Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/D24E0BF66C9011ED9AAF427AC4F9AE02.roa
File: D24E0BF66C9011ED9AAF427AC4F9AE02.roa (raw, json)
Hash identifier: QnhcGvysBT/amyNJBqjF1RBJua1B36f6Ryo70ZSeYHI=
Subject key identifier: 97:14:29:7A:3C:32:BF:81:61:B3:D1:9B:01:C4:FF:B7:3A:E2:A8:44
Certificate issuer: /CN=A91AC4FA/serialNumber=8AF7D8B864FD90452FFD6DE93B51456C79EFB3C7
Certificate serial: 06
Authority key identifier: 8A:F7:D8:B8:64:FD:90:45:2F:FD:6D:E9:3B:51:45:6C:79:EF:B3:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ivfYuGT9kEUv_W3pO1FFbHnvs8c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/D24E0BF66C9011ED9AAF427AC4F9AE02.roa
Signing time: Fri 25 Nov 2022 07:34:14 +0000
ROA not before: Fri 25 Nov 2022 07:34:14 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 17765
IP address blocks: 203.4.188.0/23 maxlen: 24
203.4.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AC4FA/serialNumber=8AF7D8B864FD90452FFD6DE93B51456C79EFB3C7
Validity
Not Before: Nov 25 07:34:14 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=63806ff5-267f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:a5:3b:21:9e:98:d8:b0:56:9c:43:3a:c8:
12:a3:31:99:95:c9:35:89:25:72:98:bf:e9:d8:44:
e1:5c:51:55:96:6a:68:a0:08:93:cc:a8:8b:84:b0:
84:cf:32:1d:8c:c9:7d:82:3c:e4:52:0c:b1:61:19:
5e:1d:0a:ef:02:ef:cf:32:27:43:0b:ac:d3:40:9b:
68:b5:d9:49:14:6f:a4:e5:0c:9e:84:b9:ce:43:db:
0f:d2:6b:e1:84:18:d5:ff:79:e8:50:d1:48:8d:3f:
15:74:1a:71:5e:17:48:e5:ee:61:3b:7f:f9:77:6e:
30:24:05:f6:b9:15:f7:95:97:55:36:62:e3:10:74:
27:9c:10:a7:b1:46:fe:11:6c:8a:09:96:df:d8:83:
e8:62:aa:ef:f7:b6:f7:e0:d5:d4:82:a8:3f:68:2f:
80:a8:f4:96:01:7e:cc:6e:07:21:f2:e8:ce:7f:fc:
04:67:2d:18:e5:38:8d:8d:30:b5:93:d2:ba:af:5a:
d1:f7:9d:44:f6:a0:f6:61:7e:e0:f7:17:9e:8a:b0:
20:86:4e:e9:08:08:c5:2b:85:8c:c2:ff:aa:fb:5f:
8e:1b:63:bf:5a:31:e5:a1:db:58:b2:d7:ec:85:5b:
87:a7:fe:57:b5:67:59:f9:b0:17:99:73:c0:dc:c0:
6c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:14:29:7A:3C:32:BF:81:61:B3:D1:9B:01:C4:FF:B7:3A:E2:A8:44
X509v3 Authority Key Identifier:
keyid:8A:F7:D8:B8:64:FD:90:45:2F:FD:6D:E9:3B:51:45:6C:79:EF:B3:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/ivfYuGT9kEUv_W3pO1FFbHnvs8c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ivfYuGT9kEUv_W3pO1FFbHnvs8c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AC4FA/37CB87986C8B11ED87AFF571C4F9AE02/D24E0BF66C9011ED9AAF427AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.4.188.0/23
