Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/D079850C913711EBBCAF3066C4F9AE02.roa
File: D079850C913711EBBCAF3066C4F9AE02.roa (raw, json)
Hash identifier: twEWrdcF0pULu7r/0a6Dk1pri92wUIKRyeWZyftff2M=
Subject key identifier: 35:70:61:FC:06:0F:9F:60:9A:C7:B9:73:9A:DD:5B:5D:E3:3F:0B:BE
Certificate issuer: /CN=A91F2CA8/serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866
Certificate serial: 2FDC
Authority key identifier: 1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/D079850C913711EBBCAF3066C4F9AE02.roa
Signing time: Wed 20 Oct 2021 03:20:43 +0000
ROA not before: Wed 20 Oct 2021 03:20:43 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 45768
IP address blocks: 27.111.64.0/21 maxlen: 21
113.29.208.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12252 (0x2fdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2CA8/serialNumber=1E752C3D16048C3F3F6323D2B91070BF247D6866
Validity
Not Before: Oct 20 03:20:43 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=616f8b0b-88cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4f:10:17:3e:52:72:70:93:38:d8:62:51:88:
12:ea:0d:2e:93:0e:39:9d:44:ba:a3:7f:b0:2b:0f:
5a:6b:4e:42:f2:4d:e2:2a:ed:97:46:c3:2e:ac:f1:
e5:43:dc:09:2d:68:f2:34:b7:57:5f:c6:ec:c6:91:
23:c7:49:a7:4b:e2:01:58:2c:ca:a9:62:2b:e1:a4:
3c:b4:78:5f:88:f1:d9:11:c3:4b:e4:69:a3:48:d9:
9d:37:33:56:80:02:17:af:17:9e:89:60:6a:e6:2c:
33:bc:a9:10:ec:0c:8c:77:1e:c8:c1:d8:88:31:4a:
31:fd:40:9e:c8:2f:a2:03:90:ce:ad:7e:a7:8d:d1:
e5:69:3c:08:7b:c5:6e:aa:18:89:fd:d9:1e:04:aa:
df:01:d7:b9:3a:da:7f:8a:3a:a8:9e:b1:5a:93:b9:
9f:ae:4d:97:04:c2:5b:b4:3c:dd:42:17:f2:36:62:
1d:62:c0:f7:00:4e:9d:2c:4e:4c:a8:d5:2e:ee:04:
90:a5:43:24:83:ec:ef:a9:98:ee:64:cb:b6:00:e4:
c7:f5:89:a0:45:1f:38:b7:27:94:67:81:e3:db:d3:
f8:7b:29:e9:e4:d7:fd:10:b0:6d:76:62:74:63:9d:
ed:52:ed:96:b8:f5:a5:43:28:24:94:b1:f7:bb:02:
9f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:70:61:FC:06:0F:9F:60:9A:C7:B9:73:9A:DD:5B:5D:E3:3F:0B:BE
X509v3 Authority Key Identifier:
keyid:1E:75:2C:3D:16:04:8C:3F:3F:63:23:D2:B9:10:70:BF:24:7D:68:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HnUsPRYEjD8_YyPSuRBwvyR9aGY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CA8/870322581D9A11E2AA86C28708B02CD2/D079850C913711EBBCAF3066C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.64.0/21
113.29.208.0/21
Signature Algorithm: sha256WithRSAEncryption
71:d0:8b:f6:63:50:c2:97:06:63:95:34:7e:71:46:2e:ab:0c:
