Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912AED4/BEC9AC82B0BD11E792A2BF30C4F9AE02/5C56AEBAA6D311EAB3218037C4F9AE02.roa
File: 5C56AEBAA6D311EAB3218037C4F9AE02.roa (raw, json)
Hash identifier: wlzOg9hCdI9f+6F10LmMcLYO9cKOKxR3kC0W7eTo2HQ=
Subject key identifier: 2F:A4:1D:60:B6:B2:7D:3A:79:6E:98:08:08:50:AF:36:73:CA:28:D1
Certificate issuer: /CN=A912AED4/serialNumber=66F0C1DBCDF1ABC34ED11B46A90AE3201802A95C
Certificate serial: 1300
Authority key identifier: 66:F0:C1:DB:CD:F1:AB:C3:4E:D1:1B:46:A9:0A:E3:20:18:02:A9:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZvDB283xq8NO0RtGqQrjIBgCqVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912AED4/BEC9AC82B0BD11E792A2BF30C4F9AE02/5C56AEBAA6D311EAB3218037C4F9AE02.roa
Signing time: Fri 20 Aug 2021 05:33:40 +0000
ROA not before: Fri 20 Aug 2021 05:33:40 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 45873
IP address blocks: 103.100.120.0/22 maxlen: 24
180.94.236.0/22 maxlen: 24
2401:e880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4864 (0x1300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912AED4/serialNumber=66F0C1DBCDF1ABC34ED11B46A90AE3201802A95C
Validity
Not Before: Aug 20 05:33:40 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=611f3eb3-ee70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9e:3d:94:09:a7:6f:79:15:8f:e7:86:94:e8:
96:f7:16:51:75:5f:c2:f0:cf:8e:b8:d6:97:83:75:
96:df:54:a5:06:26:98:87:c7:a6:2c:b6:d2:44:82:
fa:5a:9c:70:b3:74:c6:60:df:e8:48:6a:bf:2a:8c:
73:7c:d8:ae:37:47:7d:72:2a:8d:32:02:8c:5c:c3:
a7:83:6c:77:62:5d:96:f1:45:26:12:b1:a7:5f:f0:
0e:d5:03:2a:12:1e:d8:6f:f3:0d:2c:19:01:21:04:
25:59:b8:59:8d:24:b6:c6:66:bb:46:57:bf:d5:51:
8b:e7:17:aa:97:e8:6d:e4:5d:8b:05:46:6d:49:ce:
60:7e:fa:73:17:fc:94:96:5f:d0:42:0a:38:5d:58:
87:bd:26:fc:a1:d7:93:21:9a:02:85:b1:12:5e:f3:
99:e8:68:58:14:56:a0:78:c8:1a:53:f2:2d:60:7b:
92:62:c5:d8:5c:71:ec:c2:1c:ac:63:40:68:2a:2b:
8b:43:0d:bc:11:55:6f:d8:44:d7:3d:51:50:6f:ad:
86:cb:2a:e6:72:7d:ef:ce:d3:06:b6:6c:eb:c7:e6:
38:85:01:e5:57:91:2b:d2:f5:ef:15:4b:fc:e1:7a:
4b:b0:e5:81:4d:33:c5:ae:83:b4:ac:e0:b8:dc:c5:
2a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A4:1D:60:B6:B2:7D:3A:79:6E:98:08:08:50:AF:36:73:CA:28:D1
X509v3 Authority Key Identifier:
keyid:66:F0:C1:DB:CD:F1:AB:C3:4E:D1:1B:46:A9:0A:E3:20:18:02:A9:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912AED4/BEC9AC82B0BD11E792A2BF30C4F9AE02/ZvDB283xq8NO0RtGqQrjIBgCqVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZvDB283xq8NO0RtGqQrjIBgCqVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AED4/BEC9AC82B0BD11E792A2BF30C4F9AE02/5C56AEBAA6D311EAB3218037C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.120.0/22
