Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/F9F71E9E186D11EDB9E49F24C4F9AE02.roa
File: F9F71E9E186D11EDB9E49F24C4F9AE02.roa (raw, json)
Hash identifier: UViFxY8pYzAKuoKzySIxkxIqWxhOAqLpE2BMEWXhY8E=
Subject key identifier: 22:E6:EC:1D:D9:C5:4D:80:43:6A:BA:90:4A:01:A2:2E:19:9E:C8:07
Certificate issuer: /CN=A9155AE4/serialNumber=3CF91608226819C3E9DA84D1195B5326F9249FBD
Certificate serial: 5C
Authority key identifier: 3C:F9:16:08:22:68:19:C3:E9:DA:84:D1:19:5B:53:26:F9:24:9F:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PPkWCCJoGcPp2oTRGVtTJvkkn70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/F9F71E9E186D11EDB9E49F24C4F9AE02.roa
Signing time: Mon 29 Aug 2022 23:43:53 +0000
ROA not before: Mon 29 Aug 2022 23:43:53 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 24017
IP address blocks: 202.10.240.0/22 maxlen: 22
203.22.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92 (0x5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155AE4/serialNumber=3CF91608226819C3E9DA84D1195B5326F9249FBD
Validity
Not Before: Aug 29 23:43:53 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=630d4f39-64f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dc:43:91:41:f9:69:4e:f4:08:35:a6:9b:88:
d6:6c:45:39:8c:3c:11:a2:12:b1:75:e5:65:30:28:
1e:48:23:d7:2b:80:fd:1b:a2:39:4a:36:de:af:42:
de:b4:33:44:97:2f:c2:3d:e6:22:6e:4a:1a:46:8b:
2a:f3:f1:1b:7d:3a:62:63:e7:44:cc:90:8a:26:ba:
21:28:b2:f2:21:f7:72:c9:56:6d:a6:d7:fb:ce:e9:
86:c1:64:4a:b8:78:b7:98:dc:19:f5:80:eb:f2:33:
5d:90:8c:ea:d6:91:c9:ee:41:0d:b9:ef:b3:18:ee:
8d:b1:b6:1f:18:14:c1:d6:7c:63:55:07:33:87:78:
27:02:7d:ee:99:39:0a:eb:21:7c:86:22:2d:9f:70:
73:6a:49:ab:13:f1:1a:1f:ad:de:d8:aa:33:ce:64:
38:9f:91:34:50:57:c9:17:ad:94:20:26:56:84:bd:
0f:5f:43:64:92:5d:5f:47:32:f7:00:46:85:7f:83:
d0:f3:0f:23:f5:c2:60:ad:0d:ad:b2:f9:ab:55:ea:
9c:08:03:cf:13:e8:68:86:9a:9e:f0:14:50:6a:90:
1d:fc:13:0c:16:a8:f2:c2:67:14:a2:94:32:31:c0:
27:7a:1d:53:dc:94:aa:e0:25:de:42:20:44:ef:e2:
91:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E6:EC:1D:D9:C5:4D:80:43:6A:BA:90:4A:01:A2:2E:19:9E:C8:07
X509v3 Authority Key Identifier:
keyid:3C:F9:16:08:22:68:19:C3:E9:DA:84:D1:19:5B:53:26:F9:24:9F:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/PPkWCCJoGcPp2oTRGVtTJvkkn70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PPkWCCJoGcPp2oTRGVtTJvkkn70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/F9F71E9E186D11EDB9E49F24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.10.240.0/22
