Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D2F63302433A11EB838F7828C4F9AE02.roa
File: D2F63302433A11EB838F7828C4F9AE02.roa (raw, json)
Hash identifier: chnboAX8HTf8qCT4jk0rrLtZ0hvgauV0Y0HIn+rIy+8=
Subject key identifier: 90:EC:47:1B:7E:B4:99:40:ED:88:84:F2:DB:6E:EE:FC:9D:13:FB:CC
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 04A9
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D2F63302433A11EB838F7828C4F9AE02.roa
Signing time: Tue 02 Nov 2021 11:48:01 +0000
ROA not before: Tue 02 Nov 2021 11:48:01 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 24129
IP address blocks: 116.255.34.0/24 maxlen: 24
116.255.35.0/24 maxlen: 24
116.255.36.0/24 maxlen: 24
116.255.40.0/24 maxlen: 24
116.255.41.0/24 maxlen: 24
116.255.43.0/24 maxlen: 24
116.255.44.0/24 maxlen: 24
116.255.45.0/24 maxlen: 24
116.255.47.0/24 maxlen: 24
116.255.48.0/24 maxlen: 24
116.255.49.0/24 maxlen: 24
116.255.50.0/24 maxlen: 24
116.255.52.0/24 maxlen: 24
116.255.53.0/24 maxlen: 24
125.63.23.0/24 maxlen: 24
125.253.12.0/23 maxlen: 23
125.253.12.0/24 maxlen: 24
125.253.13.0/24 maxlen: 24
203.10.77.0/24 maxlen: 24
203.14.230.0/24 maxlen: 24
203.27.116.0/24 maxlen: 24
223.27.64.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1193 (0x4a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Nov 2 11:48:01 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=61812571-8393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9b:59:93:8c:93:4c:ee:cd:0e:9e:4d:60:94:
ce:26:a6:18:4d:b4:8e:ea:58:4a:ac:d9:5e:33:ae:
99:57:43:f1:35:29:95:30:28:7f:da:19:ee:28:9f:
ee:2c:15:93:28:e5:fa:44:5e:ca:8a:f1:04:c3:8a:
f3:39:0f:a4:75:e8:11:39:da:23:fc:ef:96:0a:15:
ef:29:13:5d:63:4a:56:d2:33:1c:da:f2:50:4e:5e:
b2:f2:01:69:cb:d9:b2:0e:3a:14:b4:7e:4b:14:01:
5a:b8:e7:e5:21:f8:c5:cd:f2:f1:61:ce:99:cc:44:
ef:04:55:25:d5:e9:42:73:ea:d2:05:6e:bb:e1:87:
c5:e8:ea:d3:a7:55:d1:60:b0:c8:94:d9:57:3c:11:
df:1f:fb:50:0b:e7:45:fa:20:9d:8e:cd:22:c1:ee:
00:6d:ba:cd:86:24:1d:80:b9:c8:55:91:f2:57:e4:
09:5f:ea:7b:d8:e6:1e:bb:70:34:26:a9:51:5e:d7:
c6:f5:db:6b:f3:d3:15:8a:b5:91:32:e1:48:dd:ad:
ce:87:ee:4b:b2:4f:6a:5e:23:4d:1f:69:a8:8d:85:
17:a6:6e:f7:f0:5b:d0:2a:79:21:50:a0:c0:b7:f1:
1e:ed:94:af:b2:ce:10:18:5b:5a:6d:81:df:75:fc:
33:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EC:47:1B:7E:B4:99:40:ED:88:84:F2:DB:6E:EE:FC:9D:13:FB:CC
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/D2F63302433A11EB838F7828C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.255.34.0-116.255.36.255
