Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/4541C708C94211ECACAE5B52C4F9AE02.roa
File: 4541C708C94211ECACAE5B52C4F9AE02.roa (raw, json)
Hash identifier: ajpz1hEaaYHpgsL8ZxobKUMbcZ6PW4iI96/hSftiKhw=
Subject key identifier: 97:79:9C:67:D5:1F:DF:DC:6B:52:30:A6:72:15:28:AC:5F:9D:47:0B
Certificate issuer: /CN=A911CA82/serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Certificate serial: 02B1
Authority key identifier: D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/4541C708C94211ECACAE5B52C4F9AE02.roa
Signing time: Sun 01 May 2022 11:31:41 +0000
ROA not before: Sun 01 May 2022 11:31:41 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 133070
IP address blocks: 203.80.170.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 689 (0x2b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA82/serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Validity
Not Before: May 1 11:31:41 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=626e6f9d-38bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b8:2a:32:f8:2a:f8:fa:84:99:71:bd:17:e5:
91:0f:42:eb:23:c5:73:2f:d2:3f:0f:55:94:dd:46:
15:17:2b:65:ef:d0:63:f0:f6:7d:72:27:f5:3e:da:
a0:a8:cd:db:2a:0b:51:14:eb:6d:d2:c2:49:75:13:
80:e1:8a:4a:f8:d7:59:b1:02:a0:49:0e:ab:cc:95:
d6:6c:f0:39:19:50:96:24:86:1a:ea:80:24:53:46:
17:e0:4c:31:28:a8:cc:25:a6:bf:55:28:48:f4:f2:
63:39:59:f5:cf:a8:46:65:c2:c6:dd:78:8b:b5:df:
cc:64:cf:f5:d8:ec:79:2a:2d:14:46:4b:f8:8f:a1:
9c:bc:bb:7e:a4:9c:8c:13:a3:92:2c:a5:a7:d4:22:
93:b1:1a:f4:96:f3:a3:98:98:18:e1:df:b1:c9:dd:
77:2b:ce:dc:9d:d5:61:fa:e1:3b:57:f2:fa:b4:ad:
61:04:7a:e9:f5:d5:b0:4b:0d:f8:c6:5c:8a:57:6a:
d2:ff:73:0a:e7:b9:0e:ba:e9:8f:b3:12:a9:2a:2d:
b9:68:df:26:cc:19:82:8a:05:4f:83:ad:bd:44:8b:
22:20:85:58:6b:6d:be:e9:af:2e:b0:bf:84:ec:9b:
3d:7d:fc:55:96:09:80:84:a2:f9:f6:1e:3c:ec:bf:
3e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:79:9C:67:D5:1F:DF:DC:6B:52:30:A6:72:15:28:AC:5F:9D:47:0B
X509v3 Authority Key Identifier:
keyid:D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/4541C708C94211ECACAE5B52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.80.170.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:e3:44:fd:70:b1:63:57:c7:8a:fa:bd:02:4b:95:38:a3:2e:
96:a8:dc:76:d2:d6:b3:5b:4a:5e:ed:bf:31:f9:e5:e6:5b:40:
80:78:50:70:db:5c:be:3d:15:d0:88:0c:84:cd:27:5b:d8:a7:
b5:0a:25:c7:21:da:59:05:4a:e4:34:c1:93:29:8d:52:fb:39:
97:10:d6:e0:57:5d:11:82:54:51:34:ef:cd:f0:2c:38:01:b3:
0a:bf:9e:b8:1b:04:f0:26:38:51:f8:b9:d5:56:83:f2:15:95:
7e:d7:92:5c:f4:45:c3:57:0c:54:78:e8:04:2f:1f:ab:d7:d2:
83:ef:f7:b4:be:ae:81:3a:63:a9:56:cc:7c:4b:99:15:24:48:
d7:6e:90:42:4f:a9:dd:2a:a5:ec:9a:90:d1:73:9a:3f:04:0c:
b1:fa:0e:e1:ce:10:59:e5:05:b9:ba:59:51:82:b1:60:c1:10:
a1:cc:6d:9b:30:9f:65:bf:df:26:a1:a3:24:42:6f:f8:12:c9:
b6:14:eb:fd:90:29:9b:a5:97:76:ac:87:85:15:90:df:f3:51:
30:8e:5c:34:ab:93:96:61:a1:2b:16:98:af:dc:24:d2:7a:f4:
bc:c8:a8:da:6a:8d:27:b4:08:42:9c:44:40:77:4a:c1:6b:3c:
34:b3:db:36
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICArEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBODIxMTAvBgNVBAUTKEQyQTA4NzFCQ0Q4Mzc2QzExQThGMDQ5QTM5ODU1QUZD
REIxODMwNjQwHhcNMjIwNTAxMTEzMTQxWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZlNmY5ZC0zOGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA37gqMvgq+PqEmXG9F+WRD0LrI8VzL9I/D1WU3UYVFytl79Bj8PZ9cif1Ptqg
qM3bKgtRFOtt0sJJdROA4YpK+NdZsQKgSQ6rzJXWbPA5GVCWJIYa6oAkU0YX4Ewx
KKjMJaa/VShI9PJjOVn1z6hGZcLG3XiLtd/MZM/12Ox5Ki0URkv4j6GcvLt+pJyM
E6OSLKWn1CKTsRr0lvOjmJgY4d+xyd13K87cndVh+uE7V/L6tK1hBHrp9dWwSw34
xlyKV2rS/3MK57kOuumPsxKpKi25aN8mzBmCigVPg629RIsiIIVYa22+6a8usL+E
7Js9ffxVlgmAhKL59h487L8+iwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJd5nGfV
H9/ca1IwpnIVKKxfnUcLMB8GA1UdIwQYMBaAFNKghxvNg3bBGo8EmjmFWvzbGDBk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E4Mi8wQkVCMzc1QUJF
NDQxMUVCQUUzRDQzNDhDNEY5QUUwMi8wcUNIRzgyRGRzRWFqd1NhT1lWYV9Oc1lN
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBxQ0hHODJEZHNFYWp3U2FPWVZhX05zWU1HUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBODIvMEJFQjM3NUFCRTQ0MTFFQkFFM0Q0MzQ4QzRGOUFFMDIvNDU0MUM3MDhD
OTQyMTFFQ0FDQUU1QjUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLUKowDQYJKoZIhvcNAQELBQADggEBAB/jRP1wsWNXx4r6
vQJLlTijLpao3HbS1rNbSl7tvzH55eZbQIB4UHDbXL49FdCIDITNJ1vYp7UKJcch
2lkFSuQ0wZMpjVL7OZcQ1uBXXRGCVFE0783wLDgBswq/nrgbBPAmOFH4udVWg/IV
lX7Xklz0RcNXDFR46AQvH6vX0oPv97S+roE6Y6lWzHxLmRUkSNdukEJPqd0qpeya
kNFzmj8EDLH6DuHOEFnlBbm6WVGCsWDBEKHMbZswn2W/3yahoyRCb/gSybYU6/2Q
KZull3ash4UVkN/zUTCOXDSrk5ZhoSsWmK/cJNJ69LzIqNpqjSe0CEKcREB3SsFr
PDSz2zY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org