Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/C1A36BA0E85911EBB1ECF31AC4F9AE02.roa
File: C1A36BA0E85911EBB1ECF31AC4F9AE02.roa (raw, json)
Hash identifier: daShjbErl+2+hPsWNXOuqkaNJxkpURSr1Hq0hkpgVH0=
Subject key identifier: 8A:DC:E5:78:85:8A:60:86:11:C0:F3:F2:A7:56:02:7A:34:E0:54:B4
Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748
Certificate serial: 179C
Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/C1A36BA0E85911EBB1ECF31AC4F9AE02.roa
Signing time: Mon 19 Jul 2021 06:44:25 +0000
ROA not before: Mon 19 Jul 2021 06:44:25 +0000
ROA not after: Thu 31 Mar 2022 00:00:00 +0000
asID: 31898
IP address blocks: 103.81.184.0/22 maxlen: 22
202.144.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6044 (0x179c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748
Validity
Not Before: Jul 19 06:44:25 2021 GMT
Not After : Mar 31 00:00:00 2022 GMT
Subject: CN=60f51f49-f4f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:db:47:9d:83:03:01:91:bc:5a:9f:5d:bf:fe:
a8:b0:6a:bc:33:ce:ca:60:d8:26:ea:4e:b8:55:c5:
e3:14:40:36:ee:6d:2f:89:66:86:b4:7d:67:75:17:
54:0b:bd:ed:65:3a:e0:f5:5d:16:8f:3f:7f:b5:1a:
13:91:61:ca:73:20:44:00:31:f3:ae:f7:cf:f6:b5:
16:ef:b8:ce:23:f8:8f:fe:a8:bf:07:89:bc:82:23:
02:3a:56:62:3d:52:eb:a0:fc:40:da:c4:c2:55:68:
2c:77:73:54:b4:92:24:0d:ae:b2:0e:bc:fb:4e:3d:
bd:7e:f0:40:f5:90:75:15:1c:17:b5:b9:d0:b1:42:
43:04:47:04:1a:b6:2e:83:ca:de:53:29:2d:1e:4e:
a5:8f:9d:2c:4d:63:bb:5f:0e:0b:5e:53:54:44:01:
03:25:bc:3b:28:24:4c:34:e1:a8:ca:c7:65:ab:23:
f2:be:b7:26:46:c4:41:03:37:57:2d:da:f1:20:04:
00:2c:46:da:60:58:d2:75:9d:14:1a:37:f8:47:91:
49:53:47:4c:ad:53:d4:cf:c5:ec:ca:5a:dc:02:82:
38:b6:27:4d:f2:5c:50:ae:2f:d3:b2:29:03:1e:3f:
16:49:4b:a4:f0:cf:48:d6:71:05:f3:d5:c3:51:d7:
89:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:DC:E5:78:85:8A:60:86:11:C0:F3:F2:A7:56:02:7A:34:E0:54:B4
X509v3 Authority Key Identifier:
keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/C1A36BA0E85911EBB1ECF31AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.184.0/22
202.144.196.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:8e:e4:b7:6e:7f:ba:79:ab:e7:68:c2:3c:98:59:c0:66:22:
6d:11:2f:d9:b3:fb:2b:75:9a:3b:e5:55:e8:24:3a:52:75:1f:
e1:44:84:30:94:87:f7:c0:fc:c6:35:5f:94:2a:1d:88:a2:57:
92:8a:fb:45:7e:14:44:c0:dc:8b:73:90:1e:fb:9b:cc:90:3e:
20:e2:17:b5:8b:6f:01:3a:56:10:3d:99:a5:9a:a8:b4:cf:ed:
eb:8a:37:11:e5:8f:03:d5:36:42:3e:2e:53:dc:38:db:68:4b:
66:cf:79:6e:5e:de:b1:1b:2c:6c:59:f7:1e:47:a3:bb:92:41:
5f:1a:07:13:d5:04:11:66:38:38:73:86:2e:c2:a8:62:15:e4:
e5:55:df:42:86:70:d8:9b:f4:be:c2:8b:54:18:2d:b1:2e:78:
5f:70:ed:85:51:2e:3a:29:b2:85:f0:67:18:20:e7:d0:ff:ff:
1f:57:94:89:6a:5c:13:3a:bb:69:b7:86:ad:b3:97:4a:b2:27:
09:30:ab:45:06:9c:da:0f:81:06:34:39:fc:e7:2f:53:2b:f5:
fe:07:c7:f5:0b:6f:9e:35:b4:48:a7:7c:c8:f0:de:ef:3e:25:
71:ad:d1:c4:74:fa:51:69:fa:f3:61:1c:04:67:ff:da:a4:89:
f9:14:d6:f0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICF5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky
Q0Q4ODQ3NDgwHhcNMjEwNzE5MDY0NDI1WhcNMjIwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGY1MWY0OS1mNGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzdtHnYMDAZG8Wp9dv/6osGq8M87KYNgm6k64VcXjFEA27m0viWaGtH1ndRdU
C73tZTrg9V0Wjz9/tRoTkWHKcyBEADHzrvfP9rUW77jOI/iP/qi/B4m8giMCOlZi
PVLroPxA2sTCVWgsd3NUtJIkDa6yDrz7Tj29fvBA9ZB1FRwXtbnQsUJDBEcEGrYu
g8reUyktHk6lj50sTWO7Xw4LXlNURAEDJbw7KCRMNOGoysdlqyPyvrcmRsRBAzdX
LdrxIAQALEbaYFjSdZ0UGjf4R5FJU0dMrVPUz8XsylrcAoI4tidN8lxQri/TsikD
Hj8WSUuk8M9I1nEF89XDUdeJvQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIrc5XiF
imCGEcDz8qdWAno04FS0MB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy
RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RCRjIvRTM0NDUwMTZDMkY4MTFFNjk5N0FFQjZCQzRGOUFFMDIvQzFBMzZCQTBF
ODU5MTFFQkIxRUNGMzFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnUbgDBALKkMQwDQYJKoZIhvcNAQELBQADggEBAFuO5Ldu
f7p5q+dowjyYWcBmIm0RL9mz+yt1mjvlVegkOlJ1H+FEhDCUh/fA/MY1X5QqHYii
V5KK+0V+FETA3ItzkB77m8yQPiDiF7WLbwE6VhA9maWaqLTP7euKNxHljwPVNkI+
LlPcONtoS2bPeW5e3rEbLGxZ9x5Ho7uSQV8aBxPVBBFmODhzhi7CqGIV5OVV30KG
cNib9L7Ci1QYLbEueF9w7YVRLjopsoXwZxgg59D//x9XlIlqXBM6u2m3hq2zl0qy
Jwkwq0UGnNoPgQY0OfznL1Mr9f4Hx/ULb541tEinfMjw3u8+JXGt0cR0+lFp+vNh
HARn/9qkifkU1vA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org