Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/CC2CD6FC43B711EBBB0CA53EC4F9AE02.roa
File: CC2CD6FC43B711EBBB0CA53EC4F9AE02.roa (raw, json)
Hash identifier: i2G80Va7TP2s2UX0DLKEyqIDWFK9yj3tyopF6rOw2Kk=
Subject key identifier: 4F:ED:A1:C2:29:8A:D2:DA:32:EA:AA:DD:3B:03:30:A2:79:DF:98:E3
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 30F3
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/CC2CD6FC43B711EBBB0CA53EC4F9AE02.roa
Signing time: Mon 31 Jan 2022 14:40:30 +0000
ROA not before: Mon 31 Jan 2022 14:40:30 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 17557
IP address blocks: 202.69.33.0/24 maxlen: 24
202.69.34.0/24 maxlen: 24
202.69.36.0/24 maxlen: 24
202.69.38.0/24 maxlen: 24
202.69.40.0/24 maxlen: 24
202.69.41.0/24 maxlen: 24
202.69.42.0/24 maxlen: 24
202.69.43.0/24 maxlen: 24
202.69.45.0/24 maxlen: 24
202.69.46.0/24 maxlen: 24
202.69.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12531 (0x30f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Jan 31 14:40:30 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61f7f4de-61ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0a:aa:54:90:ca:68:b3:2f:2c:9f:86:71:b6:
38:97:8f:99:cf:0b:52:78:1e:b7:41:05:8b:1f:bc:
4f:68:e2:32:9b:56:eb:d9:84:39:40:f6:96:52:6e:
4d:0c:bc:c8:dc:c1:3d:ef:30:f2:a0:e0:68:28:3f:
8f:09:3c:fe:d6:d4:19:78:4c:a7:1c:50:78:39:23:
38:f1:08:bb:c9:0a:e9:06:f9:5c:fc:3e:c3:95:c4:
16:f0:b3:70:53:d0:f3:5f:9d:ef:d8:0e:26:44:b6:
f6:0f:ee:68:3c:8c:10:ab:08:92:2e:6b:31:ae:1d:
3a:41:3d:b9:b2:d5:d9:8b:17:41:7c:c6:19:1f:ff:
f5:6f:13:20:40:e7:4a:47:08:e2:0e:d1:d3:9d:c8:
ed:0e:86:29:cd:48:b9:a7:dd:7b:c6:28:d3:34:6d:
74:bc:ad:46:43:a2:bf:66:4b:4c:5d:93:06:0f:48:
89:43:b4:79:bb:fa:ec:7c:2f:1d:bc:5c:f3:df:4b:
bd:c5:72:f3:c8:4b:a5:aa:dc:d6:49:17:69:e9:e0:
d8:8b:99:5e:fe:48:9d:53:02:a9:c8:fd:6a:27:9d:
94:8f:b4:38:18:7c:42:65:4a:e7:22:c0:8a:4b:d5:
47:a8:83:24:fe:08:c6:90:8b:8d:c8:ee:9c:bd:19:
0f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:ED:A1:C2:29:8A:D2:DA:32:EA:AA:DD:3B:03:30:A2:79:DF:98:E3
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/CC2CD6FC43B711EBBB0CA53EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.69.33.0-202.69.34.255
202.69.36.0/24
202.69.38.0/24
202.69.40.0/22
202.69.45.0-202.69.47.255
Signature Algorithm: sha256WithRSAEncryption
26:85:58:8e:3b:88:23:56:13:df:d3:a4:09:e7:ac:60:17:dd:
43:88:9c:e5:f0:f0:cd:97:0f:6f:8c:fa:1f:17:dd:f9:21:c5:
31:88:98:92:0e:27:b2:23:3d:80:f7:a9:12:10:91:f7:f7:63:
d0:7e:25:72:a2:08:65:a1:3a:98:28:df:aa:b3:8b:14:c1:e8:
a1:4b:a6:7b:ff:90:2f:05:15:14:66:59:35:92:c1:e7:72:31:
fc:a5:c1:b0:39:bb:5e:a0:92:00:7d:16:ed:7b:00:19:45:ea:
a2:3a:fc:0b:04:5b:44:c3:64:82:b9:d6:0f:3c:cd:a6:86:8b:
92:51:61:10:c5:cb:51:7e:b3:ad:25:31:11:5e:77:72:7e:ca:
2f:57:45:b0:fd:31:e8:dc:47:8a:48:76:37:f0:b2:30:fc:97:
94:e5:cc:0d:a9:b3:0c:e5:94:16:3c:82:3c:34:6b:96:fc:dc:
36:61:e3:50:70:e7:c9:ea:20:81:ef:14:de:2d:c0:20:68:c3:
67:cf:93:f4:23:4e:22:e8:d0:a9:50:4e:a7:83:f0:14:1a:be:
06:22:c1:e1:49:26:e9:0d:ef:4e:b9:de:3b:07:15:ac:e4:aa:
bb:31:d1:56:67:9e:e0:3f:88:48:0d:f0:62:f1:a2:72:17:16:
ba:cb:79:23
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICMPMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjIwMTMxMTQ0MDMwWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY3ZjRkZS02MWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAugqqVJDKaLMvLJ+GcbY4l4+ZzwtSeB63QQWLH7xPaOIym1br2YQ5QPaWUm5N
DLzI3ME97zDyoOBoKD+PCTz+1tQZeEynHFB4OSM48Qi7yQrpBvlc/D7DlcQW8LNw
U9DzX53v2A4mRLb2D+5oPIwQqwiSLmsxrh06QT25stXZixdBfMYZH//1bxMgQOdK
RwjiDtHTncjtDoYpzUi5p917xijTNG10vK1GQ6K/ZktMXZMGD0iJQ7R5u/rsfC8d
vFzz30u9xXLzyEulqtzWSRdp6eDYi5le/kidUwKpyP1qJ52Uj7Q4GHxCZUrnIsCK
S9VHqIMk/gjGkIuNyO6cvRkPkwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFE/tocIp
itLaMuqq3TsDMKJ535jjMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvQ0MyQ0Q2RkM0
M0I3MTFFQkJCMENBNTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4wDAMEAMpFIQMEAMpFIgMEAMpFJAMEAMpFJgMEAspFKDAMAwQA
ykUtAwQEykUgMA0GCSqGSIb3DQEBCwUAA4IBAQAmhViOO4gjVhPf06QJ56xgF91D
iJzl8PDNlw9vjPofF935IcUxiJiSDieyIz2A96kSEJH392PQfiVyoghloTqYKN+q
s4sUweihS6Z7/5AvBRUUZlk1ksHncjH8pcGwObteoJIAfRbtewAZReqiOvwLBFtE
w2SCudYPPM2mhouSUWEQxctRfrOtJTERXndyfsovV0Ww/THo3EeKSHY38LIw/JeU
5cwNqbMM5ZQWPII8NGuW/Nw2YeNQcOfJ6iCB7xTeLcAgaMNnz5P0I04i6NCpUE6n
g/AUGr4GIsHhSSbpDe9Oud47BxWs5Kq7MdFWZ57gP4hIDfBi8aJyFxa6y3kj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-ams.rpki-client.org