Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/278C8F5C7E1511EEAAAFDD41C4F9AE02.roa
File: 278C8F5C7E1511EEAAAFDD41C4F9AE02.roa (raw, json)
Hash identifier: GgatWXVelVwS4Im0gzKsE2JlBvE7fYJq5EhEC2mBP3U=
Subject key identifier: 8B:D9:D4:2C:E8:27:92:91:06:84:B9:3F:97:3B:11:CC:1F:72:AA:06
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3405
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/278C8F5C7E1511EEAAAFDD41C4F9AE02.roa
Signing time: Wed 08 Nov 2023 08:59:42 +0000
ROA not before: Wed 08 Nov 2023 08:59:42 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 141212
IP address blocks: 116.90.96.0/24 maxlen: 24
116.90.97.0/24 maxlen: 24
116.90.98.0/24 maxlen: 24
116.90.99.0/24 maxlen: 24
116.90.100.0/24 maxlen: 24
116.90.102.0/24 maxlen: 24
116.90.103.0/24 maxlen: 24
116.90.104.0/24 maxlen: 24
116.90.105.0/24 maxlen: 24
116.90.112.0/24 maxlen: 24
116.90.113.0/24 maxlen: 24
116.90.114.0/24 maxlen: 24
116.90.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13317 (0x3405)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Nov 8 08:59:42 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=654b4dfe-1e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3b:e4:9e:78:e9:76:a5:db:bf:e1:5a:cf:c9:
54:23:b3:b7:06:50:c1:d3:30:02:d9:5d:ca:9a:bc:
a5:33:4b:f7:db:b1:ad:b4:51:9e:46:e5:1e:a7:f8:
59:35:e3:a1:5b:18:22:1e:61:3b:1a:ad:3a:f8:f7:
30:45:4a:80:54:5f:a0:55:60:aa:ca:97:53:57:99:
65:21:cc:6d:f9:fd:5c:c9:95:12:56:0b:c9:07:53:
38:b6:95:52:44:b7:6b:0f:31:db:fa:b5:ee:46:60:
31:a7:b3:4f:32:2e:8c:18:d7:eb:5d:32:7d:c3:52:
aa:d9:98:83:fb:3d:01:de:b1:5a:d1:e4:72:29:6d:
95:cf:39:29:9a:cc:9c:13:a5:bb:98:ec:99:12:60:
8b:6c:60:0e:8d:84:b6:66:dc:54:ca:5c:c1:6d:5f:
49:2f:4a:06:a4:c7:a9:b6:d6:82:57:75:ca:f0:bd:
44:41:93:7c:8f:55:5d:bb:78:cd:26:bf:00:d5:24:
25:30:3d:e0:79:9e:8c:0a:8e:30:bf:ea:b3:77:f3:
ce:8e:93:10:29:24:65:ea:22:5e:53:c6:58:5b:5a:
88:e2:fd:6e:31:7f:a3:58:13:e5:b9:17:52:30:eb:
43:f9:62:ea:fa:02:7f:40:69:69:b9:9d:52:3d:c6:
6b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D9:D4:2C:E8:27:92:91:06:84:B9:3F:97:3B:11:CC:1F:72:AA:06
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/278C8F5C7E1511EEAAAFDD41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.96.0-116.90.100.255
116.90.102.0-116.90.105.255
116.90.112.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:69:1c:20:c1:ba:9b:eb:72:1b:70:a8:fa:d9:f4:43:c0:9a:
87:59:a7:05:5f:32:42:77:f3:71:09:19:54:c8:4a:27:b9:99:
93:7e:46:d8:90:e7:cd:c9:f0:f1:16:67:c1:3c:ce:9c:02:54:
59:eb:37:e8:fe:f1:3e:36:20:30:4c:b7:01:18:95:a4:38:00:
81:ea:fc:b3:6f:41:a5:73:ea:14:17:ea:44:07:a9:f1:d4:06:
24:72:da:09:24:fa:54:4a:d6:19:9f:bc:e6:b0:10:26:cd:e9:
6d:cf:2a:76:a9:e0:ef:4b:a0:7e:72:25:1a:6d:93:79:27:42:
16:c3:58:c3:ac:df:4c:54:53:eb:02:83:4f:2e:97:a8:49:59:
9c:82:ca:06:8e:f3:b4:60:ca:99:54:29:56:8a:5d:2e:80:16:
77:69:cb:4d:7c:8e:cb:e5:1a:88:c7:13:e9:57:cf:18:cb:93:
17:89:d7:1a:73:dc:5b:3a:08:21:58:c7:09:03:44:e1:25:71:
af:1e:9e:13:2f:cd:54:58:ca:50:22:25:3c:26:42:cf:d4:f0:
5f:b7:d8:ae:25:90:61:d5:3a:9f:33:4c:0e:52:22:1a:27:eb:
fc:15:42:f5:2c:7a:01:00:c1:ff:47:6f:82:51:3e:35:2a:c8:
7e:99:9a:97
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICNAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMxMTA4MDg1OTQyWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRiNGRmZS0xZTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDvknnjpdqXbv+Faz8lUI7O3BlDB0zAC2V3KmrylM0v327GttFGeRuUep/hZ
NeOhWxgiHmE7Gq06+PcwRUqAVF+gVWCqypdTV5llIcxt+f1cyZUSVgvJB1M4tpVS
RLdrDzHb+rXuRmAxp7NPMi6MGNfrXTJ9w1Kq2ZiD+z0B3rFa0eRyKW2Vzzkpmsyc
E6W7mOyZEmCLbGAOjYS2ZtxUylzBbV9JL0oGpMepttaCV3XK8L1EQZN8j1Vdu3jN
Jr8A1SQlMD3geZ6MCo4wv+qzd/POjpMQKSRl6iJeU8ZYW1qI4v1uMX+jWBPluRdS
MOtD+WLq+gJ/QGlpuZ1SPcZrgQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIvZ1Czo
J5KRBoS5P5c7EcwfcqoGMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMjc4QzhGNUM3
RTE1MTFFRUFBQUZERDQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEBXRaYAMEAHRaZDAMAwQBdFpmAwQBdFpoAwQCdFpwMA0G
CSqGSIb3DQEBCwUAA4IBAQB8aRwgwbqb63IbcKj62fRDwJqHWacFXzJCd/NxCRlU
yEonuZmTfkbYkOfNyfDxFmfBPM6cAlRZ6zfo/vE+NiAwTLcBGJWkOACB6vyzb0Gl
c+oUF+pEB6nx1AYkctoJJPpUStYZn7zmsBAmzeltzyp2qeDvS6B+ciUabZN5J0IW
w1jDrN9MVFPrAoNPLpeoSVmcgsoGjvO0YMqZVClWil0ugBZ3actNfI7L5RqIxxPp
V88Yy5MXidcac9xbOgghWMcJA0ThJXGvHp4TL81UWMpQIiU8JkLP1PBft9iuJZBh
1TqfM0wOUiIaJ+v8FUL1LHoBAMH/R2+CUT41Ksh+mZqX
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org