Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/2CACE5849FA211EC9138EA23C4F9AE02.roa
File: 2CACE5849FA211EC9138EA23C4F9AE02.roa (raw, json)
Hash identifier: wBERgP/jAyLgLBBmQInbLH+Aei9frJu+PVGZWwTF0ro=
Subject key identifier: 1F:F4:06:56:F9:E4:1E:86:98:B2:8D:EE:D6:2E:18:EB:87:11:48:5A
Certificate issuer: /CN=A9164D60/serialNumber=E0BA228EAF9812F067D2FF3BF806895698C93977
Certificate serial: 0273
Authority key identifier: E0:BA:22:8E:AF:98:12:F0:67:D2:FF:3B:F8:06:89:56:98:C9:39:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Loijq-YEvBn0v87-AaJVpjJOXc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/2CACE5849FA211EC9138EA23C4F9AE02.roa
Signing time: Wed 09 Mar 2022 12:12:23 +0000
ROA not before: Wed 09 Mar 2022 12:12:23 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 32181
IP address blocks: 27.126.176.0/24 maxlen: 24
27.126.177.0/24 maxlen: 24
27.126.178.0/24 maxlen: 24
27.126.180.0/24 maxlen: 24
27.126.184.0/24 maxlen: 24
27.126.189.0/24 maxlen: 24
118.99.23.0/24 maxlen: 24
118.99.26.0/24 maxlen: 24
118.99.31.0/24 maxlen: 24
118.99.34.0/24 maxlen: 24
119.47.82.0/24 maxlen: 24
163.53.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 627 (0x273)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164D60/serialNumber=E0BA228EAF9812F067D2FF3BF806895698C93977
Validity
Not Before: Mar 9 12:12:23 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=622899a6-c0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:74:7a:af:88:0b:44:ca:82:f2:2e:09:80:03:
9f:62:36:56:9e:ba:28:af:db:2d:c0:fa:48:1c:5d:
f9:32:31:ae:3e:24:e6:05:19:94:f0:ef:dd:1b:53:
18:0e:91:94:83:8a:ef:83:bd:cc:02:87:30:1e:55:
5d:37:f6:a1:0d:35:d9:f2:d9:8b:4e:64:c7:12:71:
dc:cc:77:be:87:31:e5:0b:9d:7d:65:0a:f0:d2:76:
16:72:95:db:43:33:62:4b:1c:67:d7:dd:54:3d:b3:
ca:76:87:68:81:81:5c:1e:03:87:f2:2a:a3:1a:93:
e9:4a:ba:c7:bb:c3:d5:70:26:05:be:23:15:d9:e6:
17:12:5a:1c:dc:aa:d8:da:73:a7:7a:98:2c:4f:2d:
2d:7c:c6:53:60:7a:12:cd:e1:70:ab:b4:64:bd:04:
8a:0c:19:88:f7:22:57:42:6b:7d:39:4d:a3:c6:8d:
47:2e:95:b3:9b:33:11:0d:64:8b:c9:c7:d7:7b:87:
47:c5:6f:36:13:13:62:a7:02:e5:b7:e7:f6:7d:d0:
cb:04:9b:8f:26:58:47:22:22:aa:20:98:9d:67:52:
b9:e6:53:bc:5f:b9:3e:5b:c2:34:84:62:cd:11:31:
15:c7:1b:f3:36:be:30:e9:91:d8:c9:09:8c:3d:b3:
c2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F4:06:56:F9:E4:1E:86:98:B2:8D:EE:D6:2E:18:EB:87:11:48:5A
X509v3 Authority Key Identifier:
keyid:E0:BA:22:8E:AF:98:12:F0:67:D2:FF:3B:F8:06:89:56:98:C9:39:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/4Loijq-YEvBn0v87-AaJVpjJOXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Loijq-YEvBn0v87-AaJVpjJOXc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164D60/9E0DE392B45F11EBB61B760CC4F9AE02/2CACE5849FA211EC9138EA23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.126.176.0-27.126.178.255