203.22.11.0/24
Signature Algorithm: sha256WithRSAEncryption
be:1b:00:e4:ac:c6:cb:d1:4b:3f:54:e6:25:b8:e0:76:8d:d3:
84:b7:5a:43:93:1c:d9:42:30:b6:fa:0b:75:e2:ed:99:03:2b:
d7:39:fc:93:25:5a:c2:8c:f4:b1:06:a5:f8:81:a6:8f:c2:da:
0f:50:99:e3:5e:4a:8e:45:6b:f8:1a:ca:e9:9a:87:0e:e1:d4:
6a:c1:7b:60:81:22:d8:6a:0c:36:8d:e4:b2:ec:1d:39:37:44:
09:ee:16:5c:70:50:ec:6f:7f:0c:d6:cc:90:80:a1:e8:42:89:
d4:e8:46:d4:f9:c8:ec:d5:24:fb:ac:79:1e:6a:30:60:25:cc:
b8:12:37:39:b1:46:b1:10:ff:8d:15:fa:d3:25:80:9d:fd:c7:
14:5f:50:29:2f:ab:70:e5:a6:f0:e4:b3:fc:b2:0c:2d:9c:e9:
57:3f:fc:e1:1d:e2:ee:35:b4:9d:19:cb:bf:4e:d7:9f:95:0d:
94:cb:71:3f:8b:fa:bd:71:b2:c9:7f:e0:34:35:18:20:15:f9:
ed:62:ae:c2:1b:33:5d:ff:ea:91:20:0b:15:80:8a:f2:33:fc:
b0:26:23:c6:5b:60:5a:65:10:2b:2c:f8:b0:37:5b:15:42:21:
64:5c:12:13:95:13:5b:6e:2f:ae:c2:70:30:2d:04:6c:ba:ef:
ff:fe:0b:c3
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NUFFNDExMC8GA1UEBRMoM0NGOTE2MDgyMjY4MTlDM0U5REE4NEQxMTk1QjUzMjZG
OTI0OUZCRDAeFw0yMjA4MjkyMzQzNTNaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzMGQ0ZjM5LTY0ZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDC3EORQflpTvQINaabiNZsRTmMPBGiErF15WUwKB5II9crgP0bojlKNt6vQt60
M0SXL8I95iJuShpGiyrz8Rt9OmJj50TMkIomuiEosvIh93LJVm2m1/vO6YbBZEq4
eLeY3Bn1gOvyM12QjOrWkcnuQQ2577MY7o2xth8YFMHWfGNVBzOHeCcCfe6ZOQrr
IXyGIi2fcHNqSasT8Rofrd7YqjPOZDifkTRQV8kXrZQgJlaEvQ9fQ2SSXV9HMvcA
RoV/g9DzDyP1wmCtDa2y+atV6pwIA88T6GiGmp7wFFBqkB38EwwWqPLCZxSilDIx
wCd6HVPclKrgJd5CIETv4pGlAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUIubsHdnF
TYBDarqQSgGiLhmeyAcwHwYDVR0jBBgwFoAUPPkWCCJoGcPp2oTRGVtTJvkkn70w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1QUU0L0U1RDZEMEFDMDY1
MzExRUQ4MjdCRUY1NEM0RjlBRTAyL1BQa1dDQ0pvR2NQcDJvVFJHVnRUSnZra243
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUFBrV0NDSm9HY1BwMm9UUkdWdFRKdmtrbjcwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NUFFNC9FNUQ2RDBBQzA2NTMxMUVEODI3QkVGNTRDNEY5QUUwMi9GOUY3MUU5RTE4
NkQxMUVEQjlFNDlGMjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAsoK8AMEAMsWCzANBgkqhkiG9w0BAQsFAAOCAQEAvhsA5KzG
y9FLP1TmJbjgdo3ThLdaQ5Mc2UIwtvoLdeLtmQMr1zn8kyVawoz0sQal+IGmj8La
D1CZ415KjkVr+BrK6ZqHDuHUasF7YIEi2GoMNo3ksuwdOTdECe4WXHBQ7G9/DNbM
kICh6EKJ1OhG1PnI7NUk+6x5HmowYCXMuBI3ObFGsRD/jRX60yWAnf3HFF9QKS+r
cOWm8OSz/LIMLZzpVz/84R3i7jW0nRnLv07Xn5UNlMtxP4v6vXGyyX/gNDUYIBX5
7WKuwhszXf/qkSALFYCK8jP8sCYjxltgWmUQKyz4sDdbFUIhZFwSE5UTW24vrsJw
MC0EbLrv//4Lww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org