180.94.236.0/22
IPv6:
2401:e880::/32
Signature Algorithm: sha256WithRSAEncryption
99:18:96:db:02:2f:6c:b7:ae:1d:be:ba:2c:73:a8:71:cd:b0:
aa:97:38:44:39:9c:a6:7f:84:25:48:d3:d8:2e:1b:68:99:b5:
0a:ec:14:a9:98:42:fd:a7:7b:c1:95:2f:78:67:4d:c9:9d:53:
2f:b4:f2:a3:5b:16:77:ba:98:67:ab:ca:e7:95:22:e5:99:ea:
c0:25:52:8e:91:3e:38:fa:08:b3:a9:46:3f:fc:e7:45:f2:82:
72:9a:c2:95:d0:36:b0:2b:3f:a4:a3:37:0b:38:82:32:c2:d7:
b9:01:b6:7c:17:f8:64:df:83:cc:c3:71:ec:8d:d4:47:e1:ed:
7a:db:13:7e:a3:11:23:92:38:78:ed:92:1c:21:aa:80:bc:24:
5f:da:80:b7:c3:c5:ea:19:10:77:44:b3:a6:76:8b:c4:b4:8a:
f5:a4:24:06:91:20:2d:5d:9d:75:07:66:34:be:ac:89:9f:87:
dc:2f:5b:bc:83:2a:c1:43:d2:a5:7e:b4:9a:c2:37:4f:e3:6f:
12:00:e4:6c:de:e0:fb:98:59:44:97:8e:e2:39:6c:52:f9:3b:
26:4c:16:75:e5:cd:cf:64:63:87:ff:d4:77:89:b7:15:6a:01:
90:eb:51:b6:46:a4:80:a4:0a:a2:c0:74:13:6c:b4:06:6e:26:
57:54:a2:39
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICEwAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkFFRDQxMTAvBgNVBAUTKDY2RjBDMURCQ0RGMUFCQzM0RUQxMUI0NkE5MEFFMzIw
MTgwMkE5NUMwHhcNMjEwODIwMDUzMzQwWhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTFmM2ViMy1lZTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0549lAmnb3kVj+eGlOiW9xZRdV/C8M+OuNaXg3WW31SlBiaYh8emLLbSRIL6
Wpxws3TGYN/oSGq/KoxzfNiuN0d9ciqNMgKMXMOng2x3Yl2W8UUmErGnX/AO1QMq
Eh7Yb/MNLBkBIQQlWbhZjSS2xma7Rle/1VGL5xeql+ht5F2LBUZtSc5gfvpzF/yU
ll/QQgo4XViHvSb8odeTIZoChbESXvOZ6GhYFFageMgaU/ItYHuSYsXYXHHswhys
Y0BoKiuLQw28EVVv2ETXPVFQb62Gyyrmcn3vztMGtmzrx+Y4hQHlV5Er0vXvFUv8
4XpLsOWBTTPFroO0rOC43MUqmQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFC+kHWC2
sn06eW6YCAhQrzZzyijRMB8GA1UdIwQYMBaAFGbwwdvN8avDTtEbRqkK4yAYAqlc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQUVENC9CRUM5QUM4MkIw
QkQxMUU3OTJBMkJGMzBDNEY5QUUwMi9adkRCMjgzeHE4Tk8wUnRHcVFyaklCZ0Nx
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p2REIyODN4cThOTzBSdEdxUXJqSUJnQ3FWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkFFRDQvQkVDOUFDODJCMEJEMTFFNzkyQTJCRjMwQzRGOUFFMDIvNUM1NkFFQkFB
NkQzMTFFQUIzMjE4MDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnZHgDBAK0XuwwDQQCAAIwBwMFACQB6IAwDQYJKoZIhvcN
AQELBQADggEBAJkYltsCL2y3rh2+uixzqHHNsKqXOEQ5nKZ/hCVI09guG2iZtQrs
FKmYQv2ne8GVL3hnTcmdUy+08qNbFne6mGeryueVIuWZ6sAlUo6RPjj6CLOpRj/8
50XygnKawpXQNrArP6SjNws4gjLC17kBtnwX+GTfg8zDceyN1Efh7XrbE36jESOS
OHjtkhwhqoC8JF/agLfDxeoZEHdEs6Z2i8S0ivWkJAaRIC1dnXUHZjS+rImfh9wv
W7yDKsFD0qV+tJrCN0/jbxIA5Gze4PuYWUSXjuI5bFL5OyZMFnXlzc9kY4f/1HeJ
txVqAZDrUbZGpICkCqLAdBNstAZuJldUojk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-fra.rpki-client.org