Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B03C3/98D85006BCE411EAB8D6D362C4F9AE02/8CFFC1C2BCE611EA93261166C4F9AE02.roa
File: 8CFFC1C2BCE611EA93261166C4F9AE02.roa (raw, json)
Hash identifier: 9RmcPokL1Xt4ah2rY4Way7sxcKlG9Q2Z/28nkexUphM=
Subject key identifier: 3E:74:EF:63:0E:D4:D6:92:C6:86:2B:4F:D1:F6:81:78:F3:2E:9D:0A
Certificate issuer: /CN=A91B03C3/serialNumber=BD609663E39632E2E7B74FDCD372A7DCC5F029A6
Certificate serial: 03C7
Authority key identifier: BD:60:96:63:E3:96:32:E2:E7:B7:4F:DC:D3:72:A7:DC:C5:F0:29:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vWCWY-OWMuLnt0_c03Kn3MXwKaY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B03C3/98D85006BCE411EAB8D6D362C4F9AE02/8CFFC1C2BCE611EA93261166C4F9AE02.roa
Signing time: Fri 01 Oct 2021 11:48:53 +0000
ROA not before: Fri 01 Oct 2021 11:48:52 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 132827
IP address blocks: 45.119.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 967 (0x3c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B03C3/serialNumber=BD609663E39632E2E7B74FDCD372A7DCC5F029A6
Validity
Not Before: Oct 1 11:48:52 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=6156f5a4-ff90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:d3:78:29:2b:af:8c:e9:2f:3f:4d:e9:c7:
af:4d:6a:a7:de:02:66:40:0b:5e:65:4f:b0:c3:bf:
fc:c4:8b:36:ab:21:95:47:90:5d:d5:2f:69:f0:2c:
5d:83:72:a1:26:8a:dd:69:c9:98:7a:a5:f0:9f:1d:
20:75:f3:46:60:b3:12:d8:ef:32:d5:e9:50:83:0c:
cc:90:bb:77:8e:db:00:83:dc:52:71:04:da:d8:3b:
51:13:39:5f:d7:90:a2:dd:4f:cd:96:58:59:4a:1d:
09:74:36:a4:a5:03:df:e2:6e:36:c2:f7:e3:eb:9e:
6d:49:79:50:d5:8b:c6:e2:9f:2d:c0:36:34:8f:2e:
33:33:94:2e:0c:10:22:c9:ca:a8:fa:5c:b4:09:df:
05:66:90:fa:76:56:82:c9:33:64:a1:83:91:7a:53:
33:75:21:34:31:ed:fe:13:70:98:84:c9:62:6f:3f:
4f:2f:7e:ae:6c:5b:70:75:d5:95:93:aa:38:da:a9:
be:9b:78:b6:96:b0:2f:c8:6b:2d:5c:12:9d:7a:55:
0f:6f:01:2b:15:af:2e:4d:2f:2b:19:2e:96:43:fd:
64:6f:99:3c:08:8a:86:a5:10:95:09:ed:a3:e0:28:
9c:af:39:98:1c:1b:76:e9:4f:fa:1d:5c:82:61:8c:
a0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:74:EF:63:0E:D4:D6:92:C6:86:2B:4F:D1:F6:81:78:F3:2E:9D:0A
X509v3 Authority Key Identifier:
keyid:BD:60:96:63:E3:96:32:E2:E7:B7:4F:DC:D3:72:A7:DC:C5:F0:29:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B03C3/98D85006BCE411EAB8D6D362C4F9AE02/vWCWY-OWMuLnt0_c03Kn3MXwKaY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vWCWY-OWMuLnt0_c03Kn3MXwKaY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B03C3/98D85006BCE411EAB8D6D362C4F9AE02/8CFFC1C2BCE611EA93261166C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.204.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:21:81:e3:3f:d5:8b:05:5a:d5:2e:d5:0f:2f:12:6c:49:82:
