Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/122C7DBCD2B611EDAF6DC017C4F9AE02.roa
File: 122C7DBCD2B611EDAF6DC017C4F9AE02.roa (raw, json)
Hash identifier: 2BdYa04wRu3H3GsyM7WMJyiW32Edqcbk+DCywLpnBG8=
Subject key identifier: 14:FC:35:A2:DE:CE:7D:E6:33:0B:5A:F0:D6:66:09:B4:F4:CE:E4:5D
Certificate issuer: /CN=A91E0875/serialNumber=F973492ED646928ED1F10DE84662E5523F55CC8D
Certificate serial: 091E
Authority key identifier: F9:73:49:2E:D6:46:92:8E:D1:F1:0D:E8:46:62:E5:52:3F:55:CC:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/122C7DBCD2B611EDAF6DC017C4F9AE02.roa
Signing time: Fri 28 Apr 2023 04:18:40 +0000
ROA not before: Fri 28 Apr 2023 04:18:40 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 10204
IP address blocks: 202.6.250.0/23 maxlen: 23
202.6.250.0/24 maxlen: 24
202.6.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2334 (0x91e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0875/serialNumber=F973492ED646928ED1F10DE84662E5523F55CC8D
Validity
Not Before: Apr 28 04:18:40 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=644b4920-8aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:87:5e:da:6a:5a:1b:e8:e2:a1:40:b5:27:cd:
e1:19:33:ca:a9:34:75:5b:d7:d6:81:96:28:49:9a:
64:8f:da:5a:d4:12:e2:dc:ba:30:94:1f:bc:e7:36:
3e:65:3d:16:b5:6d:27:b0:95:d3:99:76:68:0f:0d:
9a:38:52:80:98:e8:6f:93:58:bc:75:9c:0e:40:18:
98:5b:74:37:d4:0c:3b:2b:f1:ae:7c:f3:86:b0:24:
25:49:bb:7a:34:e2:89:fe:b9:9b:34:7d:b8:ce:9c:
d8:b0:8c:99:0f:cf:fa:0a:d2:61:df:da:38:a6:90:
c8:10:6e:7e:6e:23:7c:a9:63:5e:92:65:f6:8e:99:
57:8a:b5:b5:48:22:e1:24:43:ed:dd:20:3c:a6:2c:
7a:d8:91:b6:ae:07:2e:e0:eb:f6:50:23:07:0f:16:
38:a0:d7:5e:4d:76:65:3c:de:6b:ef:46:b6:ef:e3:
8b:fb:ca:c6:36:21:91:c8:6f:77:7c:25:bc:be:d0:
4f:ed:ce:fa:9b:f5:d9:cf:e5:ca:e2:dc:f3:50:03:
d0:50:70:5b:fa:ba:62:03:4c:a7:05:70:4a:e4:e0:
ae:d4:e2:9c:25:66:54:87:2f:43:81:b3:6c:2f:e5:
34:71:aa:32:37:92:f1:3b:5f:9d:a8:2d:ae:0d:c8:
81:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:FC:35:A2:DE:CE:7D:E6:33:0B:5A:F0:D6:66:09:B4:F4:CE:E4:5D
X509v3 Authority Key Identifier:
keyid:F9:73:49:2E:D6:46:92:8E:D1:F1:0D:E8:46:62:E5:52:3F:55:CC:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/-XNJLtZGko7R8Q3oRmLlUj9VzI0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/122C7DBCD2B611EDAF6DC017C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.6.250.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:44:68:87:f8:2d:1e:8b:3f:7d:c1:b7:ff:87:b0:32:de:f4:
