Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/454CAF307D0A11ECBDB51C2EC4F9AE02.roa
File: 454CAF307D0A11ECBDB51C2EC4F9AE02.roa (raw, json)
Hash identifier: ex/gRAo2xEdh24EKyCHx0/hym4lpwKhm1Y8lzzo6LVk=
Subject key identifier: E4:E2:6F:94:7A:64:A6:34:55:60:FC:A9:22:F7:79:D3:3B:93:AE:2B
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 0689
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/454CAF307D0A11ECBDB51C2EC4F9AE02.roa
Signing time: Fri 11 Mar 2022 13:09:04 +0000
ROA not before: Fri 11 Mar 2022 13:09:04 +0000
ROA not after: Sat 30 Jul 2022 00:00:00 +0000
asID: 13768
IP address blocks: 115.167.3.0/24 maxlen: 24
115.167.5.0/24 maxlen: 24
115.167.7.0/24 maxlen: 24
115.167.8.0/21 maxlen: 24
115.167.52.0/22 maxlen: 24
115.167.77.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1673 (0x689)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Mar 11 13:09:04 2022 GMT
Not After : Jul 30 00:00:00 2022 GMT
Subject: CN=622b49f0-599a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cd:6a:b9:81:58:6c:7c:3e:d1:e7:e8:4e:75:
f6:9e:01:be:ef:dc:f2:57:d4:3e:f2:22:b6:11:94:
25:21:76:0e:c6:31:56:a3:b7:dd:29:86:f3:59:66:
bb:63:88:96:99:3a:de:68:0c:ea:1b:50:ef:7e:42:
2c:3f:b4:a3:9d:9a:c0:31:ce:c2:1d:84:a6:ca:1e:
d2:46:a2:5f:2b:f0:4f:f3:2b:22:b6:2f:1d:18:24:
83:49:16:2c:da:bd:30:42:9b:1d:6c:e4:ab:af:5e:
f4:58:6e:a7:bf:24:37:c5:b1:68:e1:27:f1:c4:33:
3f:28:76:e4:2a:f4:ab:4d:35:dc:36:be:62:42:a9:
d0:99:c2:72:d8:2f:35:69:ad:5b:91:ff:00:b4:27:
92:b9:c3:22:d3:ad:d0:ab:b0:d2:b0:96:48:0d:9e:
53:a0:08:61:83:54:2a:81:5b:ac:e3:91:db:43:37:
09:2e:73:68:c7:61:eb:3f:e3:83:e5:8b:29:7e:67:
82:3d:f8:b6:cb:c0:55:cc:3d:a8:fd:81:0b:4c:a6:
6b:1e:8a:2b:c5:5b:86:3d:2e:63:f3:38:c0:82:57:
94:75:c3:20:f2:15:e7:7f:fc:4f:76:9f:5f:22:68:
60:70:e3:05:f0:51:3b:62:6f:ae:74:af:c0:dd:c7:
20:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E2:6F:94:7A:64:A6:34:55:60:FC:A9:22:F7:79:D3:3B:93:AE:2B
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/454CAF307D0A11ECBDB51C2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.167.3.0/24
115.167.5.0/24
115.167.7.0-115.167.15.255
115.167.52.0/22
115.167.77.0/24
175.110.111.0/24
Signature Algorithm: sha256WithRSAEncryption
20:21:cb:61:19:30:c0:2a:45:aa:1b:27:52:a3:54:2b:de:6b:
91:86:0b:f5:e4:fa:b7:b1:28:04:c6:fe:28:9e:0b:5c:f6:6d:
13:bd:06:b4:3d:ab:f1:85:23:5a:e2:50:35:17:ce:1c:66:6e:
2e:70:99:97:80:55:fb:24:d9:0c:10:15:03:e0:5a:be:36:a3:
3e:65:4c:9c:66:4c:6e:21:8d:1c:2d:ae:62:98:42:d0:bd:67:
e0:89:02:75:46:d1:fc:f2:03:d8:a8:4a:14:fa:1a:a2:ab:fc:
73:dd:49:19:1d:8a:e9:5e:63:96:de:79:1f:98:3d:f4:e3:31:
fa:03:63:43:ab:b4:18:b6:44:ba:9e:74:3b:75:e5:37:15:7e:
09:78:ef:f6:65:d2:86:19:b6:e1:26:69:0b:8b:04:48:b6:49:
da:7d:b3:9c:da:d9:61:b1:c5:4b:78:73:02:c7:08:b4:d7:57:
9a:80:f2:73:c5:a6:5f:b5:6c:9f:9b:86:1e:98:6a:f6:db:84:
bb:5c:f0:16:aa:58:cb:c8:0a:64:df:0b:19:a7:a5:d1:8d:a4:
24:37:17:8b:17:d6:8c:2a:52:0f:79:1d:3f:03:67:61:06:0f:
5b:eb:3d:17:fb:50:ed:70:96:d7:d7:60:26:84:af:0c:8b:d8:
7e:15:73:26
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICBokwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjIwMzExMTMwOTA0WhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjJiNDlmMC01OTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoc1quYFYbHw+0efoTnX2ngG+79zyV9Q+8iK2EZQlIXYOxjFWo7fdKYbzWWa7
Y4iWmTreaAzqG1DvfkIsP7SjnZrAMc7CHYSmyh7SRqJfK/BP8ysiti8dGCSDSRYs
2r0wQpsdbOSrr170WG6nvyQ3xbFo4SfxxDM/KHbkKvSrTTXcNr5iQqnQmcJy2C81
aa1bkf8AtCeSucMi063Qq7DSsJZIDZ5ToAhhg1QqgVus45HbQzcJLnNox2HrP+OD
5YspfmeCPfi2y8BVzD2o/YELTKZrHoorxVuGPS5j8zjAgleUdcMg8hXnf/xPdp9f
ImhgcOMF8FE7Ym+udK/A3ccgzQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFOTib5R6
ZKY0VWD8qSL3edM7k64rMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNDU0Q0FGMzA3
RDBBMTFFQ0JEQjUxQzJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRQYIKwYBBQUHAQcBAf8E
NjA0MDIEAgABMCwDBABzpwMDBABzpwUwDAMEAHOnBwMEBHOnAAMEAnOnNAMEAHOn
TQMEAK9ubzANBgkqhkiG9w0BAQsFAAOCAQEAICHLYRkwwCpFqhsnUqNUK95rkYYL
9eT6t7EoBMb+KJ4LXPZtE70GtD2r8YUjWuJQNRfOHGZuLnCZl4BV+yTZDBAVA+Ba
vjajPmVMnGZMbiGNHC2uYphC0L1n4IkCdUbR/PID2KhKFPoaoqv8c91JGR2K6V5j
lt55H5g99OMx+gNjQ6u0GLZEup50O3XlNxV+CXjv9mXShhm24SZpC4sESLZJ2n2z
nNrZYbHFS3hzAscItNdXmoDyc8WmX7Vsn5uGHphq9tuEu1zwFqpYy8gKZN8LGael
0Y2kJDcXixfWjCpSD3kdPwNnYQYPW+s9F/tQ7XCW19dgJoSvDIvYfhVzJg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:11 2023 by rpki-client on console-fra.rpki-client.org