Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B834D/3A2C5196ADA111EDAB6DF42DC4F9AE02/620BA5BEADA511EDB2C68947C4F9AE02.roa
File: 620BA5BEADA511EDB2C68947C4F9AE02.roa (raw, json)
Hash identifier: 8BbhWbFbkhUcPINbvI6+gJ6KoDbtRn2+WkD58mWBcUc=
Subject key identifier: 4A:A4:15:5A:9B:39:8E:2E:17:3F:04:49:BE:AF:F8:AF:64:57:1E:69
Certificate issuer: /CN=A91B834D/serialNumber=D0E54405B03D3D123459DE01BB400F4D7A8329D0
Certificate serial: 03
Authority key identifier: D0:E5:44:05:B0:3D:3D:12:34:59:DE:01:BB:40:0F:4D:7A:83:29:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0OVEBbA9PRI0Wd4Bu0APTXqDKdA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B834D/3A2C5196ADA111EDAB6DF42DC4F9AE02/620BA5BEADA511EDB2C68947C4F9AE02.roa
Signing time: Thu 16 Feb 2023 02:55:35 +0000
ROA not before: Thu 16 Feb 2023 02:55:35 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 55884
IP address blocks: 203.13.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B834D/serialNumber=D0E54405B03D3D123459DE01BB400F4D7A8329D0
Validity
Not Before: Feb 16 02:55:35 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63ed9b26-42d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d6:56:f6:a8:da:54:da:4c:37:93:d2:e1:88:
de:a1:f8:b8:64:d5:29:68:8a:d0:50:17:16:e2:6b:
e8:3a:81:e8:94:d4:bb:42:94:ab:8e:56:4b:5c:ef:
5e:a4:f2:45:42:8d:31:43:59:91:f9:8a:b9:39:2f:
a5:6b:b6:b1:9c:10:21:13:24:33:38:68:65:ef:a3:
05:d9:07:3c:f9:1c:7f:1c:88:bb:4d:01:11:c8:a9:
49:2c:fb:07:4a:00:4a:f2:54:0f:d6:04:a3:d8:f0:
ea:d8:73:85:17:82:48:9d:79:83:52:6c:6c:bb:0d:
e5:12:a3:98:f0:c1:4f:6b:f4:ac:df:e2:b5:8c:f5:
24:3c:ed:c3:33:9c:29:72:95:5a:a0:c4:09:dd:85:
b1:3f:f1:99:14:4e:6c:67:b4:4f:b2:94:39:54:8f:
79:be:6c:6a:9a:ed:f5:83:3c:6e:da:d1:25:9e:dc:
bf:b0:4b:c4:90:f5:55:d8:28:b9:55:1d:0f:b4:50:
d3:d4:02:d1:d3:a6:b5:62:32:41:68:41:93:16:b7:
98:28:87:cc:24:b4:6a:e3:81:0e:4c:82:57:06:80:
f1:89:78:b8:b1:89:02:c7:95:80:92:97:1e:49:14:
48:1f:d4:50:f6:28:c9:44:7b:3e:e5:26:8a:2b:20:
93:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A4:15:5A:9B:39:8E:2E:17:3F:04:49:BE:AF:F8:AF:64:57:1E:69
X509v3 Authority Key Identifier:
keyid:D0:E5:44:05:B0:3D:3D:12:34:59:DE:01:BB:40:0F:4D:7A:83:29:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B834D/3A2C5196ADA111EDAB6DF42DC4F9AE02/0OVEBbA9PRI0Wd4Bu0APTXqDKdA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0OVEBbA9PRI0Wd4Bu0APTXqDKdA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B834D/3A2C5196ADA111EDAB6DF42DC4F9AE02/620BA5BEADA511EDB2C68947C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.13.33.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:66:43:53:61:82:e7:26:87:0e:1d:64:71:a7:56:90:8d:9a:
