Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/3E03C62E808911EBADF0BD20C4F9AE02.roa
File: 3E03C62E808911EBADF0BD20C4F9AE02.roa (raw, json)
Hash identifier: P1z4hxbbKYFPqwuPSYMMSRIh8/tCqne+wHkK/zKrAWs=
Subject key identifier: 1D:DA:9D:03:5F:F3:F5:8A:63:C4:AF:5F:C6:F4:5F:DE:05:EC:B1:C1
Certificate issuer: /CN=A91971CB/serialNumber=319B3144F06A8F2B30D412071FE1210774FE86E7
Certificate serial: 04B1
Authority key identifier: 31:9B:31:44:F0:6A:8F:2B:30:D4:12:07:1F:E1:21:07:74:FE:86:E7
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/MZsxRPBqjysw1BIHH-EhB3T-huc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/3E03C62E808911EBADF0BD20C4F9AE02.roa
Signing time: Wed 04 Jan 2023 15:51:01 +0000
ROA not before: Wed 04 Jan 2023 15:51:01 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 56038
IP address blocks: 185.207.8.0/22 maxlen: 22
185.207.8.0/24 maxlen: 24
185.207.9.0/24 maxlen: 24
185.207.10.0/24 maxlen: 24
185.207.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1201 (0x4b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91971CB/serialNumber=319B3144F06A8F2B30D412071FE1210774FE86E7
Validity
Not Before: Jan 4 15:51:01 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=63b5a064-0007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d3:9c:0f:71:4e:63:cc:4f:27:6b:b1:16:92:
3c:2b:ba:9c:7e:e3:89:c9:8c:b9:8c:b7:46:7e:03:
f7:ba:53:36:06:36:d4:4e:16:b1:9e:6e:20:9e:b6:
c9:80:b7:de:22:08:f9:b6:a7:62:ab:6d:d5:39:eb:
11:0e:69:1a:ca:29:11:1c:d4:be:bc:48:87:78:18:
e7:6e:fe:1e:8f:c0:90:91:c9:6e:62:b2:6c:3f:cc:
35:70:16:fd:e2:7e:18:72:f1:48:44:05:d9:c2:b1:
3d:2c:a1:84:ad:82:d4:12:c5:1e:54:49:9a:29:cf:
b2:c8:fd:da:02:37:a2:0b:2a:3d:b7:75:c0:3a:dc:
f7:30:e3:d9:f9:52:eb:cf:89:df:dc:15:18:05:b1:
aa:a1:3c:ed:a2:8c:a0:4c:24:32:cd:6d:a9:23:3f:
31:1c:33:b4:82:33:03:7a:31:a9:2f:c2:2c:9c:0d:
a8:fb:4e:b2:46:7e:6a:27:ca:89:54:62:88:5d:2d:
03:c7:90:38:47:4c:af:5c:e7:55:df:01:67:47:09:
f6:ea:75:09:17:87:37:04:81:44:ac:af:4c:29:ac:
30:a9:c2:8b:5c:df:e5:ea:80:d1:c6:69:6d:c3:d7:
73:c5:2a:9b:35:2d:1f:73:35:6c:7f:6d:50:bd:29:
52:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DA:9D:03:5F:F3:F5:8A:63:C4:AF:5F:C6:F4:5F:DE:05:EC:B1:C1
X509v3 Authority Key Identifier:
keyid:31:9B:31:44:F0:6A:8F:2B:30:D4:12:07:1F:E1:21:07:74:FE:86:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/MZsxRPBqjysw1BIHH-EhB3T-huc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/MZsxRPBqjysw1BIHH-EhB3T-huc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/3E03C62E808911EBADF0BD20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