116.255.40.0/23
116.255.43.0-116.255.45.255
116.255.47.0-116.255.50.255
116.255.52.0/23
125.63.23.0/24
125.253.12.0/23
203.10.77.0/24
203.14.230.0/24
203.27.116.0/24
223.27.64.0/23
Signature Algorithm: sha256WithRSAEncryption
20:1e:e8:94:1e:a5:cb:e4:ab:bb:2f:12:d0:d1:2f:de:9b:14:
34:a0:96:f4:00:e9:41:3e:e8:d1:99:5d:1e:9d:fd:fa:b6:b9:
56:46:37:44:63:8b:c0:50:8e:0a:f2:b1:9c:11:18:f5:9d:84:
85:62:85:c1:15:4a:d2:8a:09:59:37:84:38:b5:fc:cf:97:a7:
06:ff:36:52:7f:9a:95:71:4f:45:9c:fc:12:ac:06:e3:f9:29:
e3:d9:5a:65:c2:dd:ac:cb:4f:45:40:cf:a9:eb:db:83:52:84:
d5:ae:3d:e8:9a:9c:8f:7b:6e:40:83:fb:f4:9d:32:da:1e:d5:
32:a2:4f:03:54:b7:76:dd:8e:11:0e:5a:ba:7f:fb:ad:51:a2:
93:e1:2d:c3:9d:68:90:bf:b5:b8:cd:df:6a:4e:b4:a1:48:68:
c7:e4:15:13:dc:37:66:c1:a1:37:6d:64:95:cd:b4:2c:07:ed:
48:c7:18:3f:c2:78:81:4a:b8:0b:c2:05:4f:5b:94:a9:90:7b:
cd:0f:b3:65:47:10:81:12:df:72:10:9b:30:0f:df:c4:a7:17:
00:28:c2:41:0d:e6:90:44:40:bf:63:66:5f:b2:15:4b:79:4e:
9c:a6:b6:83:ae:9b:a4:66:8e:c1:f2:fe:9e:4f:a5:aa:43:4c:
88:90:be:b7
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICBKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjExMTAyMTE0ODAxWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTgxMjU3MS04MzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZtZk4yTTO7NDp5NYJTOJqYYTbSO6lhKrNleM66ZV0PxNSmVMCh/2hnuKJ/u
LBWTKOX6RF7KivEEw4rzOQ+kdegROdoj/O+WChXvKRNdY0pW0jMc2vJQTl6y8gFp
y9myDjoUtH5LFAFauOflIfjFzfLxYc6ZzETvBFUl1elCc+rSBW674YfF6OrTp1XR
YLDIlNlXPBHfH/tQC+dF+iCdjs0iwe4AbbrNhiQdgLnIVZHyV+QJX+p72OYeu3A0
JqlRXtfG9dtr89MVirWRMuFI3a3Oh+5Lsk9qXiNNH2mojYUXpm738FvQKnkhUKDA
t/Ee7ZSvss4QGFtabYHfdfwzkwIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFJDsRxt+
tJlA7YiE8ttu7vydE/vMMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvRDJGNjMzMDI0
MzNBMTFFQjgzOEY3ODI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E
ZDBiMGAEAgABMFowDAMEAXT/IgMEAHT/JAMEAXT/KDAMAwQAdP8rAwQBdP8sMAwD
BAB0/y8DBAB0/zIDBAF0/zQDBAB9PxcDBAF9/QwDBADLCk0DBADLDuYDBADLG3QD
BAHfG0AwDQYJKoZIhvcNAQELBQADggEBACAe6JQepcvkq7svEtDRL96bFDSglvQA
6UE+6NGZXR6d/fq2uVZGN0Rji8BQjgrysZwRGPWdhIVihcEVStKKCVk3hDi1/M+X
pwb/NlJ/mpVxT0Wc/BKsBuP5KePZWmXC3azLT0VAz6nr24NShNWuPeianI97bkCD
+/SdMtoe1TKiTwNUt3bdjhEOWrp/+61RopPhLcOdaJC/tbjN32pOtKFIaMfkFRPc
N2bBoTdtZJXNtCwH7UjHGD/CeIFKuAvCBU9blKmQe80Ps2VHEIES33IQmzAP38Sn
FwAowkEN5pBEQL9jZl+yFUt5TpymtoOum6RmjsHy/p5PpapDTIiQvrc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org