Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D6D4AD442AA311EDBC348428C4F9AE02.roa
File: D6D4AD442AA311EDBC348428C4F9AE02.roa (raw, json)
Hash identifier: ieHa2ySFynGvyT4WEPYqIkPvPwPl8gkO0V9wtZiku0c=
Subject key identifier: 80:65:76:F0:3F:06:B4:6B:EC:58:73:A2:DA:96:21:C7:8C:32:9C:7B
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: FB
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D6D4AD442AA311EDBC348428C4F9AE02.roa
Signing time: Thu 08 Sep 2022 22:23:51 +0000
ROA not before: Thu 08 Sep 2022 22:23:51 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 398343
IP address blocks: 203.32.40.0/24 maxlen: 24
203.32.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 251 (0xfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Sep 8 22:23:51 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=631a6b76-b6ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:29:fe:15:d4:9e:da:f0:71:e4:86:c3:97:62:
26:a3:ac:01:f2:37:e7:99:31:bb:0f:b4:1a:12:00:
97:ed:ba:c4:24:8f:5d:ac:3f:4d:ac:a8:ea:3b:cd:
e2:af:28:4b:50:d5:6f:f8:db:76:c3:d1:80:3a:15:
b8:c7:a7:0f:b2:e0:15:6e:1c:e2:e4:7f:a2:12:9b:
85:dd:99:de:42:f0:8c:85:11:c1:fb:99:a7:23:17:
82:c7:16:89:e9:2a:2d:c5:61:c3:1a:db:96:20:71:
5a:7a:08:d1:a9:40:3f:50:80:95:f1:97:03:0e:2a:
98:51:52:cd:f1:50:62:b1:21:65:9e:8f:56:d4:e5:
35:ed:4a:50:ea:97:83:93:d4:94:fd:0f:d6:9e:65:
cb:c6:87:ef:c6:a9:a0:af:db:67:f6:7e:e3:6b:e6:
8e:86:4c:e7:d7:f9:74:c0:f3:ca:ca:33:b7:57:bb:
6a:04:02:d0:f9:05:89:6f:64:26:ff:41:97:a1:bd:
0b:c6:a3:d5:df:a2:f6:e3:67:e3:b2:08:38:a5:82:
23:f1:c5:a2:c8:dc:03:dd:b1:2d:9f:c0:3f:af:bb:
16:6c:77:67:d9:b2:37:9b:78:5d:9e:ff:89:0e:90:
5c:2a:40:5e:f3:35:2f:3f:52:dc:cd:ad:2a:02:e2:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:65:76:F0:3F:06:B4:6B:EC:58:73:A2:DA:96:21:C7:8C:32:9C:7B
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D6D4AD442AA311EDBC348428C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.40.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:e0:00:56:2a:02:12:61:6b:10:e3:c4:15:56:97:fa:11:95:
ff:54:0e:3a:55:19:26:e7:ac:9c:76:f9:c3:9a:26:9f:f2:2c:
81:4b:77:03:c4:d1:71:94:07:27:18:d8:6e:d5:ca:2e:57:6c:
d2:7d:ba:02:cb:35:47:40:c5:06:5c:9f:8b:35:2f:18:1e:99:
31:a2:cb:41:79:de:26:fa:d1:af:46:16:d1:39:1d:60:d2:8e:
05:ef:39:f5:77:34:01:74:b1:71:9c:78:6b:92:fc:87:b4:ec:
63:05:a2:ca:20:ad:82:68:33:0b:f2:82:69:a4:7d:0c:a4:c9:
62:39:ac:b5:70:de:34:96:8e:50:62:8e:8b:04:ec:6b:9e:8a:
34:b7:44:ab:b8:82:5f:17:51:a6:8c:9e:e9:83:8c:37:52:b6:
eb:f5:c9:9f:f7:cc:ac:f5:a8:a4:2a:86:0e:1d:1f:38:10:34:
b6:2a:a8:2e:06:fe:b8:21:b5:27:53:e9:15:d5:84:22:db:b5:
43:0a:97:1d:9d:bd:d5:c0:25:77:0f:eb:2a:45:13:49:cc:c6:
38:b5:88:99:95:5f:9f:7a:6c:ec:4e:ee:78:4a:0c:d5:cf:95:
45:17:52:91:18:36:fc:44:5a:f1:21:86:5d:d5:ad:24:6a:53:
e3:a4:23:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjIwOTA4MjIyMzUxWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzFhNmI3Ni1iNmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwin+FdSe2vBx5IbDl2Imo6wB8jfnmTG7D7QaEgCX7brEJI9drD9NrKjqO83i
ryhLUNVv+Nt2w9GAOhW4x6cPsuAVbhzi5H+iEpuF3ZneQvCMhRHB+5mnIxeCxxaJ
6SotxWHDGtuWIHFaegjRqUA/UICV8ZcDDiqYUVLN8VBisSFlno9W1OU17UpQ6peD
k9SU/Q/WnmXLxofvxqmgr9tn9n7ja+aOhkzn1/l0wPPKyjO3V7tqBALQ+QWJb2Qm
/0GXob0LxqPV36L242fjsgg4pYIj8cWiyNwD3bEtn8A/r7sWbHdn2bI3m3hdnv+J
DpBcKkBe8zUvP1Lcza0qAuJt+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFIBldvA/
BrRr7FhzotqWIceMMpx7MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRDZENEFENDQy
QUEzMTFFREJDMzQ4NDI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLICgwDQYJKoZIhvcNAQELBQADggEBALHgAFYqAhJhaxDj
xBVWl/oRlf9UDjpVGSbnrJx2+cOaJp/yLIFLdwPE0XGUBycY2G7Vyi5XbNJ9ugLL
NUdAxQZcn4s1LxgemTGiy0F53ib60a9GFtE5HWDSjgXvOfV3NAF0sXGceGuS/Ie0
7GMFosogrYJoMwvygmmkfQykyWI5rLVw3jSWjlBijosE7GueijS3RKu4gl8XUaaM
numDjDdStuv1yZ/3zKz1qKQqhg4dHzgQNLYqqC4G/rghtSdT6RXVhCLbtUMKlx2d
vdXAJXcP6ypFE0nMxji1iJmVX596bOxO7nhKDNXPlUUXUpEYNvxEWvEhhl3VrSRq
U+OkI6c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org