Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/CFD8AF80F88011EDB1DF555DC4F9AE02.roa
File: CFD8AF80F88011EDB1DF555DC4F9AE02.roa (raw, json)
Hash identifier: sbCtfZlk/vHQnGxqhn4Lh3CTLsTbEic+0FrtZwfdUjg=
Subject key identifier: 5B:01:50:9D:23:80:33:3F:FE:37:E2:F4:A6:AD:E8:76:33:4D:7B:42
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 1684
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/CFD8AF80F88011EDB1DF555DC4F9AE02.roa
Signing time: Mon 22 May 2023 09:12:45 +0000
ROA not before: Mon 22 May 2023 09:12:45 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 135523
IP address blocks: 203.128.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5764 (0x1684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: May 22 09:12:45 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=646b320c-d06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3d:23:a3:01:59:48:ec:80:b2:0e:f4:9b:8b:
5f:b7:70:3c:c0:48:e6:a2:2d:05:40:36:d8:a9:d5:
8e:4e:b3:f0:a2:12:f5:3d:90:84:38:ef:e1:4c:41:
16:f7:fa:cf:bc:0b:ca:15:64:96:82:98:83:f6:e4:
ac:01:b3:f7:20:ab:8b:bc:9f:fa:e5:b1:35:fc:09:
b2:47:63:be:6f:b5:24:1a:1f:c2:46:09:0d:0b:a5:
c0:a4:ed:5b:3b:18:9c:14:9b:52:91:ed:0d:42:47:
cb:31:51:bc:7e:39:04:b8:0c:f0:8c:80:72:81:ba:
96:55:79:29:6e:9f:81:33:bc:82:f0:9b:fc:16:35:
83:7c:0b:32:1a:fb:53:d9:15:2e:fc:bd:ec:d3:3d:
6f:98:80:73:f1:4d:b7:b3:1d:5d:92:0a:91:e2:92:
7f:8d:84:de:af:76:a0:cc:64:ad:66:e9:64:7a:93:
43:47:15:be:23:9c:0c:d2:9d:e0:ab:b1:ba:58:0c:
be:6b:c1:46:44:04:ba:e6:58:84:4a:11:94:8a:a8:
1f:f8:f3:71:17:df:0a:f9:cf:52:b1:30:29:bd:a7:
0c:c5:b2:3d:a5:66:f9:1c:84:56:c4:be:03:12:f6:
44:f0:86:b1:c8:64:75:a3:01:a2:84:9f:b8:ce:a0:
0f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:01:50:9D:23:80:33:3F:FE:37:E2:F4:A6:AD:E8:76:33:4D:7B:42
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/CFD8AF80F88011EDB1DF555DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.128.30.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:02:d8:b0:e9:ae:1f:18:74:dd:b4:19:a5:af:c4:cf:b5:19:
a2:df:df:40:e7:18:5d:86:cb:25:6f:84:74:74:59:2c:d7:99:
53:77:c5:20:eb:54:44:da:92:87:87:10:ab:c2:60:b3:24:4c:
7d:0a:2c:8b:6a:36:9a:c1:d0:20:5d:2b:57:79:91:c2:af:d9:
16:2f:9b:7f:66:7b:93:74:15:11:65:dd:5f:da:13:9d:40:c6:
fc:16:19:30:29:5c:08:53:58:20:ee:ca:c3:22:b6:36:7d:6f:
41:af:2e:fe:53:04:53:85:fc:e8:f9:3e:a6:de:02:17:38:d9:
7a:b3:b5:b0:f8:02:8c:99:de:45:68:87:28:b9:24:bb:04:77:
f9:a7:ac:ad:67:82:51:a2:83:4e:56:51:0e:6b:a9:14:b3:a7:
bf:dc:9f:9a:3f:a8:9c:20:36:80:4c:b0:d2:fe:28:79:ac:9a:
42:f4:dc:b3:f3:15:a0:42:cb:17:4d:8f:6d:06:e7:ef:44:a9:
bb:2c:09:c1:82:dc:37:38:9a:67:8b:ad:a1:51:f2:92:49:bd:
8c:13:22:16:50:7a:b5:de:13:09:ad:0a:19:b8:07:e7:57:d9:
d2:c0:e1:7d:dd:ec:a5:8d:00:4a:8a:bf:4a:a2:72:51:80:b3:
2f:fb:54:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFoQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjMwNTIyMDkxMjQ1WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZiMzIwYy1kMDZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuT0jowFZSOyAsg70m4tft3A8wEjmoi0FQDbYqdWOTrPwohL1PZCEOO/hTEEW
9/rPvAvKFWSWgpiD9uSsAbP3IKuLvJ/65bE1/AmyR2O+b7UkGh/CRgkNC6XApO1b
OxicFJtSke0NQkfLMVG8fjkEuAzwjIBygbqWVXkpbp+BM7yC8Jv8FjWDfAsyGvtT
2RUu/L3s0z1vmIBz8U23sx1dkgqR4pJ/jYTer3agzGStZulkepNDRxW+I5wM0p3g
q7G6WAy+a8FGRAS65liEShGUiqgf+PNxF98K+c9SsTApvacMxbI9pWb5HIRWxL4D
EvZE8IaxyGR1owGihJ+4zqAPXQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFsBUJ0j
gDM//jfi9Kat6HYzTXtCMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvQ0ZEOEFGODBG
ODgwMTFFREIxREY1NTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLgB4wDQYJKoZIhvcNAQELBQADggEBANAC2LDprh8YdN20
GaWvxM+1GaLf30DnGF2GyyVvhHR0WSzXmVN3xSDrVETakoeHEKvCYLMkTH0KLItq
NprB0CBdK1d5kcKv2RYvm39me5N0FRFl3V/aE51AxvwWGTApXAhTWCDuysMitjZ9
b0GvLv5TBFOF/Oj5PqbeAhc42XqztbD4AoyZ3kVohyi5JLsEd/mnrK1nglGig05W
UQ5rqRSzp7/cn5o/qJwgNoBMsNL+KHmsmkL03LPzFaBCyxdNj20G5+9EqbssCcGC
3Dc4mmeLraFR8pJJvYwTIhZQerXeEwmtChm4B+dX2dLA4X3d7KWNAEqKv0qiclGA
sy/7VJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org