Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/4DC66D809BE611ED940D4879C4F9AE02.roa
File: 4DC66D809BE611ED940D4879C4F9AE02.roa (raw, json)
Hash identifier: 8PebO4HRejpQBtp1BnE8WgXg31EROBCiZd2cGhrzleU=
Subject key identifier: 86:6A:33:13:5C:FF:C8:9B:62:D4:4A:B8:8C:0F:8D:00:48:98:51:D9
Certificate issuer: /CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C
Certificate serial: 04
Authority key identifier: 5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/4DC66D809BE611ED940D4879C4F9AE02.roa
Signing time: Tue 24 Jan 2023 12:54:57 +0000
ROA not before: Tue 24 Jan 2023 12:54:57 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 19625
IP address blocks: 203.11.220.0/24 maxlen: 24
203.23.160.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C
Validity
Not Before: Jan 24 12:54:57 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63cfd521-9757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:88:ce:97:cb:bf:52:49:83:c5:85:6f:66:d7:
fd:cc:32:5a:40:2b:f7:69:39:9c:60:49:e4:c1:a4:
88:c8:87:ca:e4:8e:23:98:90:2b:51:0f:57:52:c3:
51:3a:df:e5:45:c4:a8:58:6c:3e:11:7b:66:5b:e8:
ca:55:3d:4b:c2:02:20:c4:83:9b:7b:fd:8f:29:a5:
34:cd:8c:d2:cc:40:c8:de:c0:a3:60:d1:81:93:5d:
3e:e2:83:be:bf:8a:88:fa:11:31:23:6d:41:6b:e7:
2b:07:04:ac:3a:5d:41:e7:10:1f:8c:fb:bb:85:a9:
39:c6:7b:14:65:3e:5e:de:c3:f2:8c:ee:e6:bc:cd:
59:3a:b9:88:f6:88:41:e3:b9:3a:71:12:61:47:da:
93:7b:44:79:95:9f:64:bd:96:3f:96:a3:a7:02:f8:
7a:a0:01:2f:8e:46:73:34:d0:01:aa:08:ef:1d:bc:
6c:98:05:02:c6:ce:fb:6e:1d:e9:5e:9b:fc:46:01:
77:0e:94:67:b9:c2:8a:3c:93:fd:56:bb:e3:a6:4c:
14:1d:f5:aa:c1:85:17:8c:c6:d7:10:3f:9a:93:fe:
ec:da:a5:55:ff:1f:03:f0:a3:be:b8:d2:ca:5d:03:
37:e8:5e:9b:04:9a:fa:da:ab:7e:42:af:6e:b9:e9:
53:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6A:33:13:5C:FF:C8:9B:62:D4:4A:B8:8C:0F:8D:00:48:98:51:D9
X509v3 Authority Key Identifier:
keyid:5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/4DC66D809BE611ED940D4879C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.11.220.0/24
203.23.160.0/21
Signature Algorithm: sha256WithRSAEncryption
20:07:14:e5:d1:da:88:cf:3f:86:69:2d:01:42:e1:a8:3f:ab:
dc:01:8c:af:37:a1:87:2b:c7:90:be:49:6b:4b:4e:63:89:8d:
4e:0c:22:21:44:6d:bb:2f:a6:e3:df:e8:ad:36:84:75:71:18:
9e:87:c6:90:7d:d0:93:5c:dd:e2:74:02:77:e0:cf:4a:d8:e4:
1f:cb:c7:9f:cf:df:66:77:22:4b:e5:f1:39:aa:5e:cb:f1:08:
e0:71:af:47:c9:20:a8:6f:2f:bf:78:88:51:62:01:6a:c3:59:
e3:29:27:0f:c5:e8:62:22:a5:85:5b:b9:fa:38:aa:e0:ab:db:
03:ca:7c:4e:79:2f:13:9e:26:3e:50:35:53:12:12:1e:ce:10:
88:8a:2b:a9:cd:85:b4:e4:53:2c:fb:f1:34:ec:40:0d:fb:4a:
39:60:c9:9c:d5:52:a5:0c:bc:41:9e:b8:04:a8:68:d0:a2:a0:
48:e3:34:fb:67:a1:9b:81:f3:c7:e1:a4:4f:f2:71:99:78:11:
a3:14:6e:a0:59:72:b8:0f:79:ff:b1:e0:39:7c:c4:04:ad:6c:
94:ab:da:a1:32:17:b2:34:74:9a:7e:f5:75:be:37:e6:7b:92:
bb:43:3d:5d:af:67:fc:2a:b7:1c:c7:df:5f:a9:74:5c:83:f7:
f0:6e:e3:31
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NTI0MDExMC8GA1UEBRMoNUQ4OUYzQUFGOUIxM0EwN0E1QjI2NEYyREVCQTY0RDVD
NTAwNjUxQzAeFw0yMzAxMjQxMjU0NTdaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzY2ZkNTIxLTk3NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2iM6Xy79SSYPFhW9m1/3MMlpAK/dpOZxgSeTBpIjIh8rkjiOYkCtRD1dSw1E6
3+VFxKhYbD4Re2Zb6MpVPUvCAiDEg5t7/Y8ppTTNjNLMQMjewKNg0YGTXT7ig76/
ioj6ETEjbUFr5ysHBKw6XUHnEB+M+7uFqTnGexRlPl7ew/KM7ua8zVk6uYj2iEHj
uTpxEmFH2pN7RHmVn2S9lj+Wo6cC+HqgAS+ORnM00AGqCO8dvGyYBQLGzvtuHele
m/xGAXcOlGe5woo8k/1Wu+OmTBQd9arBhReMxtcQP5qT/uzapVX/HwPwo7640spd
AzfoXpsEmvraq35Cr2656VPnAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUhmozE1z/
yJti1Eq4jA+NAEiYUdkwHwYDVR0jBBgwFoAUXYnzqvmxOgelsmTy3rpk1cUAZRww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ1MjQwLzI3RERFN0Q4OUI3
RDExRURCM0MzM0Y1REM0RjlBRTAyL1hZbnpxdm14T2dlbHNtVHkzcnBrMWNVQVpS
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWFluenF2bXhPZ2Vsc21UeTNycGsxY1VBWlJ3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NTI0MC8yN0RERTdEODlCN0QxMUVEQjNDMzNGNURDNEY5QUUwMi80REM2NkQ4MDlC
RTYxMUVEOTQwRDQ4NzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAMsL3AMEA8sXoDANBgkqhkiG9w0BAQsFAAOCAQEAIAcU5dHa
iM8/hmktAULhqD+r3AGMrzehhyvHkL5Ja0tOY4mNTgwiIURtuy+m49/orTaEdXEY
nofGkH3Qk1zd4nQCd+DPStjkH8vHn8/fZnciS+XxOapey/EI4HGvR8kgqG8vv3iI
UWIBasNZ4yknD8XoYiKlhVu5+jiq4KvbA8p8TnkvE54mPlA1UxISHs4QiIorqc2F
tORTLPvxNOxADftKOWDJnNVSpQy8QZ64BKho0KKgSOM0+2ehm4Hzx+GkT/JxmXgR
oxRuoFlyuA95/7HgOXzEBK1slKvaoTIXsjR0mn71db435nuSu0M9Xa9n/Cq3HMff
X6l0XIP38G7jMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org