80:74:f6:61:4a:7b:b2:10:b7:7a:e6:a5:78:6d:18:f3:fc:8e:
db:74:cb:bb:d7:bb:67:00:c4:24:87:38:20:bb:85:7b:58:d3:
c0:91:77:21:ae:3d:dd:66:a3:ed:eb:82:8f:ce:1d:a3:0d:d1:
b7:95:b6:3c:bb:8b:f1:cc:09:f3:8f:02:d5:1e:c7:6f:61:a2:
cf:fa:cf:3e:c6:9d:35:3c:b6:6b:81:74:f9:69:b7:83:85:ed:
11:20:d9:1a:4b:fa:a6:ed:fb:1e:09:45:98:89:2c:20:89:da:
27:b4:15:52:11:7d:4f:f8:0d:2f:98:a0:b3:d9:94:a7:f3:a2:
28:98:d9:01:cf:b7:3a:8d:e2:31:e2:59:b4:e1:4a:62:89:bd:
e3:6a:0d:6c:ab:eb:96:91:71:17:0d:19:36:97:cf:99:2b:d0:
18:0f:16:a7:2c:54:f8:b7:47:3c:44:ec:4e:26:c2:aa:01:73:
84:59:46:d0:8b:b4:14:a6:bf:de:be:de:bb:f8:4c:08:e5:e6:
f5:5b:bc:62:5a:28:90:83:96:1c:66:be:2e:e1:80:c9:48:c0:
e2:1d:1b:9f:93:68:b0:13:99:47:80:ad:0c:5d:d3:4f:fc:3d:
83:5e:e0:61
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA8cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjAzQzMxMTAvBgNVBAUTKEJENjA5NjYzRTM5NjMyRTJFN0I3NEZEQ0QzNzJBN0RD
QzVGMDI5QTYwHhcNMjExMDAxMTE0ODUyWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTU2ZjVhNC1mZjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtb3TeCkrr4zpLz9N6cevTWqn3gJmQAteZU+ww7/8xIs2qyGVR5Bd1S9p8Cxd
g3KhJordacmYeqXwnx0gdfNGYLMS2O8y1elQgwzMkLt3jtsAg9xScQTa2DtREzlf
15Ci3U/NllhZSh0JdDakpQPf4m42wvfj655tSXlQ1YvG4p8twDY0jy4zM5QuDBAi
ycqo+ly0Cd8FZpD6dlaCyTNkoYORelMzdSE0Me3+E3CYhMlibz9PL36ubFtwddWV
k6o42qm+m3i2lrAvyGstXBKdelUPbwErFa8uTS8rGS6WQ/1kb5k8CIqGpRCVCe2j
4CicrzmYHBt26U/6HVyCYYyg0QIDAQABo4IClTCCApEwHQYDVR0OBBYEFD5072MO
1NaSxoYrT9H2gXjzLp0KMB8GA1UdIwQYMBaAFL1glmPjljLi57dP3NNyp9zF8Cmm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDNDMy85OEQ4NTAwNkJD
RTQxMUVBQjhENkQzNjJDNEY5QUUwMi92V0NXWS1PV011TG50MF9jMDNLbjNNWHdL
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZXQ1dZLU9XTXVMbnQwX2MwM0tuM01Yd0thWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjAzQzMvOThEODUwMDZCQ0U0MTFFQUI4RDZEMzYyQzRGOUFFMDIvOENGRkMxQzJC
Q0U2MTFFQTkzMjYxMTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAItd8wwDQYJKoZIhvcNAQELBQADggEBAK4hgeM/1YsFWtUu
1Q8vEmxJgoB09mFKe7IQt3rmpXhtGPP8jtt0y7vXu2cAxCSHOCC7hXtY08CRdyGu
Pd1mo+3rgo/OHaMN0beVtjy7i/HMCfOPAtUex29hos/6zz7GnTU8tmuBdPlpt4OF
7REg2RpL+qbt+x4JRZiJLCCJ2ie0FVIRfU/4DS+YoLPZlKfzoiiY2QHPtzqN4jHi
WbThSmKJveNqDWyr65aRcRcNGTaXz5kr0BgPFqcsVPi3RzxE7E4mwqoBc4RZRtCL
tBSmv96+3rv4TAjl5vVbvGJaKJCDlhxmvi7hgMlIwOIdG5+TaLATmUeArQxd00/8
PYNe4GE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-ams.rpki-client.org