Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914FC2C/B04E919CC53311EC96DF310FC4F9AE02/F5E60B66C53511ECA64F3010C4F9AE02.roa
File: F5E60B66C53511ECA64F3010C4F9AE02.roa (raw, json)
Hash identifier: 99DNlaWEOgarGmGj39LZm06tPC/sT8CCQmkt4mNxu3E=
Subject key identifier: 45:89:93:1E:A0:CE:58:DA:52:00:B3:FD:05:C9:72:D9:E0:05:EE:F1
Certificate issuer: /CN=A914FC2C/serialNumber=1AD9BD9DC77315BD102DAF5AA9F92566B2C2FB99
Certificate serial: 02
Authority key identifier: 1A:D9:BD:9D:C7:73:15:BD:10:2D:AF:5A:A9:F9:25:66:B2:C2:FB:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gtm9ncdzFb0QLa9aqfklZrLC-5k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914FC2C/B04E919CC53311EC96DF310FC4F9AE02/F5E60B66C53511ECA64F3010C4F9AE02.roa
Signing time: Tue 26 Apr 2022 07:53:29 +0000
ROA not before: Tue 26 Apr 2022 07:53:29 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 132742
IP address blocks: 43.241.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914FC2C/serialNumber=1AD9BD9DC77315BD102DAF5AA9F92566B2C2FB99
Validity
Not Before: Apr 26 07:53:29 2022 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=6267a4f9-d364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:a3:6d:72:fb:d3:ce:5f:40:bb:6c:76:f0:
d6:aa:e6:74:45:f3:44:af:7b:a3:a5:3d:b0:0b:e9:
2a:44:63:ac:37:6c:ed:e7:b6:00:b0:b6:94:e0:d1:
57:7e:ee:fc:3b:6b:b3:ed:1b:b0:41:ee:b3:92:d8:
8e:ae:6b:49:a4:27:a1:1e:7f:3b:41:e3:d0:f6:d9:
11:43:ac:7a:4b:56:80:90:54:fb:d1:54:4a:08:03:
da:4b:09:69:6a:34:e0:14:bf:a7:3f:6c:59:63:2d:
3e:2f:90:b4:97:2e:de:3b:80:ff:85:d0:00:2d:88:
9a:f0:63:29:b6:a5:35:8f:05:ff:71:e8:23:14:a3:
64:04:2b:c3:2b:5a:79:df:85:4a:a5:e2:40:b1:8b:
9b:68:0f:f2:4e:57:73:a5:d8:bc:47:31:40:8b:d8:
5e:c6:84:d8:6a:f7:ad:9f:70:27:f8:52:60:5f:a8:
2d:50:ab:41:84:9f:77:74:84:a3:0a:71:63:cd:a9:
6a:14:60:0a:b2:84:28:7d:c6:59:f3:f6:44:1e:85:
7f:e1:2e:b3:fb:a6:4c:c5:9c:08:de:d1:a1:2f:64:
76:07:89:06:d5:1b:a7:15:4c:87:41:10:62:fb:5e:
7f:c6:5b:77:a9:d6:96:89:22:9e:f4:cf:b7:0c:e6:
78:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:89:93:1E:A0:CE:58:DA:52:00:B3:FD:05:C9:72:D9:E0:05:EE:F1
X509v3 Authority Key Identifier:
keyid:1A:D9:BD:9D:C7:73:15:BD:10:2D:AF:5A:A9:F9:25:66:B2:C2:FB:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914FC2C/B04E919CC53311EC96DF310FC4F9AE02/Gtm9ncdzFb0QLa9aqfklZrLC-5k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gtm9ncdzFb0QLa9aqfklZrLC-5k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914FC2C/B04E919CC53311EC96DF310FC4F9AE02/F5E60B66C53511ECA64F3010C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.152.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:14:ee:b4:9e:83:38:50:36:e3:79:e6:ba:64:52:14:be:60:
