Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/22C77D1E9F3811ECBB84BD76C4F9AE02.roa
File: 22C77D1E9F3811ECBB84BD76C4F9AE02.roa (raw, json)
Hash identifier: Z5rrAmmIgN9FCL2PhkYFI3kU+h0wFLBZHtohUCkWu8k=
Subject key identifier: 40:D1:AA:02:3A:6E:06:A6:92:EC:36:33:3C:2F:96:AE:02:54:76:3C
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 02
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/22C77D1E9F3811ECBB84BD76C4F9AE02.roa
Signing time: Tue 08 Mar 2022 23:33:19 +0000
ROA not before: Tue 08 Mar 2022 23:33:19 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 45461
IP address blocks: 113.20.32.0/20 maxlen: 24
113.20.48.0/20 maxlen: 24
223.29.160.0/20 maxlen: 24
2403:200::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Validity
Not Before: Mar 8 23:33:19 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=6227e7bf-5dee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e4:b6:e8:3e:14:e4:97:01:a4:0f:b3:5d:65:
31:fe:fa:b1:21:e8:2d:96:f3:d3:57:84:a4:75:5f:
5c:66:35:fb:0c:fd:6d:8d:79:ba:50:36:11:3e:56:
ca:7a:18:a4:48:bc:8c:03:bf:59:7b:c2:45:9b:06:
45:db:24:07:bf:33:48:62:6c:e6:73:ab:49:4a:ee:
e6:d3:f9:c8:4a:32:dc:38:b8:fc:f4:97:0a:df:ca:
ae:ae:5e:b8:cd:19:09:93:e5:35:cb:ca:75:0f:51:
1c:60:a3:36:a0:0f:21:b3:99:23:19:d3:3c:fa:a6:
f1:00:fb:95:a7:7c:e6:81:4a:02:a5:5d:53:64:2a:
7f:e0:8d:3f:15:62:46:2f:3a:e9:d8:cd:c8:7f:f1:
c4:1a:3d:dd:6c:49:fe:2f:91:6b:b6:7c:81:05:e7:
a6:11:9c:d8:46:92:14:f7:20:40:05:3c:34:30:99:
4b:3d:eb:6b:a9:7c:70:08:12:9f:c2:c3:89:9d:05:
bd:2a:77:bb:29:dc:06:19:66:9b:6a:0c:08:51:f6:
79:45:37:35:e7:ad:77:f9:ee:19:c5:6c:22:22:10:
ca:8c:f8:85:06:c9:83:25:f3:a0:0b:0b:2e:d9:ab:
f6:ec:56:f3:8d:ad:e1:76:ae:a0:7e:a3:de:2d:37:
a3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D1:AA:02:3A:6E:06:A6:92:EC:36:33:3C:2F:96:AE:02:54:76:3C
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/22C77D1E9F3811ECBB84BD76C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.20.32.0/19
223.29.160.0/20
IPv6:
2403:200::/32
Signature Algorithm: sha256WithRSAEncryption
97:6b:85:2a:10:34:a5:ec:9b:fc:7f:5c:3c:36:a3:31:27:3f:
a1:e4:dd:5c:17:b1:c3:56:91:1f:46:b6:1a:2f:49:ed:82:42:
46:90:e5:a6:20:d6:19:4c:54:2b:07:37:9d:8f:06:bc:ed:94:
60:26:83:4a:de:d2:6e:74:ba:52:59:3b:cc:52:39:6c:18:df:
29:91:07:93:de:a5:ba:87:10:39:fc:6b:b6:27:0a:73:25:b4:
93:66:d6:96:3a:65:52:ed:f2:f1:b0:c3:c8:da:12:02:b1:1f:
61:b7:42:43:94:8f:a1:ea:1e:c2:49:11:b4:15:2d:6e:16:39:
7b:83:ae:14:13:83:e0:74:b4:08:75:62:90:43:c2:9a:b6:bd:
c3:d0:e5:90:aa:00:80:89:4f:d6:f7:8f:a7:90:01:81:44:53:
06:f6:91:10:7c:63:a2:cf:0a:d9:86:22:33:fb:6c:57:8e:46:
2e:bc:46:fb:d4:33:d4:a4:f1:dd:93:ad:20:52:9d:03:b2:86:
f1:41:ca:44:65:b3:36:73:38:f2:f7:7f:85:c3:af:9d:0c:63:
e4:e9:cf:4b:2f:bc:75:58:13:c7:dd:fc:0c:80:f7:65:74:44:
c8:28:85:f9:c9:e1:89:e6:72:84:32:aa:e3:a7:e7:73:ac:79:
da:93:c3:8e
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RkM3MzExMC8GA1UEBRMoQ0VFNDE2MDFFRUE5RjUxQjM1MjVEQTU1REQ0QUM5NUNF
RkFGNUFCQzAeFw0yMjAzMDgyMzMzMTlaFw0yMjEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMjdlN2JmLTVkZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDL5LboPhTklwGkD7NdZTH++rEh6C2W89NXhKR1X1xmNfsM/W2NebpQNhE+Vsp6
GKRIvIwDv1l7wkWbBkXbJAe/M0hibOZzq0lK7ubT+chKMtw4uPz0lwrfyq6uXrjN
GQmT5TXLynUPURxgozagDyGzmSMZ0zz6pvEA+5WnfOaBSgKlXVNkKn/gjT8VYkYv
OunYzch/8cQaPd1sSf4vkWu2fIEF56YRnNhGkhT3IEAFPDQwmUs962upfHAIEp/C
w4mdBb0qd7sp3AYZZptqDAhR9nlFNzXnrXf57hnFbCIiEMqM+IUGyYMl86ALCy7Z
q/bsVvONreF2rqB+o94tN6PZAgMBAAGjggKqMIICpjAdBgNVHQ4EFgQUQNGqAjpu
BqaS7DYzPC+WrgJUdjwwHwYDVR0jBBgwFoAUzuQWAe6p9Rs1JdpV3UrJXO+vWrww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJGQzczLzAxNDRDREY4OUYz
NDExRUM5Q0VCQzY3MEM0RjlBRTAyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldy
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvenVRV0FlNnA5UnMxSmRwVjNVckpYTy12V3J3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RkM3My8wMTQ0Q0RGODlGMzQxMUVDOUNFQkM2NzBDNEY5QUUwMi8yMkM3N0QxRTlG
MzgxMUVDQkI4NEJENzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEBXEUIAMEBN8doDANBAIAAjAHAwUAJAMCADANBgkqhkiG9w0B
AQsFAAOCAQEAl2uFKhA0peyb/H9cPDajMSc/oeTdXBexw1aRH0a2Gi9J7YJCRpDl
piDWGUxUKwc3nY8GvO2UYCaDSt7SbnS6Ulk7zFI5bBjfKZEHk96luocQOfxrticK
cyW0k2bWljplUu3y8bDDyNoSArEfYbdCQ5SPoeoewkkRtBUtbhY5e4OuFBOD4HS0
CHVikEPCmra9w9DlkKoAgIlP1vePp5ABgURTBvaREHxjos8K2YYiM/tsV45GLrxG
+9Qz1KTx3ZOtIFKdA7KG8UHKRGWzNnM48vd/hcOvnQxj5OnPSy+8dVgTx938DID3
ZXREyCiF+cnhieZyhDKq46fnc6x52pPDjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org