Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/4AC8F8FA31F411EA8224EE77C4F9AE02.roa
File: 4AC8F8FA31F411EA8224EE77C4F9AE02.roa (raw, json)
Hash identifier: 7R8n/a9dxxgvyd+TMYYa5ZnXkIYREJsl0OV6vLuwmZg=
Subject key identifier: 94:1D:41:23:5A:27:E1:12:CE:EA:53:81:2D:AD:35:C6:D3:6A:FA:59
Certificate issuer: /CN=A91B6EB1/serialNumber=C28879FEC10CE929C1CF2E5B97886F1D7EA17C5A
Certificate serial: 0504
Authority key identifier: C2:88:79:FE:C1:0C:E9:29:C1:CF:2E:5B:97:88:6F:1D:7E:A1:7C:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woh5_sEM6SnBzy5bl4hvHX6hfFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/4AC8F8FA31F411EA8224EE77C4F9AE02.roa
Signing time: Mon 15 Mar 2021 09:05:22 +0000
ROA not before: Mon 15 Mar 2021 09:05:22 +0000
ROA not after: Sat 28 May 2022 00:00:00 +0000
asID: 134146
IP address blocks: 202.181.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1284 (0x504)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6EB1/serialNumber=C28879FEC10CE929C1CF2E5B97886F1D7EA17C5A
Validity
Not Before: Mar 15 09:05:22 2021 GMT
Not After : May 28 00:00:00 2022 GMT
Subject: CN=604f2350-835e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8c:38:95:0f:03:df:1f:60:25:17:aa:18:73:
31:67:09:2d:59:2f:d0:cf:56:5e:1b:c0:2b:58:60:
6b:a9:d6:ed:4d:9d:43:1b:90:72:d8:94:56:a4:54:
57:a1:ae:07:61:c0:93:8e:ab:26:46:40:49:fe:db:
d4:18:93:d9:3d:6c:45:1f:51:c5:1d:09:5c:93:1b:
55:27:c6:06:50:bf:e4:40:dc:c8:a4:ce:ff:4a:a4:
fa:14:65:d1:33:eb:60:22:09:fe:98:a3:c1:a1:31:
e5:b6:80:46:be:25:9a:f0:05:eb:2e:bc:63:e5:e1:
af:c8:d7:10:24:49:78:92:1d:7c:6a:f6:df:75:8f:
ad:97:d8:13:b8:cb:f0:fd:2c:6d:c3:a5:99:ad:b6:
e7:66:74:66:fb:d1:f3:ec:5c:47:ac:4e:71:a4:81:
35:e8:ba:a6:3d:b9:90:ad:e0:0c:4e:f9:a9:0b:8a:
d9:33:12:d5:56:97:4f:b8:de:49:37:eb:48:17:f0:
f8:2b:36:7b:1b:f1:c1:09:5e:65:d5:b9:6e:11:48:
02:d8:10:e8:44:21:14:a7:8c:50:77:c3:dc:c8:ea:
f0:d1:2c:95:dd:b6:e3:27:e7:bc:e3:8c:9f:f7:d8:
9b:3e:ae:22:4c:e1:99:52:1a:4c:09:c5:88:fe:40:
c9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1D:41:23:5A:27:E1:12:CE:EA:53:81:2D:AD:35:C6:D3:6A:FA:59
X509v3 Authority Key Identifier:
keyid:C2:88:79:FE:C1:0C:E9:29:C1:CF:2E:5B:97:88:6F:1D:7E:A1:7C:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/woh5_sEM6SnBzy5bl4hvHX6hfFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woh5_sEM6SnBzy5bl4hvHX6hfFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/4AC8F8FA31F411EA8224EE77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.181.7.0/24
