Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/ECF30AAA690E11EC98B9A21CC4F9AE02.roa
File: ECF30AAA690E11EC98B9A21CC4F9AE02.roa (raw, json)
Hash identifier: CNgcBUQ2I6vQfVlavzlkhQzrWy77YJF9IMAVLJ2QLY4=
Subject key identifier: 6B:20:1B:E8:E4:3F:05:65:12:00:34:C3:7D:72:A1:05:AB:0C:74:38
Certificate issuer: /CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Certificate serial: C6
Authority key identifier: 2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/ECF30AAA690E11EC98B9A21CC4F9AE02.roa
Signing time: Thu 30 Dec 2021 01:22:17 +0000
ROA not before: Thu 30 Dec 2021 01:22:17 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 1239
IP address blocks: 202.43.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198 (0xc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ACD72/serialNumber=2C19175325A5F36C0BB58F92119E65820C8FD57B
Validity
Not Before: Dec 30 01:22:17 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61cd09c9-a19d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:0f:9f:bd:95:97:01:f7:04:25:90:19:86:51:
fe:2b:09:7c:55:36:c7:8c:d7:cb:f8:56:17:71:51:
f4:84:bd:a9:e1:81:8f:58:05:93:56:80:e6:95:d1:
e4:b4:c8:8b:52:1f:e5:27:e5:9b:ef:ba:ef:6c:6a:
4f:48:63:9b:fb:1b:18:af:3d:f0:b7:24:3b:97:5b:
5c:0c:65:c4:2d:f4:c6:f4:95:97:a0:1f:14:35:92:
3c:31:87:4e:97:35:a9:d0:c7:2a:39:10:1d:e2:3d:
19:0f:07:60:08:92:90:d1:cd:8b:64:c0:2f:f5:fb:
33:31:46:a3:e7:97:45:f6:93:1d:8a:9d:74:f8:7e:
7c:98:24:59:ea:48:60:bc:af:00:32:ea:51:02:c6:
65:39:7a:54:46:19:af:ad:34:a2:e4:17:a3:04:47:
07:23:a9:ef:c9:e9:8b:74:a6:e4:ac:52:97:52:4c:
2d:45:12:eb:14:7b:18:3c:53:e7:e2:04:54:9d:a0:
d0:ae:19:f4:90:b5:95:0b:43:44:55:3c:d2:a5:d8:
e0:8f:22:94:70:11:90:0f:ed:eb:18:dc:e9:7d:c6:
27:02:35:42:62:42:45:09:d4:bb:3e:c9:63:25:07:
d3:25:40:f6:e6:5d:57:39:d9:b3:c7:8d:a3:87:bd:
92:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:20:1B:E8:E4:3F:05:65:12:00:34:C3:7D:72:A1:05:AB:0C:74:38
X509v3 Authority Key Identifier:
keyid:2C:19:17:53:25:A5:F3:6C:0B:B5:8F:92:11:9E:65:82:0C:8F:D5:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/LBkXUyWl82wLtY-SEZ5lggyP1Xs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBkXUyWl82wLtY-SEZ5lggyP1Xs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD72/4576A672261211ECB9319942C4F9AE02/ECF30AAA690E11EC98B9A21CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.43.7.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:1c:82:a1:e1:4d:60:2e:64:6f:bf:71:a8:ef:1e:c8:d4:73:
d3:a1:15:61:ee:76:99:29:ff:04:47:36:e3:9f:bb:ca:9a:51:
45:d4:80:39:c7:cc:de:f9:9b:85:f6:2e:0d:27:24:30:1b:7c:
84:d2:7c:c8:b2:8a:04:2e:69:ae:32:33:0e:5b:1e:06:e2:97:
b1:e5:99:f1:6c:75:c5:61:fd:a4:4a:55:8f:1e:48:83:b7:fe:
2d:79:95:38:36:d4:45:4e:6e:22:24:df:39:e4:34:fd:73:74:
8b:be:9b:93:86:81:e1:62:24:19:ba:79:d3:c4:0a:b4:c0:24:
00:f1:48:ed:d9:32:81:16:19:c3:22:38:98:11:e2:88:69:4d:
4c:17:11:53:9f:30:1c:e4:7c:ac:24:df:8f:71:5d:f7:87:2d:
51:91:04:86:34:fa:08:68:57:de:b1:f1:7f:01:5f:5e:ac:e1:
bd:8f:a9:85:8d:66:58:d9:a7:47:ee:c7:43:03:c7:f7:cf:66:
2e:03:b7:54:5f:98:02:52:90:17:49:95:82:c7:a6:46:6b:2a:
8e:ac:18:1c:00:b1:d0:fd:40:c2:8a:da:1f:64:fe:d4:18:e8:
06:5b:21:2f:e3:8f:2c:cc:8b:80:85:6a:4c:bc:86:6f:b3:ce:
a4:df:5b:ec
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENzIxMTAvBgNVBAUTKDJDMTkxNzUzMjVBNUYzNkMwQkI1OEY5MjExOUU2NTgy
MEM4RkQ1N0IwHhcNMjExMjMwMDEyMjE3WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNkMDljOS1hMTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Q+fvZWXAfcEJZAZhlH+Kwl8VTbHjNfL+FYXcVH0hL2p4YGPWAWTVoDmldHk
tMiLUh/lJ+Wb77rvbGpPSGOb+xsYrz3wtyQ7l1tcDGXELfTG9JWXoB8UNZI8MYdO
lzWp0McqORAd4j0ZDwdgCJKQ0c2LZMAv9fszMUaj55dF9pMdip10+H58mCRZ6khg
vK8AMupRAsZlOXpURhmvrTSi5BejBEcHI6nvyemLdKbkrFKXUkwtRRLrFHsYPFPn
4gRUnaDQrhn0kLWVC0NEVTzSpdjgjyKUcBGQD+3rGNzpfcYnAjVCYkJFCdS7Pslj
JQfTJUD25l1XOdmzx42jh72SkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGsgG+jk
PwVlEgA0w31yoQWrDHQ4MB8GA1UdIwQYMBaAFCwZF1MlpfNsC7WPkhGeZYIMj9V7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q3Mi80NTc2QTY3MjI2
MTIxMUVDQjkzMTk5NDJDNEY5QUUwMi9MQmtYVXlXbDgyd0x0WS1TRVo1bGdneVAx
WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xCa1hVeVdsODJ3THRZLVNFWjVsZ2d5UDFYcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUNENzIvNDU3NkE2NzIyNjEyMTFFQ0I5MzE5OTQyQzRGOUFFMDIvRUNGMzBBQUE2
OTBFMTFFQzk4QjlBMjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKKwcwDQYJKoZIhvcNAQELBQADggEBALIcgqHhTWAuZG+/
cajvHsjUc9OhFWHudpkp/wRHNuOfu8qaUUXUgDnHzN75m4X2Lg0nJDAbfITSfMiy
igQuaa4yMw5bHgbil7HlmfFsdcVh/aRKVY8eSIO3/i15lTg21EVObiIk3znkNP1z
dIu+m5OGgeFiJBm6edPECrTAJADxSO3ZMoEWGcMiOJgR4ohpTUwXEVOfMBzkfKwk
349xXfeHLVGRBIY0+ghoV96x8X8BX16s4b2PqYWNZljZp0fux0MDx/fPZi4Dt1Rf
mAJSkBdJlYLHpkZrKo6sGBwAsdD9QMKK2h9k/tQY6AZbIS/jjyzMi4CFaky8hm+z
zqTfW+w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-ams.rpki-client.org