Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/63ACA3F0B6C511ECB7F59412C4F9AE02.roa
File: 63ACA3F0B6C511ECB7F59412C4F9AE02.roa (raw, json)
Hash identifier: izZ7KuaQhUOdZ4KMXNL+boxvZRRDdPgvA1lMMyvuVXg=
Subject key identifier: 1C:42:4F:CC:1C:7B:D0:3A:60:29:0B:C2:C6:41:AC:26:64:82:4F:75
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: 019C
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/63ACA3F0B6C511ECB7F59412C4F9AE02.roa
Signing time: Thu 07 Apr 2022 22:52:24 +0000
ROA not before: Thu 07 Apr 2022 22:52:24 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 49999
IP address blocks: 202.43.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412 (0x19c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Validity
Not Before: Apr 7 22:52:24 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=624f6b28-5706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:44:1c:92:62:66:9f:e2:d6:ea:9e:ea:b3:ea:
48:02:9b:af:3b:44:a2:13:e5:6c:aa:08:92:15:fc:
81:ce:1a:fa:0f:ed:03:fc:b5:83:6f:87:d9:22:f3:
45:2a:60:80:78:3c:9f:ef:aa:af:6d:eb:8a:32:9b:
47:78:2b:a6:6a:20:3b:ee:99:1e:c8:25:cf:09:7b:
53:85:31:1c:84:bb:1e:0a:a1:77:d6:7f:5e:84:d0:
92:be:3f:d8:f2:44:fc:3a:77:65:a0:ff:7f:0f:53:
29:21:52:7f:52:39:fa:87:2e:3f:ca:23:63:3c:d0:
13:f6:8e:27:ea:f8:58:0f:8e:2a:81:9f:92:28:d2:
73:4f:c9:3f:53:8e:60:31:b9:a4:d3:ef:2d:3f:04:
f3:e7:16:6d:cb:0c:b3:a6:72:04:4b:05:15:27:32:
f8:fa:26:0b:ac:71:56:83:71:7d:0f:50:25:12:18:
86:c7:6d:f4:9c:17:70:8a:a1:5e:4b:0c:71:1d:95:
f5:f1:63:6b:5f:e8:e4:b7:2c:22:92:99:f6:6f:04:
70:e1:74:12:5c:58:60:84:4c:f4:92:3d:3c:05:c5:
67:71:4a:b8:5d:0c:68:ba:9d:86:84:6a:0d:ce:65:
13:a1:97:7a:4e:87:25:28:47:e1:6e:67:47:78:74:
e2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:42:4F:CC:1C:7B:D0:3A:60:29:0B:C2:C6:41:AC:26:64:82:4F:75
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/63ACA3F0B6C511ECB7F59412C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.7.0/24
Signature Algorithm: sha256WithRSAEncryption
11:81:11:5d:2e:85:3b:c9:f5:13:dd:8a:8d:6d:39:86:ab:93:
1d:26:90:dc:3c:87:47:ae:30:93:b7:99:36:2a:e1:1f:97:97:
91:d4:ce:9a:03:ec:26:25:eb:38:4c:35:da:eb:1b:64:c0:0d:
10:11:c1:ca:c6:ff:2e:64:6f:bb:ef:da:27:76:4d:d9:2a:78:
e7:42:53:40:d6:f3:03:c1:43:8f:be:c5:e5:4c:82:14:dc:d8:
cf:59:5a:43:59:32:97:d9:aa:b9:a6:e4:de:c6:11:cc:f9:e6:
b6:fd:51:67:95:78:59:08:f6:3c:91:9e:c9:0a:dd:40:f3:80:
30:04:39:28:67:06:85:18:3f:4a:95:10:10:d7:0c:77:86:be:
b1:91:8a:03:91:2a:79:f8:1e:3f:01:b2:60:bc:b0:35:af:b8:
19:4a:39:e7:d9:1f:0b:14:51:7b:4f:58:43:6f:8c:1c:25:6c:
fb:43:3e:79:e2:45:2f:72:8a:32:61:e4:91:e5:51:ea:58:30:
bb:74:78:1f:54:fc:8d:fc:d0:83:f5:b5:4a:59:3e:4a:ef:15:
3f:19:65:56:46:50:d3:5e:bc:a2:c3:6b:8a:21:e2:d1:a4:a9:
d3:5b:ec:65:fd:a4:c8:11:a1:68:b6:dc:ff:4a:ef:1b:f4:f2:
3f:cb:59:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjIwNDA3MjI1MjI0WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRmNmIyOC01NzA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy0QckmJmn+LW6p7qs+pIApuvO0SiE+VsqgiSFfyBzhr6D+0D/LWDb4fZIvNF
KmCAeDyf76qvbeuKMptHeCumaiA77pkeyCXPCXtThTEchLseCqF31n9ehNCSvj/Y
8kT8OndloP9/D1MpIVJ/Ujn6hy4/yiNjPNAT9o4n6vhYD44qgZ+SKNJzT8k/U45g
Mbmk0+8tPwTz5xZtywyzpnIESwUVJzL4+iYLrHFWg3F9D1AlEhiGx230nBdwiqFe
SwxxHZX18WNrX+jktywikpn2bwRw4XQSXFhghEz0kj08BcVncUq4XQxoup2GhGoN
zmUToZd6ToclKEfhbmdHeHTivQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBxCT8wc
e9A6YCkLwsZBrCZkgk91MB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvNjNBQ0EzRjBC
NkM1MTFFQ0I3RjU5NDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwcwDQYJKoZIhvcNAQELBQADggEBABGBEV0uhTvJ9RPd
io1tOYarkx0mkNw8h0euMJO3mTYq4R+Xl5HUzpoD7CYl6zhMNdrrG2TADRARwcrG
/y5kb7vv2id2TdkqeOdCU0DW8wPBQ4++xeVMghTc2M9ZWkNZMpfZqrmm5N7GEcz5
5rb9UWeVeFkI9jyRnskK3UDzgDAEOShnBoUYP0qVEBDXDHeGvrGRigORKnn4Hj8B
smC8sDWvuBlKOefZHwsUUXtPWENvjBwlbPtDPnniRS9yijJh5JHlUepYMLt0eB9U
/I380IP1tUpZPkrvFT8ZZVZGUNNevKLDa4oh4tGkqdNb7GX9pMgRoWi23P9K7xv0
8j/LWQc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:03 2023 by rpki-client on console-fra.rpki-client.org