Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1C02/BD7F2F569A0011EC836BC958C4F9AE02/96D3C8269A5F11EC9124627BC4F9AE02.roa
File: 96D3C8269A5F11EC9124627BC4F9AE02.roa (raw, json)
Hash identifier: YwTJNWqO5qFI6Iwh7c9z96NwxtByDS6fLXL8xItRvSA=
Subject key identifier: 40:8E:E3:DE:12:BB:79:27:D7:7D:FC:80:EA:03:00:A8:4A:B7:68:BB
Certificate issuer: /CN=A91D1C02/serialNumber=7B19C5AE35AED83AFA60463B5F3C0A6036E4FF9B
Certificate serial: 0137
Authority key identifier: 7B:19:C5:AE:35:AE:D8:3A:FA:60:46:3B:5F:3C:0A:60:36:E4:FF:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/exnFrjWu2Dr6YEY7XzwKYDbk_5s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1C02/BD7F2F569A0011EC836BC958C4F9AE02/96D3C8269A5F11EC9124627BC4F9AE02.roa
Signing time: Mon 01 Aug 2022 16:33:21 +0000
ROA not before: Mon 01 Aug 2022 16:33:21 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 4768
IP address blocks: 202.37.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 311 (0x137)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1C02/serialNumber=7B19C5AE35AED83AFA60463B5F3C0A6036E4FF9B
Validity
Not Before: Aug 1 16:33:21 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=62e80050-2299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:02:1d:5b:af:5a:1f:e1:ae:8a:59:94:da:dc:
83:95:2b:8d:8c:88:8b:49:31:55:44:e7:67:77:e8:
28:ab:c2:bc:b6:05:f9:a6:41:de:93:34:70:c9:8c:
23:e2:61:54:41:95:4a:c5:88:31:27:03:99:42:91:
4c:d0:88:07:26:a1:02:f2:31:ec:f7:d8:ef:64:30:
7c:57:d4:3c:84:e4:20:d8:b4:cc:7a:1c:3b:ee:9b:
74:11:5c:5d:7f:33:b0:33:05:4d:89:09:c1:c2:05:
03:a2:94:19:31:14:a5:b3:0c:7f:a6:f8:a7:c4:3b:
28:68:14:d6:9f:92:b0:46:92:8c:a5:f4:98:17:e2:
73:00:07:72:76:55:d1:3e:ff:f7:4e:08:b8:b2:23:
f4:a8:c9:76:c1:8d:ac:62:16:0e:f1:c8:d9:1e:c2:
97:21:73:51:72:e9:cb:c5:8d:9e:4c:b2:1a:ca:2c:
63:4b:73:1e:da:21:0d:d3:3c:00:57:13:e5:f3:80:
f6:ed:e8:b0:50:12:d7:bf:fb:0c:d3:b9:c6:2a:59:
00:b0:16:00:1b:37:e0:22:4f:f8:fb:c3:c0:f5:48:
e6:38:d6:a9:69:72:9d:7a:fc:73:ed:34:6f:11:06:
02:a0:05:34:26:49:d6:5a:f7:c9:97:89:86:38:96:
82:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8E:E3:DE:12:BB:79:27:D7:7D:FC:80:EA:03:00:A8:4A:B7:68:BB
X509v3 Authority Key Identifier:
keyid:7B:19:C5:AE:35:AE:D8:3A:FA:60:46:3B:5F:3C:0A:60:36:E4:FF:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1C02/BD7F2F569A0011EC836BC958C4F9AE02/exnFrjWu2Dr6YEY7XzwKYDbk_5s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/exnFrjWu2Dr6YEY7XzwKYDbk_5s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1C02/BD7F2F569A0011EC836BC958C4F9AE02/96D3C8269A5F11EC9124627BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.37.54.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:ff:3d:57:56:44:44:7a:de:95:77:f5:df:d8:18:83:4f:6e:
