Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/2952A282737F11E88D904929C4F9AE02.roa
File: 2952A282737F11E88D904929C4F9AE02.roa (raw, json)
Hash identifier: bUltF9zQrt/2EGOGJiKyHjbj/Sx+9/QNRZXwtfoYwMA=
Subject key identifier: 9B:83:6B:29:3E:AA:F7:1E:BD:DB:B6:5B:96:0C:E0:42:2B:BF:B7:14
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2401
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/2952A282737F11E88D904929C4F9AE02.roa
Signing time: Fri 31 Dec 2021 04:32:39 +0000
ROA not before: Fri 31 Dec 2021 04:32:39 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 38444
IP address blocks: 49.229.0.0/23 maxlen: 23
49.229.2.0/23 maxlen: 23
110.49.0.0/16 maxlen: 16
110.49.128.0/17 maxlen: 24
119.31.0.0/17 maxlen: 24
202.149.24.0/21 maxlen: 24
2001:44c8:a000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9217 (0x2401)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Validity
Not Before: Dec 31 04:32:39 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61ce87e6-9dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e7:1c:f1:74:cc:d7:62:64:ea:8f:db:8d:de:
fc:86:c5:36:fd:18:e9:9d:3d:6c:64:86:84:1f:e3:
c4:6c:30:63:17:0e:01:26:50:47:15:33:12:2f:fb:
c9:b8:c3:f3:b6:b0:a0:ba:ba:ce:56:8a:2d:45:f5:
fc:55:9d:28:ea:3b:13:7a:1f:13:fc:c0:b9:cb:1b:
40:b7:2c:c7:63:f3:bf:5d:15:87:b0:6c:65:d6:d9:
5a:22:fc:5e:6f:a7:21:3e:e7:b0:75:a5:88:68:85:
b7:a6:cd:d0:a6:89:27:1b:7d:49:2e:0d:09:e9:b6:
2d:19:ac:ec:c3:4c:da:32:6a:b9:1d:20:9a:bd:52:
c7:3d:ec:94:c2:58:08:5c:97:7a:11:a0:ae:dc:9a:
c4:bd:51:56:50:51:45:a5:a0:e8:04:3a:b0:29:9d:
fa:ce:05:a2:7e:fc:15:3a:ae:74:18:29:58:d7:67:
3f:f3:d8:d0:88:7f:e3:9d:21:cc:22:81:b0:64:52:
8c:90:be:e6:ea:de:84:81:8a:1f:83:e7:96:ea:2b:
0e:3a:c3:0d:db:39:cf:87:bb:32:f1:48:b2:76:7b:
e7:d8:9c:6e:ba:8c:99:86:cb:65:ab:d1:1a:aa:62:
cc:a9:43:9f:83:be:de:45:05:5d:b0:16:e8:fd:22:
83:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:83:6B:29:3E:AA:F7:1E:BD:DB:B6:5B:96:0C:E0:42:2B:BF:B7:14
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/2952A282737F11E88D904929C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.229.0.0/22
110.49.0.0/16
119.31.0.0/17
202.149.24.0/21
IPv6:
2001:44c8:a000::/36
Signature Algorithm: sha256WithRSAEncryption
1c:8d:e2:3d:de:0d:70:6f:54:2b:ef:5a:41:59:e0:4b:31:fb:
8e:b2:6c:5b:9c:90:0f:f1:db:5a:c8:8d:3f:4d:10:e7:d8:5e:
36:be:cd:38:da:3c:ca:fc:fa:37:78:54:a2:09:a7:0b:0a:b2:
79:af:81:67:ad:c1:3f:39:a7:fb:2c:17:55:92:17:1c:13:3c:
b9:d8:e6:0f:6e:dc:36:22:da:c4:45:e9:18:0b:8c:47:28:fa:
8b:c6:60:72:ea:5b:d0:99:b9:de:11:64:a1:42:bb:f6:95:9e:
7b:2b:06:b5:8c:7b:cc:85:d9:9a:6c:83:93:d5:8c:bd:35:c7:
8a:a4:05:2c:1a:07:75:0f:5b:c6:99:bb:e1:35:b8:8c:ad:ea:
36:a8:02:06:d9:0d:62:ef:86:9e:7b:59:17:43:ef:98:3d:7b:
37:f2:36:ee:39:76:95:17:fc:0e:99:a2:2e:4b:d2:9e:12:aa:
b3:60:84:85:79:0a:2b:fc:28:ce:0c:8b:35:75:76:de:72:f4:
13:bf:f6:e7:c8:0b:9d:78:e8:b1:62:d7:43:93:54:e6:bd:3a:
1c:40:2b:a3:7a:97:90:5b:8f:e5:72:2b:1b:fb:49:af:bc:2b:
ff:08:2f:50:2d:a6:e3:85:88:e9:67:84:79:86:92:dc:a1:20:
b8:cc:5a:a6
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICJAEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjExMjMxMDQzMjM5WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWNlODdlNi05ZGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ecc8XTM12Jk6o/bjd78hsU2/RjpnT1sZIaEH+PEbDBjFw4BJlBHFTMSL/vJ
uMPztrCgurrOVootRfX8VZ0o6jsTeh8T/MC5yxtAtyzHY/O/XRWHsGxl1tlaIvxe
b6chPuewdaWIaIW3ps3QpoknG31JLg0J6bYtGazsw0zaMmq5HSCavVLHPeyUwlgI
XJd6EaCu3JrEvVFWUFFFpaDoBDqwKZ36zgWifvwVOq50GClY12c/89jQiH/jnSHM
IoGwZFKMkL7m6t6EgYofg+eW6isOOsMN2znPh7sy8Uiydnvn2JxuuoyZhstlq9Ea
qmLMqUOfg77eRQVdsBbo/SKD7wIDAQABo4ICtjCCArIwHQYDVR0OBBYEFJuDayk+
qvcevdu2W5YM4EIrv7cUMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvMjk1MkEyODI3
MzdGMTFFODhEOTA0OTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB0EAgABMBcDBAIx5QADAwBuMQMEB3cfAAMEA8qVGDAOBAIAAjAIAwYEIAFE
yKAwDQYJKoZIhvcNAQELBQADggEBAByN4j3eDXBvVCvvWkFZ4Esx+46ybFuckA/x
21rIjT9NEOfYXja+zTjaPMr8+jd4VKIJpwsKsnmvgWetwT85p/ssF1WSFxwTPLnY
5g9u3DYi2sRF6RgLjEco+ovGYHLqW9CZud4RZKFCu/aVnnsrBrWMe8yF2Zpsg5PV
jL01x4qkBSwaB3UPW8aZu+E1uIyt6jaoAgbZDWLvhp57WRdD75g9ezfyNu45dpUX
/A6Zoi5L0p4SqrNghIV5Civ8KM4MizV1dt5y9BO/9ufIC5146LFi10OTVOa9OhxA
K6N6l5Bbj+VyKxv7Sa+8K/8IL1AtpuOFiOlnhHmGktyhILjMWqY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:34 2023 by rpki-client on console-ams.rpki-client.org