Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/A5D2590A9E4111EDB7C9020EC4F9AE02.roa
File: A5D2590A9E4111EDB7C9020EC4F9AE02.roa (raw, json)
Hash identifier: fdP9zL7bP6nnc9D3R1q13JPi7CwFtBhZ7VHupFHgSsg=
Subject key identifier: FA:17:1B:0B:1E:05:7D:AB:2B:42:07:B0:58:89:30:26:94:5A:42:16
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 0207
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/A5D2590A9E4111EDB7C9020EC4F9AE02.roa
Signing time: Fri 27 Jan 2023 12:53:51 +0000
ROA not before: Fri 27 Jan 2023 12:53:51 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 996
IP address blocks: 113.20.48.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 519 (0x207)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Validity
Not Before: Jan 27 12:53:51 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63d3c95f-1a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b7:32:8b:f1:47:19:cd:ba:bc:a9:ad:1f:81:
c2:7b:51:f8:ef:b1:cf:45:60:63:a1:fd:a8:2d:33:
83:82:44:65:a1:ec:65:a5:a0:e5:98:88:94:08:c1:
0d:c8:8e:56:10:0d:2f:d2:e4:a3:1d:c5:23:50:16:
e4:9e:78:40:30:75:9d:c9:49:7e:39:83:75:b0:b9:
87:69:4b:28:c0:42:de:e7:30:7d:31:c9:c2:4e:54:
e0:99:30:ae:f4:45:a0:54:f4:e2:5b:43:34:dd:41:
3a:5d:bb:92:d2:d2:5e:bd:2d:85:f0:9f:1b:39:78:
00:9c:47:ed:34:84:f2:e1:79:f2:83:fa:56:a5:3f:
32:29:69:d2:cb:7d:c9:d1:fb:5c:cb:a6:d3:f7:da:
53:00:85:c3:d7:78:30:e4:3a:37:25:31:1a:f6:c1:
6f:e5:16:dd:4b:c6:90:fd:7f:f9:38:43:2f:9e:6b:
c5:c9:a0:db:de:11:0c:f8:95:a6:2c:d3:f8:95:ee:
98:c7:7f:0c:39:be:ce:30:43:18:4f:75:a5:c0:be:
67:70:9a:1f:ce:79:6e:62:6d:33:d2:24:ae:74:32:
79:7b:ba:94:ea:08:eb:38:27:e5:17:b2:6b:db:f6:
96:26:8c:c9:f4:9b:13:dd:27:0d:12:8e:37:6b:8f:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:17:1B:0B:1E:05:7D:AB:2B:42:07:B0:58:89:30:26:94:5A:42:16
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/A5D2590A9E4111EDB7C9020EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.20.48.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:45:84:da:c4:df:15:95:d1:2b:0a:15:c4:50:6b:61:8b:70:
89:8d:cf:b6:35:d1:e0:be:01:d3:81:f8:21:5f:d6:34:07:ed:
1b:3b:dc:52:ec:4f:95:d2:bd:a1:ed:cb:a1:61:20:91:5e:c1:
0d:ea:a6:06:2d:78:e1:c7:a4:10:34:d5:f4:63:ce:2d:07:1b:
a4:e3:dc:d0:23:9b:74:02:77:69:c9:9d:ea:38:0d:82:25:3f:
b4:80:54:f9:f9:66:9c:e5:ed:4a:9d:62:35:10:7d:8e:7c:8e:
b6:55:6c:71:8e:33:9e:13:c8:e0:27:eb:1e:10:59:0b:3e:1f:
d2:d2:48:25:9f:bd:7f:75:89:b0:a8:42:be:fc:b2:05:3c:8d:
60:25:bf:b7:9a:b9:03:6f:54:53:4f:ea:b1:8f:79:32:45:0c:
8f:2c:a1:51:6b:33:f4:c3:ee:8e:c3:dc:f0:c7:d4:f1:4c:93:
e7:e8:f2:dd:10:7c:3c:a8:0b:ce:ef:28:9c:39:74:ad:21:e1:
32:03:97:c9:d2:e8:d5:0d:96:f6:26:cf:f9:e8:11:05:03:05:
5c:cc:65:c6:1d:44:55:97:42:0c:c1:9b:7a:3b:22:85:8b:d5:
79:3b:fa:14:da:b9:5e:53:55:15:94:fb:db:46:76:7a:d7:78:
61:9d:4a:a2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjMwMTI3MTI1MzUxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QzYzk1Zi0xYTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnbcyi/FHGc26vKmtH4HCe1H477HPRWBjof2oLTODgkRloexlpaDlmIiUCMEN
yI5WEA0v0uSjHcUjUBbknnhAMHWdyUl+OYN1sLmHaUsowELe5zB9McnCTlTgmTCu
9EWgVPTiW0M03UE6XbuS0tJevS2F8J8bOXgAnEftNITy4Xnyg/pWpT8yKWnSy33J
0ftcy6bT99pTAIXD13gw5Do3JTEa9sFv5RbdS8aQ/X/5OEMvnmvFyaDb3hEM+JWm
LNP4le6Yx38MOb7OMEMYT3WlwL5ncJofznluYm0z0iSudDJ5e7qU6gjrOCflF7Jr
2/aWJozJ9JsT3ScNEo43a4/CpwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPoXGwse
BX2rK0IHsFiJMCaUWkIWMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvQTVEMjU5MEE5
RTQxMTFFREI3QzkwMjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBARxFDAwDQYJKoZIhvcNAQELBQADggEBAI9FhNrE3xWV0SsK
FcRQa2GLcImNz7Y10eC+AdOB+CFf1jQH7Rs73FLsT5XSvaHty6FhIJFewQ3qpgYt
eOHHpBA01fRjzi0HG6Tj3NAjm3QCd2nJneo4DYIlP7SAVPn5Zpzl7UqdYjUQfY58
jrZVbHGOM54TyOAn6x4QWQs+H9LSSCWfvX91ibCoQr78sgU8jWAlv7eauQNvVFNP
6rGPeTJFDI8soVFrM/TD7o7D3PDH1PFMk+fo8t0QfDyoC87vKJw5dK0h4TIDl8nS
6NUNlvYmz/noEQUDBVzMZcYdRFWXQgzBm3o7IoWL1Xk7+hTauV5TVRWU+9tGdnrX
eGGdSqI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org