Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/33AB0A72B9B811EAA255B177C4F9AE02.roa
File: 33AB0A72B9B811EAA255B177C4F9AE02.roa (raw, json)
Hash identifier: gNUECHLhfF5fcBpoSDdBSMkKgd4SFbPsJmrs+3ZmpuY=
Subject key identifier: 4E:8E:5D:C1:0D:64:95:85:C0:A7:E2:B6:12:4E:E4:D9:0C:2B:21:08
Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Certificate serial: 0494
Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/33AB0A72B9B811EAA255B177C4F9AE02.roa
Signing time: Thu 16 Dec 2021 10:57:54 +0000
ROA not before: Thu 16 Dec 2021 10:57:54 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 45577
IP address blocks: 101.234.154.0/24 maxlen: 24
101.234.155.0/24 maxlen: 24
101.234.156.0/24 maxlen: 24
101.234.158.0/24 maxlen: 24
101.234.159.0/24 maxlen: 24
101.234.160.0/24 maxlen: 24
101.234.170.0/24 maxlen: 24
101.234.171.0/24 maxlen: 24
111.125.160.0/24 maxlen: 24
111.125.161.0/24 maxlen: 24
114.111.132.0/24 maxlen: 24
114.111.133.0/24 maxlen: 24
122.100.0.0/24 maxlen: 24
122.100.1.0/24 maxlen: 24
2406:5800:ff00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1172 (0x494)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Validity
Not Before: Dec 16 10:57:54 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61bb1bb2-d8c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d5:fd:0c:6d:f3:8b:ca:13:ec:cb:78:7b:44:
da:ea:6f:fa:54:1a:24:6c:70:dc:7a:a6:b7:14:7a:
3f:58:60:6b:bd:2d:52:bd:0a:c9:e9:aa:14:be:ba:
27:7c:a3:e1:a3:a9:c4:84:a7:8b:0c:3d:a9:0b:53:
d5:01:5c:ea:42:c5:5e:69:4c:fc:4f:4c:6e:22:5d:
ee:27:32:43:e2:fa:37:50:60:57:8f:2b:cf:db:92:
d2:89:b2:e6:29:08:20:7c:0c:53:d7:0e:83:df:6a:
46:30:0f:18:9a:6f:69:4d:fe:1d:58:32:d9:91:cb:
c1:0f:3c:03:08:4e:04:43:bb:5e:23:94:8d:2c:e3:
e2:d1:6c:9b:80:10:d1:5a:ac:b4:89:9e:db:63:04:
d7:ed:bb:ba:2e:e0:8e:0e:4b:58:13:e5:49:8a:7e:
18:f2:20:0b:a0:e4:83:be:08:4d:8d:8c:02:e5:0d:
a7:2b:db:66:a1:02:62:3f:8c:c7:ba:97:0b:cd:e0:
2d:66:ad:d3:c2:fd:6f:28:59:ba:43:72:2a:44:60:
f3:7d:ad:f2:c0:04:b1:03:c7:fb:56:7c:9a:02:50:
a0:cd:47:dc:d1:c5:9e:91:62:41:d0:0b:71:71:07:
3b:ad:0f:8f:d4:f6:6c:f8:1f:38:57:24:ae:5c:87:
8c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8E:5D:C1:0D:64:95:85:C0:A7:E2:B6:12:4E:E4:D9:0C:2B:21:08
X509v3 Authority Key Identifier:
keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/33AB0A72B9B811EAA255B177C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.234.154.0-101.234.156.255
101.234.158.0-101.234.160.255
101.234.170.0/23
111.125.160.0/23
