Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/3DE46DA85CD011EEAEAB0173C4F9AE02.roa
File: 3DE46DA85CD011EEAEAB0173C4F9AE02.roa (raw, json)
Hash identifier: lVIimeM2VhPGoU173RTvYvFgXgVsVAECYBRd/nJcYiE=
Subject key identifier: CD:FC:77:67:D8:C7:C4:5E:77:55:CA:35:97:9E:1A:9D:2B:9D:6A:16
Certificate issuer: /CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
Certificate serial: F9
Authority key identifier: 17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/3DE46DA85CD011EEAEAB0173C4F9AE02.roa
Signing time: Wed 27 Sep 2023 00:53:16 +0000
ROA not before: Wed 27 Sep 2023 00:53:15 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 139883
IP address blocks: 166.120.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249 (0xf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
Validity
Not Before: Sep 27 00:53:15 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=65137cfb-73c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:99:99:02:af:d0:5e:dd:f7:10:b0:20:32:f0:
da:27:b7:c0:cd:a4:80:9b:25:c3:83:5e:cd:39:d6:
2e:20:21:af:f2:61:22:cb:b9:05:04:e0:31:15:0b:
a0:be:2c:a2:ff:75:3f:7f:1e:a0:24:99:fc:5b:cd:
4f:47:36:0b:99:6f:0f:98:af:bc:aa:7b:f4:56:5f:
54:0d:18:f0:df:fc:9c:33:7f:8a:05:d0:87:48:19:
1b:00:16:f9:02:c6:7b:85:2b:80:91:c0:36:57:02:
51:8c:29:80:47:59:8e:5a:20:fa:db:6a:f5:7c:dd:
01:22:8b:fc:7f:bf:0e:84:9f:70:21:d8:b9:88:e2:
e4:48:53:3a:20:13:cb:ee:29:cf:2f:a0:9b:cf:96:
15:2a:9f:2c:d9:cf:45:52:75:90:c0:7c:94:b6:9e:
7a:71:08:27:52:73:7b:c9:d6:82:86:46:e4:be:ef:
f3:7f:5c:96:04:ae:90:9c:31:6a:63:ae:a3:bf:fe:
a3:d0:94:78:74:8c:f5:c2:fb:55:1c:1c:04:c2:39:
6f:90:fb:8c:40:65:8b:e9:33:31:0a:b7:db:7d:4a:
36:4a:16:80:49:fa:d4:ab:89:e1:3f:b0:15:12:29:
a8:db:d3:2d:0d:b0:7e:87:ee:27:24:20:75:44:ba:
0d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FC:77:67:D8:C7:C4:5E:77:55:CA:35:97:9E:1A:9D:2B:9D:6A:16
X509v3 Authority Key Identifier:
keyid:17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/3DE46DA85CD011EEAEAB0173C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.120.128.0/24
Signature Algorithm: sha256WithRSAEncryption
25:f5:ee:7c:1d:98:73:a8:16:83:51:b0:94:2f:3b:99:fa:41:
91:e0:b9:69:db:94:1f:f2:3e:c3:a5:35:2f:9b:5e:0c:1c:a8:
e2:2e:ba:2d:98:b0:b5:aa:8d:8c:9c:ce:ca:a9:22:59:3f:d8:
39:83:6c:8e:05:78:06:11:91:b2:95:77:13:4f:90:47:81:d7:
e8:f5:b7:77:85:70:8a:98:81:0d:f6:90:c0:2f:a7:d8:ea:b6:
88:fe:16:a6:02:40:58:d4:46:47:e2:a7:6e:11:85:aa:19:a2:
dc:4d:a9:34:3b:08:d3:80:09:f3:e9:f2:51:89:06:ab:c8:1f:
70:78:3f:26:9d:94:f3:2c:b6:ae:d4:7d:57:61:b9:9f:6d:27:
ff:48:86:9f:f3:ce:6a:1b:ad:e5:a4:2b:26:c9:0f:45:3a:15:
2a:5f:35:9d:ca:f2:e4:60:90:52:8d:4f:3b:79:2a:c3:4d:a3:
b9:26:9d:ab:8c:d7:83:33:50:94:2e:52:11:60:31:69:82:9d:
11:ee:1a:b4:07:3e:78:99:9c:22:b7:c4:52:34:ee:0e:d8:ca:
e5:0b:60:4c:57:33:22:4a:bf:7b:31:1e:c2:6e:4e:61:42:2f:
98:a3:d7:a4:e9:ac:39:c6:cb:d7:bd:90:2f:89:73:ae:a7:0b:
27:65:10:52
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJCNDcxMTAvBgNVBAUTKDE3RDVGRTMyM0VCRkQ5QThEMzQ0RTc3QjczNzk5QThF
NzU2MjQzNTIwHhcNMjMwOTI3MDA1MzE1WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEzN2NmYi03M2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0pmZAq/QXt33ELAgMvDaJ7fAzaSAmyXDg17NOdYuICGv8mEiy7kFBOAxFQug
viyi/3U/fx6gJJn8W81PRzYLmW8PmK+8qnv0Vl9UDRjw3/ycM3+KBdCHSBkbABb5
AsZ7hSuAkcA2VwJRjCmAR1mOWiD622r1fN0BIov8f78OhJ9wIdi5iOLkSFM6IBPL
7inPL6Cbz5YVKp8s2c9FUnWQwHyUtp56cQgnUnN7ydaChkbkvu/zf1yWBK6QnDFq
Y66jv/6j0JR4dIz1wvtVHBwEwjlvkPuMQGWL6TMxCrfbfUo2ShaASfrUq4nhP7AV
Eimo29MtDbB+h+4nJCB1RLoNDwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM38d2fY
x8Red1XKNZeeGp0rnWoWMB8GA1UdIwQYMBaAFBfV/jI+v9mo00Tne3N5mo51YkNS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkI0Ny9FODhFOUM3RTMz
QUYxMUVEQjYxMDc0MzRDNEY5QUUwMi9GOVgtTWo2XzJhalRST2Q3YzNtYWpuVmlR
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0Y5WC1NajZfMmFqVFJPZDdjM21ham5WaVExSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJCNDcvRTg4RTlDN0UzM0FGMTFFREI2MTA3NDM0QzRGOUFFMDIvM0RFNDZEQTg1
Q0QwMTFFRUFFQUIwMTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACmeIAwDQYJKoZIhvcNAQELBQADggEBACX17nwdmHOoFoNR
sJQvO5n6QZHguWnblB/yPsOlNS+bXgwcqOIuui2YsLWqjYyczsqpIlk/2DmDbI4F
eAYRkbKVdxNPkEeB1+j1t3eFcIqYgQ32kMAvp9jqtoj+FqYCQFjURkfip24RhaoZ
otxNqTQ7CNOACfPp8lGJBqvIH3B4PyadlPMstq7UfVdhuZ9tJ/9Ihp/zzmobreWk
KybJD0U6FSpfNZ3K8uRgkFKNTzt5KsNNo7kmnauM14MzUJQuUhFgMWmCnRHuGrQH
PniZnCK3xFI07g7YyuULYExXMyJKv3sxHsJuTmFCL5ij16TprDnGy9e9kC+Jc66n
CydlEFI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org