Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/0E883BF0D8C011ED9388CE23C4F9AE02.roa
File: 0E883BF0D8C011ED9388CE23C4F9AE02.roa (raw, json)
Hash identifier: UUV9xGPzmkkrFMQQIp8Gnf8By1BNjPdmRdG+gnGM4vk=
Subject key identifier: 77:32:8B:DE:9A:D3:50:09:F5:7A:86:80:68:67:40:41:B8:DB:89:0B
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: 9B
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/0E883BF0D8C011ED9388CE23C4F9AE02.roa
Signing time: Tue 11 Apr 2023 23:24:51 +0000
ROA not before: Tue 11 Apr 2023 23:24:51 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 211826
IP address blocks: 203.33.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155 (0x9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Apr 11 23:24:51 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6435ec43-5749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:aa:7b:fd:5c:e3:07:1f:ef:7f:c5:4e:cb:47:
5f:15:5b:ee:48:33:bb:16:c5:bd:70:b2:a2:54:a4:
f7:0d:86:b2:5b:2e:c6:8f:c0:ed:f1:30:4a:52:d7:
4d:8b:51:62:64:ed:50:d0:9b:e8:f3:b3:ef:bd:84:
af:19:0a:c5:48:c0:3e:42:c2:a9:ec:30:17:d8:b8:
be:9f:1f:7e:47:fe:70:6c:13:70:1c:ee:f9:5d:0b:
78:6b:cc:39:f9:6c:2f:fd:5f:68:4b:d8:8b:12:a8:
87:85:10:79:04:d7:15:9d:c8:ab:ec:b2:cb:04:98:
c9:9d:e5:43:e6:13:c3:f4:9b:d7:07:fe:f3:e9:10:
13:9a:1e:37:55:66:9c:b8:b9:fc:4c:37:37:71:b0:
c1:c8:31:55:cf:12:d1:90:47:32:68:75:e1:89:51:
51:96:e5:cc:db:f9:5d:af:a4:99:5c:85:27:64:c1:
e4:ba:80:a3:b2:9d:91:1d:41:ea:88:fa:3d:5c:96:
aa:a7:32:4c:3f:8b:a5:3d:14:8b:ed:a5:65:29:1c:
32:6e:f7:69:b5:d4:6f:da:b3:f6:c4:2b:1e:87:bc:
8d:78:0c:ca:4b:58:82:52:dd:de:29:d3:de:d9:fc:
c2:58:fe:e9:54:2b:5f:1b:51:bd:cc:a2:e9:67:68:
76:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:32:8B:DE:9A:D3:50:09:F5:7A:86:80:68:67:40:41:B8:DB:89:0B
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/0E883BF0D8C011ED9388CE23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
67:1c:8a:90:11:b1:b9:e5:a1:b9:d0:0a:09:96:e1:fd:d6:f6:
4b:90:36:e4:fa:28:5a:c3:d9:6b:0c:3b:47:58:34:e5:fb:17:
8b:5e:17:fb:48:2d:39:e2:0d:98:38:8b:2f:2c:05:12:cd:af:
59:4a:4b:b4:23:58:3a:51:0e:f0:99:25:08:71:4f:8f:3f:d6:
aa:11:48:70:6a:2e:e6:60:87:e9:86:8d:1b:83:47:00:7f:cc:
aa:9f:23:bf:87:d7:dd:63:a7:27:f5:eb:ae:d4:af:48:c4:aa:
9a:66:52:5f:df:b8:bd:91:aa:16:b3:c9:5d:8c:c4:1e:a6:a4:
df:88:34:08:e8:2d:64:c0:28:42:7a:3b:2c:93:62:5e:05:88:
6e:97:2b:ff:ec:8d:91:c9:32:93:71:09:4f:86:c7:80:9c:78:
a9:11:bf:ba:56:d1:f8:3b:71:3d:41:23:e3:5e:01:7b:b8:06:
1e:e2:9f:72:5d:7a:b3:41:c9:97:29:27:b9:f1:b2:7d:17:ef:
9f:a1:e2:64:70:b2:41:a8:02:16:c7:e4:1e:b0:65:2b:18:d4:
7d:a6:71:b9:5d:26:78:c5:77:64:fa:c0:8b:51:89:f2:7f:39:
fa:d7:df:73:4a:4b:d8:2d:67:db:14:b9:25:f1:38:e5:d0:d5:
e1:03:1a:b8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMwNDExMjMyNDUxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM1ZWM0My01NzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3qp7/VzjBx/vf8VOy0dfFVvuSDO7FsW9cLKiVKT3DYayWy7Gj8Dt8TBKUtdN
i1FiZO1Q0Jvo87PvvYSvGQrFSMA+QsKp7DAX2Li+nx9+R/5wbBNwHO75XQt4a8w5
+Wwv/V9oS9iLEqiHhRB5BNcVncir7LLLBJjJneVD5hPD9JvXB/7z6RATmh43VWac
uLn8TDc3cbDByDFVzxLRkEcyaHXhiVFRluXM2/ldr6SZXIUnZMHkuoCjsp2RHUHq
iPo9XJaqpzJMP4ulPRSL7aVlKRwybvdptdRv2rP2xCseh7yNeAzKS1iCUt3eKdPe
2fzCWP7pVCtfG1G9zKLpZ2h2vwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHcyi96a
01AJ9XqGgGhnQEG424kLMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvMEU4ODNCRjBE
OEMwMTFFRDkzODhDRTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe4wDQYJKoZIhvcNAQELBQADggEBAGccipARsbnlobnQ
CgmW4f3W9kuQNuT6KFrD2WsMO0dYNOX7F4teF/tILTniDZg4iy8sBRLNr1lKS7Qj
WDpRDvCZJQhxT48/1qoRSHBqLuZgh+mGjRuDRwB/zKqfI7+H191jpyf1667Ur0jE
qppmUl/fuL2RqhazyV2MxB6mpN+INAjoLWTAKEJ6OyyTYl4FiG6XK//sjZHJMpNx
CU+Gx4CceKkRv7pW0fg7cT1BI+NeAXu4Bh7in3JderNByZcpJ7nxsn0X75+h4mRw
skGoAhbH5B6wZSsY1H2mcbldJnjFd2T6wItRifJ/OfrX33NKS9gtZ9sUuSXxOOXQ
1eEDGrg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org