Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/EFE8DC72CBB311ED9F0DB249C4F9AE02.roa
File: EFE8DC72CBB311ED9F0DB249C4F9AE02.roa (raw, json)
Hash identifier: Qbv+aVnUJd08klY2utyXnsPcCG6MgKpQpqjO6FFOlHo=
Subject key identifier: 77:D3:EA:28:C2:3A:8C:7B:0F:06:29:57:CB:17:EE:9C:27:F4:B5:BF
Certificate issuer: /CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Certificate serial: 0129
Authority key identifier: 1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/EFE8DC72CBB311ED9F0DB249C4F9AE02.roa
Signing time: Sun 26 Mar 2023 08:55:21 +0000
ROA not before: Sun 26 Mar 2023 08:55:21 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 211895
IP address blocks: 202.73.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297 (0x129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1AC4/serialNumber=1F092BF0E367FDA5146D287D8102B26EC8FB82B5
Validity
Not Before: Mar 26 08:55:21 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64200878-eb74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c1:a2:09:fe:67:e7:fb:59:de:3d:71:96:c5:
cf:2d:e1:77:68:49:de:72:10:9c:8e:4b:f4:54:b5:
9c:79:35:d7:6b:2f:36:75:a5:6b:e2:80:05:52:e3:
ca:97:86:a9:21:cf:be:b4:bf:fd:53:11:95:14:67:
b0:6c:1c:c2:f2:10:b6:f0:6b:58:aa:22:42:6a:c1:
b0:7b:55:6e:d8:dc:f2:32:ef:19:47:00:f0:3b:0e:
1a:1a:07:92:97:e4:06:df:f0:e7:c4:b2:fb:c0:e2:
e5:1c:dd:53:53:32:58:88:1a:fc:b6:0f:e3:42:fc:
f1:d9:e6:26:9b:81:4b:f2:8b:1c:3b:ad:1c:34:b2:
c8:a7:db:83:e7:b7:42:93:01:10:43:ad:76:12:28:
ce:fd:6b:16:ba:30:fd:3e:ce:59:dd:db:6d:96:e7:
f4:9f:9a:71:56:80:b7:18:83:cf:f7:33:1b:c0:42:
ba:30:70:81:fb:b4:b1:a5:2f:6d:1c:1f:3a:6c:44:
bf:c5:8a:04:4e:9d:b5:63:e3:ae:ab:7b:92:58:e0:
51:a4:0d:b5:6f:31:47:35:2d:79:64:6f:8a:3a:26:
65:5a:75:f5:aa:c9:03:1d:6b:12:e2:ac:56:e7:c1:
8d:25:9d:97:a8:70:f0:3e:1e:35:c7:c4:ef:c9:70:
ec:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D3:EA:28:C2:3A:8C:7B:0F:06:29:57:CB:17:EE:9C:27:F4:B5:BF
X509v3 Authority Key Identifier:
keyid:1F:09:2B:F0:E3:67:FD:A5:14:6D:28:7D:81:02:B2:6E:C8:FB:82:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/Hwkr8ONn_aUUbSh9gQKybsj7grU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hwkr8ONn_aUUbSh9gQKybsj7grU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1AC4/1CB53F30F6B111EC9CAAB34DC4F9AE02/EFE8DC72CBB311ED9F0DB249C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.73.4.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:35:3f:08:3f:60:88:0d:ec:1f:d3:d9:fe:4d:94:6d:d0:de:
50:91:50:4d:c5:cd:4a:80:aa:09:49:db:d7:bf:79:d1:0c:da:
ee:f6:5f:1d:59:b1:7c:b4:6d:3a:f3:88:c3:a7:04:af:29:3a:
78:ea:c9:16:1f:3c:b6:f9:c3:f5:f0:72:31:ea:1d:17:a1:a0:
50:d4:99:0b:cc:26:70:45:f4:e3:99:83:3d:90:ae:56:3d:a6:
b0:29:31:0d:4e:07:d1:c1:77:e2:95:cf:cd:21:b4:36:03:5c:
a2:4d:50:15:f5:60:37:cb:c7:70:5b:19:76:b3:0e:c2:2c:c2:
ce:03:c5:a1:7e:7a:a4:5e:48:32:a9:6d:01:c2:3b:57:da:71:
42:57:ab:1e:ad:8a:12:b9:c7:1f:ab:7a:35:cd:c0:97:ea:ac:
21:0b:6f:2f:52:42:ba:ea:99:77:f3:72:ba:72:8a:49:e7:5e:
37:c1:19:2c:a8:76:bc:8f:67:88:8f:84:de:e3:81:24:68:f3:
67:90:7f:a0:58:89:5b:4c:43:d1:b8:31:6c:d5:4e:21:84:5c:
37:fe:f7:94:24:48:a9:54:93:ca:bb:00:9a:bd:97:06:8b:ca:
e9:80:7b:af:09:df:57:e6:b8:16:5e:94:80:a2:70:00:9e:24:
21:ce:c3:0d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFBQzQxMTAvBgNVBAUTKDFGMDkyQkYwRTM2N0ZEQTUxNDZEMjg3RDgxMDJCMjZF
QzhGQjgyQjUwHhcNMjMwMzI2MDg1NTIxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIwMDg3OC1lYjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7MGiCf5n5/tZ3j1xlsXPLeF3aEnechCcjkv0VLWceTXXay82daVr4oAFUuPK
l4apIc++tL/9UxGVFGewbBzC8hC28GtYqiJCasGwe1Vu2NzyMu8ZRwDwOw4aGgeS
l+QG3/DnxLL7wOLlHN1TUzJYiBr8tg/jQvzx2eYmm4FL8oscO60cNLLIp9uD57dC
kwEQQ612EijO/WsWujD9Ps5Z3dttluf0n5pxVoC3GIPP9zMbwEK6MHCB+7SxpS9t
HB86bES/xYoETp21Y+Ouq3uSWOBRpA21bzFHNS15ZG+KOiZlWnX1qskDHWsS4qxW
58GNJZ2XqHDwPh41x8TvyXDstQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHfT6ijC
Oox7DwYpV8sX7pwn9LW/MB8GA1UdIwQYMBaAFB8JK/DjZ/2lFG0ofYECsm7I+4K1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUFDNC8xQ0I1M0YzMEY2
QjExMUVDOUNBQUIzNERDNEY5QUUwMi9Id2tyOE9Obl9hVVViU2g5Z1FLeWJzajdn
clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h3a3I4T05uX2FVVWJTaDlnUUt5YnNqN2dyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFBQzQvMUNCNTNGMzBGNkIxMTFFQzlDQUFCMzREQzRGOUFFMDIvRUZFOERDNzJD
QkIzMTFFRDlGMERCMjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKSQQwDQYJKoZIhvcNAQELBQADggEBALs1Pwg/YIgN7B/T
2f5NlG3Q3lCRUE3FzUqAqglJ29e/edEM2u72Xx1ZsXy0bTrziMOnBK8pOnjqyRYf
PLb5w/XwcjHqHRehoFDUmQvMJnBF9OOZgz2QrlY9prApMQ1OB9HBd+KVz80htDYD
XKJNUBX1YDfLx3BbGXazDsIsws4DxaF+eqReSDKpbQHCO1facUJXqx6tihK5xx+r
ejXNwJfqrCELby9SQrrqmXfzcrpyiknnXjfBGSyodryPZ4iPhN7jgSRo82eQf6BY
iVtMQ9G4MWzVTiGEXDf+95QkSKlUk8q7AJq9lwaLyumAe68J31fmuBZelICicACe
JCHOww0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org