Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/EC8DF7DC2A0011EEA2F38752C4F9AE02.roa
File: EC8DF7DC2A0011EEA2F38752C4F9AE02.roa (raw, json)
Hash identifier: xfUjxQelR3vaNbmvvjf4Q0bVxSU6E6Z/+HJ91UKunUU=
Subject key identifier: A3:A0:C0:57:F6:CD:45:8B:3B:20:45:27:CC:30:0B:E0:85:3E:F3:AD
Certificate issuer: /CN=A918A996/serialNumber=8386BE861BDBDB6D0165087DC044A07FA4D4F089
Certificate serial: 1C
Authority key identifier: 83:86:BE:86:1B:DB:DB:6D:01:65:08:7D:C0:44:A0:7F:A4:D4:F0:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g4a-hhvb220BZQh9wESgf6TU8Ik.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/EC8DF7DC2A0011EEA2F38752C4F9AE02.roa
Signing time: Mon 24 Jul 2023 09:03:15 +0000
ROA not before: Mon 24 Jul 2023 09:03:15 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 10118
IP address blocks: 117.103.144.0/20 maxlen: 20
117.103.144.0/20 maxlen: 24
117.103.152.0/23 maxlen: 23
117.103.156.0/24 maxlen: 24
117.103.157.0/24 maxlen: 24
117.103.158.0/24 maxlen: 24
117.103.159.0/24 maxlen: 24
124.217.128.0/18 maxlen: 18
124.217.128.0/24 maxlen: 24
124.217.129.0/24 maxlen: 24
124.217.130.0/24 maxlen: 24
124.217.131.0/24 maxlen: 24
124.217.132.0/23 maxlen: 23
124.217.136.0/23 maxlen: 24
124.217.138.0/24 maxlen: 24
124.217.139.0/24 maxlen: 24
124.217.140.0/24 maxlen: 24
124.217.141.0/24 maxlen: 24
124.217.142.0/24 maxlen: 24
124.217.143.0/24 maxlen: 24
124.217.144.0/20 maxlen: 20
124.217.160.0/20 maxlen: 20
124.217.178.0/24 maxlen: 24
124.217.179.0/24 maxlen: 24
124.217.180.0/22 maxlen: 22
124.217.184.0/24 maxlen: 24
124.217.185.0/24 maxlen: 24
124.217.186.0/24 maxlen: 24
124.217.187.0/24 maxlen: 24
124.217.188.0/22 maxlen: 22
124.217.188.0/24 maxlen: 24
124.217.189.0/24 maxlen: 24
124.217.190.0/24 maxlen: 24
124.217.191.0/24 maxlen: 24
180.188.128.0/18 maxlen: 22
180.188.128.0/19 maxlen: 24
180.188.160.0/20 maxlen: 24
180.188.176.0/21 maxlen: 24
180.188.184.0/22 maxlen: 24
180.188.188.0/24 maxlen: 24
180.188.189.0/24 maxlen: 24
180.188.190.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A996/serialNumber=8386BE861BDBDB6D0165087DC044A07FA4D4F089
Validity
Not Before: Jul 24 09:03:15 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64be3e53-8d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:11:c0:94:da:75:1a:b4:66:c6:5b:72:ce:6e:
d7:7b:45:ac:81:f5:2d:0a:99:b4:f2:41:57:fd:92:
56:7e:2c:17:77:72:d7:79:26:8c:74:c3:53:43:f8:
4a:45:f9:8d:58:28:d8:f4:40:ee:4a:79:87:19:a1:
f3:a0:65:bb:75:54:95:8b:f3:2d:0a:37:bc:c8:d8:
7a:fe:c7:bd:82:06:12:d8:80:f2:65:92:f4:be:59:
43:88:49:a2:c5:97:76:39:41:52:04:b1:d0:1f:77:
de:6b:d4:9d:56:9e:52:a4:cf:63:ae:4a:95:ea:ab:
d1:0d:5d:65:fa:15:eb:72:90:63:1d:1d:65:ec:fa:
b3:0a:88:f2:95:04:4d:9a:bf:56:15:70:32:b1:d2:
e5:1d:ec:f9:63:06:57:b7:60:d4:ef:f5:dc:99:54:
3c:1d:51:b1:f7:0f:80:44:31:d3:6c:3a:96:99:94:
0c:c6:30:35:78:ce:ec:b0:25:21:33:7e:f6:fe:20:
65:ec:7f:de:e0:59:61:57:07:4c:61:0a:bb:94:ef:
b2:20:11:1a:04:ab:ce:cc:cd:5a:07:d7:d3:26:c2:
6e:6a:01:9b:54:a1:8d:24:1c:72:a2:0c:d0:f3:54:
5d:17:0d:0d:e7:ee:97:40:a0:1f:87:b5:95:31:14:
00:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A0:C0:57:F6:CD:45:8B:3B:20:45:27:CC:30:0B:E0:85:3E:F3:AD
X509v3 Authority Key Identifier:
keyid:83:86:BE:86:1B:DB:DB:6D:01:65:08:7D:C0:44:A0:7F:A4:D4:F0:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/g4a-hhvb220BZQh9wESgf6TU8Ik.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g4a-hhvb220BZQh9wESgf6TU8Ik.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/EC8DF7DC2A0011EEA2F38752C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.103.144.0/20
124.217.128.0/18
180.188.128.0/18
Signature Algorithm: sha256WithRSAEncryption
65:67:5b:e7:84:fd:b6:7d:b8:b4:45:9a:5a:0f:6d:cd:29:6e:
a2:68:43:84:86:4c:cd:68:02:24:73:c7:09:02:3f:45:c0:ad:
f3:c4:4c:0f:86:3c:7f:14:52:16:57:06:b5:f1:20:0f:ed:3c:
b2:4e:2b:29:aa:58:44:8c:df:ba:34:fd:ff:1a:76:db:c6:de:
02:57:33:61:38:07:02:d6:ed:04:97:db:b3:97:58:ca:4b:e1:
5d:64:c9:16:65:18:f1:e5:e7:15:ae:04:e9:55:1e:b9:fb:68:
56:b5:d7:a3:69:95:30:0f:38:8f:d4:3b:32:a2:2a:ac:59:a6:
fd:d2:22:1e:b1:36:c4:a2:8d:fe:9d:4b:d8:11:f1:b1:3d:00:
9a:23:bf:15:00:cf:d4:fc:c6:c0:7b:9f:aa:1f:89:68:62:b9:
45:01:a0:87:74:eb:20:42:c6:a4:a6:af:a6:2f:a9:72:53:49:
45:91:b5:e7:a0:00:91:c8:1d:aa:27:b0:6b:7e:95:5e:d4:52:
eb:6e:cd:88:11:5f:57:43:6f:2b:d4:b2:ae:02:0d:64:50:c2:
f5:f8:62:d8:5c:3a:d5:ce:04:28:29:b7:88:8c:c1:5c:cc:40:
d0:63:2b:fa:1c:da:99:88:ab:80:80:28:4e:d3:c2:d7:60:4d:
41:ea:60:16
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QTk5NjExMC8GA1UEBRMoODM4NkJFODYxQkRCREI2RDAxNjUwODdEQzA0NEEwN0ZB
NEQ0RjA4OTAeFw0yMzA3MjQwOTAzMTVaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YmUzZTUzLThkMmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlEcCU2nUatGbGW3LObtd7RayB9S0KmbTyQVf9klZ+LBd3ctd5Jox0w1ND+EpF
+Y1YKNj0QO5KeYcZofOgZbt1VJWL8y0KN7zI2Hr+x72CBhLYgPJlkvS+WUOISaLF
l3Y5QVIEsdAfd95r1J1WnlKkz2OuSpXqq9ENXWX6FetykGMdHWXs+rMKiPKVBE2a
v1YVcDKx0uUd7PljBle3YNTv9dyZVDwdUbH3D4BEMdNsOpaZlAzGMDV4zuywJSEz
fvb+IGXsf97gWWFXB0xhCruU77IgERoEq87MzVoH19Mmwm5qAZtUoY0kHHKiDNDz
VF0XDQ3n7pdAoB+HtZUxFADJAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUo6DAV/bN
RYs7IEUnzDAL4IU+860wHwYDVR0jBBgwFoAUg4a+hhvb220BZQh9wESgf6TU8Ikw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBOTk2LzMyQzY4QTVFMjc5
ODExRUVCRDhEQzU1RkM0RjlBRTAyL2c0YS1oaHZiMjIwQlpRaDl3RVNnZjZUVThJ
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZzRhLWhodmIyMjBCWlFoOXdFU2dmNlRVOElrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QTk5Ni8zMkM2OEE1RTI3OTgxMUVFQkQ4REM1NUZDNEY5QUUwMi9FQzhERjdEQzJB
MDAxMUVFQTJGMzg3NTJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEBHVnkAMEBnzZgAMEBrS8gDANBgkqhkiG9w0BAQsFAAOCAQEA
ZWdb54T9tn24tEWaWg9tzSluomhDhIZMzWgCJHPHCQI/RcCt88RMD4Y8fxRSFlcG
tfEgD+08sk4rKapYRIzfujT9/xp228beAlczYTgHAtbtBJfbs5dYykvhXWTJFmUY
8eXnFa4E6VUeuftoVrXXo2mVMA84j9Q7MqIqrFmm/dIiHrE2xKKN/p1L2BHxsT0A
miO/FQDP1PzGwHufqh+JaGK5RQGgh3TrIELGpKavpi+pclNJRZG156AAkcgdqiew
a36VXtRS627NiBFfV0NvK9SyrgINZFDC9fhi2Fw61c4EKCm3iIzBXMxA0GMr+hza
mYirgIAoTtPC12BNQepgFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org