Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/D025F8D0A11511EC83ABC666C4F9AE02.roa
File: D025F8D0A11511EC83ABC666C4F9AE02.roa (raw, json)
Hash identifier: ZzB1fU4kBF22TkDjZAHUJ94qj0O5yIaQL1QBPxuO78k=
Subject key identifier: D9:50:91:D3:AF:E5:0E:46:AE:F1:E9:98:B4:F6:01:E5:15:31:41:C9
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: 033B
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/D025F8D0A11511EC83ABC666C4F9AE02.roa
Signing time: Fri 23 Dec 2022 03:22:22 +0000
ROA not before: Fri 23 Dec 2022 03:22:22 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 61317
IP address blocks: 202.43.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 827 (0x33b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Validity
Not Before: Dec 23 03:22:22 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63a51eee-8767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:77:9c:27:e1:a4:2d:66:cf:2a:55:e0:80:
3a:54:b9:f8:94:63:42:47:df:7a:84:0d:9f:61:97:
39:e6:45:28:b6:1c:1d:3b:0d:c4:0b:92:da:e8:c0:
69:5e:b6:cc:f4:2e:85:33:3a:97:12:cb:fa:94:9b:
04:07:06:02:e8:c6:71:6f:3b:ff:4d:0d:f9:4a:7f:
cf:de:db:b5:e4:2d:cc:1d:10:8e:62:eb:48:78:b8:
01:75:c1:e5:9b:ca:09:27:69:9f:a7:61:4f:a7:b7:
10:22:bf:3d:cc:63:62:2d:72:61:69:56:52:6e:59:
01:25:7f:95:97:55:d3:b4:d6:5c:a4:56:f0:28:8c:
c8:3f:4f:c0:aa:21:5e:94:44:23:94:b9:a3:1a:d2:
f0:d1:c6:dd:25:76:39:cf:f7:41:1e:07:3b:86:c0:
b1:4b:a8:f0:94:a3:43:1b:2a:a8:ff:5d:a7:ea:2e:
d6:bd:43:e3:af:e7:b6:67:e8:29:29:34:95:38:b8:
95:fd:2e:38:11:17:8e:bc:af:2a:0d:ad:55:03:78:
b4:db:40:ca:c7:7d:a1:49:82:67:a1:ed:2b:d9:3d:
99:56:bc:01:d5:ed:bb:5d:1e:32:bc:98:5d:e6:d7:
22:1b:38:c0:5f:6f:50:ef:86:fe:3e:96:bc:70:d9:
b0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:50:91:D3:AF:E5:0E:46:AE:F1:E9:98:B4:F6:01:E5:15:31:41:C9
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/D025F8D0A11511EC83ABC666C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.4.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:94:8e:a4:3f:39:ef:a3:ae:31:a4:55:27:82:7d:d3:d3:53:
70:61:93:62:c0:08:d4:a9:44:1d:2e:cb:5e:c5:0c:c7:90:08:
31:8e:3c:84:b5:ee:f7:5e:f1:79:59:2f:36:c0:66:c5:23:dd:
08:3c:cb:03:e4:48:b9:3a:3f:e6:9a:15:49:c6:c8:44:19:df:
c4:af:86:90:e7:71:28:d7:0e:89:56:7f:80:55:49:5b:b9:a9:
6e:db:ac:d7:0f:c9:e1:af:77:e7:b5:35:95:f4:52:ed:1d:5e:
f5:16:fc:52:ba:07:64:0d:c9:0d:22:67:5f:a3:fa:5a:de:2b:
b3:b6:c6:f0:b8:2a:1a:db:c0:fd:16:f0:c9:af:bd:1e:dd:1a:
03:b1:f6:43:77:86:f1:89:10:e1:9d:d1:7b:34:11:c9:0f:7f:
93:60:22:63:7b:01:91:67:80:40:e3:20:09:01:61:81:9b:aa:
92:1b:67:8c:60:b5:85:78:41:00:7c:64:7a:00:b9:99:ef:4f:
25:cf:35:29:39:5f:b7:a9:b6:c3:c5:86:56:02:48:a1:02:8f:
ca:0b:44:35:6c:36:41:4e:c2:ac:9a:6a:49:fe:fa:30:e8:52:
c7:fc:36:39:6f:48:ec:c2:14:b3:c8:86:e7:d6:93:b2:a4:8e:
e8:9f:22:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAzswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjIxMjIzMDMyMjIyWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E1MWVlZS04NzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu+53nCfhpC1mzypV4IA6VLn4lGNCR996hA2fYZc55kUothwdOw3EC5La6MBp
XrbM9C6FMzqXEsv6lJsEBwYC6MZxbzv/TQ35Sn/P3tu15C3MHRCOYutIeLgBdcHl
m8oJJ2mfp2FPp7cQIr89zGNiLXJhaVZSblkBJX+Vl1XTtNZcpFbwKIzIP0/AqiFe
lEQjlLmjGtLw0cbdJXY5z/dBHgc7hsCxS6jwlKNDGyqo/12n6i7WvUPjr+e2Z+gp
KTSVOLiV/S44EReOvK8qDa1VA3i020DKx32hSYJnoe0r2T2ZVrwB1e27XR4yvJhd
5tciGzjAX29Q74b+Ppa8cNmw/wIDAQABo4IClTCCApEwHQYDVR0OBBYEFNlQkdOv
5Q5GrvHpmLT2AeUVMUHJMB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvRDAyNUY4RDBB
MTE1MTFFQzgzQUJDNjY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKKwQwDQYJKoZIhvcNAQELBQADggEBAKuUjqQ/Oe+jrjGk
VSeCfdPTU3Bhk2LACNSpRB0uy17FDMeQCDGOPIS17vde8XlZLzbAZsUj3Qg8ywPk
SLk6P+aaFUnGyEQZ38SvhpDncSjXDolWf4BVSVu5qW7brNcPyeGvd+e1NZX0Uu0d
XvUW/FK6B2QNyQ0iZ1+j+lreK7O2xvC4KhrbwP0W8MmvvR7dGgOx9kN3hvGJEOGd
0Xs0EckPf5NgImN7AZFngEDjIAkBYYGbqpIbZ4xgtYV4QQB8ZHoAuZnvTyXPNSk5
X7eptsPFhlYCSKECj8oLRDVsNkFOwqyaakn++jDoUsf8NjlvSOzCFLPIhufWk7Kk
juifIj0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org