Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/1E9B0F4A045311EE8421CF47C4F9AE02.roa
File: 1E9B0F4A045311EE8421CF47C4F9AE02.roa (raw, json)
Hash identifier: F+hJMjgkQu9iTLLyzIZhqT7Ra4Zwkl3+q3fEtjh18Yw=
Subject key identifier: 6E:D2:E7:9F:59:1F:00:D2:85:C0:A9:D8:BC:98:24:45:77:8A:C5:54
Certificate issuer: /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial: BB
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/1E9B0F4A045311EE8421CF47C4F9AE02.roa
Signing time: Tue 06 Jun 2023 10:15:54 +0000
ROA not before: Tue 06 Jun 2023 10:15:54 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 43072
IP address blocks: 203.33.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187 (0xbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Validity
Not Before: Jun 6 10:15:54 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=647f075a-af89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:50:ec:ca:1c:f8:7d:ba:d3:7c:dd:5f:47:ef:
0c:65:be:a4:f9:98:d6:40:92:9a:67:e8:df:60:39:
c1:56:81:61:55:03:90:25:95:33:7f:5a:61:91:03:
09:a8:18:d0:4d:11:27:c7:8f:e5:40:2c:9a:2f:9c:
8d:60:ea:c1:47:d3:47:af:ea:88:80:10:12:3f:3d:
81:69:6f:cb:dc:1c:46:69:e2:e1:5f:c4:25:8d:63:
17:86:23:39:59:cd:fb:de:28:b5:58:8b:04:f9:a6:
93:76:d4:db:10:92:97:f5:25:dd:62:02:f0:a1:d9:
f2:30:ba:4e:41:95:1f:01:92:90:ec:25:01:82:cd:
48:d0:68:55:17:ea:4a:3b:63:06:fe:70:47:89:e9:
55:0d:47:77:4e:62:04:42:a7:02:c1:d2:f4:93:86:
39:88:2e:07:c3:a8:0e:fa:4f:ff:e2:40:5d:76:be:
40:21:92:ec:ae:77:d5:10:3b:77:d8:25:18:0d:76:
e9:a2:71:36:75:13:90:98:bb:0c:b0:4b:29:ab:c2:
50:7a:66:d8:42:3c:2c:31:13:a6:7a:0f:62:d6:8c:
a0:56:e1:f9:ea:56:2a:07:f9:44:04:2b:af:58:3f:
4e:86:e4:07:c1:b7:cf:83:57:11:a3:4d:70:d6:01:
08:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D2:E7:9F:59:1F:00:D2:85:C0:A9:D8:BC:98:24:45:77:8A:C5:54
X509v3 Authority Key Identifier:
keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/1E9B0F4A045311EE8421CF47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.33.238.0/24
Signature Algorithm: sha256WithRSAEncryption
34:75:03:1a:52:aa:8d:e7:4c:ba:fa:65:97:4b:e2:54:10:6b:
3f:d4:40:bc:5b:83:8b:ac:81:1c:ac:c0:91:71:ae:c4:fc:a0:
7b:ad:32:e3:09:a9:ab:7a:44:ef:ef:71:fa:f2:19:49:4c:45:
bf:ed:34:1b:28:18:a8:87:48:27:1b:41:de:4f:4c:26:12:6a:
1a:35:36:7e:a1:6c:de:3e:f9:ac:b1:53:d4:61:3e:e3:f5:4f:
c8:f6:3c:0f:01:1a:d8:57:6a:c6:4f:f9:85:0e:18:ba:e3:5d:
ac:af:c4:a1:d4:ce:26:c1:80:8a:4c:ad:e2:fa:26:4a:81:b6:
46:ce:67:c9:71:c0:79:b2:f1:07:32:74:be:20:f9:28:40:79:
d4:af:a7:e0:7d:43:9b:3e:d8:95:19:56:83:7b:83:8f:14:93:
aa:15:b8:19:cc:e7:da:29:fd:c5:ed:89:93:24:24:f8:3a:cf:
61:ea:f6:d3:87:80:b2:69:d2:a9:1a:e4:57:08:f1:4b:fb:35:
d2:41:ca:0f:29:42:2e:0e:bc:ac:4c:b0:9d:4c:ea:9e:78:75:
6d:94:b8:d1:7f:61:e8:be:ce:09:c5:78:ee:f9:d1:d7:37:f6:
b7:6b:cc:07:26:b1:7b:38:4a:bb:04:bb:cb:a0:c5:a7:f2:d1:
99:24:da:28
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMwNjA2MTAxNTU0WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmMDc1YS1hZjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6lDsyhz4fbrTfN1fR+8MZb6k+ZjWQJKaZ+jfYDnBVoFhVQOQJZUzf1phkQMJ
qBjQTREnx4/lQCyaL5yNYOrBR9NHr+qIgBASPz2BaW/L3BxGaeLhX8QljWMXhiM5
Wc373ii1WIsE+aaTdtTbEJKX9SXdYgLwodnyMLpOQZUfAZKQ7CUBgs1I0GhVF+pK
O2MG/nBHielVDUd3TmIEQqcCwdL0k4Y5iC4Hw6gO+k//4kBddr5AIZLsrnfVEDt3
2CUYDXbponE2dROQmLsMsEspq8JQembYQjwsMROmeg9i1oygVuH56lYqB/lEBCuv
WD9OhuQHwbfPg1cRo01w1gEItQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG7S559Z
HwDShcCp2LyYJEV3isVUMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvMUU5QjBGNEEw
NDUzMTFFRTg0MjFDRjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIe4wDQYJKoZIhvcNAQELBQADggEBADR1AxpSqo3nTLr6
ZZdL4lQQaz/UQLxbg4usgRyswJFxrsT8oHutMuMJqat6RO/vcfryGUlMRb/tNBso
GKiHSCcbQd5PTCYSaho1Nn6hbN4++ayxU9RhPuP1T8j2PA8BGthXasZP+YUOGLrj
XayvxKHUzibBgIpMreL6JkqBtkbOZ8lxwHmy8QcydL4g+ShAedSvp+B9Q5s+2JUZ
VoN7g48Uk6oVuBnM59op/cXtiZMkJPg6z2Hq9tOHgLJp0qka5FcI8Uv7NdJByg8p
Qi4OvKxMsJ1M6p54dW2UuNF/Yei+zgnFeO750dc39rdrzAcmsXs4SrsEu8ugxafy
0Zkk2ig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org