Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/0B0700886C9611EDB6F2FE0EC4F9AE02.roa
File: 0B0700886C9611EDB6F2FE0EC4F9AE02.roa (raw, json)
Hash identifier: 1wKmJOeZTYTmJTYW0IBAvNinPR9qxcqxyZCNsbkrc4c=
Subject key identifier: 94:8E:61:29:E9:ED:74:AE:05:0B:F6:E0:80:A9:B8:30:D0:6F:99:C1
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 04F1
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/0B0700886C9611EDB6F2FE0EC4F9AE02.roa
Signing time: Wed 17 May 2023 05:09:26 +0000
ROA not before: Wed 17 May 2023 05:09:26 +0000
ROA not after: Mon 28 Aug 2023 00:00:00 +0000
asID: 45820
IP address blocks: 14.194.0.0/18 maxlen: 24
14.194.64.0/18 maxlen: 24
14.194.128.0/18 maxlen: 24
49.200.0.0/14 maxlen: 14
49.249.0.0/17 maxlen: 24
49.249.128.0/18 maxlen: 24
182.156.0.0/18 maxlen: 22
182.156.0.0/22 maxlen: 24
182.156.4.0/23 maxlen: 24
182.156.8.0/21 maxlen: 24
182.156.16.0/20 maxlen: 24
182.156.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1265 (0x4f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: May 17 05:09:26 2023 GMT
Not After : Aug 28 00:00:00 2023 GMT
Subject: CN=64646185-e1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:eb:3f:b5:0b:c7:33:c1:f2:a7:2c:8a:99:99:
36:0e:2b:e4:d2:ce:8c:c8:f1:c5:84:0c:b8:b5:38:
84:c4:39:c8:40:e3:36:9e:9e:0e:9e:47:16:be:4d:
34:7a:77:27:13:70:8a:15:3e:31:61:85:5c:20:76:
35:31:d1:e4:0f:7e:dc:25:48:2b:c2:69:10:06:3b:
4e:86:94:ed:ec:f8:5d:73:07:c5:96:06:29:52:31:
99:a0:5c:b0:84:78:4c:fb:b8:f1:98:c8:9d:75:01:
02:da:0d:22:24:f3:89:4c:ae:91:f4:3c:98:33:c4:
50:f5:10:fd:70:51:f7:7b:2a:4a:be:72:0e:95:fd:
2e:51:3a:4e:cb:a5:e5:64:60:06:fc:1f:60:19:7c:
f4:fa:de:5d:f5:56:26:41:a3:50:49:a1:04:2a:0a:
88:4c:cb:4f:23:f5:d1:cc:74:21:3b:81:8a:9f:a5:
a8:46:ad:b5:18:f7:77:bb:27:6a:63:4a:95:62:b0:
b7:83:cb:77:61:60:3c:2d:99:fa:95:34:ef:d7:b9:
6a:f9:04:4c:44:cd:b9:6a:7a:80:d7:d1:93:43:bd:
f8:c3:e8:8e:db:cb:0c:79:d6:0f:8c:29:52:df:27:
df:94:c4:b4:33:d3:f4:f3:b1:f8:4a:cb:4d:00:57:
b1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8E:61:29:E9:ED:74:AE:05:0B:F6:E0:80:A9:B8:30:D0:6F:99:C1
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/0B0700886C9611EDB6F2FE0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.194.0.0-14.194.191.255
49.200.0.0/14
49.249.0.0-49.249.191.255
182.156.0.0/18
Signature Algorithm: sha256WithRSAEncryption
50:45:af:7d:8c:aa:a9:8b:9e:c4:20:f5:56:48:b2:d9:0d:3a:
27:33:7a:23:7c:16:5f:09:be:36:5a:d3:f0:96:4e:b7:77:53:
21:f7:f8:20:14:e7:bf:00:86:3c:e9:6d:b8:86:7c:fe:f7:a1:
a9:78:99:4d:51:99:ed:c9:41:a8:fa:27:7a:45:b1:cd:75:63:
9f:4e:a1:da:68:63:3d:43:ee:0b:a1:1a:15:fa:65:6a:45:c4:
81:fb:f7:5b:e1:5f:db:b4:d7:09:06:8e:d7:11:db:1c:49:bc:
4b:5f:df:7d:10:a1:3d:1a:c1:d5:c0:44:07:5e:42:78:25:22:
82:c6:00:33:ca:fa:15:bf:04:8f:90:e8:95:2a:43:cd:82:d5:
7c:92:5e:ea:8f:42:ff:7a:62:3e:dc:69:ef:e1:ad:36:5a:5f:
a0:cd:da:0a:17:7a:90:2f:af:e8:3c:37:67:fa:a8:ed:d7:72:
10:7b:f7:98:19:3f:a9:a3:e4:9f:db:7c:dd:50:0a:e6:09:8e:
26:0f:bf:81:df:ca:8d:44:12:78:4f:fd:cb:ac:bc:1a:de:ef:
7d:ee:c9:31:c0:5c:94:53:dc:90:d6:30:10:99:72:c9:cb:b5:
95:42:e7:59:6b:18:fe:a7:a2:24:69:d6:c4:24:7e:91:f0:f6:
9b:78:43:24
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICBPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjMwNTE3MDUwOTI2WhcNMjMwODI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY0NjE4NS1lMWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp+s/tQvHM8HypyyKmZk2Divk0s6MyPHFhAy4tTiExDnIQOM2np4OnkcWvk00
encnE3CKFT4xYYVcIHY1MdHkD37cJUgrwmkQBjtOhpTt7PhdcwfFlgYpUjGZoFyw
hHhM+7jxmMiddQEC2g0iJPOJTK6R9DyYM8RQ9RD9cFH3eypKvnIOlf0uUTpOy6Xl
ZGAG/B9gGXz0+t5d9VYmQaNQSaEEKgqITMtPI/XRzHQhO4GKn6WoRq21GPd3uydq
Y0qVYrC3g8t3YWA8LZn6lTTv17lq+QRMRM25anqA19GTQ734w+iO28sMedYPjClS
3yfflMS0M9P087H4SstNAFexOQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFJSOYSnp
7XSuBQv24ICpuDDQb5nBMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMEIwNzAwODg2
Qzk2MTFFREI2RjJGRTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E
LzAtMCsEAgABMCUwCwMDAQ7CAwQGDsKAAwMCMcgwCwMDADH5AwQGMfmAAwQGtpwA
MA0GCSqGSIb3DQEBCwUAA4IBAQBQRa99jKqpi57EIPVWSLLZDTonM3ojfBZfCb42
WtPwlk63d1Mh9/ggFOe/AIY86W24hnz+96GpeJlNUZntyUGo+id6RbHNdWOfTqHa
aGM9Q+4LoRoV+mVqRcSB+/db4V/btNcJBo7XEdscSbxLX999EKE9GsHVwEQHXkJ4
JSKCxgAzyvoVvwSPkOiVKkPNgtV8kl7qj0L/emI+3Gnv4a02Wl+gzdoKF3qQL6/o
PDdn+qjt13IQe/eYGT+po+Sf23zdUArmCY4mD7+B38qNRBJ4T/3LrLwa3u997skx
wFyUU9yQ1jAQmXLJy7WVQudZaxj+p6IkadbEJH6R8PabeEMk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org