Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/7601BB12E26B11ED8FC97713C4F9AE02.roa
File: 7601BB12E26B11ED8FC97713C4F9AE02.roa (raw, json)
Hash identifier: akZ+gHahNbhaDMfvhkF1MS+xu8Um2AFPBqtF8E9DrTc=
Subject key identifier: 8C:E6:33:1E:8D:ED:8A:62:8C:82:C9:79:E6:F7:B5:F3:B2:5C:69:C8
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 01F1
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/7601BB12E26B11ED8FC97713C4F9AE02.roa
Signing time: Wed 24 May 2023 11:27:47 +0000
ROA not before: Wed 24 May 2023 11:27:47 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 9443
IP address blocks: 203.32.7.0/24 maxlen: 24
203.32.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 497 (0x1f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: May 24 11:27:47 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=646df4b3-5381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8e:ab:a7:03:0b:64:24:25:eb:30:09:f1:96:
8b:90:01:21:2e:56:23:bd:f1:4a:73:5e:c4:9e:46:
fe:37:dc:12:f1:1c:d2:71:7f:e1:38:61:7f:7f:7f:
3b:84:6a:71:2a:b0:19:51:ae:eb:f8:c0:23:a8:67:
b4:b4:db:6b:cc:82:8b:84:81:fc:30:39:67:80:b2:
dc:30:a1:30:22:fe:0b:85:bd:67:4c:0e:36:2f:36:
08:d4:83:07:4b:1b:ae:af:29:7f:25:63:76:40:f6:
56:e2:ac:4f:3b:e1:40:6b:32:93:ea:a8:3e:dd:a9:
14:ae:1d:57:8b:33:8a:7e:b3:df:a1:68:d7:97:d9:
8c:3a:68:cd:38:06:5b:51:fb:5a:8b:c6:5b:ac:e6:
11:48:b5:3c:40:e4:9b:20:24:51:5f:28:2c:d8:65:
dc:fb:24:6f:b2:c1:3d:ce:5f:93:e9:1d:84:dc:b1:
c8:db:60:68:d2:07:bb:f6:82:a9:a7:f8:ec:86:6f:
fe:7f:0c:c8:18:5a:13:8b:5a:82:18:4b:84:fe:c7:
37:a3:75:fa:d3:b6:a0:5f:0c:d2:bf:24:97:58:91:
56:8f:9c:e8:fc:98:c0:f2:d7:59:a2:f2:52:19:7e:
06:77:cb:70:01:d6:b9:15:00:d0:ae:39:0f:82:27:
4a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E6:33:1E:8D:ED:8A:62:8C:82:C9:79:E6:F7:B5:F3:B2:5C:69:C8
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/7601BB12E26B11ED8FC97713C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.7.0/24
203.32.32.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:86:1e:08:a6:5e:b8:e8:9c:4c:94:3a:75:b4:cd:27:47:88:
69:3b:e6:99:be:02:73:87:94:12:06:b8:6d:d7:93:0e:35:68:
33:de:d3:e4:75:31:96:ec:21:9e:57:1c:c8:a2:9e:e8:46:57:
d8:11:cf:bd:b2:68:09:d4:c2:55:eb:4e:21:20:e9:76:e6:91:
67:57:01:ae:0a:94:63:ac:03:f0:5e:bd:e2:e5:14:22:c9:aa:
8f:c7:a2:58:59:f6:a7:2e:33:de:14:79:97:c0:54:f9:d2:c3:
50:cb:dc:2f:0b:60:1e:67:5c:b2:c4:92:72:75:a4:1c:56:ba:
b5:f1:8c:f8:f9:8c:04:94:7e:23:72:b4:1d:47:73:ad:0a:c3:
9b:2a:aa:6b:9a:15:91:dc:72:d5:be:1d:10:62:ed:d4:34:3c:
47:71:ba:26:20:fc:06:3f:b9:49:e6:3e:6a:15:bb:74:ff:dd:
5b:9d:41:6e:e4:a1:4d:18:02:a0:e4:af:39:9b:21:22:b4:36:
d5:6a:e1:46:f5:3b:c1:12:4b:fb:c1:be:85:5b:f1:0b:a4:9a:
7a:15:e8:e5:71:4f:02:d9:16:67:a5:bd:81:ae:10:07:04:31:
ca:cb:61:57:7c:a1:fd:f4:ca:dd:4e:84:62:6e:72:14:74:e3:
2e:22:61:bf
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAfEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwNTI0MTEyNzQ3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZkZjRiMy01MzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA146rpwMLZCQl6zAJ8ZaLkAEhLlYjvfFKc17Enkb+N9wS8RzScX/hOGF/f387
hGpxKrAZUa7r+MAjqGe0tNtrzIKLhIH8MDlngLLcMKEwIv4Lhb1nTA42LzYI1IMH
Sxuuryl/JWN2QPZW4qxPO+FAazKT6qg+3akUrh1XizOKfrPfoWjXl9mMOmjNOAZb
Uftai8ZbrOYRSLU8QOSbICRRXygs2GXc+yRvssE9zl+T6R2E3LHI22Bo0ge79oKp
p/jshm/+fwzIGFoTi1qCGEuE/sc3o3X607agXwzSvySXWJFWj5zo/JjA8tdZovJS
GX4Gd8twAda5FQDQrjkPgidKnQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIzmMx6N
7YpijILJeeb3tfOyXGnIMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNzYwMUJCMTJF
MjZCMTFFRDhGQzk3NzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLIAcDBADLICAwDQYJKoZIhvcNAQELBQADggEBAKmGHgim
XrjonEyUOnW0zSdHiGk75pm+AnOHlBIGuG3Xkw41aDPe0+R1MZbsIZ5XHMiinuhG
V9gRz72yaAnUwlXrTiEg6XbmkWdXAa4KlGOsA/BeveLlFCLJqo/HolhZ9qcuM94U
eZfAVPnSw1DL3C8LYB5nXLLEknJ1pBxWurXxjPj5jASUfiNytB1Hc60Kw5sqqmua
FZHcctW+HRBi7dQ0PEdxuiYg/AY/uUnmPmoVu3T/3VudQW7koU0YAqDkrzmbISK0
NtVq4Ub1O8ESS/vBvoVb8QukmnoV6OVxTwLZFmelvYGuEAcEMcrLYVd8of30yt1O
hGJuchR04y4iYb8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org