Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/05A8E0F29AE711EBAB07485EC4F9AE02.roa
File: 05A8E0F29AE711EBAB07485EC4F9AE02.roa (raw, json)
Hash identifier: cZaTRPsaMIP/1Eb4zlCZSy0FtDM71p5yVnj/VzP0zw8=
Subject key identifier: FD:6F:5E:EA:93:B2:D3:22:22:93:7C:EA:9E:35:41:B9:E6:01:23:D0
Certificate issuer: /CN=A91F6D91/serialNumber=F6718A5E5E42D08E253A2FB300FF09C3F5351D32
Certificate serial: 02
Authority key identifier: F6:71:8A:5E:5E:42:D0:8E:25:3A:2F:B3:00:FF:09:C3:F5:35:1D:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/05A8E0F29AE711EBAB07485EC4F9AE02.roa
Signing time: Sun 11 Apr 2021 16:57:39 +0000
ROA not before: Sun 11 Apr 2021 16:57:39 +0000
ROA not after: Wed 02 Mar 2022 00:00:00 +0000
asID: 14618
IP address blocks: 203.175.0.0/24 maxlen: 24
203.175.1.0/24 maxlen: 24
203.175.2.0/24 maxlen: 24
203.175.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6D91/serialNumber=F6718A5E5E42D08E253A2FB300FF09C3F5351D32
Validity
Not Before: Apr 11 16:57:39 2021 GMT
Not After : Mar 2 00:00:00 2022 GMT
Subject: CN=60732a83-1154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0e:d5:02:17:bd:22:67:ea:f7:e6:4a:0e:9b:
61:39:10:64:93:d6:ed:8a:b4:77:8b:d1:62:02:f5:
51:6f:89:0b:19:d8:19:29:6f:4b:b7:84:44:79:e2:
f0:d6:42:c4:35:74:f0:bd:d4:17:f3:d0:35:26:49:
de:75:d6:48:50:71:07:66:67:83:2e:e1:6b:12:46:
c8:56:e6:f3:c0:67:9e:a1:bf:f8:e6:a2:d6:42:0c:
eb:de:b0:ce:02:0f:bd:35:03:0a:e9:8f:9f:fa:4a:
a1:0b:31:b1:a8:ed:97:da:33:5b:30:5c:a5:a6:30:
1e:d7:f8:45:59:a9:c4:a2:42:c8:ef:fe:35:74:3a:
4b:3b:c0:5d:db:50:07:4e:a7:bc:75:32:2c:da:a7:
4a:4d:8c:fd:37:53:56:cb:e2:6d:e0:fb:28:e1:3e:
6b:76:e8:a0:90:9c:6e:fa:e8:6a:e6:b6:7e:81:cc:
6b:d8:e9:60:2a:9e:19:b3:10:c2:c5:dc:44:55:fe:
4a:b3:e5:51:e7:57:47:c4:04:e5:5c:9e:b1:e6:1d:
40:e9:9a:aa:c0:da:c6:37:f4:ad:bf:be:8d:bd:d1:
f0:de:cb:76:2a:df:86:87:ce:83:a8:04:22:09:60:
88:c6:ed:a5:79:a7:f2:6f:5f:14:b3:27:06:0c:47:
8d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:6F:5E:EA:93:B2:D3:22:22:93:7C:EA:9E:35:41:B9:E6:01:23:D0
X509v3 Authority Key Identifier:
keyid:F6:71:8A:5E:5E:42:D0:8E:25:3A:2F:B3:00:FF:09:C3:F5:35:1D:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/05A8E0F29AE711EBAB07485EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.175.0.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:65:70:c0:b0:ff:b7:ca:d9:ba:85:3a:ae:53:ad:f1:7f:2f:
