Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/85BCF66838AB11EC9DA8A75AC4F9AE02.roa
File: 85BCF66838AB11EC9DA8A75AC4F9AE02.roa (raw, json)
Hash identifier: sO7F4t+JLQmyfFSqSCXcKwSYaLWcjk+izFfMmMqridA=
Subject key identifier: 3D:19:73:EC:05:9A:01:7F:85:4C:4E:C6:48:E1:2E:2B:2E:B1:9E:FC
Certificate issuer: /CN=A91871C2/serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Certificate serial: 044C
Authority key identifier: A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/85BCF66838AB11EC9DA8A75AC4F9AE02.roa
Signing time: Thu 09 Jun 2022 09:06:18 +0000
ROA not before: Thu 09 Jun 2022 09:06:17 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 139009
IP address blocks: 14.1.100.0/24 maxlen: 24
14.1.101.0/24 maxlen: 24
14.1.102.0/23 maxlen: 23
14.1.102.0/24 maxlen: 24
14.1.103.0/24 maxlen: 24
103.161.168.0/23 maxlen: 24
202.173.120.0/22 maxlen: 22
202.173.120.0/23 maxlen: 23
202.173.120.0/24 maxlen: 24
202.173.121.0/24 maxlen: 24
202.173.122.0/23 maxlen: 23
202.173.122.0/24 maxlen: 24
202.173.123.0/24 maxlen: 24
2407:d40::/32 maxlen: 32
2407:d40::/48 maxlen: 48
2407:d40:f::/48 maxlen: 48
2407:d40:100::/48 maxlen: 48
2407:d40:101::/48 maxlen: 48
2407:d40:103::/48 maxlen: 48
2407:d40:106::/48 maxlen: 48
2407:d40:107::/48 maxlen: 48
2407:d40:108::/48 maxlen: 48
2407:d40:201::/48 maxlen: 48
2407:d40:202::/48 maxlen: 48
2407:d40:203::/48 maxlen: 48
2407:d40:204::/48 maxlen: 48
2407:d40:205::/48 maxlen: 48
2407:d40:8000::/48 maxlen: 48
2407:d40:f000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1100 (0x44c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91871C2/serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Validity
Not Before: Jun 9 09:06:17 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62a1b809-7fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f9:b3:1d:57:fe:6e:32:c0:c4:7d:f9:1d:fb:
09:7c:7e:88:f5:30:c5:df:3c:59:b3:30:89:64:73:
b2:20:31:51:ff:1a:51:79:ac:2f:db:f3:c8:36:b1:
d8:73:05:ea:d1:cb:9d:5e:39:3d:88:61:d3:d6:63:
01:be:3f:08:57:d5:92:1e:10:2a:ce:7f:16:eb:df:
21:21:49:8e:c3:02:81:dc:1a:c3:73:01:4f:ab:7a:
34:18:ca:b0:a5:40:86:5b:fe:bf:55:20:82:8f:73:
1e:40:d0:78:a9:6a:9d:04:06:52:c8:1e:16:b1:c1:
1a:9c:73:81:d4:18:55:59:eb:3b:da:36:40:f6:7e:
0c:23:2a:37:d5:b3:b9:c4:fe:37:14:f5:81:d3:8f:
1b:c8:6c:9e:08:11:6b:85:bd:e3:da:7e:cc:9b:35:
90:0c:95:7a:5d:57:8e:31:16:8d:45:06:47:2e:86:
64:ac:a1:48:72:76:80:6f:92:30:e2:fd:24:7f:bf:
3b:66:2f:ae:d7:4a:b1:ad:06:27:c7:8a:48:2e:7b:
e7:d3:98:77:bf:2f:3a:c5:ce:fd:5a:e8:bc:9f:49:
69:38:93:6a:2e:2f:9e:98:c4:2a:8e:7f:00:ff:77:
89:a2:b9:c9:13:33:dd:49:e7:46:f7:ef:96:ef:26:
f3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:19:73:EC:05:9A:01:7F:85:4C:4E:C6:48:E1:2E:2B:2E:B1:9E:FC
X509v3 Authority Key Identifier:
