Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F8346C30F9F811EC8FC36B1EC4F9AE02.roa
File: F8346C30F9F811EC8FC36B1EC4F9AE02.roa (raw, json)
Hash identifier: vaVQrpvOP0wEesPHb1nFog/gMpyeAGbu3QqRf+t6jYc=
Subject key identifier: 70:34:45:5B:E9:E5:C9:56:E4:64:02:3D:0E:63:86:95:DD:0A:A2:53
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3233
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F8346C30F9F811EC8FC36B1EC4F9AE02.roa
Signing time: Sat 02 Jul 2022 11:20:25 +0000
ROA not before: Sat 02 Jul 2022 11:20:25 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 17557
IP address blocks: 202.69.33.0/24 maxlen: 24
202.69.34.0/24 maxlen: 24
202.69.36.0/24 maxlen: 24
202.69.40.0/24 maxlen: 24
202.69.41.0/24 maxlen: 24
202.69.42.0/24 maxlen: 24
202.69.45.0/24 maxlen: 24
202.69.46.0/24 maxlen: 24
202.69.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12851 (0x3233)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Jul 2 11:20:25 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=62c029f9-0ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:71:16:5c:68:f9:f0:10:c7:01:f8:bb:31:02:
43:7d:9d:40:49:88:e7:15:27:23:a5:e3:2f:35:33:
d7:bd:78:00:86:3c:c3:30:56:6c:47:8d:c2:e5:59:
6d:69:e4:19:6a:b3:2d:84:dc:88:75:3e:52:ea:4b:
e8:35:64:01:25:08:98:ef:6d:99:4f:65:37:66:7e:
53:25:ba:b0:bc:b0:94:87:6f:7e:f8:1d:1b:b2:44:
38:73:4c:4a:c8:92:40:b8:3a:b4:b1:88:09:a7:f4:
23:b7:eb:c3:52:b0:1b:f1:95:28:41:5e:18:c3:6c:
58:3d:be:13:c1:83:3b:fb:52:1d:0b:41:8b:35:ec:
de:82:da:b4:9d:6e:24:80:e0:2d:2e:93:cf:2a:7d:
79:72:12:a2:0f:07:a7:27:1f:45:cd:15:f2:5b:f2:
9c:02:4b:86:53:40:c4:b3:31:45:ef:f5:81:bc:7f:
34:f8:f6:52:e5:14:29:a6:e5:73:5f:03:46:c4:0c:
88:b7:14:ee:10:0d:e3:4e:12:1d:b6:4d:9b:83:87:
0f:09:fc:eb:83:b8:31:7b:88:e3:0b:83:7d:32:44:
67:20:68:08:7a:ad:50:e0:c6:e3:6b:7f:0d:1e:7f:
d4:8a:d9:2c:2b:e9:e7:7f:7e:ee:20:25:31:17:d2:
83:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:34:45:5B:E9:E5:C9:56:E4:64:02:3D:0E:63:86:95:DD:0A:A2:53
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F8346C30F9F811EC8FC36B1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.69.33.0-202.69.34.255
202.69.36.0/24
202.69.40.0-202.69.42.255
202.69.45.0-202.69.47.255
Signature Algorithm: sha256WithRSAEncryption
13:9b:4d:e8:18:d0:65:16:ef:d6:7d:57:00:d6:f2:cf:96:f1:
31:06:aa:a2:10:06:c2:0b:b4:8e:cd:c8:0c:7e:b2:f8:4b:8a:
72:37:68:5e:e0:2d:e7:81:dd:aa:f2:c1:16:8e:0e:8b:bf:cd:
75:a6:71:be:78:0d:d5:c9:c7:26:94:75:e1:ae:dd:e1:ac:77:
d6:f0:ce:dd:89:ec:24:6c:bf:b4:6e:7a:3b:28:3e:70:39:08:
e8:26:c0:20:d5:dc:0a:76:55:88:9c:9b:e8:4d:35:9e:0c:ce:
9b:6a:55:62:28:bc:56:4c:29:b4:eb:48:9e:8c:64:e7:77:2c:
51:8d:99:f9:e2:09:28:c8:f9:65:3d:eb:30:52:c5:72:04:3b:
4e:ad:76:d9:eb:76:69:b7:aa:c8:d2:3a:9d:53:d9:ce:65:1d:
dd:cd:46:6e:af:b8:26:51:15:f4:0c:19:91:b4:76:8a:d7:50:
fe:fb:90:69:30:7a:fa:11:c7:e9:cc:ed:71:a7:a6:fd:d3:35:
e2:7a:65:4c:74:dc:af:89:1d:be:51:9c:c9:d3:c0:bc:d8:70:
c8:a5:d5:06:2e:a6:3d:d9:95:3b:d7:33:13:da:59:be:48:15:
e2:fd:7d:14:4d:6e:93:16:07:c4:86:ac:5e:2e:49:2f:cc:42:
19:34:b9:04
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICMjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjIwNzAyMTEyMDI1WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmMwMjlmOS0wZWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm3EWXGj58BDHAfi7MQJDfZ1ASYjnFScjpeMvNTPXvXgAhjzDMFZsR43C5Vlt
aeQZarMthNyIdT5S6kvoNWQBJQiY722ZT2U3Zn5TJbqwvLCUh29++B0bskQ4c0xK
yJJAuDq0sYgJp/Qjt+vDUrAb8ZUoQV4Yw2xYPb4TwYM7+1IdC0GLNezegtq0nW4k
gOAtLpPPKn15chKiDwenJx9FzRXyW/KcAkuGU0DEszFF7/WBvH80+PZS5RQppuVz
XwNGxAyItxTuEA3jThIdtk2bg4cPCfzrg7gxe4jjC4N9MkRnIGgIeq1Q4Mbja38N
Hn/UitksK+nnf37uICUxF9KDVwIDAQABo4ICvzCCArswHQYDVR0OBBYEFHA0RVvp
5clW5GQCPQ5jhpXdCqJTMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRjgzNDZDMzBG
OUY4MTFFQzhGQzM2QjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDAwDAMEAMpFIQMEAMpFIgMEAMpFJDAMAwQDykUoAwQAykUqMAwD
BADKRS0DBATKRSAwDQYJKoZIhvcNAQELBQADggEBABObTegY0GUW79Z9VwDW8s+W
8TEGqqIQBsILtI7NyAx+svhLinI3aF7gLeeB3arywRaODou/zXWmcb54DdXJxyaU
deGu3eGsd9bwzt2J7CRsv7RuejsoPnA5COgmwCDV3Ap2VYicm+hNNZ4MzptqVWIo
vFZMKbTrSJ6MZOd3LFGNmfniCSjI+WU96zBSxXIEO06tdtnrdmm3qsjSOp1T2c5l
Hd3NRm6vuCZRFfQMGZG0dorXUP77kGkwevoRx+nM7XGnpv3TNeJ6ZUx03K+JHb5R
nMnTwLzYcMil1QYupj3ZlTvXMxPaWb5IFeL9fRRNbpMWB8SGrF4uSS/MQhk0uQQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org