Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/AF1E71B89B5711EB8E3BEB19C4F9AE02.roa
File: AF1E71B89B5711EB8E3BEB19C4F9AE02.roa (raw, json)
Hash identifier: Fer+zCfInN36cJ5FiSUv3c+SQLjfw6EF7fJ/pe9xk0s=
Subject key identifier: 9A:3F:D6:3B:B0:29:EA:48:0C:9D:A9:A0:38:62:61:8A:EC:16:2E:1E
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0A63
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/AF1E71B89B5711EB8E3BEB19C4F9AE02.roa
Signing time: Thu 27 Jan 2022 09:57:26 +0000
ROA not before: Thu 27 Jan 2022 09:57:26 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 7468
IP address blocks: 202.64.110.0/24 maxlen: 24
220.232.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2659 (0xa63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Validity
Not Before: Jan 27 09:57:26 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61f26c85-450d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:00:e8:cb:9c:6a:23:8d:87:17:25:be:3c:e7:
65:fd:9e:f7:d0:11:6f:ec:45:0f:3f:25:66:99:e2:
a3:93:45:74:e9:09:50:7c:89:bc:79:a1:d4:52:e5:
3d:56:61:bb:1e:d5:f1:f6:17:08:a5:d6:49:6d:55:
a8:89:2a:78:2d:40:7c:2d:6f:e5:01:2f:ac:ae:a4:
d0:50:9d:63:f2:a1:d2:50:d2:b2:ce:10:46:00:23:
43:4e:3e:c4:c5:32:5f:c0:c1:6c:5a:0e:15:3a:55:
cc:2e:02:35:80:73:6b:b4:05:43:e6:41:13:ee:bb:
60:60:ff:00:6a:42:ef:35:1b:e1:45:86:d4:85:5e:
be:35:49:e9:8e:c1:1d:39:30:dc:33:fa:cd:a6:27:
93:57:1b:a6:6b:74:63:cc:0a:cb:ce:da:0f:37:3f:
73:8c:49:cf:e7:e1:82:ce:2f:79:17:75:97:88:c1:
fe:d7:9b:10:15:a0:33:f3:e2:2d:f6:33:d5:51:36:
7a:22:b0:e8:65:8f:fc:64:77:d2:98:fa:1a:1c:6d:
e5:8a:7c:3f:d1:6f:b3:a1:e9:ed:72:6b:66:f9:ed:
2b:cd:63:14:8a:0c:99:e3:a7:41:32:21:00:25:93:
36:02:a4:1d:42:13:ec:29:cf:99:dc:46:a0:99:7c:
c3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3F:D6:3B:B0:29:EA:48:0C:9D:A9:A0:38:62:61:8A:EC:16:2E:1E
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/AF1E71B89B5711EB8E3BEB19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.64.110.0/24
220.232.180.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:22:d7:a9:f2:6d:af:cd:a9:6a:f0:84:a2:fd:e6:af:6f:a0:
53:59:03:2f:91:28:2c:09:9b:47:89:3c:20:1c:4c:59:0c:3b:
5e:01:16:08:74:06:e3:57:42:55:57:a2:f6:12:fe:cb:4e:0e:
d9:23:6a:51:43:6d:7a:51:c5:f1:35:1e:17:23:80:96:44:eb:
3d:74:5a:da:6a:b3:c4:81:a6:cd:3a:2f:49:5b:e5:3e:e6:09:
f6:ee:fc:a3:bc:2a:e4:64:05:ed:e7:86:42:69:bd:88:4e:7b:
1f:68:6d:40:72:ed:58:d8:65:4d:ad:77:98:1d:01:64:3d:09:
34:64:7d:2f:18:60:3d:e9:a4:7b:bd:e7:62:0f:ca:89:59:5f:
41:a8:75:a8:ca:07:ce:fa:d0:27:f5:60:94:51:e2:cf:1c:38:
7e:56:64:14:2b:7e:66:a6:6f:c6:6d:cf:11:3b:12:1f:e7:b7:
ac:71:d6:29:99:b2:8b:a7:49:61:7b:9d:11:47:4e:63:e1:76:
d9:fe:ba:ee:48:6c:5c:ff:39:71:19:5c:23:26:cf:f0:94:12:
c5:48:e0:44:0e:84:0b:6e:52:e7:94:61:6b:25:1a:a9:7f:69:
af:86:01:ba:cf:bc:33:76:72:4c:d5:51:b0:68:0c:bb:50:9a:
59:a3:b1:1b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCmMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjIwMTI3MDk1NzI2WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWYyNmM4NS00NTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxADoy5xqI42HFyW+POdl/Z730BFv7EUPPyVmmeKjk0V06QlQfIm8eaHUUuU9
VmG7HtXx9hcIpdZJbVWoiSp4LUB8LW/lAS+srqTQUJ1j8qHSUNKyzhBGACNDTj7E
xTJfwMFsWg4VOlXMLgI1gHNrtAVD5kET7rtgYP8AakLvNRvhRYbUhV6+NUnpjsEd
OTDcM/rNpieTVxuma3RjzArLztoPNz9zjEnP5+GCzi95F3WXiMH+15sQFaAz8+It
9jPVUTZ6IrDoZY/8ZHfSmPoaHG3linw/0W+zoentcmtm+e0rzWMUigyZ46dBMiEA
JZM2AqQdQhPsKc+Z3EagmXzDiQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJo/1juw
KepIDJ2poDhiYYrsFi4eMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvQUYxRTcxQjg5
QjU3MTFFQjhFM0JFQjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADKQG4DBALc6LQwDQYJKoZIhvcNAQELBQADggEBAKgi16ny
ba/NqWrwhKL95q9voFNZAy+RKCwJm0eJPCAcTFkMO14BFgh0BuNXQlVXovYS/stO
DtkjalFDbXpRxfE1HhcjgJZE6z10Wtpqs8SBps06L0lb5T7mCfbu/KO8KuRkBe3n
hkJpvYhOex9obUBy7VjYZU2td5gdAWQ9CTRkfS8YYD3ppHu952IPyolZX0GodajK
B8760Cf1YJRR4s8cOH5WZBQrfmamb8ZtzxE7Eh/nt6xx1imZsounSWF7nRFHTmPh
dtn+uu5IbFz/OXEZXCMmz/CUEsVI4EQOhAtuUueUYWslGql/aa+GAbrPvDN2ckzV
UbBoDLtQmlmjsRs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:09 2023 by rpki-client on console-fra.rpki-client.org