Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D5F5F5D4C53811ECB4EAFD1AC4F9AE02.roa
File: D5F5F5D4C53811ECB4EAFD1AC4F9AE02.roa (raw, json)
Hash identifier: sOfcVP2vkt/DhsT4np2doz/lst5f/owVPbXCUXitsqk=
Subject key identifier: 04:03:69:44:3F:A3:54:9D:75:70:BC:59:AE:56:7B:81:3C:44:EB:2C
Certificate issuer: /CN=A91F1446/serialNumber=B5D33A7A32A5082D336B6B05B7965F307470A276
Certificate serial: 03
Authority key identifier: B5:D3:3A:7A:32:A5:08:2D:33:6B:6B:05:B7:96:5F:30:74:70:A2:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tdM6ejKlCC0za2sFt5ZfMHRwonY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D5F5F5D4C53811ECB4EAFD1AC4F9AE02.roa
Signing time: Tue 26 Apr 2022 08:14:04 +0000
ROA not before: Tue 26 Apr 2022 08:14:04 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 132742
IP address blocks: 43.241.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F1446/serialNumber=B5D33A7A32A5082D336B6B05B7965F307470A276
Validity
Not Before: Apr 26 08:14:04 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=6267a9cc-ee1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:7a:a0:cf:ad:72:b4:8b:3d:c0:e9:a4:7e:
65:7f:5b:9e:62:fe:1e:5c:af:c6:f9:b6:a8:01:b4:
13:5c:65:45:44:51:28:da:aa:c3:0a:61:7c:90:39:
63:e2:c6:af:94:70:7d:d2:ba:c3:27:2a:7f:f4:fa:
ab:8e:2e:ac:7d:8e:56:c2:3c:8f:10:38:09:c0:db:
ed:78:53:43:20:78:47:e4:30:07:9b:f6:e5:96:5f:
64:3d:c0:db:fc:4d:3d:15:66:59:64:8c:38:fe:7e:
cb:3d:48:fe:ab:12:23:e4:78:8f:0a:58:e7:78:dd:
8a:db:2d:de:96:3e:7d:bd:67:3b:70:b9:58:22:88:
87:c7:f7:22:07:af:08:a4:4e:91:d4:c7:c7:c8:4f:
b7:11:01:23:0c:c8:a7:b3:7f:a3:fc:1e:b2:e6:dc:
da:6a:c4:f7:4a:de:a9:81:0d:7b:32:02:ab:f5:6e:
84:96:87:a4:f6:9d:a2:57:34:3c:be:6e:2d:6b:2b:
1b:95:9f:f6:9c:6c:a0:cc:e5:af:dd:41:0d:8a:3c:
bb:a5:21:f2:3c:3a:eb:a5:1f:bb:6c:cf:15:d4:09:
3e:d3:b7:d2:45:f6:8c:e4:ea:83:0a:65:84:47:c1:
af:b3:83:23:cc:8a:d3:46:df:7c:be:de:e6:be:d4:
03:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:03:69:44:3F:A3:54:9D:75:70:BC:59:AE:56:7B:81:3C:44:EB:2C
X509v3 Authority Key Identifier:
keyid:B5:D3:3A:7A:32:A5:08:2D:33:6B:6B:05:B7:96:5F:30:74:70:A2:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/tdM6ejKlCC0za2sFt5ZfMHRwonY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tdM6ejKlCC0za2sFt5ZfMHRwonY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1446/2A1FF56EC53511EC8E5A0313C4F9AE02/D5F5F5D4C53811ECB4EAFD1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:c9:29:3f:4c:5d:0a:8d:35:1d:f8:c6:1c:3c:3d:1f:2c:05:
