Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7D50/6CD5259884A611EC92F89D44C4F9AE02/438F46A29DAE11EC9DD0CE62C4F9AE02.roa
File: 438F46A29DAE11EC9DD0CE62C4F9AE02.roa (raw, json)
Hash identifier: GRbggKVCtZriTOQZH28cayVpZnP5qt3omPrEqswsjfo=
Subject key identifier: 23:E8:24:17:9A:AD:20:6C:24:2A:B6:28:75:89:DC:83:F2:1D:32:F4
Certificate issuer: /CN=A91A7D50/serialNumber=7FA83F6204045A795622F3EDFE0715CC9158948C
Certificate serial: 40
Authority key identifier: 7F:A8:3F:62:04:04:5A:79:56:22:F3:ED:FE:07:15:CC:91:58:94:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f6g_YgQEWnlWIvPt_gcVzJFYlIw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7D50/6CD5259884A611EC92F89D44C4F9AE02/438F46A29DAE11EC9DD0CE62C4F9AE02.roa
Signing time: Mon 07 Mar 2022 00:33:53 +0000
ROA not before: Mon 07 Mar 2022 00:33:53 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 45768
IP address blocks: 203.33.180.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7D50/serialNumber=7FA83F6204045A795622F3EDFE0715CC9158948C
Validity
Not Before: Mar 7 00:33:53 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=622552f1-e73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:92:3c:85:94:02:85:1e:7b:d9:be:c7:79:65:
f7:31:8e:40:de:2c:b4:a8:ef:46:18:fb:13:1e:a5:
d0:9c:26:57:41:d5:1b:56:8f:df:d3:90:51:63:00:
87:d9:a2:7e:3a:74:9c:e1:09:12:5a:18:ec:23:fd:
ef:b8:92:ba:67:8e:fa:2d:83:e2:dc:e3:25:50:89:
01:7a:86:81:61:f2:3e:0e:3c:99:ac:79:02:2a:9b:
3b:c3:bd:1d:f0:5d:1c:3a:23:84:0a:da:a5:84:97:
6b:f8:85:fb:a7:c4:8b:5a:2f:bc:90:e7:2b:ba:6f:
f6:73:d8:25:11:3f:65:ba:8e:7b:6b:db:53:e6:68:
76:14:6d:cd:2a:9d:73:a1:64:4c:53:62:2b:cd:e7:
85:61:41:fa:54:ee:96:ac:87:57:e8:b0:0f:b5:c9:
8e:40:73:39:35:fc:ce:0f:6e:6d:e7:11:b6:2c:d7:
f0:04:4d:2b:d7:c3:82:5c:a4:ed:44:22:32:a0:34:
14:00:09:84:24:d5:8c:60:97:a2:dd:16:1c:49:ba:
69:eb:24:74:20:c2:ac:1a:56:93:30:c6:64:ce:97:
de:44:a7:5d:d5:ca:45:b6:97:2b:31:ec:60:5c:cc:
47:0e:aa:6c:2a:7a:c2:95:07:8f:f5:e9:7c:b2:ab:
5b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E8:24:17:9A:AD:20:6C:24:2A:B6:28:75:89:DC:83:F2:1D:32:F4
X509v3 Authority Key Identifier:
keyid:7F:A8:3F:62:04:04:5A:79:56:22:F3:ED:FE:07:15:CC:91:58:94:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7D50/6CD5259884A611EC92F89D44C4F9AE02/f6g_YgQEWnlWIvPt_gcVzJFYlIw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f6g_YgQEWnlWIvPt_gcVzJFYlIw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7D50/6CD5259884A611EC92F89D44C4F9AE02/438F46A29DAE11EC9DD0CE62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.180.0/23
