Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/033FAA20890B11EE9DC2334EC4F9AE02.roa
File: 033FAA20890B11EE9DC2334EC4F9AE02.roa (raw, json)
Hash identifier: OjOu7VjvGKB8fTJV1Myzg5KQbib7yP+ZbMm0LkQa9rc=
Subject key identifier: 78:7C:A0:01:8C:6F:7D:DC:60:13:3E:0B:10:A1:AE:B4:EC:A3:F3:81
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 342A
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/033FAA20890B11EE9DC2334EC4F9AE02.roa
Signing time: Wed 22 Nov 2023 07:44:49 +0000
ROA not before: Wed 22 Nov 2023 07:44:49 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 141215
IP address blocks: 202.142.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13354 (0x342a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Nov 22 07:44:49 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=655db170-e429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7d:c3:02:c7:06:73:88:17:14:38:7f:f7:1c:
50:66:1e:d1:f7:1a:62:9f:28:30:0a:47:bc:27:e6:
b9:b8:b7:49:35:22:07:fd:2a:3c:91:77:e2:fb:48:
88:54:4c:71:0e:ce:7c:50:04:87:82:29:4e:a5:05:
8d:90:a5:4e:b6:43:54:24:de:96:24:1f:d6:f6:05:
d8:8f:34:e8:d2:53:e7:a3:67:92:52:29:84:c9:1b:
b7:89:7c:3d:a7:04:c4:58:a5:e7:10:96:a3:47:fb:
e0:04:9d:93:a9:b7:20:26:ec:0f:68:80:d3:2b:8a:
55:72:8c:33:9e:d9:3a:d4:d1:c6:dd:27:59:62:60:
e7:56:47:ef:db:2e:22:b3:40:68:3f:49:11:76:73:
31:2e:f9:45:40:e0:a8:d1:61:7d:ed:d2:0e:77:7c:
1a:16:30:de:14:ff:9e:dc:5b:6c:d5:13:88:53:e4:
24:9f:88:2b:96:f2:fe:a5:55:09:0d:b1:c7:62:1c:
fd:b0:59:4f:ac:1a:75:b9:35:1f:bb:0d:ea:dc:96:
51:a6:7f:30:c0:63:62:fd:8b:e3:15:7f:11:c4:fe:
17:d3:76:25:c5:fb:dd:da:df:a3:93:4d:d8:1f:2b:
30:66:e6:81:60:13:04:6d:2d:25:a7:5f:0c:8c:c1:
5c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:7C:A0:01:8C:6F:7D:DC:60:13:3E:0B:10:A1:AE:B4:EC:A3:F3:81
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/033FAA20890B11EE9DC2334EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.142.155.0/24
Signature Algorithm: sha256WithRSAEncryption
14:50:f6:8f:1e:f9:23:67:44:06:d1:4c:31:66:c4:62:87:6b:
5e:67:c8:62:13:41:2f:81:1d:3f:c2:5c:3c:5f:dc:a2:45:fa:
fc:c0:ea:04:ce:e2:d8:04:c2:b4:98:8d:e6:4c:a9:4b:17:2f:
6a:3e:7e:5a:85:51:20:b7:5a:b5:60:14:ad:90:8b:b1:36:be:
3a:03:c0:79:74:ff:65:5d:ce:f3:3a:c6:51:27:19:aa:c1:7e:
1e:58:a8:63:22:80:00:ad:73:dc:04:4b:4f:52:20:63:a4:1f:
e4:69:aa:6d:7b:98:19:e0:d4:a2:e7:7e:a7:1d:15:6e:8b:af:
74:32:33:f4:87:0b:7e:b6:de:77:d0:b8:72:00:4e:19:0a:c2:
cd:fa:32:29:15:32:36:4a:b6:20:2b:20:98:da:5b:14:57:38:
d9:97:38:7b:16:3d:b5:60:22:78:a1:cc:63:8e:21:3b:01:10:
dd:5a:4a:bb:1a:d3:02:ff:3e:84:61:21:1f:9a:2d:7d:4a:85:
ec:20:d7:46:a5:d6:68:13:30:25:ec:3f:92:c1:b0:22:e4:81:
cd:0a:86:5b:00:61:25:01:8c:fa:94:32:3c:a6:2f:48:b3:6e:
5a:50:58:88:44:43:eb:9b:36:85:4b:ea:a4:10:aa:c4:c9:c4:
f6:67:de:da
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMxMTIyMDc0NDQ5WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVkYjE3MC1lNDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwH3DAscGc4gXFDh/9xxQZh7R9xpinygwCke8J+a5uLdJNSIH/So8kXfi+0iI
VExxDs58UASHgilOpQWNkKVOtkNUJN6WJB/W9gXYjzTo0lPno2eSUimEyRu3iXw9
pwTEWKXnEJajR/vgBJ2TqbcgJuwPaIDTK4pVcowzntk61NHG3SdZYmDnVkfv2y4i
s0BoP0kRdnMxLvlFQOCo0WF97dIOd3waFjDeFP+e3Fts1ROIU+Qkn4grlvL+pVUJ
DbHHYhz9sFlPrBp1uTUfuw3q3JZRpn8wwGNi/YvjFX8RxP4X03Ylxfvd2t+jk03Y
HyswZuaBYBMEbS0lp18MjMFccQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHh8oAGM
b33cYBM+CxChrrTso/OBMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMDMzRkFBMjA4
OTBCMTFFRTlEQzIzMzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKjpswDQYJKoZIhvcNAQELBQADggEBABRQ9o8e+SNnRAbR
TDFmxGKHa15nyGITQS+BHT/CXDxf3KJF+vzA6gTO4tgEwrSYjeZMqUsXL2o+flqF
USC3WrVgFK2Qi7E2vjoDwHl0/2VdzvM6xlEnGarBfh5YqGMigACtc9wES09SIGOk
H+Rpqm17mBng1KLnfqcdFW6Lr3QyM/SHC3623nfQuHIAThkKws36MikVMjZKtiAr
IJjaWxRXONmXOHsWPbVgInihzGOOITsBEN1aSrsa0wL/PoRhIR+aLX1Khewg10al
1mgTMCXsP5LBsCLkgc0KhlsAYSUBjPqUMjymL0izblpQWIhEQ+ubNoVL6qQQqsTJ
xPZn3to=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org