Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/837ACF9A055211EE97729056C4F9AE02.roa
File: 837ACF9A055211EE97729056C4F9AE02.roa (raw, json)
Hash identifier: iNKCVHTZ7GAOBtMsQJFMVFNOgU8Ns+GAExNMavGME54=
Subject key identifier: 3A:A0:C8:0D:3F:8B:15:54:3F:CD:7C:0D:C1:BF:B7:8E:14:E9:59:54
Certificate issuer: /CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Certificate serial: 0153
Authority key identifier: 1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/837ACF9A055211EE97729056C4F9AE02.roa
Signing time: Wed 07 Jun 2023 16:44:05 +0000
ROA not before: Wed 07 Jun 2023 16:44:05 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 137409
IP address blocks: 202.73.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 339 (0x153)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Validity
Not Before: Jun 7 16:44:05 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6480b3d5-4f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ec:61:43:11:d2:5d:df:f8:2b:22:28:55:35:
b0:f6:09:67:e5:b2:a5:67:10:63:43:70:cc:86:34:
42:58:23:4d:0d:6a:5a:72:10:e3:c5:cc:12:3a:d5:
ad:45:47:a4:6d:31:3d:79:c3:51:06:b8:35:f2:4d:
bf:1a:8b:ee:8d:0a:9b:18:49:01:55:e7:36:01:c2:
fd:c8:ee:37:4b:08:8f:83:99:3a:3c:6f:85:fb:1c:
5a:e3:1a:7b:41:68:02:1c:22:59:de:a1:d5:29:96:
23:4c:45:84:03:36:40:cc:3f:df:9c:e9:eb:82:13:
ad:cf:2a:6b:04:67:c5:0f:ec:82:09:71:f2:b1:af:
24:f3:d6:92:f1:36:17:75:18:c5:da:3d:5e:db:f0:
99:02:41:fa:07:12:e3:bf:ea:8b:b3:af:88:dd:7b:
df:f4:7c:3a:73:da:7c:db:b4:2f:92:a3:d8:1e:e0:
cf:01:ca:b6:37:4a:05:59:b2:33:5c:80:ec:c9:46:
2b:d2:ab:0c:1c:b0:aa:db:45:e2:49:a3:0e:21:e6:
4d:63:29:cb:2a:22:58:dc:30:9e:30:96:7f:90:86:
74:02:b9:8e:22:4d:03:d9:9c:47:ba:d3:03:9e:a4:
94:34:b9:e0:2d:8b:6d:10:3d:ff:bd:73:6a:d7:07:
ed:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A0:C8:0D:3F:8B:15:54:3F:CD:7C:0D:C1:BF:B7:8E:14:E9:59:54
X509v3 Authority Key Identifier:
keyid:1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/Hwkr8ONn_aUUbSh9gQKybsj7grU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/837ACF9A055211EE97729056C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.73.5.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4b:56:71:19:85:cd:59:d7:82:0e:f9:3f:7e:4a:db:d9:3d:
12:4a:d2:1a:00:a7:a6:c0:2c:ee:8f:34:2f:9c:b4:e9:00:10:
d9:5c:1a:a8:01:40:13:44:08:cc:1f:6c:e9:01:fa:05:96:84:
e6:63:a9:1f:85:9c:72:1a:43:ae:85:86:de:3d:1c:a8:8a:a9:
90:36:06:19:12:57:a3:b2:de:bd:1d:c8:ae:25:00:d9:56:11:
b5:43:02:96:1f:a5:bf:e7:01:26:c4:09:cf:c9:9a:52:f5:3c:
97:1a:f8:ea:87:6e:65:b0:a7:2b:7d:a8:7b:81:a9:2f:77:5b:
d0:00:68:6c:41:78:7e:27:45:e6:c5:dc:46:5d:c5:7a:aa:72:
e2:5b:bf:51:3b:b0:5e:48:ec:6b:4a:59:8a:8b:18:84:22:fd:
32:33:d6:c1:64:22:7c:75:cf:46:6f:df:a2:0a:72:03:1f:d9:
8b:ea:47:d2:79:c0:29:3f:c8:4d:df:32:90:ac:e0:3a:90:23:
12:15:c2:87:d3:79:aa:94:0e:c9:e2:3c:5d:d4:e6:14:bb:94:
ee:8a:88:b7:1f:ed:2a:8a:23:00:bf:3a:d8:df:33:e4:ef:fc:
8b:e5:c6:b6:b4:49:27:48:18:af:87:93:8a:d7:ef:23:3a:05:
78:bf:57:d4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFBQzQxMTAvBgNVBAUTKDFGMDkyQkYwRTM2N0ZEQTUxNDZEMjg3RDgxMDJCMjZF
QzhGQjgyQjUwHhcNMjMwNjA3MTY0NDA1WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgwYjNkNS00ZjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu+xhQxHSXd/4KyIoVTWw9gln5bKlZxBjQ3DMhjRCWCNNDWpachDjxcwSOtWt
RUekbTE9ecNRBrg18k2/GovujQqbGEkBVec2AcL9yO43SwiPg5k6PG+F+xxa4xp7
QWgCHCJZ3qHVKZYjTEWEAzZAzD/fnOnrghOtzyprBGfFD+yCCXHysa8k89aS8TYX
dRjF2j1e2/CZAkH6BxLjv+qLs6+I3Xvf9Hw6c9p827QvkqPYHuDPAcq2N0oFWbIz
XIDsyUYr0qsMHLCq20XiSaMOIeZNYynLKiJY3DCeMJZ/kIZ0ArmOIk0D2ZxHutMD
nqSUNLngLYttED3/vXNq1wft1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFDqgyA0/
ixVUP818DcG/t44U6VlUMB8GA1UdIwQYMBaAFB8JK/DjZ/2lFG0ofYECsm7I+4K1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUFDNC8xQ0I1M0YzMEY2
QjExMUVDOUNBQUIzNERDNEY5QUUwMi9Id2tyOE9Obl9hVVViU2g5Z1FLeWJzajdn
clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h3a3I4T05uX2FVVWJTaDlnUUt5YnNqN2dyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFBQzQvMUNCNTNGMzBGNkIxMTFFQzlDQUFCMzREQzRGOUFFMDIvODM3QUNGOUEw
NTUyMTFFRTk3NzI5MDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKSQUwDQYJKoZIhvcNAQELBQADggEBABhLVnEZhc1Z14IO
+T9+StvZPRJK0hoAp6bALO6PNC+ctOkAENlcGqgBQBNECMwfbOkB+gWWhOZjqR+F
nHIaQ66Fht49HKiKqZA2BhkSV6Oy3r0dyK4lANlWEbVDApYfpb/nASbECc/JmlL1
PJca+OqHbmWwpyt9qHuBqS93W9AAaGxBeH4nRebF3EZdxXqqcuJbv1E7sF5I7GtK
WYqLGIQi/TIz1sFkInx1z0Zv36IKcgMf2YvqR9J5wCk/yE3fMpCs4DqQIxIVwofT
eaqUDsniPF3U5hS7lO6KiLcf7SqKIwC/OtjfM+Tv/Ivlxra0SSdIGK+Hk4rX7yM6
BXi/V9Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org