1d:4c:3e:9b:69:07:b2:81:2b:87:2f:7d:05:ac:97:f7:6d:64:
1e:76:59:6a:ce:ca:47:c1:4e:8a:4b:a5:17:12:ea:05:dc:d6:
05:b0:6e:5b:03:94:19:75:da:d4:37:ab:c0:e3:ae:00:66:40:
8a:54:e6:05:4b:79:79:2d:38:36:14:e3:5a:e8:82:83:64:9c:
7c:b0:c0:f7:1e:c9:8f:b6:15:c9:fa:5f:b8:28:eb:39:5f:da:
3f:87:f7:4a:cf:0d:36:ab:71:0d:d2:d6:4d:3c:d4:db:d8:42:
48:c5:e2:81:0e:e5:39:51:e8:19:e7:c4:1d:7b:8c:15:f1:8f:
97:26:08:ff:49:72:78:25:2a:03:56:2e:9a:86:73:cd:7b:47:
6e:8f:51:fd:93:9a:c5:91:81:3b:3c:35:88:a2:0c:08:42:51:
d7:33:00:63:ca:83:d8:77:12:b5:2c:21:bb:e0:7e:5c:ef:e5:
01:24:41:78:69:14:d6:a0:b6:fe:73:17:14:bc:6d:b7:73:60:
1b:71:4c:30:82:cb:70:44:be:a5:6c:be:b9:86:78:05:90:15:
47:57:b8:a6:eb:4c:f2:b2:3e:65:41:88:26:e7:c8:66:9e:b7:
c0:0b:82:d5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NkQ5MTExMC8GA1UEBRMoRjY3MThBNUU1RTQyRDA4RTI1M0EyRkIzMDBGRjA5QzNG
NTM1MUQzMjAeFw0yMTA0MTExNjU3MzlaFw0yMjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYwNzMyYTgzLTExNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzDtUCF70iZ+r35koOm2E5EGST1u2KtHeL0WIC9VFviQsZ2Bkpb0u3hER54vDW
QsQ1dPC91Bfz0DUmSd511khQcQdmZ4Mu4WsSRshW5vPAZ56hv/jmotZCDOvesM4C
D701Awrpj5/6SqELMbGo7ZfaM1swXKWmMB7X+EVZqcSiQsjv/jV0Oks7wF3bUAdO
p7x1Mizap0pNjP03U1bL4m3g+yjhPmt26KCQnG766Grmtn6BzGvY6WAqnhmzEMLF
3ERV/kqz5VHnV0fEBOVcnrHmHUDpmqrA2sY39K2/vo290fDey3Yq34aHzoOoBCIJ
YIjG7aV5p/JvXxSzJwYMR41DAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU/W9e6pOy
0yIik3zqnjVBueYBI9AwHwYDVR0jBBgwFoAU9nGKXl5C0I4lOi+zAP8Jw/U1HTIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY2RDkxL0U1MTdGMkI2OUFF
NTExRUI4MzdGMTM1RUM0RjlBRTAyLzluR0tYbDVDMEk0bE9pLXpBUDhKd19VMUhU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOW5HS1hsNUMwSTRsT2ktekFQOEp3X1UxSFRJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NkQ5MS9FNTE3RjJCNjlBRTUxMUVCODM3RjEzNUVDNEY5QUUwMi8wNUE4RTBGMjlB
RTcxMUVCQUIwNzQ4NUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsuvADANBgkqhkiG9w0BAQsFAAOCAQEAumVwwLD/t8rZuoU6
rlOt8X8vHUw+m2kHsoErhy99BayX921kHnZZas7KR8FOikulFxLqBdzWBbBuWwOU
GXXa1DerwOOuAGZAilTmBUt5eS04NhTjWuiCg2ScfLDA9x7Jj7YVyfpfuCjrOV/a
P4f3Ss8NNqtxDdLWTTzU29hCSMXigQ7lOVHoGefEHXuMFfGPlyYI/0lyeCUqA1Yu
moZzzXtHbo9R/ZOaxZGBOzw1iKIMCEJR1zMAY8qD2HcStSwhu+B+XO/lASRBeGkU
1qC2/nMXFLxtt3NgG3FMMILLcES+pWy+uYZ4BZAVR1e4putM8rI+ZUGIJufIZp63
wAuC1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:51 2024 by rpki-client on console-fra.rpki-client.org