Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB765/A4DDFA941F3B11ECB7DC452FC4F9AE02/FA6D84FA1F3D11ECB2E88C32C4F9AE02.roa
File: FA6D84FA1F3D11ECB2E88C32C4F9AE02.roa (raw, json)
Hash identifier: tFmOS7+hEoknxp2W2TLhOxbSHA7XgEzncPaoaw8bopo=
Subject key identifier: AA:8B:A7:64:59:84:F5:31:A0:2D:04:2D:1C:7F:8C:32:1F:95:B7:C7
Certificate issuer: /CN=A91CB765/serialNumber=ADF312EA68B7F05DA6101080F98322FBD65918B2
Certificate serial: 01AD
Authority key identifier: AD:F3:12:EA:68:B7:F0:5D:A6:10:10:80:F9:83:22:FB:D6:59:18:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rfMS6mi38F2mEBCA-YMi-9ZZGLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB765/A4DDFA941F3B11ECB7DC452FC4F9AE02/FA6D84FA1F3D11ECB2E88C32C4F9AE02.roa
Signing time: Tue 26 Apr 2022 05:13:08 +0000
ROA not before: Tue 26 Apr 2022 05:13:08 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 55722
IP address blocks: 203.98.224.0/19 maxlen: 20
203.98.224.0/23 maxlen: 23
203.98.229.0/24 maxlen: 24
2403:f600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429 (0x1ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB765/serialNumber=ADF312EA68B7F05DA6101080F98322FBD65918B2
Validity
Not Before: Apr 26 05:13:08 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=62677f64-7b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:14:9e:97:a2:be:65:ef:25:4d:ce:24:12:c0:
29:69:24:2f:d6:1b:2e:80:71:19:a4:6d:e2:3a:70:
0b:4b:88:e6:9d:b7:c4:ee:76:33:71:12:5c:ae:8b:
5a:8b:fa:48:cf:a7:69:6f:fd:45:0d:72:a7:64:ab:
1a:b5:74:50:bc:0e:4d:20:6a:c8:55:77:a6:12:b7:
8b:58:90:1e:2e:46:b1:39:89:0b:91:81:12:4f:7b:
88:07:49:24:4b:15:f2:7b:ab:24:db:4c:a6:32:0f:
88:62:ac:27:15:33:19:0b:b4:01:34:f8:1a:24:df:
eb:6c:31:76:77:50:8b:6c:05:13:c6:9b:78:32:34:
8d:c7:0a:96:8d:eb:f0:eb:02:7d:51:d1:42:cd:62:
17:ff:b9:a1:0d:9e:81:64:fe:ce:f6:82:67:10:a4:
a6:ae:39:84:8c:84:40:64:84:a6:84:bc:6b:6f:d3:
18:f3:fe:90:b3:20:29:17:48:ad:9e:24:ec:d4:f9:
af:f0:ca:e6:12:ac:d6:72:7c:f8:bf:24:ad:f5:e6:
cc:55:df:a0:0c:6c:1e:d6:a4:4f:bb:c9:78:a7:bb:
bb:28:53:92:7e:81:27:06:d8:8f:34:0e:70:dc:84:
48:b6:0f:cd:07:2a:d6:29:ea:a4:e3:d8:18:be:ce:
b0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8B:A7:64:59:84:F5:31:A0:2D:04:2D:1C:7F:8C:32:1F:95:B7:C7
X509v3 Authority Key Identifier:
keyid:AD:F3:12:EA:68:B7:F0:5D:A6:10:10:80:F9:83:22:FB:D6:59:18:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB765/A4DDFA941F3B11ECB7DC452FC4F9AE02/rfMS6mi38F2mEBCA-YMi-9ZZGLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rfMS6mi38F2mEBCA-YMi-9ZZGLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB765/A4DDFA941F3B11ECB7DC452FC4F9AE02/FA6D84FA1F3D11ECB2E88C32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.98.224.0/19
