Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/7E270B46F3F111EA9A63CB57C4F9AE02.roa
File: 7E270B46F3F111EA9A63CB57C4F9AE02.roa (raw, json)
Hash identifier: a9Q5DwiuygJscgpYiMEXzK7erxtqk6cAV9VkPhT2RZk=
Subject key identifier: CD:2A:14:2E:29:00:0A:CE:A3:35:40:21:31:7E:56:C4:5B:9F:3D:A8
Certificate issuer: /CN=A917138D/serialNumber=AE0F0E9ED4A6706E92E10B789BAC2C625A565156
Certificate serial: 05F6
Authority key identifier: AE:0F:0E:9E:D4:A6:70:6E:92:E1:0B:78:9B:AC:2C:62:5A:56:51:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rg8OntSmcG6S4Qt4m6wsYlpWUVY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/7E270B46F3F111EA9A63CB57C4F9AE02.roa
Signing time: Mon 31 Oct 2022 23:49:21 +0000
ROA not before: Mon 31 Oct 2022 23:49:21 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 22351
IP address blocks: 202.44.112.0/22 maxlen: 22
203.83.48.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1526 (0x5f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917138D/serialNumber=AE0F0E9ED4A6706E92E10B789BAC2C625A565156
Validity
Not Before: Oct 31 23:49:21 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63605f01-abd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9c:4c:9e:ba:f8:b0:d1:03:8d:18:84:5b:75:
e7:d4:48:a2:74:71:0d:68:28:7e:2a:2c:f7:3b:f5:
a7:c9:ae:65:bd:a5:53:f4:38:7d:cd:d5:ce:34:ab:
a0:32:bb:84:bc:d8:ea:05:41:dd:0d:b2:8a:bf:15:
97:c6:a6:90:3b:f0:1a:48:a4:64:3a:8e:07:4a:81:
b7:69:7c:41:aa:ea:1c:cd:f3:a0:a0:c4:41:f8:44:
22:77:8e:08:04:02:2f:a1:32:7a:3b:2b:0c:3b:3c:
90:5e:5e:fa:67:d3:6c:fc:00:0f:58:5e:b6:7b:1c:
c6:c9:7d:54:ef:1e:03:18:08:db:82:bb:ba:34:f2:
bb:91:f1:af:39:60:5b:83:2a:e1:17:a7:ea:ed:76:
a7:11:c4:e1:d2:86:9b:54:cf:29:e1:fb:51:df:e5:
6a:33:b9:cd:83:fd:f8:7a:0f:ae:aa:59:d7:03:18:
35:18:34:0e:90:8b:c3:d6:b1:63:e7:dc:ec:f9:61:
19:1d:c5:cf:af:a7:6b:94:96:13:db:0e:2b:ee:66:
4d:1c:ab:d1:34:18:b2:15:5f:28:f1:02:6d:48:73:
43:a6:43:7c:01:5b:93:1a:14:07:82:87:c0:cb:cb:
42:fe:be:4f:6a:cd:74:e7:8b:1a:fe:44:bd:7b:c5:
a3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2A:14:2E:29:00:0A:CE:A3:35:40:21:31:7E:56:C4:5B:9F:3D:A8
X509v3 Authority Key Identifier:
keyid:AE:0F:0E:9E:D4:A6:70:6E:92:E1:0B:78:9B:AC:2C:62:5A:56:51:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/rg8OntSmcG6S4Qt4m6wsYlpWUVY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rg8OntSmcG6S4Qt4m6wsYlpWUVY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917138D/4F6E9318F3ED11EAA4A1D64DC4F9AE02/7E270B46F3F111EA9A63CB57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.44.112.0/22
