Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/8255C268E88F11ECAA0DEE20C4F9AE02.roa
File: 8255C268E88F11ECAA0DEE20C4F9AE02.roa (raw, json)
Hash identifier: UfiorRR9011nd6Ca8KkZtX9eaF42AfVyJ1aoFm0EZzw=
Subject key identifier: D9:7F:A0:74:1C:2F:93:EE:65:EA:44:58:1A:4B:5E:1E:10:91:AB:78
Certificate issuer: /CN=A915CCEA/serialNumber=862B73B9CE3504B0BA241D14FDAC0EC4B4E4ADC2
Certificate serial: 065F
Authority key identifier: 86:2B:73:B9:CE:35:04:B0:BA:24:1D:14:FD:AC:0E:C4:B4:E4:AD:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/8255C268E88F11ECAA0DEE20C4F9AE02.roa
Signing time: Fri 10 Jun 2022 08:02:56 +0000
ROA not before: Fri 10 Jun 2022 08:02:56 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 3300
IP address blocks: 61.14.0.0/18 maxlen: 24
203.187.128.0/19 maxlen: 19
203.187.128.0/22 maxlen: 22
203.187.128.0/24 maxlen: 24
203.187.129.0/24 maxlen: 24
203.187.130.0/24 maxlen: 24
203.187.131.0/24 maxlen: 24
203.187.145.0/24 maxlen: 24
203.187.146.0/24 maxlen: 24
2402:fb00::/32 maxlen: 32
2402:fb00::/36 maxlen: 36
2402:fb00:f00::/40 maxlen: 40
2402:fb00:1000::/36 maxlen: 36
2402:fb00:1f00::/40 maxlen: 40
2402:fb00:2000::/36 maxlen: 36
2402:fb00:2f00::/40 maxlen: 40
2402:fb00:3000::/36 maxlen: 36
2402:fb00:3f00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1631 (0x65f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915CCEA/serialNumber=862B73B9CE3504B0BA241D14FDAC0EC4B4E4ADC2
Validity
Not Before: Jun 10 08:02:56 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62a2fab0-ad55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5d:1b:ce:c7:83:64:19:4e:39:80:e4:2d:0e:
90:9f:bb:74:fd:b6:7e:4d:4e:78:07:cb:72:ad:98:
fa:49:f4:95:ed:3d:22:2f:f1:dd:63:31:a4:bc:19:
f7:0a:dc:71:1c:4a:cc:62:ea:4d:b8:9b:16:b0:00:
75:39:56:af:cf:92:9f:59:40:ca:61:81:1f:3a:eb:
8d:dd:b5:39:ff:71:2f:be:8d:12:ab:d8:42:da:aa:
b9:75:4f:02:94:98:75:54:63:85:53:e1:c3:55:b1:
ef:f6:bc:77:10:d1:84:e5:5d:14:61:ea:c0:b9:87:
04:ef:b5:36:b2:ae:fa:d3:06:d5:e2:47:0c:8b:83:
51:c4:c5:46:cb:58:9e:39:e7:1e:b4:08:69:e3:93:
f1:fe:1c:5e:a3:e0:71:c6:94:36:e7:63:5f:f0:02:
13:c5:ae:95:57:2a:8d:fb:6a:c8:93:d7:94:84:a6:
7a:54:8f:8b:22:60:c4:f3:dd:5a:9f:75:26:72:ad:
f4:e0:b8:42:98:0a:c3:bf:82:ec:e3:cc:87:b1:94:
95:5d:29:14:78:d4:a1:9c:9a:06:eb:6d:13:af:ca:
69:c2:fe:27:45:fc:0f:ab:10:00:a4:b4:a1:45:89:
7f:61:2c:e2:78:06:0a:10:0e:bf:af:41:25:00:5c:
6b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7F:A0:74:1C:2F:93:EE:65:EA:44:58:1A:4B:5E:1E:10:91:AB:78
X509v3 Authority Key Identifier:
keyid:86:2B:73:B9:CE:35:04:B0:BA:24:1D:14:FD:AC:0E:C4:B4:E4:AD:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/hitzuc41BLC6JB0U_awOxLTkrcI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/8255C268E88F11ECAA0DEE20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.14.0.0/18
