Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/3908C75E978011EDB020D969C4F9AE02.roa
File: 3908C75E978011EDB020D969C4F9AE02.roa (raw, json)
Hash identifier: pmGoFpXlxSPMkJH6GgrHm49xUWhoDgzbyT9iE3Kok0o=
Subject key identifier: EB:42:3E:89:61:A5:B1:7D:7B:63:6F:1C:F8:E0:99:2C:28:C2:37:9E
Certificate issuer: /CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Certificate serial: 0105
Authority key identifier: 1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/3908C75E978011EDB020D969C4F9AE02.roa
Signing time: Wed 18 Jan 2023 22:34:09 +0000
ROA not before: Wed 18 Jan 2023 22:34:09 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 138687
IP address blocks: 202.73.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261 (0x105)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Validity
Not Before: Jan 18 22:34:09 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63c873e1-07f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fe:52:83:29:28:e9:26:d0:57:7e:92:07:72:
28:84:d9:8e:d5:0c:e3:ae:93:53:32:a9:f0:da:58:
f0:fa:f8:ce:f1:c8:32:6d:e2:bb:38:31:97:49:7b:
58:f8:0e:e9:38:ec:86:e6:46:cc:56:68:49:d8:79:
5f:6d:1f:52:63:ca:96:95:0a:45:c3:fc:ea:12:89:
2d:ee:42:39:69:17:6f:48:d2:61:34:50:b6:7e:30:
40:79:6c:79:f7:45:e0:20:51:31:0b:cd:dc:34:6b:
0e:66:5e:69:ef:4f:d1:d2:41:6e:14:53:af:58:fa:
4c:8d:1c:54:1b:1a:fa:ee:f8:e9:80:6d:ea:85:e9:
9d:81:2a:f4:00:77:d7:f1:11:62:68:ba:ad:af:e2:
47:f9:19:66:cd:93:7e:e3:8a:c8:42:e6:da:89:0f:
f2:76:59:35:b5:4c:c6:25:ad:e2:cc:1b:88:9c:eb:
d9:ad:b6:cb:4e:be:35:3a:31:79:10:b3:8d:2f:c5:
d6:51:6b:0e:39:b0:0d:a4:34:b7:04:81:d6:62:2c:
1d:d9:68:e0:4a:26:96:a2:7b:50:59:b7:63:ad:62:
3c:12:a4:7a:6d:f6:31:c5:2d:78:60:38:8a:a8:90:
61:54:f1:85:4d:cc:7c:e3:2e:6c:b6:75:d5:de:71:
b4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:42:3E:89:61:A5:B1:7D:7B:63:6F:1C:F8:E0:99:2C:28:C2:37:9E
X509v3 Authority Key Identifier:
keyid:1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/Hwkr8ONn_aUUbSh9gQKybsj7grU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/3908C75E978011EDB020D969C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.73.4.0/24
Signature Algorithm: sha256WithRSAEncryption
af:36:cc:31:15:66:a7:38:fb:cb:a8:ae:32:08:79:2f:2c:f5:
9f:34:0c:ef:91:10:8e:45:46:37:0e:0c:f5:4f:b5:21:7c:1d:
ae:4a:c5:af:08:ec:b7:a8:7f:6f:6e:68:06:27:2d:60:44:5c:
79:57:0b:0d:3c:5c:f4:c1:12:95:cc:61:03:c0:ca:87:d6:e0:
da:28:18:00:b3:64:36:aa:88:4f:c8:e0:42:92:50:70:f6:a8:
ec:ff:36:f3:af:1f:9d:23:c9:8b:18:d3:bb:e5:e1:66:73:b3:
27:54:8a:25:8e:f2:90:2b:30:e7:06:09:5b:9b:b4:61:97:ea:
a5:6f:dc:e5:ee:14:20:2f:c4:6a:fb:34:73:ec:06:88:c0:e9:
42:4a:99:d7:54:98:64:5d:4e:b8:86:ca:e2:e8:5b:9c:39:1d:
be:94:77:85:4d:00:a9:15:0d:78:76:7a:45:c2:49:4e:28:ee:
2a:5e:44:19:ce:07:7f:99:c5:30:67:dc:2c:4b:85:c4:44:ff:
9e:2a:91:44:06:d6:fb:c3:1c:09:bc:ad:06:84:a6:dc:8b:7a:
49:66:c6:bf:d0:b4:b3:af:06:c2:46:f4:01:f0:28:cf:28:44:
55:1a:fc:28:a0:16:78:e5:2c:36:07:bb:16:6a:c6:94:38:ec:
e8:74:f4:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFBQzQxMTAvBgNVBAUTKDFGMDkyQkYwRTM2N0ZEQTUxNDZEMjg3RDgxMDJCMjZF
QzhGQjgyQjUwHhcNMjMwMTE4MjIzNDA5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M4NzNlMS0wN2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2P5Sgyko6SbQV36SB3IohNmO1QzjrpNTMqnw2ljw+vjO8cgybeK7ODGXSXtY
+A7pOOyG5kbMVmhJ2HlfbR9SY8qWlQpFw/zqEokt7kI5aRdvSNJhNFC2fjBAeWx5
90XgIFExC83cNGsOZl5p70/R0kFuFFOvWPpMjRxUGxr67vjpgG3qhemdgSr0AHfX
8RFiaLqtr+JH+RlmzZN+44rIQubaiQ/ydlk1tUzGJa3izBuInOvZrbbLTr41OjF5
ELONL8XWUWsOObANpDS3BIHWYiwd2WjgSiaWontQWbdjrWI8EqR6bfYxxS14YDiK
qJBhVPGFTcx84y5stnXV3nG0/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFOtCPolh
pbF9e2NvHPjgmSwowjeeMB8GA1UdIwQYMBaAFB8JK/DjZ/2lFG0ofYECsm7I+4K1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUFDNC8xQ0I1M0YzMEY2
QjExMUVDOUNBQUIzNERDNEY5QUUwMi9Id2tyOE9Obl9hVVViU2g5Z1FLeWJzajdn
clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h3a3I4T05uX2FVVWJTaDlnUUt5YnNqN2dyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFBQzQvMUNCNTNGMzBGNkIxMTFFQzlDQUFCMzREQzRGOUFFMDIvMzkwOEM3NUU5
NzgwMTFFREIwMjBEOTY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKSQQwDQYJKoZIhvcNAQELBQADggEBAK82zDEVZqc4+8uo
rjIIeS8s9Z80DO+REI5FRjcODPVPtSF8Ha5Kxa8I7Leof29uaAYnLWBEXHlXCw08
XPTBEpXMYQPAyofW4NooGACzZDaqiE/I4EKSUHD2qOz/NvOvH50jyYsY07vl4WZz
sydUiiWO8pArMOcGCVubtGGX6qVv3OXuFCAvxGr7NHPsBojA6UJKmddUmGRdTriG
yuLoW5w5Hb6Ud4VNAKkVDXh2ekXCSU4o7ipeRBnOB3+ZxTBn3CxLhcRE/54qkUQG
1vvDHAm8rQaEptyLeklmxr/QtLOvBsJG9AHwKM8oRFUa/CigFnjlLDYHuxZqxpQ4
7Oh09Js=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org