Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/C9A04E98B7D111ECBBFE4251C4F9AE02.roa
File: C9A04E98B7D111ECBBFE4251C4F9AE02.roa (raw, json)
Hash identifier: tZX2yFgtAFIrHET2Db92/F5zYlqjbL07TVEL4oL0a1s=
Subject key identifier: E2:E0:6F:6D:72:48:FA:8E:B1:12:83:6D:7E:A7:6C:B0:F6:54:DC:B4
Certificate issuer: /CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F
Certificate serial: 02
Authority key identifier: 02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/C9A04E98B7D111ECBBFE4251C4F9AE02.roa
Signing time: Sat 09 Apr 2022 06:53:40 +0000
ROA not before: Sat 09 Apr 2022 06:53:40 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 131329
IP address blocks: 202.88.42.0/24 maxlen: 24
2400:1560:6::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F
Validity
Not Before: Apr 9 06:53:40 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=62512d74-73ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:47:e7:d0:e7:d1:b8:54:a0:3d:21:71:ee:71:
a2:85:c0:75:91:0d:51:67:ee:8d:eb:5a:c2:2b:d1:
83:a7:da:9b:fb:35:37:fa:d0:d3:2d:1c:6b:63:1a:
cf:93:c2:fd:b9:66:97:39:55:9b:17:03:a3:48:a1:
be:ad:1e:1a:f7:79:e2:51:d8:9d:99:33:5a:22:d7:
cb:b7:3f:df:a7:c2:01:2c:34:bc:c2:d3:81:34:a5:
8c:cb:51:15:9a:f5:a6:31:2b:5b:8b:aa:5f:5c:8b:
06:0b:08:52:2d:06:ea:4e:fe:60:96:c4:58:63:89:
0e:82:68:ae:60:f5:87:93:80:20:b7:bd:af:de:9c:
d9:57:4e:7e:4b:0e:dc:56:58:17:59:9d:1d:48:16:
41:29:61:12:ec:c8:80:d6:2d:38:2f:d0:52:d6:ac:
f3:80:53:4e:c8:54:5c:2b:b9:87:a7:2d:c4:3d:e5:
63:7b:81:4e:54:7d:91:3f:b3:3f:e1:90:70:ac:76:
a1:d8:ed:ca:c0:67:41:a3:6e:c3:6e:fa:55:b4:74:
20:6e:81:c4:aa:21:6c:33:ff:64:f0:27:51:62:15:
db:ba:d9:c1:fe:44:70:53:8a:28:63:64:5e:09:c3:
35:03:d0:79:ea:db:8c:b5:d7:67:5d:4c:c5:50:68:
96:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E0:6F:6D:72:48:FA:8E:B1:12:83:6D:7E:A7:6C:B0:F6:54:DC:B4
X509v3 Authority Key Identifier:
keyid:02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/C9A04E98B7D111ECBBFE4251C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.88.42.0/24
IPv6:
2400:1560:6::/64
Signature Algorithm: sha256WithRSAEncryption
a3:db:6f:b9:11:a8:4d:c5:73:3b:13:65:70:69:bc:cf:9c:2d:
89:40:2c:7d:7b:99:ad:b9:56:15:da:6d:e9:40:49:4a:c9:a6:
0c:01:c1:22:b6:f9:69:3b:26:6a:ae:62:c8:0b:ea:b5:77:2e:
be:b8:5f:c4:92:a6:26:a1:a2:af:22:11:c1:7c:78:97:c7:ef:
7d:59:e9:22:f6:d1:7d:8b:a9:d2:b7:5b:e3:b8:58:e8:77:00:
42:41:07:85:ee:ab:37:1d:20:fc:42:fc:71:d4:60:c0:1d:81:
d3:6f:55:f8:71:28:51:bb:1f:0d:82:77:3c:5d:e9:94:56:df:
76:42:7b:77:9c:e7:cd:b3:bf:ec:91:d5:50:9d:ae:da:3f:84:
55:c7:1f:8d:84:ae:82:b8:38:50:07:36:84:6b:71:7d:e8:37:
20:2d:3d:6e:85:a1:51:dd:2f:1d:bd:00:72:c6:0d:12:05:a1:
64:83:62:8a:9b:7b:e5:08:bc:ab:54:fb:c7:26:61:7f:e4:ad:
ee:c5:76:df:d5:4d:92:37:4d:1d:ef:7c:58:38:93:0f:40:ac:
df:59:70:9d:7b:d5:65:31:a3:e8:9a:a7:1e:83:ac:49:bf:7d:
c8:a3:14:5e:83:6f:0f:4c:41:92:41:63:71:13:2d:0a:54:01:
1a:75:0b:19
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
QTVCQTExMC8GA1UEBRMoMDJBQTNBNzZDNDU5NDk3QjFCNDVGMjZFOTA0NEFDQzZG
MkU4MDQ0RjAeFw0yMjA0MDkwNjUzNDBaFw0yMjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNTEyZDc0LTczZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGR+fQ59G4VKA9IXHucaKFwHWRDVFn7o3rWsIr0YOn2pv7NTf60NMtHGtjGs+T
wv25Zpc5VZsXA6NIob6tHhr3eeJR2J2ZM1oi18u3P9+nwgEsNLzC04E0pYzLURWa
9aYxK1uLql9ciwYLCFItBupO/mCWxFhjiQ6CaK5g9YeTgCC3va/enNlXTn5LDtxW
WBdZnR1IFkEpYRLsyIDWLTgv0FLWrPOAU07IVFwruYenLcQ95WN7gU5UfZE/sz/h
kHCsdqHY7crAZ0GjbsNu+lW0dCBugcSqIWwz/2TwJ1FiFdu62cH+RHBTiihjZF4J
wzUD0Hnq24y112ddTMVQaJZtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU4uBvbXJI
+o6xEoNtfqdssPZU3LQwHwYDVR0jBBgwFoAUAqo6dsRZSXsbRfJukESsxvLoBE8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJBNUJBLzQzMjZDQkMwQjdD
RDExRUNBRjY4MTMzNUM0RjlBRTAyL0FxbzZkc1JaU1hzYlJmSnVrRVNzeHZMb0JF
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQXFvNmRzUlpTWHNiUmZKdWtFU3N4dkxvQkU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QTVCQS80MzI2Q0JDMEI3Q0QxMUVDQUY2ODEzMzVDNEY5QUUwMi9DOUEwNEU5OEI3
RDExMUVDQkJGRTQyNTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAyBggrBgEFBQcBBwEB/wQj
MCEwDAQCAAEwBgMEAMpYKjARBAIAAjALAwkAJAAVYAAGAAAwDQYJKoZIhvcNAQEL
BQADggEBAKPbb7kRqE3FczsTZXBpvM+cLYlALH17ma25VhXabelASUrJpgwBwSK2
+Wk7JmquYsgL6rV3Lr64X8SSpiahoq8iEcF8eJfH731Z6SL20X2LqdK3W+O4WOh3
AEJBB4XuqzcdIPxC/HHUYMAdgdNvVfhxKFG7Hw2Cdzxd6ZRW33ZCe3ec582zv+yR
1VCdrto/hFXHH42EroK4OFAHNoRrcX3oNyAtPW6FoVHdLx29AHLGDRIFoWSDYoqb
e+UIvKtU+8cmYX/kre7Fdt/VTZI3TR3vfFg4kw9ArN9ZcJ171WUxo+iapx6DrEm/
fcijFF6Dbw9MQZJBY3ETLQpUARp1Cxk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org