Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/65DE2DD4D3B811EAB9657979C4F9AE02.roa
File: 65DE2DD4D3B811EAB9657979C4F9AE02.roa (raw, json)
Hash identifier: iMRY90wmZvjmITvzL+p+nk3fdn8VCrZjDagOYI+kW1U=
Subject key identifier: 2F:72:B3:10:E7:B9:24:52:9A:A8:F3:2D:A4:33:1E:E0:59:46:3B:52
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 13F1
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/65DE2DD4D3B811EAB9657979C4F9AE02.roa
Signing time: Fri 18 Feb 2022 06:25:00 +0000
ROA not before: Fri 18 Feb 2022 06:25:00 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 9328
IP address blocks: 202.137.192.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5105 (0x13f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 18 06:25:00 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=620f3bbc-5aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a1:45:c8:84:00:9c:84:eb:b5:04:13:28:ef:
04:15:6c:39:7d:d4:19:92:67:c4:fb:29:00:ba:10:
52:b3:de:3b:45:ae:44:51:e7:71:af:01:e9:da:aa:
e2:60:b7:60:a1:88:67:ba:4e:4b:5f:64:be:91:81:
fa:16:f5:dd:8a:72:97:8c:eb:05:04:24:6f:3f:79:
74:23:a1:5f:b7:46:96:e2:1a:51:67:fb:05:74:32:
00:ee:53:5a:cd:79:40:12:b0:b1:b1:fa:28:60:a3:
53:fa:7c:e5:a2:a7:69:26:df:aa:c4:ad:4d:d9:90:
30:25:d5:33:74:7e:5e:4d:90:f5:ad:7c:c1:50:d2:
3f:02:6c:a0:18:34:58:12:1d:22:26:ed:8b:5b:df:
f7:90:ce:df:23:ea:2a:55:5f:60:98:ad:ba:dc:99:
b4:c9:03:60:fd:71:b7:36:e1:e5:0f:a1:8d:53:32:
2a:41:5b:d9:cc:3b:46:43:73:fe:d1:8f:3b:41:c9:
ac:c6:02:9e:2e:27:0f:45:d9:60:8e:28:18:ea:c7:
bd:2c:ab:e7:71:01:fc:30:e8:3b:68:01:4c:ed:97:
29:6d:df:ea:7e:49:b9:3a:e5:5c:f1:ff:e2:af:34:
4c:0f:c8:b0:1f:f8:73:d4:f0:28:b2:d4:15:ab:64:
3f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:72:B3:10:E7:B9:24:52:9A:A8:F3:2D:A4:33:1E:E0:59:46:3B:52
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/65DE2DD4D3B811EAB9657979C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.137.192.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:03:26:d5:bf:24:28:76:03:a4:9e:cb:f9:18:77:b1:83:bd:
fa:4d:00:bc:d9:55:cc:f7:3c:7c:33:45:5f:f6:15:cc:1e:08:
76:85:ad:2b:bf:a0:d3:48:ba:e5:ea:93:a7:a2:1b:63:a9:40:
cf:1b:8d:b3:c2:b3:94:21:a3:ab:0c:e9:47:1a:f0:8c:b4:69:
24:da:4d:5b:0d:98:79:29:c8:66:99:c5:f4:6d:91:c0:a2:96:
d0:03:e0:3a:42:ec:0f:01:4b:76:21:14:c7:00:e7:d4:d2:68:
5a:ce:bb:6d:77:bd:87:59:fe:b8:53:f9:29:e9:b8:65:7d:c1:
c1:11:4c:08:a7:cd:64:06:f1:e1:39:1b:2c:f0:f2:bf:1b:5d:
34:48:73:3a:d1:cc:6e:4c:c7:d9:60:37:65:ac:38:7a:86:2d:
01:99:d7:d6:60:ef:35:37:e4:e9:0e:72:b1:48:f3:cd:1a:90:
ac:a1:5a:66:34:17:3d:55:67:f1:d9:16:59:94:64:24:fa:79:
1f:c4:78:0c:8f:71:9c:48:46:cc:00:00:3f:60:55:ae:fd:db:
02:e6:31:b2:49:56:75:1c:7e:7e:5b:5c:9c:6a:61:9c:2a:e2:
91:ac:18:98:fd:36:bc:09:e2:36:a3:05:df:02:46:a0:81:d9:
e3:cd:08:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICE/EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjIwMjE4MDYyNTAwWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBmM2JiYy01YWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyaFFyIQAnITrtQQTKO8EFWw5fdQZkmfE+ykAuhBSs947Ra5EUedxrwHp2qri
YLdgoYhnuk5LX2S+kYH6FvXdinKXjOsFBCRvP3l0I6Fft0aW4hpRZ/sFdDIA7lNa
zXlAErCxsfooYKNT+nzloqdpJt+qxK1N2ZAwJdUzdH5eTZD1rXzBUNI/AmygGDRY
Eh0iJu2LW9/3kM7fI+oqVV9gmK263Jm0yQNg/XG3NuHlD6GNUzIqQVvZzDtGQ3P+
0Y87QcmsxgKeLicPRdlgjigY6se9LKvncQH8MOg7aAFM7Zcpbd/qfkm5OuVc8f/i
rzRMD8iwH/hz1PAostQVq2Q/+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFC9ysxDn
uSRSmqjzLaQzHuBZRjtSMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNjVERTJERDRE
M0I4MTFFQUI5NjU3OTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPKicAwDQYJKoZIhvcNAQELBQADggEBAI8DJtW/JCh2A6Se
y/kYd7GDvfpNALzZVcz3PHwzRV/2FcweCHaFrSu/oNNIuuXqk6eiG2OpQM8bjbPC
s5Qho6sM6Uca8Iy0aSTaTVsNmHkpyGaZxfRtkcCiltAD4DpC7A8BS3YhFMcA59TS
aFrOu213vYdZ/rhT+SnpuGV9wcERTAinzWQG8eE5Gyzw8r8bXTRIczrRzG5Mx9lg
N2WsOHqGLQGZ19Zg7zU35OkOcrFI880akKyhWmY0Fz1VZ/HZFlmUZCT6eR/EeAyP
cZxIRswAAD9gVa792wLmMbJJVnUcfn5bXJxqYZwq4pGsGJj9NrwJ4jajBd8CRqCB
2ePNCAc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org