Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/717EEC1E678B11ED8F22F91FC4F9AE02.roa
File: 717EEC1E678B11ED8F22F91FC4F9AE02.roa (raw, json)
Hash identifier: A/LoPi3/cp4fSCLiXg0GF784HgPKKwv5xnmdOWTf1aQ=
Subject key identifier: 63:2A:EE:A0:A7:EA:FC:DA:63:F2:70:5D:26:81:8D:B7:AE:6F:01:D8
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 01A1
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/717EEC1E678B11ED8F22F91FC4F9AE02.roa
Signing time: Fri 17 Feb 2023 21:04:16 +0000
ROA not before: Fri 17 Feb 2023 21:04:16 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 43260
IP address blocks: 203.32.21.0/24 maxlen: 24
203.32.26.0/24 maxlen: 24
203.32.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 417 (0x1a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Feb 17 21:04:16 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=63efebd0-22da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e2:e4:28:56:24:3a:e8:64:2b:96:d0:56:c3:
da:0c:98:22:61:e5:6d:e8:49:3d:bd:9b:75:25:66:
2b:af:2a:a5:f3:18:63:49:b2:1f:b4:cc:d2:3d:5d:
23:75:08:82:b8:75:e2:47:0b:d7:bb:69:29:60:cc:
f9:76:90:b1:2e:31:08:1c:f3:36:5b:0d:df:e7:f2:
df:80:5b:08:43:a9:40:bf:15:1c:01:3c:4f:df:3d:
6b:20:19:d6:ee:64:aa:4b:63:3c:45:2e:46:45:ff:
e0:54:3d:92:e0:31:7d:7b:0a:3a:91:b9:b6:31:36:
af:ca:96:77:6c:72:03:d6:00:6e:3f:f7:77:4e:8d:
d6:ee:8e:56:c1:38:5c:db:b4:fb:c3:16:ce:9e:e1:
30:94:80:30:d5:2f:12:f0:2b:38:3a:7e:de:80:50:
bd:51:94:cb:0e:da:a4:dc:11:26:d0:1c:14:d4:b1:
d3:df:bc:b2:11:e2:d3:e6:7c:e9:00:33:76:6b:62:
8b:90:8f:ac:bf:b2:35:ee:eb:bd:e2:7c:8e:2f:12:
25:ff:1b:0f:9b:11:e9:bf:a6:e9:93:ab:e9:c6:b6:
06:32:cd:2f:e7:73:b8:53:4d:6d:60:4a:a3:86:86:
86:dc:92:a5:13:76:27:ea:a0:52:53:88:cb:6e:ce:
a4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2A:EE:A0:A7:EA:FC:DA:63:F2:70:5D:26:81:8D:B7:AE:6F:01:D8
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/717EEC1E678B11ED8F22F91FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.21.0/24
203.32.26.0/24
203.32.28.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ff:90:b9:8a:b4:6e:f2:37:8e:ba:e2:10:01:fc:2d:59:f7:
b0:34:ed:3f:d1:b0:0f:a9:12:79:b2:2c:f1:1c:58:f6:80:10:
4c:b4:6f:95:70:d1:f0:ba:12:02:f2:82:b5:52:94:2d:8c:a0:
4b:f2:f5:93:0e:a1:6b:f2:71:c7:2f:d6:d6:19:cd:91:27:8b:
f6:eb:10:78:4a:bc:34:7a:ee:47:16:d8:a3:05:d6:f4:22:c5:
3e:db:46:94:8a:e8:b4:bc:b2:26:03:5e:2c:d5:b4:00:cd:11:
da:65:87:77:37:3d:9d:3e:95:fa:97:3c:61:f5:36:ea:e6:70:
a0:e7:92:8a:94:52:1d:b0:fb:82:77:0b:10:a9:14:c3:27:70:
7f:db:b8:58:f6:ab:2f:7c:d9:50:6f:f7:ef:7d:35:67:cf:e9:
c8:1b:4a:0a:fe:00:34:05:12:9b:01:ad:eb:85:60:6f:e8:3d:
67:06:38:04:69:2e:98:3e:61:8e:a2:04:07:34:f2:2b:a0:8a:
f8:89:c3:c0:71:fd:9e:9c:7b:ac:22:17:b6:28:01:92:51:bf:
48:86:80:52:e8:77:31:df:b0:b7:16:bc:bb:bb:b6:32:89:43:
32:78:e0:9a:f5:9c:5d:b9:61:b4:90:68:bb:51:31:18:27:39:
11:8f:34:90
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwMjE3MjEwNDE2WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VmZWJkMC0yMmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnOLkKFYkOuhkK5bQVsPaDJgiYeVt6Ek9vZt1JWYrryql8xhjSbIftMzSPV0j
dQiCuHXiRwvXu2kpYMz5dpCxLjEIHPM2Ww3f5/LfgFsIQ6lAvxUcATxP3z1rIBnW
7mSqS2M8RS5GRf/gVD2S4DF9ewo6kbm2MTavypZ3bHID1gBuP/d3To3W7o5WwThc
27T7wxbOnuEwlIAw1S8S8Cs4On7egFC9UZTLDtqk3BEm0BwU1LHT37yyEeLT5nzp
ADN2a2KLkI+sv7I17uu94nyOLxIl/xsPmxHpv6bpk6vpxrYGMs0v53O4U01tYEqj
hoaG3JKlE3Yn6qBSU4jLbs6k7wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGMq7qCn
6vzaY/JwXSaBjbeubwHYMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNzE3RUVDMUU2
NzhCMTFFRDhGMjJGOTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADLIBUDBADLIBoDBADLIBwwDQYJKoZIhvcNAQELBQADggEB
AGj/kLmKtG7yN4664hAB/C1Z97A07T/RsA+pEnmyLPEcWPaAEEy0b5Vw0fC6EgLy
grVSlC2MoEvy9ZMOoWvycccv1tYZzZEni/brEHhKvDR67kcW2KMF1vQixT7bRpSK
6LS8siYDXizVtADNEdplh3c3PZ0+lfqXPGH1NurmcKDnkoqUUh2w+4J3CxCpFMMn
cH/buFj2qy982VBv9+99NWfP6cgbSgr+ADQFEpsBreuFYG/oPWcGOARpLpg+YY6i
BAc08iugiviJw8Bx/Z6ce6wiF7YoAZJRv0iGgFLodzHfsLcWvLu7tjKJQzJ44Jr1
nF25YbSQaLtRMRgnORGPNJA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org