203.4.191.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:d1:49:c4:51:2e:86:f3:8d:99:54:92:35:36:a6:e5:7b:6e:
df:56:13:82:6c:fa:fb:19:d4:e2:3d:70:0f:9a:2b:68:77:1e:
54:1a:62:5f:75:5f:65:5c:de:aa:03:92:00:50:89:bf:85:2f:
ea:e7:19:90:47:4a:20:80:61:5e:39:c9:d1:a5:79:8e:7e:6d:
8e:e7:30:8c:b4:86:ed:25:49:2d:dd:f6:ae:84:35:c7:0e:e0:
d5:1b:41:38:4e:6a:32:07:e5:71:42:6d:fb:60:a2:9a:35:f1:
6c:db:78:5a:91:bc:15:ef:8c:a5:14:d9:32:7c:a0:59:b8:ac:
10:1c:50:e6:af:42:7e:ea:1b:44:cf:f5:0c:0e:f9:e1:8b:4e:
32:7a:bd:95:b4:28:7b:7a:3e:7e:78:5d:5b:38:47:9a:86:cd:
77:af:63:5d:e6:71:87:5f:3b:37:dd:da:32:1e:60:d8:03:5f:
ee:8d:0c:85:4c:9e:0e:43:f0:e1:3e:b4:72:df:2c:cb:d2:c2:
3d:b5:91:81:68:ed:0b:32:72:72:e5:83:3b:8b:39:a8:3f:7b:
d4:9f:79:e5:f8:f4:54:4c:b6:e3:e7:9d:af:54:d9:39:a5:9d:
63:97:de:11:0d:c8:49:81:65:15:5c:40:c7:c8:26:3d:d3:81:
8a:3d:b0:62
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QzRGQTExMC8GA1UEBRMoOEFGN0Q4Qjg2NEZEOTA0NTJGRkQ2REU5M0I1MTQ1NkM3
OUVGQjNDNzAeFw0yMjExMjUwNzM0MTRaFw0yMzA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzODA2ZmY1LTI2N2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVuqU7IZ6Y2LBWnEM6yBKjMZmVyTWJJXKYv+nYROFcUVWWamigCJPMqIuEsITP
Mh2MyX2CPORSDLFhGV4dCu8C788yJ0MLrNNAm2i12UkUb6TlDJ6Euc5D2w/Sa+GE
GNX/eehQ0UiNPxV0GnFeF0jl7mE7f/l3bjAkBfa5FfeVl1U2YuMQdCecEKexRv4R
bIoJlt/Yg+hiqu/3tvfg1dSCqD9oL4Co9JYBfsxuByHy6M5//ARnLRjlOI2NMLWT
0rqvWtH3nUT2oPZhfuD3F56KsCCGTukICMUrhYzC/6r7X44bY79aMeWh21iy1+yF
W4en/le1Z1n5sBeZc8DcwGzPAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUlxQpejwy
v4Fhs9GbAcT/tzriqEQwHwYDVR0jBBgwFoAUivfYuGT9kEUv/W3pO1FFbHnvs8cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFDNEZBLzM3Q0I4Nzk4NkM4
QjExRUQ4N0FGRjU3MUM0RjlBRTAyL2l2Zll1R1Q5a0VVdl9XM3BPMUZGYkhudnM4
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaXZmWXVHVDlrRVV2X1czcE8xRkZiSG52czhjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QzRGQS8zN0NCODc5ODZDOEIxMUVEODdBRkY1NzFDNEY5QUUwMi9EMjRFMEJGNjZD
OTAxMUVEOUFBRjQyN0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAcsEvAMEAMsEvzANBgkqhkiG9w0BAQsFAAOCAQEAC9FJxFEu
hvONmVSSNTam5Xtu31YTgmz6+xnU4j1wD5oraHceVBpiX3VfZVzeqgOSAFCJv4Uv
6ucZkEdKIIBhXjnJ0aV5jn5tjucwjLSG7SVJLd32roQ1xw7g1RtBOE5qMgflcUJt
+2CimjXxbNt4WpG8Fe+MpRTZMnygWbisEBxQ5q9CfuobRM/1DA754YtOMnq9lbQo
e3o+fnhdWzhHmobNd69jXeZxh187N93aMh5g2ANf7o0MhUyeDkPw4T60ct8sy9LC
PbWRgWjtCzJycuWDO4s5qD971J955fj0VEy24+edr1TZOaWdY5feEQ3ISYFlFVxA
x8gmPdOBij2wYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org