Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/12B4E8028E5411ECA46CBB73C4F9AE02.roa
File: 12B4E8028E5411ECA46CBB73C4F9AE02.roa (raw, json)
Hash identifier: 2wezf6ecnfUD2+WwKkBkWyHTOpmAYWbkTjOQ/xzFGjU=
Subject key identifier: 52:07:5F:E5:61:E9:2A:25:67:2F:36:71:AD:47:35:54:6A:A0:C5:4E
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 396A
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/12B4E8028E5411ECA46CBB73C4F9AE02.roa
Signing time: Fri 26 Aug 2022 14:52:36 +0000
ROA not before: Fri 26 Aug 2022 14:52:36 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 24085
IP address blocks: 116.193.64.0/20 maxlen: 24
120.72.80.0/21 maxlen: 24
120.72.96.0/19 maxlen: 24
202.78.224.0/21 maxlen: 24
210.2.64.0/18 maxlen: 24
2403:6000::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14698 (0x396a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 26 14:52:36 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6308de34-85b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:ff:5a:28:7a:e3:4a:e3:fa:ac:e6:45:f8:
04:1d:66:93:22:70:d8:3e:c1:96:54:8f:cf:12:d6:
f1:f8:7b:4b:42:b3:96:5e:53:ab:1a:b2:0c:63:5a:
4c:81:2b:64:2b:7c:0b:61:ae:ae:2c:e5:b8:98:4f:
95:d6:75:55:eb:13:57:a2:16:fd:af:fd:cb:dd:68:
9a:e9:3a:35:9e:6c:98:08:e1:9b:83:89:3d:88:1f:
94:aa:99:dc:52:39:4f:3b:85:2c:57:84:42:01:27:
b3:4b:d5:13:98:1e:d6:86:32:1a:69:aa:e6:78:c1:
3b:c0:29:39:71:11:17:d7:c1:ee:80:6b:4d:e4:d6:
40:06:0b:e4:8b:14:55:6a:02:ff:e6:f8:85:2f:c2:
01:e4:76:98:87:7a:29:ea:87:f9:2f:fe:e7:b8:65:
74:42:d4:9f:b7:be:c9:0b:4d:2d:78:c3:22:da:95:
f7:07:5d:53:e2:d1:03:67:7b:43:86:f1:a2:54:71:
2d:5f:c2:4a:68:77:7a:1b:5f:1b:f6:70:2a:1a:d1:
46:77:7d:d2:cf:63:4b:a3:4d:89:51:85:c2:1e:b3:
77:3b:41:91:55:cd:e6:1c:7f:d7:be:1c:7a:e0:48:
24:95:a5:0d:14:77:11:8a:12:7e:29:1a:7e:fd:b6:
bb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:07:5F:E5:61:E9:2A:25:67:2F:36:71:AD:47:35:54:6A:A0:C5:4E
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/12B4E8028E5411ECA46CBB73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.193.64.0/20
120.72.80.0/21
120.72.96.0/19
202.78.224.0/21
210.2.64.0/18
IPv6:
2403:6000::/32
Signature Algorithm: sha256WithRSAEncryption
27:b1:e9:74:a1:2b:16:89:c8:6d:46:35:51:46:e5:e2:a8:d3:
cd:c7:35:24:ac:16:80:bc:33:a4:5b:9f:e9:fc:d0:5a:a0:98:
b0:b9:c9:65:64:e9:f0:53:9b:a1:e0:e0:0a:ff:21:9d:0a:f6:
8b:42:b9:c5:c6:97:09:fe:1f:02:94:bd:93:af:54:ed:9a:a9:
e7:bd:2c:a7:68:e6:5b:ed:c0:00:89:f4:5f:24:a8:fe:7b:21:
3e:2c:77:96:60:49:e9:90:fd:91:47:cc:4e:48:88:77:38:a9:
2b:05:93:41:15:d7:d9:ce:66:c5:f4:4e:cb:ff:af:0e:b5:03:
ec:b4:71:af:a3:56:e5:13:12:3d:91:f2:bc:f7:47:77:7e:60:
1f:c2:78:83:68:fd:f6:35:df:f9:1b:7d:21:71:37:c5:9f:8b:
1e:9b:97:eb:51:46:db:4e:85:3c:94:ed:cd:ca:3a:c2:1d:c3:
b2:4b:9b:50:a8:4e:77:b6:9d:7f:ec:ae:2b:d4:fc:56:6b:c7:
10:63:37:91:cb:bc:b8:52:92:63:ab:35:cd:fe:a4:7c:e2:49:
a6:2a:8e:5c:79:ea:a6:7c:1b:d7:9b:82:e4:da:3d:ec:fe:fd:
bd:7e:6a:4d:b3:a0:a8:4d:49:18:4f:00:a4:e3:03:e4:7b:9c:
0e:86:b0:4b
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICOWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIwODI2MTQ1MjM2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA4ZGUzNC04NWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxDv/Wih640rj+qzmRfgEHWaTInDYPsGWVI/PEtbx+HtLQrOWXlOrGrIMY1pM
gStkK3wLYa6uLOW4mE+V1nVV6xNXohb9r/3L3Wia6To1nmyYCOGbg4k9iB+Uqpnc
UjlPO4UsV4RCASezS9UTmB7WhjIaaarmeME7wCk5cREX18HugGtN5NZABgvkixRV
agL/5viFL8IB5HaYh3op6of5L/7nuGV0QtSft77JC00teMMi2pX3B11T4tEDZ3tD
hvGiVHEtX8JKaHd6G18b9nAqGtFGd33Sz2NLo02JUYXCHrN3O0GRVc3mHH/Xvhx6
4EgklaUNFHcRihJ+KRp+/ba7rwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFFIHX+Vh
6SolZy82ca1HNVRqoMVOMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMTJCNEU4MDI4
RTU0MTFFQ0E0NkNCQjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAR0wUADBAN4SFADBAV4SGADBAPKTuADBAbSAkAwDQQCAAIw
BwMFACQDYAAwDQYJKoZIhvcNAQELBQADggEBACex6XShKxaJyG1GNVFG5eKo083H
NSSsFoC8M6Rbn+n80FqgmLC5yWVk6fBTm6Hg4Ar/IZ0K9otCucXGlwn+HwKUvZOv
VO2aqee9LKdo5lvtwACJ9F8kqP57IT4sd5ZgSemQ/ZFHzE5IiHc4qSsFk0EV19nO
ZsX0Tsv/rw61A+y0ca+jVuUTEj2R8rz3R3d+YB/CeINo/fY13/kbfSFxN8Wfix6b
l+tRRttOhTyU7c3KOsIdw7JLm1CoTne2nX/srivU/FZrxxBjN5HLvLhSkmOrNc3+
pHziSaYqjlx56qZ8G9ebguTaPez+/b1+ak2zoKhNSRhPAKTjA+R7nA6GsEs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org