98:d5:df:93:a9:51:20:2c:62:55:0f:7b:ee:8e:6d:84:6e:63:
fe:c1:a0:0e:65:1c:9e:22:46:36:9f:ac:b5:d1:4a:77:7f:b5:
37:e2:30:5e:5b:b4:e8:d6:35:8b:ee:9a:df:6a:c7:1c:76:40:
0f:82:75:d9:52:8e:e5:8f:b6:fd:47:9a:a0:c4:56:f9:ae:0f:
87:6d:2e:88:08:d9:13:37:25:46:19:a2:b8:99:c3:67:1c:86:
54:55:d9:43:0b:c2:d4:69:00:1c:b3:73:d1:71:86:e9:dd:b7:
db:4a:f8:bd:7f:57:33:b3:0c:1c:a1:af:ab:54:00:d1:51:62:
a2:94:06:e8:29:87:40:ff:00:4d:f3:37:bd:c8:e3:45:9a:24:
a0:40:ee:08:62:05:3e:c3:cc:89:89:a9:e4:ea:4a:5b:5b:5e:
7c:b5:15:38:9d:d9:9a:5f:9a:d5:8f:88:30:d3:ef:3b:8a:20:
c8:3f:09:df:d1:96:97:77:23:e9:c0:66:73:d5:04:c4:f5:dd:
69:2d:ea:ec:fd:67:b9:eb:91:5b:45:5b:9f:b6:6b:0a:19:40:
a7:0b:6e:1c:45:39:71:50:16:18:d6:fd:72:b6:48:0d:77:b6:
01:b4:5c:8f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
RkMyQzExMC8GA1UEBRMoMUFEOUJEOURDNzczMTVCRDEwMkRBRjVBQTlGOTI1NjZC
MkMyRkI5OTAeFw0yMjA0MjYwNzUzMjlaFw0yMjA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjdhNGY5LWQzNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/FaNtcvvTzl9Au2x28Naq5nRF80Sve6OlPbAL6SpEY6w3bO3ntgCwtpTg0Vd+
7vw7a7PtG7BB7rOS2I6ua0mkJ6EefztB49D22RFDrHpLVoCQVPvRVEoIA9pLCWlq
NOAUv6c/bFljLT4vkLSXLt47gP+F0AAtiJrwYym2pTWPBf9x6CMUo2QEK8MrWnnf
hUql4kCxi5toD/JOV3Ol2LxHMUCL2F7GhNhq962fcCf4UmBfqC1Qq0GEn3d0hKMK
cWPNqWoUYAqyhCh9xlnz9kQehX/hLrP7pkzFnAje0aEvZHYHiQbVG6cVTIdBEGL7
Xn/GW3ep1paJIp70z7cM5nh1AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQURYmTHqDO
WNpSALP9Bcly2eAF7vEwHwYDVR0jBBgwFoAUGtm9ncdzFb0QLa9aqfklZrLC+5kw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRGQzJDL0IwNEU5MTlDQzUz
MzExRUM5NkRGMzEwRkM0RjlBRTAyL0d0bTluY2R6RmIwUUxhOWFxZmtsWnJMQy01
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3RtOW5jZHpGYjBRTGE5YXFma2xackxDLTVrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RkMyQy9CMDRFOTE5Q0M1MzMxMUVDOTZERjMxMEZDNEY5QUUwMi9GNUU2MEI2NkM1
MzUxMUVDQTY0RjMwMTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAivxmDANBgkqhkiG9w0BAQsFAAOCAQEADRTutJ6DOFA243nm
umRSFL5gmNXfk6lRICxiVQ977o5thG5j/sGgDmUcniJGNp+stdFKd3+1N+IwXlu0
6NY1i+6a32rHHHZAD4J12VKO5Y+2/UeaoMRW+a4Ph20uiAjZEzclRhmiuJnDZxyG
VFXZQwvC1GkAHLNz0XGG6d2320r4vX9XM7MMHKGvq1QA0VFiopQG6CmHQP8ATfM3
vcjjRZokoEDuCGIFPsPMiYmp5OpKW1tefLUVOJ3Zml+a1Y+IMNPvO4ogyD8J39GW
l3cj6cBmc9UExPXdaS3q7P1nueuRW0Vbn7ZrChlApwtuHEU5cVAWGNb9crZIDXe2
AbRcjw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:41 2023 by rpki-client on console-fra.rpki-client.org