Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/1308D5460BDC11EE81A2135AC4F9AE02.roa
File: 1308D5460BDC11EE81A2135AC4F9AE02.roa (raw, json)
Hash identifier: CfE24fgZx0qBiYHhh7GR4Ph7ZmZ+6DOuIgO7CrTF0OI=
Subject key identifier: C9:64:0B:36:55:80:A4:59:60:F2:33:9A:B1:2B:43:61:EF:E1:E1:65
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: C2
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/1308D5460BDC11EE81A2135AC4F9AE02.roa
Signing time: Fri 16 Jun 2023 00:23:54 +0000
ROA not before: Fri 16 Jun 2023 00:23:54 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 11938
IP address blocks: 203.33.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194 (0xc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Jun 16 00:23:54 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=648bab99-2718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:51:5c:18:a9:15:69:7d:f3:73:30:7f:7f:ac:
9a:73:bc:e3:0c:c8:60:00:a8:fe:67:1e:a9:56:4f:
d0:74:e1:5b:7e:e7:43:c3:ba:52:26:24:a5:a1:b4:
0c:a6:84:14:66:70:e6:16:ae:b2:ed:71:d7:dd:ec:
f0:73:db:e4:c9:ca:36:8e:c4:ee:3b:40:d2:97:09:
43:01:8a:e3:c0:33:0c:cf:ab:cc:d9:6c:66:09:4a:
8d:11:fa:e4:02:b4:99:1d:ce:6c:2e:6d:f2:c5:20:
78:83:1f:6b:e2:28:33:d7:99:9c:72:57:22:47:e3:
c0:3d:77:90:bf:a8:e5:ef:b1:59:28:cf:8a:f7:67:
7f:2a:75:92:70:63:7a:59:36:f5:a6:7b:b6:90:6d:
a6:78:bd:63:33:31:1e:73:ea:f2:7d:f4:b5:2c:bd:
41:64:69:62:6e:22:80:bd:a9:2d:30:c5:ee:74:3d:
dc:7b:7e:0c:cc:a8:20:2d:78:4e:c1:f6:ce:10:b5:
41:ad:1c:d0:03:71:7b:0b:b1:79:2a:9c:35:65:cd:
55:1d:be:3b:58:a2:7f:b0:0a:9e:57:47:89:be:ef:
0f:27:38:03:2c:11:13:4c:85:68:9c:aa:e8:97:b2:
e7:70:3f:4e:49:ec:94:7c:9c:13:f4:cc:9f:95:9b:
bd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:64:0B:36:55:80:A4:59:60:F2:33:9A:B1:2B:43:61:EF:E1:E1:65
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/1308D5460BDC11EE81A2135AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
06:02:7e:06:e6:88:89:a8:23:d3:d3:79:fc:e2:3b:2c:75:00:
ef:2a:47:e2:52:57:96:ce:ac:ed:a0:39:f1:2d:0d:f6:be:8e:
7b:c4:5d:ec:b5:ff:12:0f:4e:01:75:43:cb:7b:7c:d1:ff:91:
ad:a1:70:28:67:3d:4c:42:3a:8c:41:e0:60:c2:42:83:47:bf:
3d:49:44:95:4e:a2:86:9b:57:d4:75:fb:99:b9:17:4e:be:d7:
b9:4d:36:87:f0:61:9e:cc:83:24:a3:b2:e7:cb:85:c5:17:6a:
4b:65:c2:2c:61:09:5c:a1:90:6a:44:6a:fa:61:28:f6:ae:4d:
39:36:f8:f4:03:82:d9:b2:6f:54:6a:7c:e8:c9:22:18:a4:3c:
37:50:d2:57:92:54:86:cc:75:77:ff:08:ba:e0:95:a8:9a:a3:
74:eb:9a:ce:4e:24:f6:b9:10:df:eb:31:e4:0b:ca:30:f4:31:
12:1a:46:78:4b:e5:5f:7e:2d:90:ef:27:e7:33:1b:19:0e:fd:
2b:6b:f2:96:c2:88:6d:c1:65:e2:30:9a:76:55:1c:37:08:ff:
1f:5d:33:26:d5:d3:75:27:bf:3d:8f:29:23:a9:14:f9:46:e0:
a3:68:fa:02:62:53:f3:4b:63:17:4e:43:a0:55:5d:7f:80:d9:
f9:37:39:76
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAMIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMwNjE2MDAyMzU0WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDhiYWI5OS0yNzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvFFcGKkVaX3zczB/f6yac7zjDMhgAKj+Zx6pVk/QdOFbfudDw7pSJiSlobQM
poQUZnDmFq6y7XHX3ezwc9vkyco2jsTuO0DSlwlDAYrjwDMMz6vM2WxmCUqNEfrk
ArSZHc5sLm3yxSB4gx9r4igz15mcclciR+PAPXeQv6jl77FZKM+K92d/KnWScGN6
WTb1pnu2kG2meL1jMzEec+ryffS1LL1BZGlibiKAvaktMMXudD3ce34MzKggLXhO
wfbOELVBrRzQA3F7C7F5Kpw1Zc1VHb47WKJ/sAqeV0eJvu8PJzgDLBETTIVonKro
l7LncD9OSeyUfJwT9MyflZu9UQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMlkCzZV
gKRZYPIzmrErQ2Hv4eFlMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvMTMwOEQ1NDYw
QkRDMTFFRTgxQTIxMzVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe4wDQYJKoZIhvcNAQELBQADggEBAAYCfgbmiImoI9PT
efziOyx1AO8qR+JSV5bOrO2gOfEtDfa+jnvEXey1/xIPTgF1Q8t7fNH/ka2hcChn
PUxCOoxB4GDCQoNHvz1JRJVOooabV9R1+5m5F06+17lNNofwYZ7MgySjsufLhcUX
aktlwixhCVyhkGpEavphKPauTTk2+PQDgtmyb1RqfOjJIhikPDdQ0leSVIbMdXf/
CLrglaiao3Trms5OJPa5EN/rMeQLyjD0MRIaRnhL5V9+LZDvJ+czGxkO/Str8pbC
iG3BZeIwmnZVHDcI/x9dMybV03Unvz2PKSOpFPlG4KNo+gJiU/NLYxdOQ6BVXX+A
2fk3OXY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org