Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/2EBE03F8274711ED81004454C4F9AE02.roa
File: 2EBE03F8274711ED81004454C4F9AE02.roa (raw, json)
Hash identifier: e0lzMccx53Y7XlNboGFffyzcodcMRLPP/3aRh1ZOgrk=
Subject key identifier: 89:46:53:A8:5B:CF:B7:B7:45:2F:3D:6A:B2:97:45:33:DB:80:CB:D0
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 01B5
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/2EBE03F8274711ED81004454C4F9AE02.roa
Signing time: Tue 11 Oct 2022 04:53:54 +0000
ROA not before: Tue 11 Oct 2022 04:53:54 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 45461
IP address blocks: 113.20.32.0/20 maxlen: 24
223.29.160.0/20 maxlen: 24
2403:200::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 437 (0x1b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Validity
Not Before: Oct 11 04:53:54 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=6344f6e1-941c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f6:ff:c2:4e:4a:b8:9a:af:03:83:0b:2f:6d:
bf:47:00:77:19:a1:91:4e:2f:89:bd:60:da:d1:34:
45:3d:9b:dc:2f:55:65:6c:9e:07:21:0f:38:9e:d2:
3e:64:06:42:c8:64:76:ac:41:46:9b:83:ec:2a:72:
7d:a9:d3:97:87:c3:ec:28:a9:83:68:f4:2f:46:c4:
3f:bb:4f:c1:68:b4:14:b0:69:d4:e5:29:45:17:5f:
f3:0b:d9:47:7c:d0:b5:20:c1:88:9a:87:b9:ff:63:
4f:4c:18:49:99:f5:8e:89:4c:26:cd:d5:b7:6c:ba:
b5:65:65:ad:0f:6a:f5:18:13:b4:6a:f0:ad:e3:77:
a0:42:a4:c2:2e:56:44:be:d5:3a:a6:df:e3:24:a0:
67:a0:a8:19:6b:7f:0e:73:fd:ab:81:57:35:01:86:
21:02:1c:a7:e0:57:60:fa:6d:98:eb:f5:99:6e:f4:
74:6c:b3:47:6f:c5:53:bb:84:aa:cd:51:55:16:79:
82:12:36:ee:54:00:bd:1b:d1:f8:d3:19:16:1c:74:
61:9e:51:73:65:6f:cd:a6:cf:b7:fe:f0:6a:e1:a6:
14:9b:24:27:89:dd:fc:f0:4e:ed:07:b0:66:5a:d8:
84:53:cb:38:fe:23:e2:f1:8d:84:f6:a2:a5:38:50:
db:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:46:53:A8:5B:CF:B7:B7:45:2F:3D:6A:B2:97:45:33:DB:80:CB:D0
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/2EBE03F8274711ED81004454C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.20.32.0/20
223.29.160.0/20
IPv6:
2403:200::/32
Signature Algorithm: sha256WithRSAEncryption
8a:aa:c7:e7:86:4d:0e:f6:a9:9c:ba:ee:6c:87:22:91:77:31:
27:7b:69:4f:8f:d3:ff:5c:01:b2:80:9f:49:2f:92:86:29:a9:
3a:b9:a0:34:b6:04:ef:fd:f9:a8:13:a3:9d:51:3c:88:13:e0:
a4:50:79:71:18:9b:c1:aa:6d:58:90:a7:b8:5d:24:a2:29:f7:
2b:e9:43:75:c0:81:18:0d:25:71:a7:3d:b6:9b:a1:f3:49:10:
d0:68:0f:37:a4:67:86:cd:f0:b6:e1:63:bb:78:39:2c:2b:93:
5a:cb:90:4b:dc:ef:32:4f:8d:d3:bd:1b:ec:f2:ad:7f:f0:66:
a0:4b:6c:9f:f4:90:d2:e3:30:38:f3:1a:95:c8:4a:ab:8e:f3:
9a:42:f5:cb:68:34:1d:85:4c:08:1c:f6:c9:e6:d4:e2:dc:56:
3a:2b:64:60:80:81:41:97:f1:f6:7c:f8:63:cb:a0:69:05:65:
82:2a:2a:f8:d3:49:0f:35:6e:39:bc:11:2d:a1:69:8e:c7:f3:
94:70:e1:6d:06:53:18:b0:2c:ba:ec:2c:b7:80:d8:4c:56:51:
28:60:6b:24:c1:00:a5:10:65:2c:9a:d5:ba:06:d4:09:14:77:
12:83:10:5d:37:4f:20:0d:da:92:37:b5:9f:0f:7f:74:69:45:
e8:28:cb:a3
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjIxMDExMDQ1MzU0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ0ZjZlMS05NDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxvb/wk5KuJqvA4MLL22/RwB3GaGRTi+JvWDa0TRFPZvcL1VlbJ4HIQ84ntI+
ZAZCyGR2rEFGm4PsKnJ9qdOXh8PsKKmDaPQvRsQ/u0/BaLQUsGnU5SlFF1/zC9lH
fNC1IMGImoe5/2NPTBhJmfWOiUwmzdW3bLq1ZWWtD2r1GBO0avCt43egQqTCLlZE
vtU6pt/jJKBnoKgZa38Oc/2rgVc1AYYhAhyn4Fdg+m2Y6/WZbvR0bLNHb8VTu4Sq
zVFVFnmCEjbuVAC9G9H40xkWHHRhnlFzZW/Nps+3/vBq4aYUmyQnid388E7tB7Bm
WtiEU8s4/iPi8Y2E9qKlOFDb3wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIlGU6hb
z7e3RS89arKXRTPbgMvQMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvMkVCRTAzRjgy
NzQ3MTFFRDgxMDA0NDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBARxFCADBATfHaAwDQQCAAIwBwMFACQDAgAwDQYJKoZIhvcN
AQELBQADggEBAIqqx+eGTQ72qZy67myHIpF3MSd7aU+P0/9cAbKAn0kvkoYpqTq5
oDS2BO/9+agTo51RPIgT4KRQeXEYm8GqbViQp7hdJKIp9yvpQ3XAgRgNJXGnPbab
ofNJENBoDzekZ4bN8LbhY7t4OSwrk1rLkEvc7zJPjdO9G+zyrX/wZqBLbJ/0kNLj
MDjzGpXISquO85pC9ctoNB2FTAgc9snm1OLcVjorZGCAgUGX8fZ8+GPLoGkFZYIq
KvjTSQ81bjm8ES2haY7H85Rw4W0GUxiwLLrsLLeA2ExWUShgayTBAKUQZSya1boG
1AkUdxKDEF03TyAN2pI3tZ8Pf3RpRegoy6M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org