39:f8:73:8d:81:99:2b:a4:6c:3f:72:27:45:da:bd:ba:dc:a9:
0c:2b:97:48:0b:5e:3a:bc:ce:7b:23:2c:98:2e:51:ce:6d:f4:
17:47:0b:d1:b3:48:d6:69:02:59:67:67:4e:90:80:b9:57:97:
eb:83:1c:b7:45:70:ef:ca:8a:99:0c:39:8b:6c:3f:9a:d9:61:
7f:78:e8:b5:78:98:03:45:96:ef:68:d4:b4:e9:63:ea:cf:fc:
65:b2:3d:a8:1c:1a:75:e9:29:09:6e:73:91:8d:fa:35:80:b2:
5b:c1:2f:54:63:f2:3b:cd:39:fe:6e:a0:11:90:0e:60:da:d0:
20:8e:e1:52:88:6f:d7:0e:7e:57:bb:f9:dc:8f:ab:7c:19:bd:
96:96:7f:8d:1d:a5:90:b1:8e:9d:00:8b:39:22:72:9d:c8:39:
ac:fb:f8:1e:9d:b5:49:a6:53:b3:a2:77:29:6a:a9:4a:84:6b:
89:30:06:b9:03:99:2c:78:27:cc:c1:ad:01:02:e3:61:e7:3c:
f9:16:0c:c0:51:ab:2f:5e:98:46:8a:f8:d3:c4:bc:fb:e1:03:
7a:a6:32:79:3a:a0:39:f5:ae:25:79:06:30:45:ce:82:bf:7f:
4d:ba:25:ac
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTA4NzUxMTAvBgNVBAUTKEY5NzM0OTJFRDY0NjkyOEVEMUYxMERFODQ2NjJFNTUy
M0Y1NUNDOEQwHhcNMjMwNDI4MDQxODQwWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDRiNDkyMC04YWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv4de2mpaG+jioUC1J83hGTPKqTR1W9fWgZYoSZpkj9pa1BLi3LowlB+85zY+
ZT0WtW0nsJXTmXZoDw2aOFKAmOhvk1i8dZwOQBiYW3Q31Aw7K/GufPOGsCQlSbt6
NOKJ/rmbNH24zpzYsIyZD8/6CtJh39o4ppDIEG5+biN8qWNekmX2jplXirW1SCLh
JEPt3SA8pix62JG2rgcu4Ov2UCMHDxY4oNdeTXZlPN5r70a27+OL+8rGNiGRyG93
fCW8vtBP7c76m/XZz+XK4tzzUAPQUHBb+rpiA0ynBXBK5OCu1OKcJWZUhy9DgbNs
L+U0caoyN5LxO1+dqC2uDciBMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBT8NaLe
zn3mMwta8NZmCbT0zuRdMB8GA1UdIwQYMBaAFPlzSS7WRpKO0fEN6EZi5VI/VcyN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDg3NS82RDkxQUFCQzU5
MzExMUVBQUEzMUI0MEFDNEY5QUUwMi8tWE5KTHRaR2tvN1I4UTNvUm1MbFVqOVZ6
STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1YTkpMdFpHa283UjhRM29SbUxsVWo5VnpJMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTA4NzUvNkQ5MUFBQkM1OTMxMTFFQUFBMzFCNDBBQzRGOUFFMDIvMTIyQzdEQkNE
MkI2MTFFREFGNkRDMDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHKBvowDQYJKoZIhvcNAQELBQADggEBADtEaIf4LR6LP33B
t/+HsDLe9Dn4c42BmSukbD9yJ0XavbrcqQwrl0gLXjq8znsjLJguUc5t9BdHC9Gz
SNZpAllnZ06QgLlXl+uDHLdFcO/KipkMOYtsP5rZYX946LV4mANFlu9o1LTpY+rP
/GWyPagcGnXpKQluc5GN+jWAslvBL1Rj8jvNOf5uoBGQDmDa0CCO4VKIb9cOfle7
+dyPq3wZvZaWf40dpZCxjp0Aizkicp3IOaz7+B6dtUmmU7OidylqqUqEa4kwBrkD
mSx4J8zBrQEC42HnPPkWDMBRqy9emEaK+NPEvPvhA3qmMnk6oDn1riV5BjBFzoK/
f026Jaw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org