185.207.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:7f:12:21:e3:68:92:78:1b:70:a8:bd:84:43:3b:ce:76:c2:
54:0b:ae:ea:b3:ae:91:e2:a0:e8:fa:cb:91:3c:f6:a9:64:80:
b4:ec:ba:0d:c4:a0:59:79:f4:40:84:ae:5e:8d:d2:b3:5b:6b:
7b:cf:c3:1a:2f:95:da:b8:5a:ff:c6:cb:ba:08:ff:bf:98:c5:
58:85:9a:2b:fb:f6:df:d8:34:f0:3a:7c:85:8a:08:8a:a5:9a:
78:01:fc:82:45:18:48:82:82:bc:35:46:aa:94:95:34:64:4c:
19:81:48:c6:19:ec:18:c8:0d:a5:ff:48:c5:50:b1:ba:d9:d2:
c4:a1:2f:f6:4d:12:8c:a6:74:b4:93:29:e4:2b:c7:e2:63:b9:
78:d2:95:67:ff:25:94:93:e2:d1:15:4e:fb:73:e5:47:98:c2:
09:6f:6a:cb:7f:c6:7d:19:e9:2d:78:50:23:f5:5e:f7:5b:7f:
bd:43:a2:d0:3c:31:23:ce:7a:dc:8e:ec:81:cb:c5:1e:03:89:
a3:4c:2d:ef:56:d3:fe:5f:48:5c:b0:43:c5:07:3a:da:0b:f5:
bf:3b:35:e8:6f:cc:24:ca:a3:85:9c:a9:32:6e:ae:fe:24:0c:
e5:4f:f6:c8:f2:c7:7f:f4:b4:2f:19:25:86:31:af:ef:00:8a:
60:7a:3b:7f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcxQ0IxMTAvBgNVBAUTKDMxOUIzMTQ0RjA2QThGMkIzMEQ0MTIwNzFGRTEyMTA3
NzRGRTg2RTcwHhcNMjMwMTA0MTU1MTAxWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I1YTA2NC0wMDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnNOcD3FOY8xPJ2uxFpI8K7qcfuOJyYy5jLdGfgP3ulM2BjbUThaxnm4gnrbJ
gLfeIgj5tqdiq23VOesRDmkayikRHNS+vEiHeBjnbv4ej8CQkcluYrJsP8w1cBb9
4n4YcvFIRAXZwrE9LKGErYLUEsUeVEmaKc+yyP3aAjeiCyo9t3XAOtz3MOPZ+VLr
z4nf3BUYBbGqoTztooygTCQyzW2pIz8xHDO0gjMDejGpL8IsnA2o+06yRn5qJ8qJ
VGKIXS0Dx5A4R0yvXOdV3wFnRwn26nUJF4c3BIFErK9MKawwqcKLXN/l6oDRxmlt
w9dzxSqbNS0fczVsf21QvSlS+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFB3anQNf
8/WKY8SvX8b0X94F7LHBMB8GA1UdIwQYMBaAFDGbMUTwao8rMNQSBx/hIQd0/obn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzFDQi8wMTBFQjI4ODgw
ODkxMUVCOEI1MDVGMjBDNEY5QUUwMi9NWnN4UlBCcWp5c3cxQklISC1FaEIzVC1o
dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL01ac3hSUEJxanlzdzFCSUhILUVoQjNULWh1Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTcxQ0IvMDEwRUIyODg4MDg5MTFFQjhCNTA1RjIwQzRGOUFFMDIvM0UwM0M2MkU4
MDg5MTFFQkFERjBCRDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAK5zwgwDQYJKoZIhvcNAQELBQADggEBALd/EiHjaJJ4G3Co
vYRDO852wlQLruqzrpHioOj6y5E89qlkgLTsug3EoFl59ECErl6N0rNba3vPwxov
ldq4Wv/Gy7oI/7+YxViFmiv79t/YNPA6fIWKCIqlmngB/IJFGEiCgrw1RqqUlTRk
TBmBSMYZ7BjIDaX/SMVQsbrZ0sShL/ZNEoymdLSTKeQrx+JjuXjSlWf/JZST4tEV
Tvtz5UeYwglvast/xn0Z6S14UCP1Xvdbf71DotA8MSPOetyO7IHLxR4DiaNMLe9W
0/5fSFywQ8UHOtoL9b87NehvzCTKo4WcqTJurv4kDOVP9sjyx3/0tC8ZJYYxr+8A
imB6O38=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org