2d:36:ae:b3:c6:a9:c3:99:a4:e4:1e:24:63:35:42:c4:fe:86:
e6:46:1b:0c:a4:57:f5:bf:37:0b:60:2f:03:69:14:4f:c5:97:
61:b4:33:33:0e:d8:75:83:6d:7a:63:4e:04:bc:05:49:15:99:
f2:df:ba:23:55:87:fa:c6:f5:2e:e7:94:e2:ff:b8:f0:3d:ad:
c7:eb:93:0a:bb:b0:d7:96:0a:d1:4b:06:46:77:a8:25:95:f6:
ba:00:9a:c6:8d:69:a8:44:19:89:16:1f:e7:92:f9:16:07:54:
64:cf:a1:5c:f7:d3:ff:1d:57:7f:c3:55:5c:4b:30:95:10:39:
9b:3f:6e:d4:0a:7d:c6:5e:a9:70:c3:47:1e:9b:c4:f9:01:39:
1c:80:a1:f8:56:70:ca:3f:72:99:ce:eb:f4:46:76:be:0e:7e:
03:bd:7f:ec:58:24:ea:c5:3e:43:24:a2:61:6f:44:ea:7b:11:
a1:b1:b7:2c:02:f9:69:a4:ae:f2:08:05:64:0d:48:94:ff:b5:
49:59:f6:91:2e:2d:f1:d1:b0:1e:80:ba:c4:a8:b5:ab:06:0f:
8b:59:0e:36:bf:9b:c5:40:2b:73:b1:7a:1a:4b:7d:8d:1a:6d:
fb:ba:84:16
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
MTQ0NjExMC8GA1UEBRMoQjVEMzNBN0EzMkE1MDgyRDMzNkI2QjA1Qjc5NjVGMzA3
NDcwQTI3NjAeFw0yMjA0MjYwODE0MDRaFw0yMzAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjdhOWNjLWVlMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3Znqgz61ytIs9wOmkfmV/W55i/h5cr8b5tqgBtBNcZUVEUSjaqsMKYXyQOWPi
xq+UcH3SusMnKn/0+quOLqx9jlbCPI8QOAnA2+14U0MgeEfkMAeb9uWWX2Q9wNv8
TT0VZllkjDj+fss9SP6rEiPkeI8KWOd43YrbLd6WPn29ZztwuVgiiIfH9yIHrwik
TpHUx8fIT7cRASMMyKezf6P8HrLm3NpqxPdK3qmBDXsyAqv1boSWh6T2naJXNDy+
bi1rKxuVn/acbKDM5a/dQQ2KPLulIfI8OuulH7tszxXUCT7Tt9JF9ozk6oMKZYRH
wa+zgyPMitNG33y+3ua+1AP/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBANpRD+j
VJ11cLxZrlZ7gTxE6ywwHwYDVR0jBBgwFoAUtdM6ejKlCC0za2sFt5ZfMHRwonYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxNDQ2LzJBMUZGNTZFQzUz
NTExRUM4RTVBMDMxM0M0RjlBRTAyL3RkTTZlaktsQ0MwemEyc0Z0NVpmTUhSd29u
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdGRNNmVqS2xDQzB6YTJzRnQ1WmZNSFJ3b25ZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
MTQ0Ni8yQTFGRjU2RUM1MzUxMUVDOEU1QTAzMTNDNEY5QUUwMi9ENUY1RjVENEM1
MzgxMUVDQjRFQUZEMUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAivx/DANBgkqhkiG9w0BAQsFAAOCAQEAP8kpP0xdCo01HfjG
HDw9HywFLTaus8apw5mk5B4kYzVCxP6G5kYbDKRX9b83C2AvA2kUT8WXYbQzMw7Y
dYNtemNOBLwFSRWZ8t+6I1WH+sb1LueU4v+48D2tx+uTCruw15YK0UsGRneoJZX2
ugCaxo1pqEQZiRYf55L5FgdUZM+hXPfT/x1Xf8NVXEswlRA5mz9u1Ap9xl6pcMNH
HpvE+QE5HICh+FZwyj9ymc7r9EZ2vg5+A71/7Fgk6sU+QySiYW9E6nsRobG3LAL5
aaSu8ggFZA1IlP+1SVn2kS4t8dGwHoC6xKi1qwYPi1kONr+bxUArc7F6Gkt9jRpt
+7qEFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org