Signature Algorithm: sha256WithRSAEncryption
01:a1:90:2c:08:37:b5:35:3b:7c:3f:90:cf:d4:7f:3e:71:f7:
4f:e8:2f:86:e6:8a:14:87:ce:0e:ea:77:85:cf:24:d2:8e:b5:
9a:fb:b4:39:2a:19:01:95:b7:a4:16:f7:d6:11:d4:6f:e2:15:
ef:a7:69:a0:0a:ba:33:ce:02:7f:f5:b7:0d:1d:03:23:a3:bc:
e3:38:ae:61:84:8f:2d:7e:c4:79:75:3c:aa:5d:9e:91:da:18:
0a:5d:6e:2a:36:ae:b7:ea:ea:f5:53:ce:d4:9d:0c:0e:85:02:
d6:3f:37:b2:e2:8c:fa:e6:6b:ae:bc:c5:86:18:5f:86:78:c1:
df:1d:b5:04:96:97:15:89:18:de:a2:9c:44:56:dc:eb:0a:f8:
fc:e8:80:c0:6f:2c:16:68:ac:90:0c:5a:89:53:ad:95:d5:75:
58:71:c1:d8:58:e1:cd:07:0a:bb:14:fb:fb:6d:5e:11:2e:07:
89:61:2f:88:80:b7:96:ea:c8:09:bc:07:fe:24:3e:53:3f:4d:
2a:4d:7b:1a:e9:87:be:79:f0:e3:ed:b7:5b:3b:57:49:cd:87:
7a:d7:35:69:35:a7:5b:9b:00:3a:fc:f1:02:41:65:6c:86:48:
3f:02:31:05:e2:1d:d6:9c:ab:10:26:ec:05:07:14:81:b5:b5:
46:e5:22:9f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
N0Q1MDExMC8GA1UEBRMoN0ZBODNGNjIwNDA0NUE3OTU2MjJGM0VERkUwNzE1Q0M5
MTU4OTQ4QzAeFw0yMjAzMDcwMDMzNTNaFw0yMjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMjU1MmYxLWU3M2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXkjyFlAKFHnvZvsd5ZfcxjkDeLLSo70YY+xMepdCcJldB1RtWj9/TkFFjAIfZ
on46dJzhCRJaGOwj/e+4krpnjvotg+Lc4yVQiQF6hoFh8j4OPJmseQIqmzvDvR3w
XRw6I4QK2qWEl2v4hfunxItaL7yQ5yu6b/Zz2CURP2W6jntr21PmaHYUbc0qnXOh
ZExTYivN54VhQfpU7pash1fosA+1yY5Aczk1/M4Pbm3nEbYs1/AETSvXw4JcpO1E
IjKgNBQACYQk1Yxgl6LdFhxJumnrJHQgwqwaVpMwxmTOl95Ep13VykW2lysx7GBc
zEcOqmwqesKVB4/16Xyyq1uBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUI+gkF5qt
IGwkKrYodYncg/IdMvQwHwYDVR0jBBgwFoAUf6g/YgQEWnlWIvPt/gcVzJFYlIww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3RDUwLzZDRDUyNTk4ODRB
NjExRUM5MkY4OUQ0NEM0RjlBRTAyL2Y2Z19ZZ1FFV25sV0l2UHRfZ2NWekpGWWxJ
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZjZnX1lnUUVXbmxXSXZQdF9nY1Z6SkZZbEl3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
N0Q1MC82Q0Q1MjU5ODg0QTYxMUVDOTJGODlENDRDNEY5QUUwMi80MzhGNDZBMjlE
QUUxMUVDOUREMENFNjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcshtDANBgkqhkiG9w0BAQsFAAOCAQEAAaGQLAg3tTU7fD+Q
z9R/PnH3T+gvhuaKFIfODup3hc8k0o61mvu0OSoZAZW3pBb31hHUb+IV76dpoAq6
M84Cf/W3DR0DI6O84ziuYYSPLX7EeXU8ql2ekdoYCl1uKjaut+rq9VPO1J0MDoUC
1j83suKM+uZrrrzFhhhfhnjB3x21BJaXFYkY3qKcRFbc6wr4/OiAwG8sFmiskAxa
iVOtldV1WHHB2FjhzQcKuxT7+21eES4HiWEviIC3lurICbwH/iQ+Uz9NKk17GumH
vnnw4+23WztXSc2Hetc1aTWnW5sAOvzxAkFlbIZIPwIxBeId1pyrECbsBQcUgbW1
RuUinw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org