Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F00E/5AA1822EAD3911EDA0B9B83CC4F9AE02/08256CB8AD3E11ED8B645C39C4F9AE02.roa
File: 08256CB8AD3E11ED8B645C39C4F9AE02.roa (raw, json)
Hash identifier: vRIPN9oj66eN0fdk19st4BDQH/bGM7doyZD118pGWt4=
Subject key identifier: D5:83:4E:E6:E9:07:A9:6F:B4:8E:B8:D8:79:FD:22:91:82:BC:D1:EC
Certificate issuer: /CN=A918F00E/serialNumber=18E1F732EFA53C3973A1ACD22C1368A5E1F2CA52
Certificate serial: 02
Authority key identifier: 18:E1:F7:32:EF:A5:3C:39:73:A1:AC:D2:2C:13:68:A5:E1:F2:CA:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GOH3Mu-lPDlzoazSLBNopeHyylI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F00E/5AA1822EAD3911EDA0B9B83CC4F9AE02/08256CB8AD3E11ED8B645C39C4F9AE02.roa
Signing time: Wed 15 Feb 2023 14:35:46 +0000
ROA not before: Wed 15 Feb 2023 14:35:46 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 38583
IP address blocks: 203.20.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F00E/serialNumber=18E1F732EFA53C3973A1ACD22C1368A5E1F2CA52
Validity
Not Before: Feb 15 14:35:46 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63ecedc1-8015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:99:7b:da:f6:dd:b0:b3:12:be:72:f9:4b:e9:
37:84:f0:dc:91:ce:5f:46:4d:70:ba:1e:13:a9:8e:
b5:71:28:0a:0f:65:f9:60:79:8b:f1:3c:4e:62:96:
c2:d1:21:ee:90:36:4c:5e:ae:62:7d:19:75:80:39:
a2:7d:0c:2c:a0:07:da:89:27:df:98:5e:3c:2e:e3:
bc:46:d7:d3:4a:e5:d2:6e:46:51:7a:0f:f8:53:25:
b0:74:a3:05:35:b4:67:b3:43:2b:f8:24:52:8f:f7:
59:9e:76:2e:3f:cd:19:3b:58:32:ca:67:87:7d:bc:
ee:6d:96:66:11:7c:ce:5c:02:e9:8d:ac:fa:c4:17:
a0:45:bf:33:34:a6:e1:0a:f0:ec:35:91:2d:cb:da:
b3:11:7a:8e:c7:14:99:99:d3:dd:2a:ec:73:fb:be:
76:2c:50:93:f0:b0:27:84:bc:9a:b6:1b:d5:62:d3:
76:ca:7c:ef:c5:26:ed:95:9e:e8:82:c1:de:ba:2e:
22:ed:b3:65:1d:23:10:a9:bb:13:92:18:b1:d0:67:
e8:71:24:61:2f:72:cf:d6:e7:0f:22:8c:c2:95:73:
3e:18:40:16:57:cb:ac:43:da:ca:a5:87:0e:92:00:
51:08:41:c2:24:07:5f:21:2a:43:98:fd:77:68:e8:
96:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:83:4E:E6:E9:07:A9:6F:B4:8E:B8:D8:79:FD:22:91:82:BC:D1:EC
X509v3 Authority Key Identifier:
keyid:18:E1:F7:32:EF:A5:3C:39:73:A1:AC:D2:2C:13:68:A5:E1:F2:CA:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F00E/5AA1822EAD3911EDA0B9B83CC4F9AE02/GOH3Mu-lPDlzoazSLBNopeHyylI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GOH3Mu-lPDlzoazSLBNopeHyylI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F00E/5AA1822EAD3911EDA0B9B83CC4F9AE02/08256CB8AD3E11ED8B645C39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.20.69.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ce:a9:0f:af:dc:7c:d7:16:45:43:b7:f3:d3:52:1c:ab:2f:
