Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7CAF284ABA1D11ECB9D7183EC4F9AE02.roa
File: 7CAF284ABA1D11ECB9D7183EC4F9AE02.roa (raw, json)
Hash identifier: o178cwYQpAZJN4FtCi6wDarpwny6PREgbT0SvqOt/Jw=
Subject key identifier: 54:E5:F9:FB:F4:EA:EA:4B:46:B8:F1:C3:83:AE:72:B5:3A:06:7C:CE
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 364F
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7CAF284ABA1D11ECB9D7183EC4F9AE02.roa
Signing time: Tue 12 Apr 2022 08:40:28 +0000
ROA not before: Tue 12 Apr 2022 08:40:28 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 45543
IP address blocks: 27.2.0.0/16 maxlen: 24
27.3.0.0/16 maxlen: 24
112.197.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13903 (0x364f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Apr 12 08:40:28 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=62553afb-2f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ab:0e:0b:d1:64:02:07:75:18:c3:0d:52:c2:
ed:b3:73:a9:79:62:84:4c:55:58:c8:c1:4d:ae:54:
0d:91:6f:81:2b:99:0c:df:01:c1:e3:20:90:e5:dc:
5e:b5:42:97:ba:af:04:e6:d1:54:9f:3d:f9:78:69:
7a:40:9a:9b:7b:75:d7:9b:ed:82:f7:b9:40:d1:ae:
72:4b:95:68:c1:bc:68:fb:0f:76:18:91:04:60:c8:
d2:43:32:ae:16:45:a8:ac:a7:15:69:5f:32:0f:67:
ce:ec:21:0b:59:29:00:6f:1e:e8:f1:15:a2:21:ff:
53:82:fe:72:95:50:16:61:5a:34:e1:c5:bd:9c:d7:
42:03:8f:39:37:5a:31:98:07:46:7f:b6:a9:42:37:
cf:d4:68:88:35:7d:2d:a8:be:3e:14:6f:29:55:73:
12:1c:61:a2:cb:8e:0a:dd:57:82:6e:fc:f2:a7:cc:
1f:fe:0d:cc:d7:45:cf:c5:8e:0b:05:04:1b:32:1d:
c3:10:c3:61:f7:b2:03:a4:28:66:b1:2d:0d:52:7c:
37:01:64:16:c2:60:f0:56:b7:0e:73:de:6c:28:62:
01:ae:9d:2e:fb:9a:08:a0:fe:56:23:51:2b:ae:00:
69:e6:94:4f:3e:76:6a:24:20:7f:ea:b4:c5:ae:ab:
9a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E5:F9:FB:F4:EA:EA:4B:46:B8:F1:C3:83:AE:72:B5:3A:06:7C:CE
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7CAF284ABA1D11ECB9D7183EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.2.0.0/15
112.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:27:5b:ed:91:e3:bf:b0:3c:f0:69:1f:36:85:f3:72:53:26:
bc:03:1b:c2:64:af:85:9d:d7:70:67:b6:86:d5:10:c4:40:ed:
6d:08:64:96:7d:50:09:44:56:74:30:a8:dd:a5:71:b1:63:7c:
37:30:85:0c:73:10:8f:34:16:6c:e4:f7:da:cc:47:ae:06:a3:
72:70:81:b7:12:a8:bb:c6:f3:fa:ee:59:ec:a5:89:84:26:96:
b0:5b:bc:f3:87:77:90:8a:9d:46:dd:08:b1:9c:01:c5:3d:6c:
7a:7b:42:7b:aa:f0:96:16:3d:8f:48:6f:d0:14:50:2c:07:d4:
38:c7:92:47:75:97:05:f1:f4:c5:ce:fa:a5:ed:ad:9a:4b:1f:
46:44:18:b8:0f:8d:03:20:05:54:49:b5:3e:d1:81:ac:c9:f8:
b9:5b:0a:31:09:3b:12:c2:38:94:16:39:0b:e5:3b:4d:99:97:
48:e1:ae:55:fd:b1:29:be:eb:0a:7e:11:e0:aa:c0:c7:69:c3:
97:50:7f:33:03:7f:d9:0d:06:32:15:ac:09:3d:b0:d6:a7:62:
17:af:59:e4:91:9c:76:27:99:54:fd:b1:79:f2:6d:d5:71:3a:
a4:2e:4d:1d:3a:6b:39:e2:69:bb:ac:33:73:48:92:e6:47:49:
5a:0d:7d:64
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgICNk8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIwNDEyMDg0MDI4WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU1M2FmYi0yZjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwasOC9FkAgd1GMMNUsLts3OpeWKETFVYyMFNrlQNkW+BK5kM3wHB4yCQ5dxe
tUKXuq8E5tFUnz35eGl6QJqbe3XXm+2C97lA0a5yS5Vowbxo+w92GJEEYMjSQzKu
FkWorKcVaV8yD2fO7CELWSkAbx7o8RWiIf9Tgv5ylVAWYVo04cW9nNdCA485N1ox
mAdGf7apQjfP1GiINX0tqL4+FG8pVXMSHGGiy44K3VeCbvzyp8wf/g3M10XPxY4L
BQQbMh3DEMNh97IDpChmsS0NUnw3AWQWwmDwVrcOc95sKGIBrp0u+5oIoP5WI1Er
rgBp5pRPPnZqJCB/6rTFrquaTwIDAQABo4ICmTCCApUwHQYDVR0OBBYEFFTl+fv0
6upLRrjxw4OucrU6BnzOMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvN0NBRjI4NEFC
QTFEMTFFQ0I5RDcxODNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQcBAf8E
FDASMBAEAgABMAoDAwEbAgMDAHDFMA0GCSqGSIb3DQEBCwUAA4IBAQAwJ1vtkeO/
sDzwaR82hfNyUya8AxvCZK+FnddwZ7aG1RDEQO1tCGSWfVAJRFZ0MKjdpXGxY3w3
MIUMcxCPNBZs5PfazEeuBqNycIG3Eqi7xvP67lnspYmEJpawW7zzh3eQip1G3Qix
nAHFPWx6e0J7qvCWFj2PSG/QFFAsB9Q4x5JHdZcF8fTFzvql7a2aSx9GRBi4D40D
IAVUSbU+0YGsyfi5WwoxCTsSwjiUFjkL5TtNmZdI4a5V/bEpvusKfhHgqsDHacOX
UH8zA3/ZDQYyFawJPbDWp2IXr1nkkZx2J5lU/bF58m3VcTqkLk0dOms54mm7rDNz
SJLmR0laDX1k
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org