Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/78C8CD90F79D11ECAFF03840C4F9AE02.roa
File: 78C8CD90F79D11ECAFF03840C4F9AE02.roa (raw, json)
Hash identifier: IYpPhhFFlkHXP+/SO7JNmVHEG2S4pfKf8DzBdPzg1+0=
Subject key identifier: D9:F0:C1:62:57:D4:AC:8F:90:6D:C1:41:65:DE:07:36:CA:C2:AF:F7
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: 0246
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/78C8CD90F79D11ECAFF03840C4F9AE02.roa
Signing time: Wed 29 Jun 2022 11:20:25 +0000
ROA not before: Wed 29 Jun 2022 11:20:25 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 22653
IP address blocks: 202.43.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 582 (0x246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Validity
Not Before: Jun 29 11:20:25 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=62bc3579-4933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2d:ad:d2:2a:7a:aa:8c:0f:49:11:4e:9f:4f:
5c:c7:3e:40:88:ff:ba:04:53:7f:f6:23:2a:c0:62:
d9:fa:b5:e3:d5:cc:86:14:17:fa:ac:9a:2d:18:fe:
10:1b:1e:7e:8c:b9:d8:a4:4a:26:4d:34:40:1a:f9:
94:8a:89:5c:24:98:d8:3d:64:74:56:74:87:65:1e:
e9:8a:74:ca:81:54:b1:52:76:74:42:3f:d8:7d:23:
99:ec:26:e0:60:89:c7:72:70:36:e9:ff:51:6d:5a:
d1:dc:53:44:c7:13:56:a9:a6:bb:96:e7:9d:c3:b7:
e3:84:9d:0b:fa:93:77:61:7a:4a:7b:1f:56:44:6b:
d2:7d:4b:2e:8c:1a:de:be:b8:34:a3:26:42:ce:a9:
bf:b9:1f:4a:49:20:56:39:04:8b:a4:7b:0f:da:a8:
9f:6a:c1:d4:ad:9a:4d:bc:8f:03:01:4f:83:c8:dd:
b3:08:0c:72:db:46:68:1b:2e:b1:25:6f:1a:09:94:
5c:b0:74:67:fc:46:24:13:1b:7c:6b:5c:59:6a:ba:
3e:82:bb:b0:04:2f:a2:84:f1:a3:c4:be:15:1d:79:
7c:e5:8f:14:da:36:6a:bd:3f:5d:a8:0b:6f:0a:9d:
03:59:eb:c9:1b:1a:d5:92:aa:21:2e:f8:cb:b9:8f:
d9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F0:C1:62:57:D4:AC:8F:90:6D:C1:41:65:DE:07:36:CA:C2:AF:F7
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/78C8CD90F79D11ECAFF03840C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.7.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:51:3c:c3:f3:89:ed:79:d2:7e:f8:49:05:52:52:d7:23:fa:
24:90:bb:d0:37:71:f0:3a:6a:a0:fa:40:e1:d0:a8:c9:13:c2:
c8:dc:b4:5f:fc:1e:08:71:b3:6c:bb:9e:ca:1e:1c:ab:66:f8:
0d:e6:77:b1:ec:35:d7:a9:47:6f:c4:2c:5e:07:70:f5:e4:e7:
7e:75:53:6a:22:75:5c:d9:f8:79:03:75:b2:5f:fd:f0:29:ef:
4e:e3:d5:43:2f:b4:4a:60:51:ce:4f:29:48:fc:a2:89:94:67:
68:2f:64:95:b6:a0:aa:f6:7a:ec:f9:91:23:3f:1d:a3:56:59:
06:d5:7b:f2:6c:3b:85:a9:c7:48:e3:1c:db:95:30:b5:9f:b8:
a6:6b:42:c9:ba:6b:0e:9c:d4:d4:4b:2b:f1:7d:b6:70:92:db:
60:77:0c:26:8e:83:a6:09:86:48:a3:a3:74:df:f7:f6:43:7b:
c6:4e:56:a0:a3:27:1a:f2:68:e8:52:56:a1:0d:cb:24:1d:0c:
b0:ae:cf:76:98:d1:a4:2a:b7:1b:c1:0b:a1:58:72:36:65:a5:
2d:f2:49:8c:c4:7a:40:dc:cf:d5:a6:af:bb:15:72:6c:f4:c3:
b7:c3:d9:49:c9:6c:81:b5:a6:e9:03:ff:a9:8c:64:20:a8:35:
57:83:ba:10
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAkYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjIwNjI5MTEyMDI1WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJjMzU3OS00OTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqy2t0ip6qowPSRFOn09cxz5AiP+6BFN/9iMqwGLZ+rXj1cyGFBf6rJotGP4Q
Gx5+jLnYpEomTTRAGvmUiolcJJjYPWR0VnSHZR7pinTKgVSxUnZ0Qj/YfSOZ7Cbg
YInHcnA26f9RbVrR3FNExxNWqaa7luedw7fjhJ0L+pN3YXpKex9WRGvSfUsujBre
vrg0oyZCzqm/uR9KSSBWOQSLpHsP2qifasHUrZpNvI8DAU+DyN2zCAxy20ZoGy6x
JW8aCZRcsHRn/EYkExt8a1xZaro+gruwBC+ihPGjxL4VHXl85Y8U2jZqvT9dqAtv
Cp0DWevJGxrVkqohLvjLuY/ZnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNnwwWJX
1KyPkG3BQWXeBzbKwq/3MB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvNzhDOENEOTBG
NzlEMTFFQ0FGRjAzODQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwcwDQYJKoZIhvcNAQELBQADggEBAMpRPMPzie150n74
SQVSUtcj+iSQu9A3cfA6aqD6QOHQqMkTwsjctF/8Hghxs2y7nsoeHKtm+A3md7Hs
NdepR2/ELF4HcPXk5351U2oidVzZ+HkDdbJf/fAp707j1UMvtEpgUc5PKUj8oomU
Z2gvZJW2oKr2euz5kSM/HaNWWQbVe/JsO4Wpx0jjHNuVMLWfuKZrQsm6aw6c1NRL
K/F9tnCS22B3DCaOg6YJhkijo3Tf9/ZDe8ZOVqCjJxryaOhSVqENyyQdDLCuz3aY
0aQqtxvBC6FYcjZlpS3ySYzEekDcz9Wmr7sVcmz0w7fD2UnJbIG1pukD/6mMZCCo
NVeDuhA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:03 2023 by rpki-client on console-fra.rpki-client.org