Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C4BBFF94049911ECAC7E5D0DC4F9AE02.roa
File: C4BBFF94049911ECAC7E5D0DC4F9AE02.roa (raw, json)
Hash identifier: DAp47IVwTcipvRHyKQ+rQosVLQHuG276Zvg5BNxhXyY=
Subject key identifier: D5:BF:E3:BA:49:DA:B1:5A:62:07:D7:ED:93:40:C7:16:82:BF:84:0C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4871
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C4BBFF94049911ECAC7E5D0DC4F9AE02.roa
Signing time: Wed 16 Feb 2022 06:21:28 +0000
ROA not before: Wed 16 Feb 2022 06:21:28 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 135259
IP address blocks: 45.248.192.0/22 maxlen: 24
103.68.40.0/22 maxlen: 24
103.217.152.0/22 maxlen: 24
2404:98c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18545 (0x4871)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 16 06:21:28 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=620c97e8-3bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:a6:24:03:97:28:f3:fa:76:53:29:a3:6d:
34:99:13:32:57:a0:c5:89:0e:f1:54:61:ae:a4:51:
5f:d5:61:df:8e:c7:7d:f3:7c:22:75:b0:6f:05:df:
d2:b2:9d:44:cf:3a:c9:ad:73:e0:e8:23:e6:08:88:
bb:84:de:d9:df:03:af:b8:7f:4f:fe:39:34:c9:57:
e7:1d:32:74:1e:ff:d5:ba:83:52:1f:e1:55:f8:ae:
7f:db:74:d0:74:7f:dd:cd:a0:e5:54:54:cd:cf:86:
aa:f0:5a:a9:6a:f8:07:36:78:95:a0:bc:73:54:9f:
31:6f:ec:80:20:7f:6e:1d:57:47:09:8b:fd:c1:96:
53:18:8a:63:0e:7b:dd:79:94:ea:3e:06:81:17:6d:
14:82:82:dd:c5:5c:9c:b7:66:ce:3e:64:e0:88:d3:
ca:34:6d:be:68:c5:e7:bd:c6:38:dd:89:98:27:1d:
cf:bd:a1:50:e8:af:e8:25:20:bd:7d:5c:a0:09:c6:
e3:ee:22:8b:3a:e8:20:52:93:d4:2d:5b:e8:37:45:
5e:9c:fb:24:fe:ad:f0:b1:f1:44:20:b8:10:7b:f3:
16:1b:ff:fd:60:61:f6:22:45:68:db:a0:9f:71:40:
e8:93:53:c2:4f:50:7c:66:6f:ea:ad:c5:67:d7:2f:
2b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BF:E3:BA:49:DA:B1:5A:62:07:D7:ED:93:40:C7:16:82:BF:84:0C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C4BBFF94049911ECAC7E5D0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.192.0/22
103.68.40.0/22
103.217.152.0/22
IPv6:
2404:98c0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:14:4b:bc:70:5a:e8:2c:be:1b:f5:5d:69:d3:ca:fe:5e:c3:
08:ea:9e:12:12:63:80:60:48:ec:f6:99:95:f6:0b:8f:6b:70:
60:69:e9:b2:3d:7a:cb:97:71:e4:0e:a4:77:d0:d9:b0:7e:9b:
52:19:5a:e2:d6:87:44:55:9d:d1:68:17:64:29:5e:66:09:d2:
db:41:8c:9e:37:81:9e:b2:58:35:74:3a:cc:9d:11:3d:bb:e4:
cd:f5:e7:8a:3a:3c:8f:24:9e:53:b7:59:4d:3d:b1:f0:2e:33:
6e:cb:29:9f:cd:f1:33:2b:2a:bb:a6:84:21:1b:0f:bb:98:d4:
23:8a:41:68:08:ec:07:0c:d6:3e:f1:35:91:58:84:36:fa:95:
a4:2b:93:48:c4:ae:c7:26:ba:d8:7c:87:f5:bb:98:3c:38:f1:
96:95:27:f5:cb:f6:17:de:e7:66:07:c9:7b:85:9e:8d:96:5c:
ea:b6:8d:de:e6:45:76:74:00:bf:a3:96:a9:1a:27:84:7d:52:
7b:e2:e5:1e:f6:7d:16:7b:4a:8d:16:34:08:ca:f0:fc:ad:f8:
f3:0c:35:53:3b:df:ed:35:a2:5f:93:83:50:14:4f:c2:fd:e4:
f6:a6:76:a7:b4:81:09:56:58:0e:14:ba:bd:59:a8:18:39:ee:
09:27:f0:74
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICSHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMjE2MDYyMTI4WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBjOTdlOC0zYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqyKmJAOXKPP6dlMpo200mRMyV6DFiQ7xVGGupFFf1WHfjsd983widbBvBd/S
sp1EzzrJrXPg6CPmCIi7hN7Z3wOvuH9P/jk0yVfnHTJ0Hv/VuoNSH+FV+K5/23TQ
dH/dzaDlVFTNz4aq8FqpavgHNniVoLxzVJ8xb+yAIH9uHVdHCYv9wZZTGIpjDnvd
eZTqPgaBF20UgoLdxVyct2bOPmTgiNPKNG2+aMXnvcY43YmYJx3PvaFQ6K/oJSC9
fVygCcbj7iKLOuggUpPULVvoN0VenPsk/q3wsfFEILgQe/MWG//9YGH2IkVo26Cf
cUDok1PCT1B8Zm/qrcVn1y8rxQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNW/47pJ
2rFaYgfX7ZNAxxaCv4QMMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQzRCQkZGOTQw
NDk5MTFFQ0FDN0U1RDBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIt+MADBAJnRCgDBAJn2ZgwDQQCAAIwBwMFACQEmMAwDQYJ
KoZIhvcNAQELBQADggEBAEsUS7xwWugsvhv1XWnTyv5ewwjqnhISY4BgSOz2mZX2
C49rcGBp6bI9esuXceQOpHfQ2bB+m1IZWuLWh0RVndFoF2QpXmYJ0ttBjJ43gZ6y
WDV0OsydET275M3154o6PI8knlO3WU09sfAuM27LKZ/N8TMrKrumhCEbD7uY1COK
QWgI7AcM1j7xNZFYhDb6laQrk0jErscmuth8h/W7mDw48ZaVJ/XL9hfe52YHyXuF
no2WXOq2jd7mRXZ0AL+jlqkaJ4R9Unvi5R72fRZ7So0WNAjK8Pyt+PMMNVM73+01
ol+Tg1AUT8L95Pamdqe0gQlWWA4Uur1ZqBg57gkn8HQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org