203.187.128.0/19
IPv6:
2402:fb00::/32
Signature Algorithm: sha256WithRSAEncryption
53:ee:27:0c:94:ca:c2:7e:6f:ec:9d:d7:49:16:b1:f4:9a:f3:
ea:e3:a1:d0:b7:94:0a:43:51:06:d2:45:9c:98:e9:13:f6:39:
11:3b:0e:5d:1c:6c:ad:8b:03:9e:c7:61:ec:41:60:35:f4:19:
eb:5c:ef:cb:cd:8a:76:8b:60:61:f6:21:e7:06:f0:d3:7e:f5:
87:cc:9f:7a:c9:65:23:ac:f7:68:0c:78:22:89:be:7d:42:22:
5d:42:c2:a3:9a:e0:98:50:0c:b8:db:3b:e1:1a:bb:f2:68:3d:
9c:f0:26:62:f1:a4:da:c9:77:ec:f7:a4:65:2d:39:8f:ec:a9:
7d:9d:1d:5a:56:f6:72:4a:68:c9:9e:77:4b:28:95:3c:9b:2c:
df:5c:f9:5d:c6:7f:9d:05:c5:8e:8f:b6:b9:8f:bd:74:be:32:
b5:30:43:91:76:e5:d5:c9:2a:53:2a:10:51:93:f6:f1:d5:a4:
14:e1:0e:f1:17:51:9f:47:0f:b3:65:87:b4:bb:94:d3:20:ec:
8c:c5:9b:5e:5e:11:c0:d2:07:ce:c9:2a:02:4d:62:59:f3:2c:
90:22:53:30:61:d1:c3:bd:74:f3:a6:8f:cc:b1:5f:13:36:23:
93:04:fc:a3:d7:5f:d8:e7:24:ee:96:15:09:ea:68:61:22:62:
7f:8c:2a:38
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBl8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUNDRUExMTAvBgNVBAUTKDg2MkI3M0I5Q0UzNTA0QjBCQTI0MUQxNEZEQUMwRUM0
QjRFNEFEQzIwHhcNMjIwNjEwMDgwMjU2WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmEyZmFiMC1hZDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxV0bzseDZBlOOYDkLQ6Qn7t0/bZ+TU54B8tyrZj6SfSV7T0iL/HdYzGkvBn3
CtxxHErMYupNuJsWsAB1OVavz5KfWUDKYYEfOuuN3bU5/3Evvo0Sq9hC2qq5dU8C
lJh1VGOFU+HDVbHv9rx3ENGE5V0UYerAuYcE77U2sq760wbV4kcMi4NRxMVGy1ie
OecetAhp45Px/hxeo+BxxpQ252Nf8AITxa6VVyqN+2rIk9eUhKZ6VI+LImDE891a
n3Umcq304LhCmArDv4Ls48yHsZSVXSkUeNShnJoG620Tr8ppwv4nRfwPqxAApLSh
RYl/YSzieAYKEA6/r0ElAFxrHQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNl/oHQc
L5PuZepEWBpLXh4Qkat4MB8GA1UdIwQYMBaAFIYrc7nONQSwuiQdFP2sDsS05K3C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Q0NFQS80MDZFRjE3OEEw
QzMxMUVBODc2NDIzNkZDNEY5QUUwMi9oaXR6dWM0MUJMQzZKQjBVX2F3T3hMVGty
Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hpdHp1YzQxQkxDNkpCMFVfYXdPeExUa3JjSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUNDRUEvNDA2RUYxNzhBMEMzMTFFQTg3NjQyMzZGQzRGOUFFMDIvODI1NUMyNjhF
ODhGMTFFQ0FBMERFRTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAY9DgADBAXLu4AwDQQCAAIwBwMFACQC+wAwDQYJKoZIhvcN
AQELBQADggEBAFPuJwyUysJ+b+yd10kWsfSa8+rjodC3lApDUQbSRZyY6RP2ORE7
Dl0cbK2LA57HYexBYDX0Getc78vNinaLYGH2IecG8NN+9YfMn3rJZSOs92gMeCKJ
vn1CIl1CwqOa4JhQDLjbO+Eau/JoPZzwJmLxpNrJd+z3pGUtOY/sqX2dHVpW9nJK
aMmed0solTybLN9c+V3Gf50FxY6PtrmPvXS+MrUwQ5F25dXJKlMqEFGT9vHVpBTh
DvEXUZ9HD7Nlh7S7lNMg7IzFm15eEcDSB87JKgJNYlnzLJAiUzBh0cO9dPOmj8yx
XxM2I5ME/KPXX9jnJO6WFQnqaGEiYn+MKjg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org