9d:d9:d2:87:8f:7a:5f:d4:f1:86:6e:f2:8a:99:8a:d6:eb:44:
19:13:c4:50:0e:ac:7f:61:d3:8f:26:d8:a1:c7:5d:f0:6d:3e:
37:3f:29:5b:40:4f:bc:32:71:0a:98:2b:fa:c9:be:b8:79:3c:
80:40:d1:63:e2:c7:a1:19:64:13:d3:20:d5:c9:35:aa:a5:0e:
d1:7e:61:20:06:79:5d:1c:2d:ad:b8:77:20:26:2f:6b:b4:32:
82:e7:61:ba:0b:02:b0:27:06:a9:04:1b:26:90:f0:07:9a:26:
bb:64:38:fe:de:de:b1:6d:ba:f2:c7:ad:73:7f:08:cb:28:7c:
31:65:11:a1:28:4d:6e:bc:e4:71:c5:25:73:3f:72:ca:8f:fb:
6e:20:f8:e0:7b:b8:db:39:98:e3:5d:d5:e7:b7:1f:07:83:5c:
53:34:f4:26:80:42:32:4a:a4:fb:cc:20:77:af:40:32:09:ee:
2e:ab:f5:41:37:04:ab:cd:a9:dc:d7:08:d2:0d:c8:bf:bc:af:
d9:7f:d5:43:cb:c2:06:9e:68:c6:02:4a:df:18:36:9f:5c:6a:
ad:b3:2c:09:85:7d:c9:7a:f3:49:25:d2:8c:14:62:af:61:b5:
ae:96:c7:ce
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICL9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJDQTgxMTAvBgNVBAUTKDFFNzUyQzNEMTYwNDhDM0YzRjYzMjNEMkI5MTA3MEJG
MjQ3RDY4NjYwHhcNMjExMDIwMDMyMDQzWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTZmOGIwYi04OGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz08QFz5ScnCTONhiUYgS6g0ukw45nUS6o3+wKw9aa05C8k3iKu2XRsMurPHl
Q9wJLWjyNLdXX8bsxpEjx0mnS+IBWCzKqWIr4aQ8tHhfiPHZEcNL5GmjSNmdNzNW
gAIXrxeeiWBq5iwzvKkQ7AyMdx7IwdiIMUox/UCeyC+iA5DOrX6njdHlaTwIe8Vu
qhiJ/dkeBKrfAde5Otp/ijqonrFak7mfrk2XBMJbtDzdQhfyNmIdYsD3AE6dLE5M
qNUu7gSQpUMkg+zvqZjuZMu2AOTH9YmgRR84tyeUZ4Hj29P4eynp5Nf9ELBtdmJ0
Y53tUu2WuPWlQygklLH3uwKfTQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDVwYfwG
D59gmse5c5rdW13jPwu+MB8GA1UdIwQYMBaAFB51LD0WBIw/P2Mj0rkQcL8kfWhm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNBOC84NzAzMjI1ODFE
OUExMUUyQUE4NkMyODcwOEIwMkNEMi9IblVzUFJZRWpEOF9ZeVBTdVJCd3Z5Ujlh
R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0huVXNQUllFakQ4X1l5UFN1UkJ3dnlSOWFHWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJDQTgvODcwMzIyNTgxRDlBMTFFMkFBODZDMjg3MDhCMDJDRDIvRDA3OTg1MEM5
MTM3MTFFQkJDQUYzMDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAMbb0ADBANxHdAwDQYJKoZIhvcNAQELBQADggEBAHHQi/Zj
UMKXBmOVNH5xRi6rDJ3Z0oePel/U8YZu8oqZitbrRBkTxFAOrH9h048m2KHHXfBt
Pjc/KVtAT7wycQqYK/rJvrh5PIBA0WPix6EZZBPTINXJNaqlDtF+YSAGeV0cLa24
dyAmL2u0MoLnYboLArAnBqkEGyaQ8AeaJrtkOP7e3rFtuvLHrXN/CMsofDFlEaEo
TW685HHFJXM/csqP+24g+OB7uNs5mONd1ee3HweDXFM09CaAQjJKpPvMIHevQDIJ
7i6r9UE3BKvNqdzXCNINyL+8r9l/1UPLwgaeaMYCSt8YNp9caq2zLAmFfcl680kl
0owUYq9hta6Wx84=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:14 2023 by rpki-client on console-fra.rpki-client.org