keyid:A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/85BCF66838AB11EC9DA8A75AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.100.0/22
103.161.168.0/23
202.173.120.0/22
IPv6:
2407:d40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:87:6c:a3:1f:21:27:14:13:ea:4b:c1:20:b0:ea:85:d0:1b:
da:da:a2:7b:5b:29:a7:db:3e:f7:d5:25:d1:30:dc:e0:dd:1c:
85:64:2f:05:1f:fc:82:3e:da:9c:d9:27:56:32:01:d7:3e:a7:
d6:9f:4c:74:dd:f4:8d:63:06:22:2a:90:7f:f4:8a:03:2b:47:
de:b3:58:da:cc:08:02:e2:e7:87:04:3f:92:96:a1:53:0f:05:
ab:86:ee:c9:c6:55:6a:0d:c4:cb:c8:83:f6:af:ce:ed:d6:48:
8a:8d:44:61:de:22:f5:e6:6f:25:17:e7:7e:b6:a0:51:bc:30:
69:35:50:fe:14:77:40:49:29:3d:f5:a2:e5:2f:c3:16:df:0b:
01:38:ca:28:39:19:31:1f:19:3c:30:57:9f:ff:04:b0:c3:7c:
38:70:3b:cf:64:19:3d:99:27:a9:80:09:31:4e:33:a1:55:34:
56:6e:36:52:72:9f:fa:39:e2:07:7a:77:b4:ed:80:f7:ff:99:
04:a1:4a:2f:a9:9d:f2:5d:1a:c7:3f:9d:94:21:0b:1c:05:7f:
a8:5f:e0:2e:e5:a0:e7:7a:b7:8d:91:3c:cb:80:8e:17:27:3a:
72:59:d9:b0:37:1b:33:49:fc:58:cc:a0:e8:97:84:ff:58:1f:
be:8e:d7:05
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICBEwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODcxQzIxMTAvBgNVBAUTKEE5RUFCQzI0NjUxMTZFRDExRDZDOENEQUUyMDExMjM3
Q0YxRjU5REYwHhcNMjIwNjA5MDkwNjE3WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmExYjgwOS03ZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPmzHVf+bjLAxH35HfsJfH6I9TDF3zxZszCJZHOyIDFR/xpReawv2/PINrHY
cwXq0cudXjk9iGHT1mMBvj8IV9WSHhAqzn8W698hIUmOwwKB3BrDcwFPq3o0GMqw
pUCGW/6/VSCCj3MeQNB4qWqdBAZSyB4WscEanHOB1BhVWes72jZA9n4MIyo31bO5
xP43FPWB048byGyeCBFrhb3j2n7MmzWQDJV6XVeOMRaNRQZHLoZkrKFIcnaAb5Iw
4v0kf787Zi+u10qxrQYnx4pILnvn05h3vy86xc79Wui8n0lpOJNqLi+emMQqjn8A
/3eJornJEzPdSedG9++W7ybzIQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFD0Zc+wF
mgF/hUxOxkjhLisusZ78MB8GA1UdIwQYMBaAFKnqvCRlEW7RHWyM2uIBEjfPH1nf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzFDMi9ERTYxNjY2ODU1
QTkxMUVCOTlBRkRBNURDNEY5QUUwMi9xZXE4SkdVUmJ0RWRiSXphNGdFU044OGZX
ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FlcThKR1VSYnRFZGJJemE0Z0VTTjg4ZldkOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODcxQzIvREU2MTY2Njg1NUE5MTFFQjk5QUZEQTVEQzRGOUFFMDIvODVCQ0Y2Njgz
OEFCMTFFQzlEQThBNzVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIOAWQDBAFnoagDBALKrXgwDQQCAAIwBwMFACQHDUAwDQYJ
KoZIhvcNAQELBQADggEBAD6HbKMfIScUE+pLwSCw6oXQG9raontbKafbPvfVJdEw
3ODdHIVkLwUf/II+2pzZJ1YyAdc+p9afTHTd9I1jBiIqkH/0igMrR96zWNrMCALi
54cEP5KWoVMPBauG7snGVWoNxMvIg/avzu3WSIqNRGHeIvXmbyUX5362oFG8MGk1
UP4Ud0BJKT31ouUvwxbfCwE4yig5GTEfGTwwV5//BLDDfDhwO89kGT2ZJ6mACTFO
M6FVNFZuNlJyn/o54gd6d7TtgPf/mQShSi+pnfJdGsc/nZQhCxwFf6hf4C7loOd6
t42RPMuAjhcnOnJZ2bA3GzNJ/FjMoOiXhP9YH76O1wU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:49 2023 by rpki-client on console-fra.rpki-client.org