacxajW9LUoJKoERcVPVRB
piBOaBSKCaAHXwrGQfUs9K9LUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFC2S7or2
ndBQOgWyxNz6fqVabKCNMB8GA1UdIwQYMBaAFBfV/jI+v9mo00Tne3N5mo51YkNS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkI0Ny9FODhFOUM3RTMz
QUYxMUVEQjYxMDc0MzRDNEY5QUUwMi9GOVgtTWo2XzJhalRST2Q3YzNtYWpuVmlR
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0Y5WC1NajZfMmFqVFJPZDdjM21ham5WaVExSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJCNDcvRTg4RTlDN0UzM0FGMTFFREI2MTA3NDM0QzRGOUFFMDIvMDk4MDFDQkE1
Q0QwMTFFRTgwQkY2OTcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACmeIEwDQYJKoZIhvcNAQELBQADggEBAEL8/vF+V82IPMpW
tjZazhJlgWs9XiRw1fhrQveiVmBkLq4lSVlbxzhm2Snyt/WmQkQMWgi3FsAWJbRg
Ch67YiXuyJvRRBXVhktaFiSuefC6gtinZXALAyKV57ex3Li+hmzkcK+vaYYO6tZ8
MrMOEBc0b3hqIQgu9o02qM4keb9IU0xS1yhNlFfd9UE8Ai/bGafV5rW8Rgte8x5p
LQ1IUxoUHzE0/p8bBQC2UI22z1te/07AuMekvo4t77zUMl0wA3/Fvkk+9LRoJSTg
uZJUUcw9Hde7q9XlKm8x0f+GjDHtLd03HDuqZYU8f9q6CSqz8vXaU4Z4K3Cn6L1y
a0rmts0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:48 2024 by rpki-client on console-fra.rpki-client.org