Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A67C8F044C9611ECAEA16870C4F9AE02.roa
File: A67C8F044C9611ECAEA16870C4F9AE02.roa (raw, json)
Hash identifier: gkKiXfFDjeMjGMKxzmBtVm8RqCO58PTIlovfBAz32qk=
Subject key identifier: CF:3C:A5:86:19:C1:34:D4:60:90:22:D2:D3:4F:D0:60:BD:9B:B0:21
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: B1
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A67C8F044C9611ECAEA16870C4F9AE02.roa
Signing time: Wed 22 Dec 2021 03:42:10 +0000
ROA not before: Wed 22 Dec 2021 03:42:10 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 209371
IP address blocks: 202.43.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177 (0xb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Validity
Not Before: Dec 22 03:42:10 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61c29e91-45fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:37:d9:2c:c7:b4:c0:28:16:77:a8:6d:25:af:
a3:20:f3:0a:53:b0:3b:fa:f4:02:b6:88:06:5f:ff:
68:8f:1c:d9:67:a3:bf:75:0b:0d:e0:03:2f:11:f1:
23:61:02:f4:5c:6d:8a:44:5f:a7:1f:cf:2b:a2:a6:
dd:98:41:d0:84:6d:12:f7:8e:b8:cf:e0:d0:57:0d:
44:e3:fa:91:a5:0e:d6:4c:59:04:c2:7c:e9:cf:12:
5a:07:6e:ad:61:a7:f4:64:65:4d:2b:c1:5a:2a:78:
a7:a4:38:ea:c7:eb:d7:37:33:c7:02:21:5e:d1:94:
8c:e1:90:f2:b5:20:0d:d5:8a:6f:22:c8:08:a5:94:
ba:e7:84:36:b0:3d:71:5d:af:00:77:ad:84:dc:5b:
21:47:2d:bb:79:e9:e0:dc:08:a8:2a:46:1c:29:1d:
63:a0:5b:18:b5:c5:49:b5:60:fd:b6:7b:19:aa:ef:
64:95:05:30:6c:63:fe:8e:8d:63:ee:86:76:08:ca:
c9:3f:40:fd:e7:a0:96:7d:1c:4c:1d:2d:1b:dc:d9:
b2:be:3c:ab:00:51:fc:57:92:a7:d3:cc:95:11:1f:
9f:34:62:80:dd:bb:54:17:e7:d8:34:0d:f0:e6:82:
1c:01:5f:5b:0c:b1:6f:09:46:1c:5e:c7:1c:a2:3e:
ab:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3C:A5:86:19:C1:34:D4:60:90:22:D2:D3:4F:D0:60:BD:9B:B0:21
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/A67C8F044C9611ECAEA16870C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.4.0/24
Signature Algorithm: sha256WithRSAEncryption
24:e1:29:fd:61:57:56:cb:20:21:43:43:66:6a:8f:83:73:ed:
63:bf:92:51:19:bf:f4:aa:ce:77:8b:e1:a2:73:f3:9e:00:fe:
f1:fd:ca:c7:9c:fe:8d:8e:a0:48:5b:70:90:77:b4:8f:da:33:
54:c4:96:92:d7:08:aa:0a:b6:b5:26:6b:b0:a1:39:1f:ae:2e:
bd:bc:cb:bd:e6:43:16:d3:92:7c:b5:41:0c:5b:84:89:4e:00:
9b:fd:94:74:26:50:94:a6:b4:e3:d6:22:36:28:20:dd:6f:f2:
c8:17:34:b0:e9:45:ce:40:22:ce:0b:a1:81:8a:ee:91:c9:50:
5c:c7:68:a9:45:52:87:9c:25:02:88:4c:35:1e:63:51:87:99:
91:f5:cd:ce:36:bd:60:1e:63:b5:f9:59:c4:22:78:0b:9d:8b:
db:21:dc:dd:1c:9a:69:c3:aa:d9:b0:e6:53:b3:7d:82:27:74:
d9:27:46:83:3c:49:9e:88:74:69:b9:76:ca:31:6b:9f:bd:af:
48:e2:fa:49:34:01:69:7e:5d:14:4b:1f:80:ef:e3:a0:9e:67:
d6:87:c8:d4:fd:46:e8:9f:f4:b0:6b:48:0f:9b:6e:f6:fc:f3:
f2:56:71:c0:14:66:75:9b:5d:ea:21:b5:0f:b1:3b:01:ba:b7:
da:6c:bf:67
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjExMjIyMDM0MjEwWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWMyOWU5MS00NWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6jfZLMe0wCgWd6htJa+jIPMKU7A7+vQCtogGX/9ojxzZZ6O/dQsN4AMvEfEj
YQL0XG2KRF+nH88roqbdmEHQhG0S9464z+DQVw1E4/qRpQ7WTFkEwnzpzxJaB26t
Yaf0ZGVNK8FaKninpDjqx+vXNzPHAiFe0ZSM4ZDytSAN1YpvIsgIpZS654Q2sD1x
Xa8Ad62E3FshRy27eeng3AioKkYcKR1joFsYtcVJtWD9tnsZqu9klQUwbGP+jo1j
7oZ2CMrJP0D956CWfRxMHS0b3NmyvjyrAFH8V5Kn08yVER+fNGKA3btUF+fYNA3w
5oIcAV9bDLFvCUYcXsccoj6rYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM88pYYZ
wTTUYJAi0tNP0GC9m7AhMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvQTY3QzhGMDQ0
Qzk2MTFFQ0FFQTE2ODcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwQwDQYJKoZIhvcNAQELBQADggEBACThKf1hV1bLICFD
Q2Zqj4Nz7WO/klEZv/SqzneL4aJz854A/vH9ysec/o2OoEhbcJB3tI/aM1TElpLX
CKoKtrUma7ChOR+uLr28y73mQxbTkny1QQxbhIlOAJv9lHQmUJSmtOPWIjYoIN1v
8sgXNLDpRc5AIs4LoYGK7pHJUFzHaKlFUoecJQKITDUeY1GHmZH1zc42vWAeY7X5
WcQieAudi9sh3N0cmmnDqtmw5lOzfYIndNknRoM8SZ6IdGm5dsoxa5+9r0ji+kk0
AWl+XRRLH4Dv46CeZ9aHyNT9Ruif9LBrSA+bbvb88/JWccAUZnWbXeohtQ+xOwG6
t9psv2c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-ams.rpki-client.org