Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A621627E4EA211EC9AEBA24CC4F9AE02.roa
File: A621627E4EA211EC9AEBA24CC4F9AE02.roa (raw, json)
Hash identifier: h8KLij9y1SARC4uHNzfnsgmQYv5D6e5y6S3T5gWV8Bs=
Subject key identifier: 7C:38:1E:26:1D:D6:72:B7:5A:A7:17:16:91:B0:FB:69:A9:79:FD:C2
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: C7
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A621627E4EA211EC9AEBA24CC4F9AE02.roa
Signing time: Thu 30 Dec 2021 01:22:18 +0000
ROA not before: Thu 30 Dec 2021 01:22:18 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 25369
IP address blocks: 202.43.5.0/24 maxlen: 24
202.43.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199 (0xc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Validity
Not Before: Dec 30 01:22:18 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61cd09ca-4659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9d:87:39:4c:4a:d9:c3:2c:66:2d:9e:d1:42:
98:36:98:a3:34:bd:fd:c3:87:f8:35:7f:8d:77:9c:
3a:45:13:f3:44:9f:e6:3b:6f:98:85:b5:0d:22:e5:
65:73:80:26:29:c3:94:93:f1:2d:50:3c:ff:96:46:
57:97:20:21:99:8f:25:52:f3:22:25:8f:6f:bc:a1:
33:09:66:18:0d:48:2a:27:86:35:b4:7f:44:59:6c:
27:d0:a0:bf:b7:98:e7:2a:6f:96:31:06:ba:87:59:
39:df:23:cf:a0:f5:08:d7:39:39:18:ac:2a:31:68:
2c:b8:94:80:f3:08:d0:e1:53:e1:e0:bc:0a:8c:83:
26:1e:fe:38:18:9a:6d:19:f8:9e:64:00:fa:03:0f:
8f:12:f1:c7:b5:c7:b9:ba:31:a8:8e:2d:42:c2:84:
d9:cf:d4:fa:8d:dd:6b:f5:1b:17:71:fe:9a:9b:86:
f5:a0:2a:77:cb:2d:c8:c0:91:ac:e3:a2:02:8a:0a:
c1:de:c0:d4:05:db:e1:c9:7a:b4:26:ce:00:28:22:
98:0b:c7:49:16:70:8a:5c:28:3b:78:ee:8b:50:fb:
bb:9c:63:cc:10:53:8c:fa:29:7b:68:0e:af:49:fa:
58:b3:7c:c0:21:2e:8b:4b:50:28:db:00:e6:93:7c:
74:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:38:1E:26:1D:D6:72:B7:5A:A7:17:16:91:B0:FB:69:A9:79:FD:C2
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A621627E4EA211EC9AEBA24CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.5.0-202.43.6.255
Signature Algorithm: sha256WithRSAEncryption
39:01:57:66:da:11:0c:7b:cb:0d:3d:9f:57:a3:ba:73:6f:87:
c8:b0:b6:4b:a4:a3:d2:4c:fc:2b:8c:19:42:0d:ae:99:e0:c6:
8f:08:f0:9b:57:fc:80:60:a3:4a:29:8f:6b:f3:d4:45:f5:a5:
4f:9b:f3:78:1c:f3:81:4d:77:7c:03:97:12:34:eb:0d:be:65:
29:7a:ae:dc:30:9e:06:21:75:9e:d5:c1:2d:2e:3f:d6:51:80:
57:e3:39:03:b0:b5:eb:81:9a:89:72:57:ec:f6:a1:5e:77:08:
d4:6d:52:b6:5e:4c:e8:03:ab:64:ab:9b:6c:37:f1:a8:b1:e3:
f6:08:16:f6:32:d7:5c:a1:4f:10:0b:8f:8a:16:97:58:16:4d:
69:a6:bf:8f:21:72:29:25:8a:1a:d1:52:8a:97:f0:35:57:5a:
4a:6c:44:35:1b:81:0b:50:ff:45:d6:2c:a6:08:22:6e:e6:f4:
c7:33:06:0c:2f:5b:9c:d6:fb:f8:63:77:a3:bf:a8:06:ec:97:
54:ca:7b:ed:8f:26:e9:80:93:bc:aa:89:e7:6b:13:d8:a1:b9:
c8:2e:3f:e0:45:17:c7:f2:e0:de:c4:00:9c:fd:7e:bc:94:6e:
39:5a:53:4e:92:51:6a:f8:41:cc:85:b8:e7:c7:e5:bb:20:df:
3a:67:f4:b8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjExMjMwMDEyMjE4WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNkMDljYS00NjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz52HOUxK2cMsZi2e0UKYNpijNL39w4f4NX+Nd5w6RRPzRJ/mO2+YhbUNIuVl
c4AmKcOUk/EtUDz/lkZXlyAhmY8lUvMiJY9vvKEzCWYYDUgqJ4Y1tH9EWWwn0KC/
t5jnKm+WMQa6h1k53yPPoPUI1zk5GKwqMWgsuJSA8wjQ4VPh4LwKjIMmHv44GJpt
GfieZAD6Aw+PEvHHtce5ujGoji1CwoTZz9T6jd1r9RsXcf6am4b1oCp3yy3IwJGs
46ICigrB3sDUBdvhyXq0Js4AKCKYC8dJFnCKXCg7eO6LUPu7nGPMEFOM+il7aA6v
SfpYs3zAIS6LS1Ao2wDmk3x0gwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFHw4HiYd
1nK3WqcXFpGw+2mpef3CMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvQTYyMTYyN0U0
RUEyMTFFQzlBRUJBMjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMorBQMEAMorBjANBgkqhkiG9w0BAQsFAAOCAQEAOQFX
ZtoRDHvLDT2fV6O6c2+HyLC2S6Sj0kz8K4wZQg2umeDGjwjwm1f8gGCjSimPa/PU
RfWlT5vzeBzzgU13fAOXEjTrDb5lKXqu3DCeBiF1ntXBLS4/1lGAV+M5A7C164Ga
iXJX7PahXncI1G1Stl5M6AOrZKubbDfxqLHj9ggW9jLXXKFPEAuPihaXWBZNaaa/
jyFyKSWKGtFSipfwNVdaSmxENRuBC1D/RdYspggibub0xzMGDC9bnNb7+GN3o7+o
BuyXVMp77Y8m6YCTvKqJ52sT2KG5yC4/4EUXx/Lg3sQAnP1+vJRuOVpTTpJRavhB
zIW458fluyDfOmf0uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org