114.111.132.0/23
122.100.0.0/23
IPv6:
2406:5800:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
93:98:9f:e4:d7:03:fa:1d:63:93:90:3e:f0:ab:04:7f:2b:31:
2c:86:ed:78:12:a5:b3:b9:ca:74:63:78:e2:d9:59:cb:8b:d2:
b5:c1:72:70:5e:8b:b5:ad:33:87:16:67:43:5c:49:a4:3c:2b:
34:10:b0:7d:f9:a6:fd:d5:67:8b:bf:72:8e:69:48:2f:b0:4b:
b9:be:6e:15:55:e3:29:3c:99:54:b4:6c:2e:60:03:a4:98:e2:
7d:ff:e5:77:0f:12:52:74:47:9c:25:0a:ce:1f:3b:6a:c9:5e:
28:3e:52:fe:ec:65:2c:10:fd:43:7c:65:ad:dc:94:57:9c:d5:
a7:57:09:75:0f:ed:f3:25:0b:32:0c:e0:b3:2e:56:52:b1:65:
87:26:8b:20:13:92:2e:9c:e1:04:d0:c4:5c:a9:d2:f8:9f:ea:
0c:71:3e:e8:50:a3:e7:f5:c5:ec:e1:1f:45:a8:c0:c7:8e:5c:
68:bb:aa:b5:cb:68:e1:b3:fc:0f:cf:30:37:bc:99:30:11:62:
05:eb:ec:27:d9:67:69:cf:17:a3:3b:72:18:35:d3:18:91:46:
e5:2c:3c:0f:5a:29:a9:71:9f:2d:86:21:7b:19:49:e1:80:74:
8c:75:cf:b0:e6:4e:ef:df:46:92:54:b1:d0:23:e2:26:cb:98:
56:97:4b:6a
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgICBJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5
Mjc1NzQ0MjAwHhcNMjExMjE2MTA1NzU0WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWJiMWJiMi1kOGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxtX9DG3zi8oT7Mt4e0Ta6m/6VBokbHDceqa3FHo/WGBrvS1SvQrJ6aoUvron
fKPho6nEhKeLDD2pC1PVAVzqQsVeaUz8T0xuIl3uJzJD4vo3UGBXjyvP25LSibLm
KQggfAxT1w6D32pGMA8Ymm9pTf4dWDLZkcvBDzwDCE4EQ7teI5SNLOPi0WybgBDR
Wqy0iZ7bYwTX7bu6LuCODktYE+VJin4Y8iALoOSDvghNjYwC5Q2nK9tmoQJiP4zH
upcLzeAtZq3Twv1vKFm6Q3IqRGDzfa3ywASxA8f7VnyaAlCgzUfc0cWekWJB0Atx
cQc7rQ+P1PZs+B84VySuXIeMswIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFE6OXcEN
ZJWFwKfithJO5NkMKyEIMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3
NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS
Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU0NkUvMENENDFEQThCNzZBMTFFQTgxNEY1MDg0QzRGOUFFMDIvMzNBQjBBNzJC
OUI4MTFFQUEyNTVCMTc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E
TzBNMDoEAgABMDQwDAMEAWXqmgMEAGXqnDAMAwQBZeqeAwQAZeqgAwQBZeqqAwQB
b32gAwQBcm+EAwQBemQAMA8EAgACMAkDBwAkBlgA/wAwDQYJKoZIhvcNAQELBQAD
ggEBAJOYn+TXA/odY5OQPvCrBH8rMSyG7XgSpbO5ynRjeOLZWcuL0rXBcnBei7Wt
M4cWZ0NcSaQ8KzQQsH35pv3VZ4u/co5pSC+wS7m+bhVV4yk8mVS0bC5gA6SY4n3/
5XcPElJ0R5wlCs4fO2rJXig+Uv7sZSwQ/UN8Za3clFec1adXCXUP7fMlCzIM4LMu
VlKxZYcmiyATki6c4QTQxFyp0vif6gxxPuhQo+f1xezhH0WowMeOXGi7qrXLaOGz
/A/PMDe8mTARYgXr7CfZZ2nPF6M7chg10xiRRuUsPA9aKalxny2GIXsZSeGAdIx1
z7DmTu/fRpJUsdAj4ibLmFaXS2o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-fra.rpki-client.org