Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/0B508D96DDBD11ED80796D6EC4F9AE02.roa
File: 0B508D96DDBD11ED80796D6EC4F9AE02.roa (raw, json)
Hash identifier: 5CiTZeMUwouRp5aXzL9fY2xXMmxWVn1yTtR6dQuy+/Q=
Subject key identifier: 45:2E:C6:EC:B9:69:F6:F0:A8:9D:9B:B6:5D:03:B7:DB:24:49:B6:47
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: A0
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/0B508D96DDBD11ED80796D6EC4F9AE02.roa
Signing time: Tue 18 Apr 2023 07:45:53 +0000
ROA not before: Tue 18 Apr 2023 07:45:53 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 211585
IP address blocks: 218.33.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160 (0xa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Apr 18 07:45:53 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=643e4ab1-8c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f9:6c:62:e4:f7:ab:a0:9f:56:a8:fa:9e:e7:
15:49:6d:5f:eb:84:19:0d:1b:04:db:e1:70:85:4f:
9e:5d:83:cc:09:03:7c:70:f0:81:c9:bc:a6:6f:4e:
c9:a2:ea:89:76:f9:c6:5e:f9:9f:46:77:53:26:e7:
d8:c9:8e:49:76:fd:d2:51:37:f3:52:87:7e:e8:eb:
d5:fc:95:4c:39:65:7c:c0:20:00:31:82:8e:7e:77:
2f:8f:61:d1:37:78:61:f0:0c:16:e6:00:ca:52:6e:
c6:74:97:70:d2:92:ef:bc:3d:fe:43:4e:2d:a9:1d:
ae:1b:b7:97:26:49:04:b1:cd:4f:d9:51:c7:3f:2d:
c2:a6:82:14:f4:ee:11:d7:fb:98:99:dc:47:7f:16:
39:c8:62:00:49:a4:54:b7:e1:11:1c:f5:5a:cb:33:
9b:d9:1f:c3:af:9d:51:0f:40:6d:55:ca:f5:7c:2e:
f7:e6:24:28:d9:74:17:7a:3d:5d:ff:25:99:1b:79:
3a:a7:42:71:e5:1c:9f:ad:64:9e:99:9d:ca:cd:65:
cc:3f:55:9c:d6:9d:75:54:8e:4c:25:d5:e9:f1:99:
78:a7:08:07:8e:44:c4:bd:5c:d0:a1:aa:1b:da:ce:
f7:55:40:69:58:fd:4f:5c:f6:66:4d:3e:56:c9:90:
d0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2E:C6:EC:B9:69:F6:F0:A8:9D:9B:B6:5D:03:B7:DB:24:49:B6:47
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/0B508D96DDBD11ED80796D6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.72.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:d2:12:57:bf:86:9c:f5:6b:77:7c:59:3b:2d:3c:82:8e:98:
ca:ad:b5:81:a4:67:d6:d4:35:3c:5c:80:22:44:2b:c5:08:97:
ac:df:68:8d:88:45:42:5a:7c:33:49:97:61:15:1e:a1:ab:38:
f6:cd:d2:79:36:53:5f:d5:10:63:79:d8:8a:f1:69:2b:63:87:
7d:37:4c:f6:74:2d:b1:4a:5f:0d:d9:ab:50:aa:e4:c7:89:44:
7b:ea:da:bd:10:e2:aa:5c:16:c6:03:38:68:41:5e:ef:93:98:
b7:72:eb:a4:79:bd:6c:c4:72:3c:6d:21:23:df:1d:9e:87:f1:
89:b7:5b:1e:ca:10:64:e8:2c:32:8a:62:1c:a7:f5:26:a7:29:
e2:bc:3d:0d:2f:8d:1f:9e:39:5d:5f:c0:ac:1f:74:fe:55:d5:
38:05:82:d0:a5:46:83:be:bf:5b:2f:03:95:ea:58:1d:13:bb:
0b:77:3d:d6:fc:91:8e:f2:7c:c5:1d:7f:49:2e:17:28:8a:02:
56:d7:66:a0:d5:4a:aa:dc:b9:c0:58:7e:a0:17:63:6f:33:98:
bb:29:00:04:d5:39:d3:07:ad:96:1a:1f:f1:17:9e:09:05:38:
40:fe:1e:32:04:79:46:39:15:9f:8e:17:9c:2e:53:9e:a2:f3:
f4:f1:53:5d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjMwNDE4MDc0NTUzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNlNGFiMS04YzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqPlsYuT3q6CfVqj6nucVSW1f64QZDRsE2+FwhU+eXYPMCQN8cPCBybymb07J
ouqJdvnGXvmfRndTJufYyY5Jdv3SUTfzUod+6OvV/JVMOWV8wCAAMYKOfncvj2HR
N3hh8AwW5gDKUm7GdJdw0pLvvD3+Q04tqR2uG7eXJkkEsc1P2VHHPy3CpoIU9O4R
1/uYmdxHfxY5yGIASaRUt+ERHPVayzOb2R/Dr51RD0BtVcr1fC735iQo2XQXej1d
/yWZG3k6p0Jx5RyfrWSemZ3KzWXMP1Wc1p11VI5MJdXp8Zl4pwgHjkTEvVzQoaob
2s73VUBpWP1PXPZmTT5WyZDQawIDAQABo4IClTCCApEwHQYDVR0OBBYEFEUuxuy5
afbwqJ2btl0Dt9skSbZHMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvMEI1MDhEOTZE
REJEMTFFRDgwNzk2RDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALaIUgwDQYJKoZIhvcNAQELBQADggEBANPSEle/hpz1a3d8
WTstPIKOmMqttYGkZ9bUNTxcgCJEK8UIl6zfaI2IRUJafDNJl2EVHqGrOPbN0nk2
U1/VEGN52IrxaStjh303TPZ0LbFKXw3Zq1Cq5MeJRHvq2r0Q4qpcFsYDOGhBXu+T
mLdy66R5vWzEcjxtISPfHZ6H8Ym3Wx7KEGToLDKKYhyn9SanKeK8PQ0vjR+eOV1f
wKwfdP5V1TgFgtClRoO+v1svA5XqWB0Tuwt3Pdb8kY7yfMUdf0kuFyiKAlbXZqDV
SqrcucBYfqAXY28zmLspAATVOdMHrZYaH/EXngkFOED+HjIEeUY5FZ+OF5wuU56i
8/TxU10=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org