Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/758632D2811411EABAD68C17C4F9AE02.roa
File: 758632D2811411EABAD68C17C4F9AE02.roa (raw, json)
Hash identifier: 5GZy08Xivh/24hzDkyE0eDTXCdyS+A5a9Pg8CSIEwt8=
Subject key identifier: CE:D0:2B:83:35:49:64:8A:CC:95:1C:74:10:9D:96:6C:2D:87:38:DB
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 13E8
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/758632D2811411EABAD68C17C4F9AE02.roa
Signing time: Fri 18 Feb 2022 06:24:52 +0000
ROA not before: Fri 18 Feb 2022 06:24:52 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 45772
IP address blocks: 119.161.85.0/24 maxlen: 24
2402:7800:203::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5096 (0x13e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 18 06:24:52 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=620f3bb3-2b57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c8:cb:86:61:fa:ca:fe:9e:ba:08:b2:04:2c:
c5:10:b9:3c:6e:a1:1b:8d:05:51:ae:63:38:1a:45:
01:97:73:76:48:29:86:85:9e:ff:f8:c7:57:3d:3f:
09:ca:8d:ad:4c:a1:c7:9c:67:d7:85:e1:13:00:41:
7e:0d:cb:63:8e:05:de:c7:e6:56:af:92:f0:dd:c6:
f2:49:69:68:72:14:81:a7:82:78:5d:ac:b1:8f:90:
9e:cf:01:6a:41:a1:1b:1b:e9:4f:a2:c1:5c:ee:35:
1c:c5:e7:d3:71:e8:9e:64:dc:1c:2c:a3:09:a4:e3:
21:9b:3c:96:c5:3c:78:e8:bc:7f:56:d9:ff:20:6c:
d6:0d:cc:5e:d3:a1:38:1d:d1:a5:bd:32:d0:c1:c8:
e6:82:03:db:c8:97:98:c8:8c:e9:36:16:b0:4a:b1:
85:dc:a2:63:94:0b:80:56:31:54:2b:8a:43:1a:67:
e1:52:79:16:e2:4e:44:9b:5d:dc:eb:41:10:38:b3:
d5:e6:7c:d9:84:15:9e:f9:ab:c1:dc:31:96:41:29:
6e:2a:c3:61:5a:fc:f1:7f:e5:a3:ac:90:df:93:d0:
97:1b:a4:a4:fc:e0:72:a1:aa:33:45:d3:56:7a:f8:
7d:95:12:ea:da:73:2b:51:5a:c1:e2:ec:be:70:fb:
0c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D0:2B:83:35:49:64:8A:CC:95:1C:74:10:9D:96:6C:2D:87:38:DB
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/758632D2811411EABAD68C17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.161.85.0/24
IPv6:
2402:7800:203::/48
Signature Algorithm: sha256WithRSAEncryption
1b:a7:e0:4d:2e:62:41:81:f8:79:81:05:d9:a8:cf:a6:cc:5e:
eb:9d:bd:67:48:ab:28:ef:23:10:57:bd:6f:ea:7f:dc:30:84:
22:b0:25:dd:09:95:b2:30:25:af:4f:e4:26:9c:a8:63:f0:d9:
88:f1:dc:f5:ca:c9:3c:60:24:39:92:dc:8a:5e:bf:9b:e6:bf:
88:a9:e9:d7:c6:79:7a:05:ef:be:a5:9c:24:77:d8:d5:de:9b:
a9:d8:4f:47:42:f6:c8:76:cd:26:12:04:ee:54:29:19:d9:50:
ff:5e:0c:ad:d2:95:95:1c:0c:f4:7e:87:88:c3:4a:c2:ef:ac:
ac:99:ff:fa:d5:ce:04:3c:17:72:5b:19:53:4e:f7:af:d1:dc:
28:6c:92:bf:cd:14:d0:63:95:fb:5a:36:05:82:20:27:1b:c7:
04:8b:f6:22:5c:63:a2:96:e9:5f:7c:7b:97:44:70:e6:c3:05:
51:6b:2b:aa:4d:f1:cf:4b:18:6f:a4:17:1b:82:ec:a8:f6:77:
a1:f0:76:5a:91:a6:23:e3:25:e9:ab:95:c2:56:eb:31:d7:0f:
b8:38:7e:6b:42:f3:0c:a2:58:40:de:2e:cf:85:4d:31:e9:f1:
c5:67:b0:62:a5:e1:98:5c:26:f3:19:70:1d:28:c4:d1:ed:9a:
95:6f:07:69
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICE+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjIwMjE4MDYyNDUyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBmM2JiMy0yYjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzsjLhmH6yv6eugiyBCzFELk8bqEbjQVRrmM4GkUBl3N2SCmGhZ7/+MdXPT8J
yo2tTKHHnGfXheETAEF+DctjjgXex+ZWr5Lw3cbySWlochSBp4J4Xayxj5CezwFq
QaEbG+lPosFc7jUcxefTceieZNwcLKMJpOMhmzyWxTx46Lx/Vtn/IGzWDcxe06E4
HdGlvTLQwcjmggPbyJeYyIzpNhawSrGF3KJjlAuAVjFUK4pDGmfhUnkW4k5Em13c
60EQOLPV5nzZhBWe+avB3DGWQSluKsNhWvzxf+WjrJDfk9CXG6Sk/OByoaozRdNW
evh9lRLq2nMrUVrB4uy+cPsMxQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFM7QK4M1
SWSKzJUcdBCdlmwthzjbMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNzU4NjMyRDI4
MTE0MTFFQUJBRDY4QzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAB3oVUwDwQCAAIwCQMHACQCeAACAzANBgkqhkiG9w0BAQsF
AAOCAQEAG6fgTS5iQYH4eYEF2ajPpsxe6529Z0irKO8jEFe9b+p/3DCEIrAl3QmV
sjAlr0/kJpyoY/DZiPHc9crJPGAkOZLcil6/m+a/iKnp18Z5egXvvqWcJHfY1d6b
qdhPR0L2yHbNJhIE7lQpGdlQ/14MrdKVlRwM9H6HiMNKwu+srJn/+tXOBDwXclsZ
U073r9HcKGySv80U0GOV+1o2BYIgJxvHBIv2IlxjopbpX3x7l0Rw5sMFUWsrqk3x
z0sYb6QXG4LsqPZ3ofB2WpGmI+Ml6auVwlbrMdcPuDh+a0LzDKJYQN4uz4VNMenx
xWewYqXhmFwm8xlwHSjE0e2alW8HaQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-ams.rpki-client.org