27.126.180.0/24
27.126.184.0/24
27.126.189.0/24
118.99.23.0/24
118.99.26.0/24
118.99.31.0/24
118.99.34.0/24
119.47.82.0/24
163.53.217.0/24
Signature Algorithm: sha256WithRSAEncryption
48:2a:6c:78:08:fc:43:fa:04:45:be:b8:be:d0:8b:54:8b:58:
d3:f3:4d:5b:56:87:c4:03:de:1d:f9:cb:18:f0:bd:a1:df:91:
1b:f0:ac:f4:4b:c4:02:a7:b0:28:80:b8:4e:28:43:f1:d5:e2:
b6:1e:a6:5e:74:08:e6:a2:1e:87:43:b0:50:5f:de:54:c0:94:
b9:83:73:09:5c:62:76:ed:38:34:d2:46:a7:c1:90:0a:d7:ca:
63:4c:14:a3:05:c1:93:33:40:0a:7b:97:d1:af:82:3c:98:aa:
36:4e:fa:6c:7a:fa:cf:2e:55:88:97:af:d5:ce:2e:07:8d:e1:
c3:96:0b:5c:9a:99:35:a6:a0:02:43:8e:74:f5:f7:86:11:83:
d8:c3:0e:71:89:e2:9d:7d:73:64:dc:54:86:ff:ce:eb:8a:f3:
c8:71:1b:ee:8d:70:62:62:f3:f4:20:c2:9d:4d:50:7b:75:ef:
14:d0:a3:39:a2:f4:88:25:26:3a:0c:62:66:b8:03:23:76:7e:
46:68:b4:b8:4c:31:28:13:d7:85:b0:1a:ac:6d:0e:4c:79:48:
00:fd:a4:1c:d7:ff:6b:82:ad:9b:35:ed:61:f2:c8:de:21:1b:
21:b5:b3:38:f2:5f:74:7e:a4:00:49:81:8f:6b:45:4a:64:51:
0a:63:40:83
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICAnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjRENjAxMTAvBgNVBAUTKEUwQkEyMjhFQUY5ODEyRjA2N0QyRkYzQkY4MDY4OTU2
OThDOTM5NzcwHhcNMjIwMzA5MTIxMjIzWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjI4OTlhNi1jMGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuXR6r4gLRMqC8i4JgAOfYjZWnroor9stwPpIHF35MjGuPiTmBRmU8O/dG1MY
DpGUg4rvg73MAocwHlVdN/ahDTXZ8tmLTmTHEnHczHe+hzHlC519ZQrw0nYWcpXb
QzNiSxxn191UPbPKdodogYFcHgOH8iqjGpPpSrrHu8PVcCYFviMV2eYXEloc3KrY
2nOnepgsTy0tfMZTYHoSzeFwq7RkvQSKDBmI9yJXQmt9OU2jxo1HLpWzmzMRDWSL
ycfXe4dHxW82ExNipwLlt+f2fdDLBJuPJlhHIiKqIJidZ1K55lO8X7k+W8I0hGLN
ETEVxxvzNr4w6ZHYyQmMPbPCzwIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFB/0Blb5
5B6GmLKN7tYuGOuHEUhaMB8GA1UdIwQYMBaAFOC6Io6vmBLwZ9L/O/gGiVaYyTl3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NEQ2MC85RTBERTM5MkI0
NUYxMUVCQjYxQjc2MENDNEY5QUUwMi80TG9panEtWUV2Qm4wdjg3LUFhSlZwakpP
WGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRMb2lqcS1ZRXZCbjB2ODctQWFKVnBqSk9YYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjRENjAvOUUwREUzOTJCNDVGMTFFQkI2MUI3NjBDQzRGOUFFMDIvMkNBQ0U1ODQ5
RkEyMTFFQzkxMzhFQTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMEoEAgABMEQwDAMEBBt+sAMEABt+sgMEABt+tAMEABt+uAMEABt+vQMEAHZj
FwMEAHZjGgMEAHZjHwMEAHZjIgMEAHcvUgMEAKM12TANBgkqhkiG9w0BAQsFAAOC
AQEASCpseAj8Q/oERb64vtCLVItY0/NNW1aHxAPeHfnLGPC9od+RG/Cs9EvEAqew
KIC4TihD8dXith6mXnQI5qIeh0OwUF/eVMCUuYNzCVxidu04NNJGp8GQCtfKY0wU
owXBkzNACnuX0a+CPJiqNk76bHr6zy5ViJev1c4uB43hw5YLXJqZNaagAkOOdPX3
hhGD2MMOcYninX1zZNxUhv/O64rzyHEb7o1wYmLz9CDCnU1Qe3XvFNCjOaL0iCUm
OgxiZrgDI3Z+Rmi0uEwxKBPXhbAarG0OTHlIAP2kHNf/a4KtmzXtYfLI3iEbIbWz
OPJfdH6kAEmBj2tFSmRRCmNAgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org