Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5230FDB8D6A211EC8CCC3F48C4F9AE02.roa
File: 5230FDB8D6A211EC8CCC3F48C4F9AE02.roa (raw, json)
Hash identifier: Rgfn+1KCtP0Un8i1GZ6MnQ0k/QnpESqa0tody2SiBRo=
Subject key identifier: F2:87:DE:F0:15:4C:25:EE:B0:1D:B6:46:48:0A:09:41:B9:A4:A8:54
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5582
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5230FDB8D6A211EC8CCC3F48C4F9AE02.roa
Signing time: Wed 18 May 2022 12:02:00 +0000
ROA not before: Wed 18 May 2022 12:02:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137125
IP address blocks: 27.48.0.0/16 maxlen: 22
103.112.24.0/22 maxlen: 24
122.50.128.0/17 maxlen: 24
202.62.224.0/20 maxlen: 24
202.137.208.0/20 maxlen: 24
203.98.96.0/19 maxlen: 24
2404:c00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21890 (0x5582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 18 12:02:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6284e037-61d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7e:a5:f0:dd:ea:14:96:e9:17:8c:25:26:d1:
a8:92:58:cd:3f:02:6a:73:77:cb:6b:8e:83:eb:75:
f0:d9:15:e1:bf:0f:cb:43:78:9d:4a:9c:27:35:59:
f2:b1:e1:4b:03:88:d8:df:ad:1b:fd:3e:6d:2e:25:
9f:1e:67:61:bd:0d:11:d9:63:8a:f6:a1:06:2f:3e:
87:40:29:bc:29:9c:48:30:c3:23:a1:55:43:c8:b3:
75:0d:b9:ac:7a:06:30:8b:ac:35:5b:51:3e:85:79:
85:29:21:db:79:35:c7:9c:dd:9b:66:fd:e0:5f:c5:
a9:fc:07:36:fa:f5:12:e1:37:4c:8d:8a:4a:4a:fb:
be:a0:72:5a:01:ca:30:80:d4:13:8f:7b:f8:be:71:
29:28:c4:df:e1:ba:73:9c:38:ad:5f:d0:75:e8:1b:
81:43:91:0d:d3:f1:05:d1:7e:bb:e5:af:70:19:d2:
0a:51:ff:62:5b:d8:7d:3a:ce:2c:8c:2d:1f:16:bc:
ff:03:54:d8:d2:8c:6b:c0:19:21:86:37:e3:7a:fe:
98:96:ab:90:69:b7:a5:3c:de:16:b2:28:7d:12:e9:
9b:d1:ca:d8:be:a2:c1:ae:8a:a5:61:4e:6f:af:59:
a7:6d:b5:f4:4e:22:d2:37:a9:9d:dc:33:85:2f:19:
2e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:87:DE:F0:15:4C:25:EE:B0:1D:B6:46:48:0A:09:41:B9:A4:A8:54
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5230FDB8D6A211EC8CCC3F48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.48.0.0/16
103.112.24.0/22
122.50.128.0/17
202.62.224.0/20
202.137.208.0/20
203.98.96.0/19
IPv6:
2404:c00::/32
Signature Algorithm: sha256WithRSAEncryption
25:fb:6a:e1:aa:46:c5:2f:72:c2:dd:88:75:2b:17:80:c1:22:
8e:49:b1:b8:80:52:bd:12:1a:78:fd:6f:5d:04:bb:4f:a5:b5:
5e:1b:f4:71:25:c3:34:43:c5:90:ea:6c:4a:60:f6:c7:9f:e2:
a1:15:47:c9:f6:58:97:c2:6d:16:ab:fc:da:7d:26:94:71:b6:
4f:ad:4a:48:d1:ba:ff:00:5b:27:0a:47:5a:dd:06:da:03:30:
19:44:32:34:aa:30:28:9e:79:4e:6c:3b:bd:6e:fe:17:70:cb:
34:d5:3b:01:96:f1:2c:a5:8e:de:64:97:94:e7:4f:72:d9:99:
e8:da:2a:fb:93:26:79:d6:02:f1:ca:2d:fb:8a:62:58:c8:fb:
0f:37:ee:bb:60:9a:80:bf:b3:ae:70:ca:8e:40:b1:7b:d0:79:
cc:ab:6f:fd:c9:89:07:e7:13:89:85:8a:19:fa:10:b7:be:e3:
ae:f0:68:99:29:b0:f3:65:0b:cb:97:87:cd:43:c5:93:29:15:
67:ce:b4:65:0d:ac:0b:c8:d8:03:db:01:f3:9d:f7:03:a8:1a:
6e:16:21:1f:4f:7e:23:91:76:34:27:fc:ec:ae:ef:7c:6a:74:
c1:e1:03:0a:a2:57:1e:93:d9:b4:54:ae:2e:00:03:90:3a:f7:
6d:ca:0f:16
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICVYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE4MTIwMjAwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg0ZTAzNy02MWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1H6l8N3qFJbpF4wlJtGokljNPwJqc3fLa46D63Xw2RXhvw/LQ3idSpwnNVny
seFLA4jY360b/T5tLiWfHmdhvQ0R2WOK9qEGLz6HQCm8KZxIMMMjoVVDyLN1Dbms
egYwi6w1W1E+hXmFKSHbeTXHnN2bZv3gX8Wp/Ac2+vUS4TdMjYpKSvu+oHJaAcow
gNQTj3v4vnEpKMTf4bpznDitX9B16BuBQ5EN0/EF0X675a9wGdIKUf9iW9h9Os4s
jC0fFrz/A1TY0oxrwBkhhjfjev6YlquQabelPN4Wsih9Eumb0crYvqLBroqlYU5v
r1mnbbX0TiLSN6md3DOFLxkuXwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFPKH3vAV
TCXusB22RkgKCUG5pKhUMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTIzMEZEQjhE
NkEyMTFFQzhDQ0MzRjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MCkEAgABMCMDAwAbMAMEAmdwGAMEB3oygAMEBMo+4AMEBMqJ0AMEBctiYDAN
BAIAAjAHAwUAJAQMADANBgkqhkiG9w0BAQsFAAOCAQEAJftq4apGxS9ywt2IdSsX
gMEijkmxuIBSvRIaeP1vXQS7T6W1Xhv0cSXDNEPFkOpsSmD2x5/ioRVHyfZYl8Jt
Fqv82n0mlHG2T61KSNG6/wBbJwpHWt0G2gMwGUQyNKowKJ55Tmw7vW7+F3DLNNU7
AZbxLKWO3mSXlOdPctmZ6Noq+5MmedYC8cot+4piWMj7Dzfuu2CagL+zrnDKjkCx
e9B5zKtv/cmJB+cTiYWKGfoQt77jrvBomSmw82ULy5eHzUPFkykVZ860ZQ2sC8jY
A9sB8533A6gabhYhH09+I5F2NCf87K7vfGp0weEDCqJXHpPZtFSuLgADkDr3bcoP
Fg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org