203.83.48.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:ac:84:8c:33:12:f8:17:d1:b7:6d:9d:3c:10:18:5a:8c:85:
06:d6:91:a8:8c:61:c9:fd:da:85:43:36:4d:77:af:3c:4c:44:
83:f8:a5:af:2d:3d:2d:20:53:20:7d:76:03:91:b0:a2:68:22:
61:6f:b3:0a:e0:00:22:9b:66:96:0e:26:be:ee:00:f3:a4:84:
83:87:f3:0e:7d:83:48:56:38:2d:6f:48:38:bc:53:12:2a:26:
41:98:29:24:6e:d7:0f:76:4b:3a:9d:cf:54:fe:2b:a1:db:c4:
69:c8:4e:40:22:5c:de:f5:fb:ca:b5:a3:b9:d5:47:1c:fe:ba:
bc:16:41:df:32:86:b9:ab:fe:6a:51:4c:47:65:84:44:06:24:
62:f7:05:3a:45:8a:93:32:fc:2a:53:d0:64:15:d1:c3:83:aa:
05:96:1d:92:bf:69:37:90:35:a8:4b:4d:18:d8:82:1b:5e:54:
5d:e7:d1:0f:ef:e2:b4:13:5e:c0:da:a9:7a:b2:cf:ec:cb:3f:
b2:b9:a5:b5:81:ca:b1:e3:3a:5b:c2:5f:8f:4a:23:d9:3b:76:
91:5a:1d:ac:81:4f:fb:ad:c0:d0:f9:62:30:56:77:da:9e:8f:
61:89:15:67:a5:72:72:5c:78:c0:29:00:9a:8a:44:7a:db:a7:
62:56:5a:cd
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBfYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzEzOEQxMTAvBgNVBAUTKEFFMEYwRTlFRDRBNjcwNkU5MkUxMEI3ODlCQUMyQzYy
NUE1NjUxNTYwHhcNMjIxMDMxMjM0OTIxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYwNWYwMS1hYmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuZxMnrr4sNEDjRiEW3Xn1EiidHENaCh+Kiz3O/Wnya5lvaVT9Dh9zdXONKug
MruEvNjqBUHdDbKKvxWXxqaQO/AaSKRkOo4HSoG3aXxBquoczfOgoMRB+EQid44I
BAIvoTJ6OysMOzyQXl76Z9Ns/AAPWF62exzGyX1U7x4DGAjbgru6NPK7kfGvOWBb
gyrhF6fq7XanEcTh0oabVM8p4ftR3+VqM7nNg/34eg+uqlnXAxg1GDQOkIvD1rFj
59zs+WEZHcXPr6drlJYT2w4r7mZNHKvRNBiyFV8o8QJtSHNDpkN8AVuTGhQHgofA
y8tC/r5Pas1054sa/kS9e8WjYwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFM0qFC4p
AArOozVAITF+VsRbnz2oMB8GA1UdIwQYMBaAFK4PDp7UpnBukuELeJusLGJaVlFW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTM4RC80RjZFOTMxOEYz
RUQxMUVBQTRBMUQ2NERDNEY5QUUwMi9yZzhPbnRTbWNHNlM0UXQ0bTZ3c1lscFdV
VlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JnOE9udFNtY0c2UzRRdDRtNndzWWxwV1VWWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzEzOEQvNEY2RTkzMThGM0VEMTFFQUE0QTFENjREQzRGOUFFMDIvN0UyNzBCNDZG
M0YxMTFFQTlBNjNDQjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBALKLHADBAPLUzAwDQYJKoZIhvcNAQELBQADggEBAB+shIwz
EvgX0bdtnTwQGFqMhQbWkaiMYcn92oVDNk13rzxMRIP4pa8tPS0gUyB9dgORsKJo
ImFvswrgACKbZpYOJr7uAPOkhIOH8w59g0hWOC1vSDi8UxIqJkGYKSRu1w92Szqd
z1T+K6HbxGnITkAiXN71+8q1o7nVRxz+urwWQd8yhrmr/mpRTEdlhEQGJGL3BTpF
ipMy/CpT0GQV0cODqgWWHZK/aTeQNahLTRjYghteVF3n0Q/v4rQTXsDaqXqyz+zL
P7K5pbWByrHjOlvCX49KI9k7dpFaHayBT/utwND5YjBWd9qej2GJFWelcnJceMAp
AJqKRHrbp2JWWs0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org