Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D6B7/1C16641C1D9711E296D0308008B02CD2/70C3F542DC9311EA8CDD0F5CC4F9AE02.roa
File: 70C3F542DC9311EA8CDD0F5CC4F9AE02.roa (raw, json)
Hash identifier: dYAwBrCbS4D6SzHBPuZJEFWLEn/I1D2B+CnZjfrKtHY=
Subject key identifier: 20:31:2F:EC:08:F7:AA:A6:30:4D:C7:3C:C3:41:A0:C6:3D:28:CF:4D
Certificate issuer: /CN=A918D6B7/serialNumber=EEA8AE80D713E6B22DB0EC609157F0C59A52FD7F
Certificate serial: 30FB
Authority key identifier: EE:A8:AE:80:D7:13:E6:B2:2D:B0:EC:60:91:57:F0:C5:9A:52:FD:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7qiugNcT5rItsOxgkVfwxZpS_X8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D6B7/1C16641C1D9711E296D0308008B02CD2/70C3F542DC9311EA8CDD0F5CC4F9AE02.roa
Signing time: Mon 14 Feb 2022 03:20:48 +0000
ROA not before: Mon 14 Feb 2022 03:20:48 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 58470
IP address blocks: 119.160.62.0/24 maxlen: 24
119.160.63.0/24 maxlen: 24
119.160.90.0/24 maxlen: 24
119.160.107.0/24 maxlen: 24
2404:3100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12539 (0x30fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D6B7/serialNumber=EEA8AE80D713E6B22DB0EC609157F0C59A52FD7F
Validity
Not Before: Feb 14 03:20:48 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=6209ca90-24cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:db:2f:66:20:f2:be:4c:da:8e:68:ea:99:83:
5d:53:ca:01:5d:b3:9a:de:4a:5b:06:da:5f:02:96:
ed:7f:9b:36:ce:b5:68:b7:11:9a:bc:69:be:d1:b6:
df:6c:00:c6:77:86:a1:8e:30:0c:98:01:a3:5e:28:
e2:28:66:84:97:c2:79:d9:ed:c2:83:7d:b2:0c:c4:
3a:a0:54:85:d9:ba:3c:85:92:f0:f1:60:6c:60:ea:
f3:11:95:a0:ca:14:74:1b:4e:b6:3c:f8:15:06:0c:
97:5e:91:71:1c:d7:e8:b5:55:86:b4:8b:ab:20:40:
c3:5f:7c:85:ed:38:ec:14:3f:2d:f4:23:82:fd:eb:
97:16:2e:3c:02:e9:cc:70:65:e2:2d:47:47:f7:b0:
41:dc:c1:bc:ed:05:e5:4e:5c:2d:7b:12:bb:87:bf:
b4:9b:97:65:10:aa:ca:7b:0d:a9:86:e3:90:b6:46:
2b:27:bc:aa:06:98:d0:53:2f:39:9a:15:ec:82:70:
7a:a0:fb:19:50:f7:f1:7c:8b:a6:96:a3:25:96:bf:
e8:e5:69:76:c9:16:bb:5d:7c:dd:ce:04:99:dd:9e:
08:53:6f:7e:6d:1a:ed:f5:97:d5:3b:72:f3:ab:9a:
94:f6:a8:de:7b:5b:f0:05:24:08:79:72:50:33:45:
1d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:31:2F:EC:08:F7:AA:A6:30:4D:C7:3C:C3:41:A0:C6:3D:28:CF:4D
X509v3 Authority Key Identifier:
keyid:EE:A8:AE:80:D7:13:E6:B2:2D:B0:EC:60:91:57:F0:C5:9A:52:FD:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D6B7/1C16641C1D9711E296D0308008B02CD2/7qiugNcT5rItsOxgkVfwxZpS_X8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7qiugNcT5rItsOxgkVfwxZpS_X8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D6B7/1C16641C1D9711E296D0308008B02CD2/70C3F542DC9311EA8CDD0F5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.160.62.0/23