IPv6:
2403:f600::/32
Signature Algorithm: sha256WithRSAEncryption
a2:5b:b0:31:68:3a:d0:fb:3a:0e:45:bf:2f:10:b5:4d:cc:04:
86:ab:7c:42:63:9d:42:31:94:04:d4:07:0e:2b:81:bb:5b:7f:
5c:46:10:75:de:28:36:59:9f:42:10:06:16:55:f9:d9:a5:9c:
3b:8c:5f:50:71:9b:92:81:8e:57:21:8b:88:60:ce:7e:83:8d:
6c:89:2d:d3:f5:bf:bc:9a:f3:5e:ed:fa:9b:3d:c5:fd:1d:ad:
51:36:9e:d2:23:da:77:c8:50:9a:54:41:99:12:3c:fb:90:b3:
03:ea:26:0f:a8:58:e6:f5:92:82:13:12:86:56:77:c5:60:57:
40:e7:2c:a3:a9:bd:72:80:09:18:04:bb:79:83:94:be:78:dc:
b1:07:97:75:8a:a8:7f:5f:17:09:7d:c0:ed:c0:bb:67:ed:01:
77:c1:2b:36:ee:fc:7d:5f:55:ab:f9:ea:43:d3:f4:75:de:13:
10:a9:16:75:b2:e7:e3:89:1e:8e:a9:7d:db:f3:f2:a0:34:41:
7f:31:81:40:c7:8b:32:50:39:ba:b9:10:a7:83:49:d3:87:69:
0d:27:7b:bf:dd:2e:ec:2b:65:db:f0:7f:d0:c3:67:bf:d1:c4:
ff:9f:be:4a:be:03:25:67:5f:d5:b0:38:ee:7d:c4:b9:af:f0:
b2:34:43:11
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3NjUxMTAvBgNVBAUTKEFERjMxMkVBNjhCN0YwNURBNjEwMTA4MEY5ODMyMkZC
RDY1OTE4QjIwHhcNMjIwNDI2MDUxMzA4WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY3N2Y2NC03YjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1RSel6K+Ze8lTc4kEsApaSQv1hsugHEZpG3iOnALS4jmnbfE7nYzcRJcrota
i/pIz6dpb/1FDXKnZKsatXRQvA5NIGrIVXemEreLWJAeLkaxOYkLkYEST3uIB0kk
SxXye6sk20ymMg+IYqwnFTMZC7QBNPgaJN/rbDF2d1CLbAUTxpt4MjSNxwqWjevw
6wJ9UdFCzWIX/7mhDZ6BZP7O9oJnEKSmrjmEjIRAZISmhLxrb9MY8/6QsyApF0it
niTs1Pmv8MrmEqzWcnz4vySt9ebMVd+gDGwe1qRPu8l4p7u7KFOSfoEnBtiPNA5w
3IRItg/NByrWKeqk49gYvs6wFQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKqLp2RZ
hPUxoC0ELRx/jDIflbfHMB8GA1UdIwQYMBaAFK3zEupot/BdphAQgPmDIvvWWRiy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjc2NS9BNERERkE5NDFG
M0IxMUVDQjdEQzQ1MkZDNEY5QUUwMi9yZk1TNm1pMzhGMm1FQkNBLVlNaS05WlpH
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JmTVM2bWkzOEYybUVCQ0EtWU1pLTlaWkdMSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3NjUvQTREREZBOTQxRjNCMTFFQ0I3REM0NTJGQzRGOUFFMDIvRkE2RDg0RkEx
RjNEMTFFQ0IyRTg4QzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAXLYuAwDQQCAAIwBwMFACQD9gAwDQYJKoZIhvcNAQELBQAD
ggEBAKJbsDFoOtD7Og5Fvy8QtU3MBIarfEJjnUIxlATUBw4rgbtbf1xGEHXeKDZZ
n0IQBhZV+dmlnDuMX1Bxm5KBjlchi4hgzn6DjWyJLdP1v7ya817t+ps9xf0drVE2
ntIj2nfIUJpUQZkSPPuQswPqJg+oWOb1koITEoZWd8VgV0DnLKOpvXKACRgEu3mD
lL543LEHl3WKqH9fFwl9wO3Au2ftAXfBKzbu/H1fVav56kPT9HXeExCpFnWy5+OJ
Ho6pfdvz8qA0QX8xgUDHizJQObq5EKeDSdOHaQ0ne7/dLuwrZdvwf9DDZ7/RxP+f
vkq+AyVnX9WwOO59xLmv8LI0QxE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:08 2023 by rpki-client on console-fra.rpki-client.org