Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/5B0409368B1E11EDBF851736C4F9AE02.roa
File: 5B0409368B1E11EDBF851736C4F9AE02.roa (raw, json)
Hash identifier: bmp7G+O93l+DIYoS0uNC2Fh8NM4euaw2ytnPsZCCKDQ=
Subject key identifier: 96:E4:6D:9A:F4:48:DF:14:21:62:FA:23:EF:97:58:46:13:E8:01:7D
Certificate issuer: /CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Certificate serial: 027E
Authority key identifier: F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/5B0409368B1E11EDBF851736C4F9AE02.roa
Signing time: Fri 19 May 2023 05:13:27 +0000
ROA not before: Fri 19 May 2023 05:13:27 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 136272
IP address blocks: 116.204.140.0/22 maxlen: 22
116.204.140.0/23 maxlen: 23
116.204.140.0/24 maxlen: 24
116.204.141.0/24 maxlen: 24
116.204.142.0/23 maxlen: 23
116.204.142.0/24 maxlen: 24
116.204.143.0/24 maxlen: 24
2400:c7c0::/32 maxlen: 32
2400:c7c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 638 (0x27e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Validity
Not Before: May 19 05:13:27 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64670577-f523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c4:58:13:35:c8:00:d6:8b:f3:0c:b8:f3:cf:
4d:1e:70:a3:78:bb:7d:79:f2:55:51:a4:90:7c:c6:
ec:8f:cb:39:9b:c3:5f:75:d5:38:b1:19:9b:8d:02:
fe:30:e8:0a:dd:8d:d3:9b:c6:7b:37:79:fc:dd:75:
a2:0f:d0:3b:30:5b:50:b1:27:b4:38:87:14:22:27:
cd:50:21:00:03:be:4a:19:4d:9f:54:08:6a:c7:3b:
71:c6:34:3c:e2:e6:1f:62:58:0c:75:b2:a9:04:9e:
1d:94:29:55:f3:2b:be:db:bc:66:2b:45:5a:ff:90:
89:bf:2e:f4:e3:12:16:b4:31:72:1f:df:3b:d8:ec:
77:18:9f:c5:02:02:0d:4f:3a:ab:82:bf:78:16:88:
cd:82:48:c3:7b:f5:53:34:7b:10:69:34:be:3d:8f:
db:19:7f:c2:79:33:11:df:a9:e6:e0:96:b0:1a:e4:
4a:b7:b4:70:22:7a:a4:7e:7d:7b:da:01:14:f9:81:
04:23:c0:d1:f6:8b:d6:14:98:27:81:2e:8a:5a:fd:
1c:50:fc:53:b8:57:0f:2f:0d:67:97:2d:c6:18:7c:
e2:b1:d8:99:a0:ca:50:94:a9:7a:c0:d5:87:94:c7:
b9:09:e8:30:c7:1f:7a:7a:25:da:3e:5b:f9:6c:5e:
dc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E4:6D:9A:F4:48:DF:14:21:62:FA:23:EF:97:58:46:13:E8:01:7D
X509v3 Authority Key Identifier:
keyid:F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/5B0409368B1E11EDBF851736C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.140.0/22
IPv6:
2400:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:a4:cf:38:00:bf:cf:cc:0d:4e:4d:a6:e1:31:b7:0a:8b:c3:
3c:19:2d:ec:80:2a:cd:f7:8b:72:97:d9:9c:e2:65:74:d2:29:
06:df:c0:fd:7a:f4:4a:e7:cc:26:36:43:bb:98:c3:4c:92:9a:
46:14:12:b7:ba:70:51:cb:22:fd:70:9e:84:b0:6c:9f:d0:0f:
a6:fa:4b:f9:f3:e3:04:f7:32:bc:7c:62:03:ba:70:00:97:32:
1f:a9:a5:85:e6:c7:62:09:56:2c:a8:8e:0d:fe:50:b8:17:d5:
58:6f:10:39:0b:a7:a6:51:e9:50:4b:65:25:d8:6d:51:a8:bb:
da:61:66:86:2b:3e:8b:28:2a:3b:42:7e:bf:54:38:bd:cd:ac:
df:5b:1d:d3:9f:05:2b:10:f3:bd:58:22:13:57:33:84:25:2a:
58:d3:5e:b8:fd:9c:5b:a4:d4:5d:2e:de:78:31:89:e3:5f:d5:
b6:a5:cd:5a:b0:58:cf:a4:5c:d5:50:eb:eb:0a:29:03:45:fc:
5c:5d:46:16:92:30:ff:be:6d:02:f2:40:66:8e:a1:12:87:2a:
1b:ac:3f:67:39:4f:52:ad:72:39:22:d9:3f:b4:54:2d:5c:d3:
f6:89:aa:d6:0f:a5:99:bd:72:64:8f:a9:f1:61:28:4b:74:f4:
6a:00:75:e6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM2MUIxMTAvBgNVBAUTKEY1MzkyOTE5MTlDREUxNDRCMDM0RUYyODhCMEE2MzQ3
ODNFODJDN0YwHhcNMjMwNTE5MDUxMzI3WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY3MDU3Ny1mNTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv8RYEzXIANaL8wy4889NHnCjeLt9efJVUaSQfMbsj8s5m8NfddU4sRmbjQL+
MOgK3Y3Tm8Z7N3n83XWiD9A7MFtQsSe0OIcUIifNUCEAA75KGU2fVAhqxztxxjQ8
4uYfYlgMdbKpBJ4dlClV8yu+27xmK0Va/5CJvy704xIWtDFyH9872Ox3GJ/FAgIN
Tzqrgr94FojNgkjDe/VTNHsQaTS+PY/bGX/CeTMR36nm4JawGuRKt7RwInqkfn17
2gEU+YEEI8DR9ovWFJgngS6KWv0cUPxTuFcPLw1nly3GGHzisdiZoMpQlKl6wNWH
lMe5Cegwxx96eiXaPlv5bF7cvQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJbkbZr0
SN8UIWL6I++XWEYT6AF9MB8GA1UdIwQYMBaAFPU5KRkZzeFEsDTvKIsKY0eD6Cx/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzYxQi81MUVGRkEzMDgy
NjkxMUVDQUQyRTk1MjRDNEY5QUUwMi85VGtwR1JuTjRVU3dOTzhvaXdwalI0UG9M
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlUa3BHUm5ONFVTd05POG9pd3BqUjRQb0xIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM2MUIvNTFFRkZBMzA4MjY5MTFFQ0FEMkU5NTI0QzRGOUFFMDIvNUIwNDA5MzY4
QjFFMTFFREJGODUxNzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJ0zIwwDQQCAAIwBwMFACQAx8AwDQYJKoZIhvcNAQELBQAD
ggEBAD+kzzgAv8/MDU5NpuExtwqLwzwZLeyAKs33i3KX2ZziZXTSKQbfwP169Ern
zCY2Q7uYw0ySmkYUEre6cFHLIv1wnoSwbJ/QD6b6S/nz4wT3Mrx8YgO6cACXMh+p
pYXmx2IJViyojg3+ULgX1VhvEDkLp6ZR6VBLZSXYbVGou9phZoYrPosoKjtCfr9U
OL3NrN9bHdOfBSsQ871YIhNXM4QlKljTXrj9nFuk1F0u3ngxieNf1balzVqwWM+k
XNVQ6+sKKQNF/FxdRhaSMP++bQLyQGaOoRKHKhusP2c5T1Ktcjki2T+0VC1c0/aJ
qtYPpZm9cmSPqfFhKEt09GoAdeY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org