Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F959DF2E874611EDB61FA23AC4F9AE02.roa
File: F959DF2E874611EDB61FA23AC4F9AE02.roa (raw, json)
Hash identifier: +ygQezSAW6OO9Gp8bi2IY/uTZwioqlet4Bq5dojLrhU=
Subject key identifier: 59:9E:49:7E:0B:E9:0C:FD:A9:95:B1:FF:6D:52:13:01:F6:11:E6:72
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 016E
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F959DF2E874611EDB61FA23AC4F9AE02.roa
Signing time: Thu 29 Dec 2022 07:04:02 +0000
ROA not before: Thu 29 Dec 2022 07:04:02 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 399471
IP address blocks: 203.32.7.0/24 maxlen: 24
203.32.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 366 (0x16e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Dec 29 07:04:02 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=63ad3be2-5489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:04:82:75:2a:e2:3f:30:56:25:c9:49:65:6c:
e4:60:23:cd:9e:23:ef:2e:48:2a:46:7a:6e:92:91:
b1:d3:3c:db:7f:3e:3a:54:1f:7b:fb:a7:0b:a0:5c:
d8:79:9e:4a:b7:e5:34:19:9f:2b:64:ad:06:73:18:
1d:e2:80:a3:4b:fb:28:3b:c9:1e:43:1e:a6:ab:61:
36:99:ef:58:1a:d1:ea:55:e9:75:02:50:d4:74:ec:
59:c5:0b:33:b1:be:fc:e0:ae:6e:97:89:6e:0f:4b:
85:12:d7:89:bd:49:53:98:02:e0:a1:5c:18:6f:69:
12:50:35:ff:27:af:c9:ed:cb:2f:18:32:a5:c3:f4:
38:f8:cb:4b:4c:11:5d:bc:76:aa:df:15:2c:d7:2a:
25:ae:8e:b3:87:57:cb:6f:0f:b0:dc:d4:91:12:a3:
58:90:1b:be:9a:d0:ce:8f:24:33:b1:34:69:59:8a:
bc:9a:2e:40:2c:10:03:14:ee:d2:2a:02:fa:6d:b3:
71:bd:c5:ab:03:8e:7e:af:89:4f:e8:4f:05:98:2f:
aa:aa:59:20:78:af:46:dd:4e:df:48:cb:23:f6:c4:
c5:39:6f:63:f0:e2:28:48:24:d8:51:0c:d1:0c:70:
9a:16:a9:19:75:f6:71:e7:81:4c:17:02:b0:1e:4a:
a6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9E:49:7E:0B:E9:0C:FD:A9:95:B1:FF:6D:52:13:01:F6:11:E6:72
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/F959DF2E874611EDB61FA23AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.7.0/24
203.32.28.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:af:a6:07:4c:7a:8e:ed:3f:a4:6a:3a:e9:9c:06:a2:3d:b1:
90:9f:15:2b:41:b9:00:3b:1d:50:6b:c3:82:31:c0:c0:df:ad:
f1:ff:69:fd:94:3f:2b:9c:4f:74:ad:f4:28:aa:ce:b4:98:bb:
1a:37:cc:c1:ac:90:bc:bf:9f:4b:a8:5b:0f:d0:46:54:31:fa:
66:57:78:c5:8e:f1:e5:7b:3f:1e:e9:1e:0a:30:d1:08:99:7a:
d0:50:98:75:93:eb:9f:46:3f:d4:45:cc:be:04:86:25:c5:74:
26:6f:6a:ea:cb:8e:c4:db:48:dd:a3:58:5d:0b:61:42:d5:14:
c7:cb:eb:ad:a7:db:bd:71:9f:57:14:ec:d4:c2:fa:29:9d:9a:
cd:7f:02:12:3f:b5:bf:38:96:39:9a:f8:6c:af:52:83:cd:14:
f0:4e:a1:37:0c:fd:43:b6:84:5d:f3:31:b7:f2:a4:84:50:e4:
c4:db:f3:04:37:07:72:0a:c6:cd:9a:59:df:5d:44:6a:31:d1:
a5:2f:bd:49:99:43:0b:ad:99:f6:2d:74:2a:84:64:63:24:83:
ca:ee:f3:67:d3:cc:ae:fc:e4:ee:67:13:2c:68:2c:f5:86:8d:
99:cc:b0:5e:c3:a4:08:4d:45:85:34:6d:ec:4d:88:3a:e6:3d:
2b:12:54:08
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjIxMjI5MDcwNDAyWhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FkM2JlMi01NDg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzQSCdSriPzBWJclJZWzkYCPNniPvLkgqRnpukpGx0zzbfz46VB97+6cLoFzY
eZ5Kt+U0GZ8rZK0Gcxgd4oCjS/soO8keQx6mq2E2me9YGtHqVel1AlDUdOxZxQsz
sb784K5ul4luD0uFEteJvUlTmALgoVwYb2kSUDX/J6/J7csvGDKlw/Q4+MtLTBFd
vHaq3xUs1yolro6zh1fLbw+w3NSREqNYkBu+mtDOjyQzsTRpWYq8mi5ALBADFO7S
KgL6bbNxvcWrA45+r4lP6E8FmC+qqlkgeK9G3U7fSMsj9sTFOW9j8OIoSCTYUQzR
DHCaFqkZdfZx54FMFwKwHkqmWQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFmeSX4L
6Qz9qZWx/21SEwH2EeZyMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRjk1OURGMkU4
NzQ2MTFFREI2MUZBMjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLIAcDBADLIBwwDQYJKoZIhvcNAQELBQADggEBAD+vpgdM
eo7tP6RqOumcBqI9sZCfFStBuQA7HVBrw4IxwMDfrfH/af2UPyucT3St9CiqzrSY
uxo3zMGskLy/n0uoWw/QRlQx+mZXeMWO8eV7Px7pHgow0QiZetBQmHWT659GP9RF
zL4EhiXFdCZvaurLjsTbSN2jWF0LYULVFMfL662n271xn1cU7NTC+imdms1/AhI/
tb84ljma+GyvUoPNFPBOoTcM/UO2hF3zMbfypIRQ5MTb8wQ3B3IKxs2aWd9dRGox
0aUvvUmZQwutmfYtdCqEZGMkg8ru82fTzK785O5nEyxoLPWGjZnMsF7DpAhNRYU0
bexNiDrmPSsSVAg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org