119.160.90.0/24
119.160.107.0/24
IPv6:
2404:3100::/32
Signature Algorithm: sha256WithRSAEncryption
70:df:e9:55:28:c5:b8:bf:72:f9:99:fa:d7:c9:48:e4:c2:54:
24:61:15:d3:ea:4c:b2:2c:52:23:d5:e3:fc:42:0c:3d:2c:0e:
52:3f:c6:97:85:d4:c8:77:e0:17:7c:ff:5b:43:9d:8e:17:51:
6f:1b:e0:c8:80:ad:e7:f2:71:14:bf:d1:b6:d3:29:7f:1e:8f:
54:73:61:9a:0e:54:f1:4e:62:35:9f:8c:a1:6c:7e:f4:69:6d:
af:8d:c8:59:56:90:e0:36:fd:ca:f1:65:63:71:37:3d:af:08:
93:45:03:4f:5f:6e:2e:96:5a:74:c8:2d:b1:d3:f6:a8:cc:65:
e8:fa:51:ce:12:5b:e3:e4:19:a9:34:94:ff:8c:72:76:f2:a2:
53:26:c0:a5:8d:1d:e8:3c:79:00:11:4d:c5:0a:72:4d:51:24:
a7:b6:f6:34:bc:f3:86:af:bc:2b:59:87:60:c3:1b:dc:2a:ae:
1e:45:79:ac:54:46:f5:0f:c7:43:ce:a7:7f:2b:de:dd:e9:d1:
a5:5f:23:9e:00:b9:7a:23:85:26:7e:75:2b:9b:a8:f6:e5:a8:
c4:f6:38:68:7a:a3:e8:f3:d5:df:69:d6:05:c2:4b:a5:ab:8a:
62:1b:ae:1c:a4:aa:62:3e:54:07:0a:7f:9a:c5:30:a8:34:ff:
31:70:9b:b3
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICMPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQ2QjcxMTAvBgNVBAUTKEVFQThBRTgwRDcxM0U2QjIyREIwRUM2MDkxNTdGMEM1
OUE1MkZEN0YwHhcNMjIwMjE0MDMyMDQ4WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjA5Y2E5MC0yNGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsdsvZiDyvkzajmjqmYNdU8oBXbOa3kpbBtpfApbtf5s2zrVotxGavGm+0bbf
bADGd4ahjjAMmAGjXijiKGaEl8J52e3Cg32yDMQ6oFSF2bo8hZLw8WBsYOrzEZWg
yhR0G062PPgVBgyXXpFxHNfotVWGtIurIEDDX3yF7TjsFD8t9COC/euXFi48AunM
cGXiLUdH97BB3MG87QXlTlwtexK7h7+0m5dlEKrKew2phuOQtkYrJ7yqBpjQUy85
mhXsgnB6oPsZUPfxfIumlqMllr/o5Wl2yRa7XXzdzgSZ3Z4IU29+bRrt9ZfVO3Lz
q5qU9qjee1vwBSQIeXJQM0UdjQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFCAxL+wI
96qmME3HPMNBoMY9KM9NMB8GA1UdIwQYMBaAFO6oroDXE+ayLbDsYJFX8MWaUv1/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDZCNy8xQzE2NjQxQzFE
OTcxMUUyOTZEMDMwODAwOEIwMkNEMi83cWl1Z05jVDVySXRzT3hna1Zmd3hacFNf
WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdxaXVnTmNUNXJJdHNPeGdrVmZ3eFpwU19YOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQ2QjcvMUMxNjY0MUMxRDk3MTFFMjk2RDAzMDgwMDhCMDJDRDIvNzBDM0Y1NDJE
QzkzMTFFQThDREQwRjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAF3oD4DBAB3oFoDBAB3oGswDQQCAAIwBwMFACQEMQAwDQYJ
KoZIhvcNAQELBQADggEBAHDf6VUoxbi/cvmZ+tfJSOTCVCRhFdPqTLIsUiPV4/xC
DD0sDlI/xpeF1Mh34Bd8/1tDnY4XUW8b4MiArefycRS/0bbTKX8ej1RzYZoOVPFO
YjWfjKFsfvRpba+NyFlWkOA2/crxZWNxNz2vCJNFA09fbi6WWnTILbHT9qjMZej6
Uc4SW+PkGak0lP+McnbyolMmwKWNHeg8eQARTcUKck1RJKe29jS884avvCtZh2DD
G9wqrh5FeaxURvUPx0POp38r3t3p0aVfI54AuXojhSZ+dSubqPblqMT2OGh6o+jz
1d9p1gXCS6WrimIbrhykqmI+VAcKf5rFMKg0/zFwm7M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:50 2023 by rpki-client on console-fra.rpki-client.org