Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/60585C8671C211ED83688159C4F9AE02.roa
File: 60585C8671C211ED83688159C4F9AE02.roa (raw, json)
Hash identifier: ZyLivM8flbOnKT4QckkXGT377ZToZ9SKvntohQwBSAw=
Subject key identifier: 53:FA:F3:19:05:F4:AC:F8:FA:97:1F:95:5F:C8:F9:BE:C2:97:34:E6
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: 0338
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/60585C8671C211ED83688159C4F9AE02.roa
Signing time: Fri 23 Dec 2022 03:22:19 +0000
ROA not before: Fri 23 Dec 2022 03:22:19 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 212384
IP address blocks: 202.43.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 824 (0x338)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Validity
Not Before: Dec 23 03:22:19 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63a51eeb-ea20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b0:55:e4:1e:aa:a3:d0:ea:2d:0e:13:aa:c8:
a7:58:e4:de:4d:6a:b7:cc:c7:84:5c:2c:84:62:f3:
d7:e0:cb:17:e3:f4:fa:ee:6e:0d:1b:86:09:bf:38:
bb:39:14:cf:48:bf:6e:cf:48:f0:93:81:9e:00:8e:
3a:2d:11:40:ab:82:8d:cf:9c:60:93:cd:2e:6f:67:
48:b5:f8:bf:54:fe:20:98:39:75:8d:f2:ec:5a:bb:
49:fb:dd:58:32:98:cf:b4:eb:d0:ed:af:d8:ae:9a:
11:d3:65:7e:cb:f7:5b:83:6b:35:21:9c:14:07:e1:
af:b0:f7:7a:81:87:25:68:82:66:df:3c:c9:0f:6a:
de:83:21:db:46:d2:70:32:98:34:6a:94:1a:20:01:
57:e2:10:92:b9:60:d6:2e:8d:62:e3:2c:d4:50:6c:
12:7d:25:89:bc:c5:93:85:62:45:4b:83:e8:fe:d8:
2c:2f:28:37:f1:3d:4f:41:6f:cc:2f:5a:8f:ae:ab:
4e:86:49:9c:6a:60:b1:a5:63:98:f2:69:27:4a:c3:
40:a0:ff:9e:84:64:6c:21:61:81:fa:43:48:7a:99:
b0:33:f7:1e:29:47:bd:f6:05:15:ed:8a:05:94:5c:
9a:b0:f1:4e:17:a5:c0:f6:12:0f:42:ac:fa:16:88:
cd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FA:F3:19:05:F4:AC:F8:FA:97:1F:95:5F:C8:F9:BE:C2:97:34:E6
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/60585C8671C211ED83688159C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.7.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ba:cc:81:bb:94:1f:4e:0b:90:ce:ac:73:a3:72:41:7e:dc:
10:93:4b:68:76:f8:86:ee:7a:31:ae:22:c6:11:04:5f:67:26:
a2:d3:02:d9:dc:44:06:b6:a4:03:55:a8:2b:74:f0:b3:e6:e7:
0f:c2:38:dc:f8:e1:51:16:e8:ce:5f:17:e6:51:d1:f9:8e:9a:
69:1b:e1:b6:27:55:4b:a3:41:22:85:73:b5:dd:25:60:bc:4a:
dd:f2:15:3e:8b:71:7a:5c:fb:ee:a3:26:e5:3a:7e:92:e1:5b:
64:73:b8:ba:be:11:0d:f5:8f:77:a7:4b:25:7d:7f:fd:b4:6c:
75:48:2f:da:cf:b7:48:8a:eb:3f:43:02:d2:59:93:dc:c8:de:
9e:e0:80:0f:b6:be:1b:38:2f:0d:88:58:d8:82:74:48:e0:77:
74:4e:78:f1:1c:1e:df:4e:5a:6a:57:20:1f:e8:a6:b2:d7:6a:
b8:07:03:93:89:76:62:e0:22:42:2f:ad:ce:33:c1:71:c4:81:
cf:f8:79:3a:24:d3:bb:eb:62:da:08:fb:b4:02:65:f0:55:7d:
ac:2e:f6:a7:75:42:e8:a9:3e:e3:d8:a2:f0:7c:00:4e:b3:f3:
8d:58:35:a3:ae:30:ac:91:dc:ec:ab:a5:20:6d:de:6e:ab:36:
52:b1:49:b8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAzgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjIxMjIzMDMyMjE5WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E1MWVlYi1lYTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnrBV5B6qo9DqLQ4TqsinWOTeTWq3zMeEXCyEYvPX4MsX4/T67m4NG4YJvzi7
ORTPSL9uz0jwk4GeAI46LRFAq4KNz5xgk80ub2dItfi/VP4gmDl1jfLsWrtJ+91Y
MpjPtOvQ7a/YrpoR02V+y/dbg2s1IZwUB+GvsPd6gYclaIJm3zzJD2regyHbRtJw
Mpg0apQaIAFX4hCSuWDWLo1i4yzUUGwSfSWJvMWThWJFS4Po/tgsLyg38T1PQW/M
L1qPrqtOhkmcamCxpWOY8mknSsNAoP+ehGRsIWGB+kNIepmwM/ceKUe99gUV7YoF
lFyasPFOF6XA9hIPQqz6FojNQwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFP68xkF
9Kz4+pcflV/I+b7ClzTmMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvNjA1ODVDODY3
MUMyMTFFRDgzNjg4MTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwcwDQYJKoZIhvcNAQELBQADggEBAGq6zIG7lB9OC5DO
rHOjckF+3BCTS2h2+IbuejGuIsYRBF9nJqLTAtncRAa2pANVqCt08LPm5w/CONz4
4VEW6M5fF+ZR0fmOmmkb4bYnVUujQSKFc7XdJWC8St3yFT6LcXpc++6jJuU6fpLh
W2RzuLq+EQ31j3enSyV9f/20bHVIL9rPt0iK6z9DAtJZk9zI3p7ggA+2vhs4Lw2I
WNiCdEjgd3ROePEcHt9OWmpXIB/oprLXargHA5OJdmLgIkIvrc4zwXHEgc/4eTok
07vrYtoI+7QCZfBVfawu9qd1QuipPuPYovB8AE6z841YNaOuMKyR3OyrpSBt3m6r
NlKxSbg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org