Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BFBA63A6E87D11EB91E73C68C4F9AE02.roa
File: BFBA63A6E87D11EB91E73C68C4F9AE02.roa (raw, json)
Hash identifier: uXNXENBHPOFcglbdNkXTXX/Vy07SqMTp0S9wgQYTntI=
Subject key identifier: 72:71:7D:61:DA:50:F6:89:DD:0A:CC:D3:1D:78:71:71:BE:C8:84:A2
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3972
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BFBA63A6E87D11EB91E73C68C4F9AE02.roa
Signing time: Fri 26 Aug 2022 14:52:45 +0000
ROA not before: Fri 26 Aug 2022 14:52:45 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 38733
IP address blocks: 42.96.33.0/24 maxlen: 24
42.96.36.0/24 maxlen: 24
42.96.37.0/24 maxlen: 24
2402:5300:4020::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14706 (0x3972)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 26 14:52:45 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6308de3d-b14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:13:16:33:20:13:c6:d5:5c:b9:9b:7c:36:00:
f1:70:34:d2:2f:94:f8:bd:6d:0b:9f:1f:a3:50:61:
76:79:92:5c:ce:6e:22:ef:0b:12:f0:8c:e1:19:db:
96:cd:b7:eb:99:a1:16:67:d3:4c:7c:79:42:52:67:
c9:77:8e:67:e5:66:c2:ee:a3:9b:9d:70:ed:bb:cb:
17:57:08:ee:5b:63:ac:86:39:e0:0f:cd:08:d7:30:
cd:23:c8:37:18:16:74:cb:cf:05:70:88:7f:5f:07:
2d:a8:be:e0:b2:24:a3:36:90:38:f7:ca:4f:67:30:
32:21:1d:34:45:a8:16:7d:96:80:38:3d:54:50:bc:
24:a6:93:a4:ab:2c:a4:c5:d9:bc:27:0e:9c:57:03:
60:80:4c:6b:e6:cd:40:78:38:39:2f:40:26:3d:13:
15:18:23:21:33:0b:15:3e:b0:51:ac:c6:ab:94:6c:
ce:ca:32:24:8f:fc:81:fd:2d:41:9d:d3:83:8a:83:
43:7b:98:3f:a1:ca:f6:df:07:9f:6f:c4:71:cf:f7:
d8:f3:49:7f:18:3e:9a:ab:36:c8:dd:da:9e:74:db:
3d:b1:38:0c:d1:45:dc:ef:3e:6d:9a:1a:be:33:ab:
df:ca:b6:7b:ec:ff:45:d4:80:1e:8c:09:70:36:7d:
85:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:71:7D:61:DA:50:F6:89:DD:0A:CC:D3:1D:78:71:71:BE:C8:84:A2
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BFBA63A6E87D11EB91E73C68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.96.33.0/24
42.96.36.0/23
IPv6:
2402:5300:4020::/48
Signature Algorithm: sha256WithRSAEncryption
6e:b7:0f:f1:67:9f:a2:10:ea:57:2b:3c:74:3c:88:33:8e:e5:
6c:28:1a:c2:e2:05:99:95:f8:6c:39:91:b8:af:a8:54:4f:a0:
04:93:d6:18:7a:c9:d1:00:9f:5a:71:8f:77:5f:34:a8:f9:7d:
e8:01:d6:d6:a2:2b:0f:61:10:f5:1a:4a:5b:d1:6d:7a:ec:25:
ed:6a:9e:d0:ad:52:d9:c5:a9:2a:9f:16:8f:81:da:82:27:89:
78:7c:75:c5:3b:bb:a0:b3:3c:2e:02:b7:88:32:6d:b6:53:a5:
4f:db:97:be:28:9a:d1:fc:f9:c5:b0:d3:03:f1:c0:27:d6:65:
d9:57:be:cb:54:51:d8:e3:d1:f0:39:5c:c5:d6:3a:07:e0:c7:
ef:be:56:e3:02:88:98:0d:11:97:74:2d:d7:31:56:ee:e1:36:
23:75:e2:56:1f:dd:82:ce:1a:7f:8d:c9:f6:e1:b0:f9:ad:ac:
76:2b:e9:eb:ed:13:5e:82:9e:ef:1f:9c:f3:9e:5c:b8:59:ea:
7c:62:0e:d7:68:b0:a7:a0:15:6f:83:b8:6c:fe:66:b2:ab:08:
cf:00:81:c5:c0:e6:28:f1:df:30:bc:bb:36:9d:ee:6f:cb:ea:
c5:70:f7:62:b9:fc:74:e5:d0:3a:c7:ad:8f:f8:e2:79:85:9e:
f9:46:53:9d
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICOXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIwODI2MTQ1MjQ1WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA4ZGUzZC1iMTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvhMWMyATxtVcuZt8NgDxcDTSL5T4vW0Lnx+jUGF2eZJczm4i7wsS8IzhGduW
zbfrmaEWZ9NMfHlCUmfJd45n5WbC7qObnXDtu8sXVwjuW2OshjngD80I1zDNI8g3
GBZ0y88FcIh/XwctqL7gsiSjNpA498pPZzAyIR00RagWfZaAOD1UULwkppOkqyyk
xdm8Jw6cVwNggExr5s1AeDg5L0AmPRMVGCMhMwsVPrBRrMarlGzOyjIkj/yB/S1B
ndODioNDe5g/ocr23wefb8Rxz/fY80l/GD6aqzbI3dqedNs9sTgM0UXc7z5tmhq+
M6vfyrZ77P9F1IAejAlwNn2FUwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFHJxfWHa
UPaJ3QrM0x14cXG+yISiMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQkZCQTYzQTZF
ODdEMTFFQjkxRTczQzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAAqYCEDBAEqYCQwDwQCAAIwCQMHACQCUwBAIDANBgkqhkiG
9w0BAQsFAAOCAQEAbrcP8WefohDqVys8dDyIM47lbCgawuIFmZX4bDmRuK+oVE+g
BJPWGHrJ0QCfWnGPd180qPl96AHW1qIrD2EQ9RpKW9Fteuwl7Wqe0K1S2cWpKp8W
j4HagieJeHx1xTu7oLM8LgK3iDJttlOlT9uXviia0fz5xbDTA/HAJ9Zl2Ve+y1RR
2OPR8DlcxdY6B+DH775W4wKImA0Rl3Qt1zFW7uE2I3XiVh/dgs4af43J9uGw+a2s
divp6+0TXoKe7x+c855cuFnqfGIO12iwp6AVb4O4bP5msqsIzwCBxcDmKPHfMLy7
Np3ub8vqxXD3Yrn8dOXQOsetj/jieYWe+UZTnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org