64:0b:61:6f:b4:4a:0d:19:18:14:a6:7c:a5:fa:5d:87:7c:ae:
b7:d9:4f:12:27:0f:1b:19:dc:64:19:6b:d2:e9:26:fc:44:21:
f6:35:f7:89:af:66:37:6e:07:14:ce:78:63:02:d4:49:5f:c1:
2b:e2:04:29:4b:00:7e:75:59:8b:91:36:2c:f8:a6:f4:7c:d0:
ab:24:06:9c:68:d0:4f:35:32:bf:e5:6e:ed:14:e2:df:4a:b2:
aa:e9:5b:68:cb:92:1b:29:69:42:e3:4f:d2:95:25:22:f3:f4:
1b:7f:d9:2a:9d:ca:f6:a5:86:c7:13:ee:f4:c3:12:2d:dc:74:
47:f8:6b:86:a3:5f:60:5f:9c:c9:fa:20:73:90:4a:c5:fa:94:
66:3f:37:9c:d0:ae:4e:ca:21:f8:e9:b8:45:2d:b8:29:49:13:
65:a0:b3:ad:66:ab:20:e7:e9:27:af:9f:91:61:17:7c:27:1a:
e8:4a:4b:ba:ed:04:b6:bb:77:92:95:56:c5:16:67:77:a7:0e:
ed:4d:59:7f:fa:07:d6:42:b2:4b:60:e7:ca:41:eb:46:9b:51:
84:32:26:6b:9a:84:a1:78:0f:5e:a8:f7:b1:dc:b1:39:08:d7:
d3:e1:c3:38
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODM0RDExMC8GA1UEBRMoRDBFNTQ0MDVCMDNEM0QxMjM0NTlERTAxQkI0MDBGNEQ3
QTgzMjlEMDAeFw0yMzAyMTYwMjU1MzVaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzZWQ5YjI2LTQyZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCu1lb2qNpU2kw3k9LhiN6h+Lhk1SloitBQFxbia+g6geiU1LtClKuOVktc716k
8kVCjTFDWZH5irk5L6VrtrGcECETJDM4aGXvowXZBzz5HH8ciLtNARHIqUks+wdK
AEryVA/WBKPY8OrYc4UXgkideYNSbGy7DeUSo5jwwU9r9Kzf4rWM9SQ87cMznCly
lVqgxAndhbE/8ZkUTmxntE+ylDlUj3m+bGqa7fWDPG7a0SWe3L+wS8SQ9VXYKLlV
HQ+0UNPUAtHTprViMkFoQZMWt5goh8wktGrjgQ5MglcGgPGJeLixiQLHlYCSlx5J
FEgf1FD2KMlEez7lJoorIJNNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUSqQVWps5
ji4XPwRJvq/4r2RXHmkwHwYDVR0jBBgwFoAU0OVEBbA9PRI0Wd4Bu0APTXqDKdAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4MzRELzNBMkM1MTk2QURB
MTExRURBQjZERjQyREM0RjlBRTAyLzBPVkVCYkE5UFJJMFdkNEJ1MEFQVFhxREtk
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvME9WRUJiQTlQUkkwV2Q0QnUwQVBUWHFES2RBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODM0RC8zQTJDNTE5NkFEQTExMUVEQUI2REY0MkRDNEY5QUUwMi82MjBCQTVCRUFE
QTUxMUVEQjJDNjg5NDdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsNITANBgkqhkiG9w0BAQsFAAOCAQEArWZDU2GC5yaHDh1k
cadWkI2aZAthb7RKDRkYFKZ8pfpdh3yut9lPEicPGxncZBlr0ukm/EQh9jX3ia9m
N24HFM54YwLUSV/BK+IEKUsAfnVZi5E2LPim9HzQqyQGnGjQTzUyv+Vu7RTi30qy
qulbaMuSGylpQuNP0pUlIvP0G3/ZKp3K9qWGxxPu9MMSLdx0R/hrhqNfYF+cyfog
c5BKxfqUZj83nNCuTsoh+Om4RS24KUkTZaCzrWarIOfpJ6+fkWEXfCca6EpLuu0E
trt3kpVWxRZnd6cO7U1Zf/oH1kKyS2DnykHrRptRhDIma5qEoXgPXqj3sdyxOQjX
0+HDOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org