Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/452872981E0111E9A590C837C4F9AE02.roa
File: 452872981E0111E9A590C837C4F9AE02.roa (raw, json)
Hash identifier: Pu7lp2P97iDvlTJLiS+EiAWy9tqUiNUUndH4vhLwEzU=
Subject key identifier: D2:D2:63:D9:A9:1B:B0:77:98:9E:B7:63:2D:2F:F4:A4:D4:C0:08:C7
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 34E0
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/452872981E0111E9A590C837C4F9AE02.roa
Signing time: Mon 25 Jul 2022 02:41:09 +0000
ROA not before: Mon 25 Jul 2022 02:41:09 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 24128
IP address blocks: 202.71.112.0/22 maxlen: 22
202.71.116.0/24 maxlen: 24
202.71.120.0/24 maxlen: 24
202.71.123.0/24 maxlen: 24
202.71.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13536 (0x34e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 25 02:41:09 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62de02c4-1cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:92:a3:85:fd:c0:f1:30:7c:73:d0:b2:b3:36:
b5:8e:ac:82:42:e5:20:0b:b3:c1:fd:0e:f6:e1:88:
5c:f8:bf:d3:aa:50:01:50:51:5b:c8:4c:f2:ef:c8:
59:8c:2c:af:b9:86:61:e8:d7:86:7a:3b:89:5f:d6:
c2:f5:32:4e:aa:b6:6d:cc:4a:ab:26:5e:6b:d8:73:
6c:86:d8:0b:59:07:89:4f:18:27:76:dd:67:e1:4f:
6d:3b:e3:ee:e1:31:88:6d:61:90:96:0f:77:5b:f5:
95:a8:e3:fb:f0:eb:ad:ab:24:d3:9c:86:e9:d5:0d:
01:33:08:a8:da:04:77:d5:e4:3b:75:30:44:18:67:
71:f5:8e:0f:6e:6f:a6:fa:9f:51:60:29:89:8e:ea:
d0:55:09:5b:b2:8e:5d:1a:25:be:17:1b:a6:c0:6e:
c1:8d:4b:42:c6:44:f3:07:13:24:76:e2:65:c0:78:
1e:34:b5:bf:7f:74:36:e2:0e:63:1e:78:91:1e:20:
f8:8e:9e:63:09:9c:29:44:35:48:89:18:3a:0f:85:
da:5d:3e:3b:07:f4:21:b3:cb:d7:62:89:34:41:7c:
49:d6:4c:b1:01:bf:9a:35:ca:d0:94:5d:16:1d:ec:
92:d2:be:37:09:a4:dd:c4:22:da:a9:39:b1:ee:71:
46:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D2:63:D9:A9:1B:B0:77:98:9E:B7:63:2D:2F:F4:A4:D4:C0:08:C7
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/452872981E0111E9A590C837C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.71.112.0-202.71.116.255
202.71.120.0/24
202.71.123.0-202.71.124.255
Signature Algorithm: sha256WithRSAEncryption
b8:3f:11:f4:7e:34:1e:de:59:23:99:a3:db:cf:cd:8d:c5:61:
8f:40:fe:48:47:8b:3a:90:9d:c4:b0:d6:b2:fa:dd:7a:bb:99:
f2:ad:18:8d:6d:99:18:e7:b9:55:88:ad:a1:d7:b0:82:9b:e1:
d9:94:b8:a3:cb:01:de:0c:20:45:82:9a:78:9d:cd:f2:3e:07:
87:94:bd:e1:b9:83:dd:3d:f4:f3:b0:a1:5b:bc:84:b0:7a:b2:
bc:30:3b:40:88:42:e0:57:36:6b:56:9b:d2:5d:75:7c:61:b4:
7d:86:93:29:be:48:b4:51:57:87:ab:34:db:65:2b:09:4e:39:
40:0e:cf:2b:fd:38:bb:94:45:f7:fc:9b:d7:aa:07:34:71:2c:
55:4e:fe:c5:6d:f2:b4:e5:ba:d3:9d:9b:5f:2b:e3:99:16:b3:
1a:c1:64:0a:cd:6c:eb:19:29:cc:0f:a6:c7:fb:af:19:88:2a:
97:72:1a:75:75:b2:bc:47:54:7f:bb:fa:f2:18:dd:22:09:97:
e3:15:be:7d:56:ae:26:49:bf:98:09:7d:69:28:4e:56:68:18:
63:66:ad:3f:82:cc:c5:79:e8:ad:b4:c3:56:7c:28:fe:60:90:
57:a8:f0:de:ea:b3:83:9b:a8:c0:b5:d3:f4:b9:c5:6a:d3:d3:
72:00:44:7d
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICNOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjIwNzI1MDI0MTA5WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRlMDJjNC0xY2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA15Kjhf3A8TB8c9Cysza1jqyCQuUgC7PB/Q724Yhc+L/TqlABUFFbyEzy78hZ
jCyvuYZh6NeGejuJX9bC9TJOqrZtzEqrJl5r2HNshtgLWQeJTxgndt1n4U9tO+Pu
4TGIbWGQlg93W/WVqOP78OutqyTTnIbp1Q0BMwio2gR31eQ7dTBEGGdx9Y4Pbm+m
+p9RYCmJjurQVQlbso5dGiW+FxumwG7BjUtCxkTzBxMkduJlwHgeNLW/f3Q24g5j
HniRHiD4jp5jCZwpRDVIiRg6D4XaXT47B/Qhs8vXYok0QXxJ1kyxAb+aNcrQlF0W
HeyS0r43CaTdxCLaqTmx7nFG1wIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFNLSY9mp
G7B3mJ63Yy0v9KTUwAjHMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNDUyODcyOTgx
RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEBMpHcAMEAMpHdAMEAMpHeDAMAwQAykd7AwQAykd8MA0G
CSqGSIb3DQEBCwUAA4IBAQC4PxH0fjQe3lkjmaPbz82NxWGPQP5IR4s6kJ3EsNay
+t16u5nyrRiNbZkY57lViK2h17CCm+HZlLijywHeDCBFgpp4nc3yPgeHlL3huYPd
PfTzsKFbvISwerK8MDtAiELgVzZrVpvSXXV8YbR9hpMpvki0UVeHqzTbZSsJTjlA
Ds8r/Ti7lEX3/JvXqgc0cSxVTv7FbfK05brTnZtfK+OZFrMawWQKzWzrGSnMD6bH
+68ZiCqXchp1dbK8R1R/u/ryGN0iCZfjFb59Vq4mSb+YCX1pKE5WaBhjZq0/gszF
eeittMNWfCj+YJBXqPDe6rODm6jAtdP0ucVq09NyAER9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org