Signature Algorithm: sha256WithRSAEncryption
02:ca:9b:ee:bb:52:31:88:4f:95:7b:0c:5a:06:a5:4e:e6:9d:
e3:48:a2:1c:27:58:a9:b1:6b:7d:67:9a:c3:57:c6:f1:f4:2a:
17:85:91:97:9e:43:10:ab:ec:f8:c7:c6:71:b4:82:b4:25:e6:
06:4e:7f:2e:25:b2:2b:24:1b:ce:ec:7f:85:02:64:b2:b4:66:
af:64:a9:9c:f8:34:b2:2f:b9:e4:a5:64:1e:4c:a6:1e:99:5a:
6e:a8:0a:37:a7:f9:6a:74:cb:b1:80:16:55:a5:31:a4:2c:69:
0f:05:0a:14:65:5a:d3:5a:8f:91:09:6d:6d:c0:f8:51:34:b9:
49:06:c6:e5:72:31:fe:ff:cf:6e:8c:61:1a:e2:2b:12:c2:45:
da:56:dc:e6:46:bd:12:ac:3f:9b:83:64:5d:c2:c1:12:f6:bd:
09:fd:bd:12:f1:7c:67:2c:ab:d1:a7:51:d9:1e:73:89:1f:e0:
0c:ab:d2:81:89:9b:a6:78:da:40:c6:aa:0b:5b:79:dc:f5:dd:
bc:ec:f1:df:2a:e1:a0:83:e6:b0:61:82:0b:a0:03:1b:8e:74:
d3:df:f5:3e:21:8d:f2:84:4c:ff:02:e5:28:70:5b:18:a3:5a:
a3:77:f7:eb:5c:67:3a:75:73:7b:b9:2a:f7:5f:5c:35:8a:d9:
3e:62:14:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZFQjExMTAvBgNVBAUTKEMyODg3OUZFQzEwQ0U5MjlDMUNGMkU1Qjk3ODg2RjFE
N0VBMTdDNUEwHhcNMjEwMzE1MDkwNTIyWhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MDRmMjM1MC04MzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt4w4lQ8D3x9gJReqGHMxZwktWS/Qz1ZeG8ArWGBrqdbtTZ1DG5By2JRWpFRX
oa4HYcCTjqsmRkBJ/tvUGJPZPWxFH1HFHQlckxtVJ8YGUL/kQNzIpM7/SqT6FGXR
M+tgIgn+mKPBoTHltoBGviWa8AXrLrxj5eGvyNcQJEl4kh18avbfdY+tl9gTuMvw
/Sxtw6WZrbbnZnRm+9Hz7FxHrE5xpIE16LqmPbmQreAMTvmpC4rZMxLVVpdPuN5J
N+tIF/D4KzZ7G/HBCV5l1bluEUgC2BDoRCEUp4xQd8PcyOrw0SyV3bbjJ+e844yf
99ibPq4iTOGZUhpMCcWI/kDJXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJQdQSNa
J+ESzupTgS2tNcbTavpZMB8GA1UdIwQYMBaAFMKIef7BDOkpwc8uW5eIbx1+oXxa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkVCMS80QzVGNzIwODMx
RjMxMUVBQTBBOTY4NzZDNEY5QUUwMi93b2g1X3NFTTZTbkJ6eTVibDRodkhYNmhm
Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dvaDVfc0VNNlNuQnp5NWJsNGh2SFg2aGZGby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZFQjEvNEM1RjcyMDgzMUYzMTFFQUEwQTk2ODc2QzRGOUFFMDIvNEFDOEY4RkEz
MUY0MTFFQTgyMjRFRTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKtQcwDQYJKoZIhvcNAQELBQADggEBAALKm+67UjGIT5V7
DFoGpU7mneNIohwnWKmxa31nmsNXxvH0KheFkZeeQxCr7PjHxnG0grQl5gZOfy4l
siskG87sf4UCZLK0Zq9kqZz4NLIvueSlZB5Mph6ZWm6oCjen+Wp0y7GAFlWlMaQs
aQ8FChRlWtNaj5EJbW3A+FE0uUkGxuVyMf7/z26MYRriKxLCRdpW3OZGvRKsP5uD
ZF3CwRL2vQn9vRLxfGcsq9GnUdkec4kf4Ayr0oGJm6Z42kDGqgtbedz13bzs8d8q
4aCD5rBhggugAxuOdNPf9T4hjfKETP8C5ShwWxijWqN39+tcZzp1c3u5KvdfXDWK
2T5iFLk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-fra.rpki-client.org