72:08:a1:bc:a7:3d:cb:b5:bc:d9:09:d7:d5:04:2c:59:8b:5a:
39:85:09:97:ea:10:6e:35:25:06:8d:cb:9d:11:4e:94:17:6e:
38:f7:c5:ee:d2:1d:7b:22:cd:55:4a:08:ae:4c:4d:f4:b1:f0:
e8:af:bb:4b:19:41:19:59:89:45:9c:c7:19:cd:93:e6:61:b1:
45:e6:d5:6e:5d:01:bd:17:69:5b:d6:59:2d:6a:1b:f8:b8:4c:
a2:0f:b2:51:bb:37:1f:2f:7c:26:b0:1c:a2:a0:66:40:b0:fb:
d5:a0:b6:50:aa:53:b7:cb:7d:73:32:07:53:7f:9b:b6:69:dd:
26:8b:48:ec:aa:94:10:22:7a:a7:de:f6:73:59:a5:58:90:72:
e3:72:23:fb:48:9c:1f:ca:bf:66:5f:45:41:57:26:7e:ff:58:
64:86:eb:36:3d:68:0c:a0:67:bb:ba:b6:28:b9:7e:f4:fc:a0:
6b:d7:44:92:2c:6c:5c:5e:eb:df:56:d5:05:45:b8:82:3a:00:
de:b8:d3:4a:03:e3:66:1a:6f:b9:69:94:9a:01:67:29:15:f9:
0e:d3:4e:d9:2f:12:fd:ce:a6:36:4c:a7:8d:f9:bb:fd:6c:dc:
a5:1d:b2:cf
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
RjAwRTExMC8GA1UEBRMoMThFMUY3MzJFRkE1M0MzOTczQTFBQ0QyMkMxMzY4QTVF
MUYyQ0E1MjAeFw0yMzAyMTUxNDM1NDZaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZWNlZGMxLTgwMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLmXva9t2wsxK+cvlL6TeE8NyRzl9GTXC6HhOpjrVxKAoPZflgeYvxPE5ilsLR
Ie6QNkxermJ9GXWAOaJ9DCygB9qJJ9+YXjwu47xG19NK5dJuRlF6D/hTJbB0owU1
tGezQyv4JFKP91medi4/zRk7WDLKZ4d9vO5tlmYRfM5cAumNrPrEF6BFvzM0puEK
8Ow1kS3L2rMReo7HFJmZ090q7HP7vnYsUJPwsCeEvJq2G9Vi03bKfO/FJu2VnuiC
wd66LiLts2UdIxCpuxOSGLHQZ+hxJGEvcs/W5w8ijMKVcz4YQBZXy6xD2sqlhw6S
AFEIQcIkB18hKkOY/Xdo6JbzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU1YNO5ukH
qW+0jrjYef0ikYK80ewwHwYDVR0jBBgwFoAUGOH3Mu+lPDlzoazSLBNopeHyylIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThGMDBFLzVBQTE4MjJFQUQz
OTExRURBMEI5QjgzQ0M0RjlBRTAyL0dPSDNNdS1sUERsem9helNMQk5vcGVIeXls
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR09IM011LWxQRGx6b2F6U0xCTm9wZUh5eWxJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RjAwRS81QUExODIyRUFEMzkxMUVEQTBCOUI4M0NDNEY5QUUwMi8wODI1NkNCOEFE
M0UxMUVEOEI2NDVDMzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsURTANBgkqhkiG9w0BAQsFAAOCAQEALc6pD6/cfNcWRUO3
89NSHKsvcgihvKc9y7W82QnX1QQsWYtaOYUJl+oQbjUlBo3LnRFOlBduOPfF7tId
eyLNVUoIrkxN9LHw6K+7SxlBGVmJRZzHGc2T5mGxRebVbl0BvRdpW9ZZLWob+LhM
og+yUbs3Hy98JrAcoqBmQLD71aC2UKpTt8t9czIHU3+btmndJotI7KqUECJ6p972
c1mlWJBy43Ij+0icH8q/Zl9FQVcmfv9YZIbrNj1oDKBnu7q2KLl+9Pyga9dEkixs
XF7r31bVBUW4gjoA3rjTSgPjZhpvuWmUmgFnKRX5DtNO2S8S/c6mNkynjfm7/Wzc
pR2yzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org