1d:60:eb:99:7e:40:67:0b:29:6a:c8:2f:54:cb:14:15:3c:b5:
a0:86:2e:85:66:bb:e9:7a:f2:45:ac:7d:c1:d2:30:1b:39:08:
68:8a:fe:9b:34:37:0d:b7:b8:3c:98:94:c5:7f:44:33:58:d4:
a4:3e:43:82:81:bb:d3:7e:fd:62:52:91:6a:4c:28:da:4c:00:
78:c0:58:6d:0f:d9:a8:01:ea:0c:5e:2b:37:e5:43:b4:47:89:
a5:18:94:9f:12:bb:21:43:22:f9:d9:f9:00:b8:65:95:99:0e:
f6:25:89:2f:7d:9a:48:d9:5f:51:b9:ba:17:42:04:48:1c:71:
0d:64:47:fc:a4:4a:76:1c:aa:27:b5:c6:94:c0:bf:b3:5a:2e:
66:ac:b2:22:18:7e:f1:5c:4e:60:22:18:32:d1:03:1b:ff:63:
7d:76:eb:42:62:43:e9:b3:a6:3b:4e:67:27:02:dd:c6:ec:c0:
66:c9:a3:29:e7:09:52:08:5e:d7:5e:b8:fb:84:b9:14:d2:42:
27:02:dd:58:94:93:12:ff:91:55:a8:63:a7:07:cf:51:ee:a1:
89:71:b4:15:03:8a:88:73:38:4b:44:83:9c:35:03:dc:4b:a7:
cd:2a:3e:01
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDFDMDIxMTAvBgNVBAUTKDdCMTlDNUFFMzVBRUQ4M0FGQTYwNDYzQjVGM0MwQTYw
MzZFNEZGOUIwHhcNMjIwODAxMTYzMzIxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU4MDA1MC0yMjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlgIdW69aH+GuilmU2tyDlSuNjIiLSTFVROdnd+goq8K8tgX5pkHekzRwyYwj
4mFUQZVKxYgxJwOZQpFM0IgHJqEC8jHs99jvZDB8V9Q8hOQg2LTMehw77pt0EVxd
fzOwMwVNiQnBwgUDopQZMRSlswx/pvinxDsoaBTWn5KwRpKMpfSYF+JzAAdydlXR
Pv/3Tgi4siP0qMl2wY2sYhYO8cjZHsKXIXNRcunLxY2eTLIayixjS3Me2iEN0zwA
VxPl84D27eiwUBLXv/sM07nGKlkAsBYAGzfgIk/4+8PA9UjmONapaXKdevxz7TRv
EQYCoAU0JknWWvfJl4mGOJaCxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFECO494S
u3kn1338gOoDAKhKt2i7MB8GA1UdIwQYMBaAFHsZxa41rtg6+mBGO188CmA25P+b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUMwMi9CRDdGMkY1NjlB
MDAxMUVDODM2QkM5NThDNEY5QUUwMi9leG5GcmpXdTJEcjZZRVk3WHp3S1lEYmtf
NXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V4bkZyald1MkRyNllFWTdYendLWURia181cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDFDMDIvQkQ3RjJGNTY5QTAwMTFFQzgzNkJDOTU4QzRGOUFFMDIvOTZEM0M4MjY5
QTVGMTFFQzkxMjQ2MjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKJTYwDQYJKoZIhvcNAQELBQADggEBAMX/PVdWRER63pV3
9d/YGINPbh1g65l+QGcLKWrIL1TLFBU8taCGLoVmu+l68kWsfcHSMBs5CGiK/ps0
Nw23uDyYlMV/RDNY1KQ+Q4KBu9N+/WJSkWpMKNpMAHjAWG0P2agB6gxeKzflQ7RH
iaUYlJ8SuyFDIvnZ+QC4ZZWZDvYliS99mkjZX1G5uhdCBEgccQ1kR/ykSnYcqie1
xpTAv7NaLmassiIYfvFcTmAiGDLRAxv/Y31260JiQ+mzpjtOZycC3cbswGbJoynn
CVIIXtdeuPuEuRTSQicC3ViUkxL/kVWoY6cHz1HuoYlxtBUDiohzOEtEg5w1A9xL
p80qPgE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org