Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/AAFCD96C8C8C11ED8FF67F63C4F9AE02.roa
File: AAFCD96C8C8C11ED8FF67F63C4F9AE02.roa (raw, json)
Hash identifier: 3LT58ck/23+aPZ9OEYqN1mSrcZm+SfV43QM6aRn+kzg=
Subject key identifier: A0:4F:02:3E:D5:36:5E:98:FE:F5:04:EC:24:03:D2:7C:FF:3D:BB:08
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 57
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/AAFCD96C8C8C11ED8FF67F63C4F9AE02.roa
Signing time: Thu 12 Jan 2023 00:44:31 +0000
ROA not before: Thu 12 Jan 2023 00:44:31 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 49999
IP address blocks: 218.33.100.0/22 maxlen: 22
218.33.112.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87 (0x57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Jan 12 00:44:31 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63bf57ef-48b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:66:27:05:84:82:ad:da:30:e9:58:1a:a9:34:
fd:6b:10:a6:d1:40:fc:5e:ec:2e:f6:48:26:56:6e:
0b:38:7f:44:89:27:54:a4:06:a4:1e:e6:f6:22:0f:
01:0e:2d:0c:97:21:ee:f6:97:d7:68:71:84:6b:f4:
d9:9c:eb:50:aa:dd:94:a2:66:3b:64:a5:1e:ff:a3:
0f:b2:2d:23:5f:36:b3:ac:e6:ec:12:87:bc:e9:88:
17:11:b5:af:02:77:20:64:14:be:7f:69:8d:8f:1e:
bf:72:47:9b:cb:6e:ef:7b:26:4b:f6:20:8c:fb:08:
28:24:1e:09:35:7b:18:b2:15:2a:de:cc:99:e6:b1:
9a:77:50:5e:51:08:6b:44:3e:8f:63:b3:de:9d:3d:
7c:1d:85:c9:aa:11:ec:11:94:a3:58:9d:9f:67:07:
80:ac:1e:3a:6f:c8:6b:0c:4d:97:dc:bd:4d:4a:da:
3d:4f:77:48:8b:ae:d3:91:6d:ee:f1:08:76:45:f9:
81:5f:d2:44:77:65:38:ef:6f:2d:92:2f:f9:a0:8c:
6c:7a:06:62:d6:48:ce:b1:fa:9b:8c:ad:3e:60:ce:
b3:58:4d:4b:df:a0:0c:c2:f8:7a:d0:ec:39:3d:a4:
d2:09:59:a5:6e:4b:66:79:2d:8d:a6:bd:ed:0c:47:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4F:02:3E:D5:36:5E:98:FE:F5:04:EC:24:03:D2:7C:FF:3D:BB:08
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/AAFCD96C8C8C11ED8FF67F63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.100.0/22
218.33.112.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:84:c6:c3:10:67:25:43:90:a2:27:28:f2:ae:a6:fb:99:0d:
8f:a5:cb:8e:3a:99:bc:70:9f:d2:da:75:d7:c5:86:f1:78:02:
57:78:93:c3:73:c8:fe:3e:bd:9c:70:a6:12:ec:8d:c9:1c:ff:
de:6b:d6:75:e8:ba:77:a3:99:6b:79:88:76:4f:a2:48:02:ab:
2e:48:c6:f7:f5:53:51:56:ea:d7:12:46:ef:28:47:ba:39:80:
d0:17:1b:df:2d:3c:5f:44:11:78:01:0d:71:85:35:0e:ff:d3:
d3:5b:c6:51:74:64:bd:56:d3:a2:8e:3c:dc:72:de:f3:b3:8f:
25:bb:c7:20:87:cd:53:f0:21:13:90:af:a2:1a:f5:28:43:9d:
2d:10:ad:49:22:10:53:d9:0c:33:5d:5a:dc:2a:9f:0a:59:29:
f3:7c:cc:48:05:06:82:0c:69:df:74:42:df:8e:d0:9a:44:37:
c8:84:20:25:68:2b:27:c3:43:1a:bb:e4:24:19:74:57:99:2c:
9b:3a:4f:ee:42:2d:13:f6:45:eb:7c:34:63:38:ae:86:e9:e5:
fd:8a:1f:d2:bd:db:2f:89:5c:fd:d3:61:a6:da:b0:d8:08:44:
99:da:c5:9b:cb:54:94:06:38:d0:56:84:2e:8e:3a:b2:f2:44:
16:b9:2d:74
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MkMxODExMC8GA1UEBRMoRjFGRTBDMzI3RTc5RTVBRjQzRTE1QjBFNkY4Q0Q2NkMw
MzI5RDEzODAeFw0yMzAxMTIwMDQ0MzFaFw0yMzEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYmY1N2VmLTQ4YjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgZicFhIKt2jDpWBqpNP1rEKbRQPxe7C72SCZWbgs4f0SJJ1SkBqQe5vYiDwEO
LQyXIe72l9docYRr9Nmc61Cq3ZSiZjtkpR7/ow+yLSNfNrOs5uwSh7zpiBcRta8C
dyBkFL5/aY2PHr9yR5vLbu97Jkv2IIz7CCgkHgk1exiyFSrezJnmsZp3UF5RCGtE
Po9js96dPXwdhcmqEewRlKNYnZ9nB4CsHjpvyGsMTZfcvU1K2j1Pd0iLrtORbe7x
CHZF+YFf0kR3ZTjvby2SL/mgjGx6BmLWSM6x+puMrT5gzrNYTUvfoAzC+HrQ7Dk9
pNIJWaVuS2Z5LY2mve0MRzaxAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUoE8CPtU2
Xpj+9QTsJAPSfP89uwgwHwYDVR0jBBgwFoAU8f4MMn555a9D4VsOb4zWbAMp0Tgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkyQzE4LzlBNUVFQThDM0RG
NDExRUQ4MDQxRjkzMEM0RjlBRTAyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBU
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOGY0TU1uNTU1YTlENFZzT2I0eldiQU1wMFRnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MkMxOC85QTVFRUE4QzNERjQxMUVEODA0MUY5MzBDNEY5QUUwMi9BQUZDRDk2QzhD
OEMxMUVEOEZGNjdGNjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAtohZAMEAtohcDANBgkqhkiG9w0BAQsFAAOCAQEAbYTGwxBn
JUOQoico8q6m+5kNj6XLjjqZvHCf0tp118WG8XgCV3iTw3PI/j69nHCmEuyNyRz/
3mvWdei6d6OZa3mIdk+iSAKrLkjG9/VTUVbq1xJG7yhHujmA0Bcb3y08X0QReAEN
cYU1Dv/T01vGUXRkvVbToo483HLe87OPJbvHIIfNU/AhE5Cvohr1KEOdLRCtSSIQ
U9kMM11a3CqfClkp83zMSAUGggxp33RC347QmkQ3yIQgJWgrJ8NDGrvkJBl0V5ks
mzpP7kItE/ZF63w0Yziuhunl/Yof0r3bL4lc/dNhptqw2AhEmdrFm8tUlAY40FaE
Lo46svJEFrktdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org