Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C82B0B9E78A411EE9B727757C4F9AE02.roa
File: C82B0B9E78A411EE9B727757C4F9AE02.roa (raw, json)
Hash identifier: 7FGZweLL/lXAq6GFJq5NxBTcG/s5RgPAZe0IUyo0H/o=
Subject key identifier: DD:6C:9E:8D:70:15:32:DA:0D:EA:1A:FC:CC:0C:DB:21:03:EF:A9:37
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3400
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C82B0B9E78A411EE9B727757C4F9AE02.roa
Signing time: Wed 01 Nov 2023 10:52:42 +0000
ROA not before: Wed 01 Nov 2023 10:52:42 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 141212
IP address blocks: 116.90.96.0/24 maxlen: 24
116.90.97.0/24 maxlen: 24
116.90.98.0/24 maxlen: 24
116.90.99.0/24 maxlen: 24
116.90.100.0/24 maxlen: 24
116.90.101.0/24 maxlen: 24
116.90.102.0/24 maxlen: 24
116.90.103.0/24 maxlen: 24
116.90.104.0/24 maxlen: 24
116.90.105.0/24 maxlen: 24
116.90.112.0/24 maxlen: 24
116.90.113.0/24 maxlen: 24
116.90.114.0/24 maxlen: 24
116.90.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13312 (0x3400)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Nov 1 10:52:42 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=65422dfa-c46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:12:ca:52:06:01:e9:5d:10:03:88:30:aa:04:
4b:83:db:fa:ed:5c:62:70:56:e8:bc:32:95:23:59:
46:cf:48:2f:c0:de:4b:f8:fd:19:03:15:85:94:37:
07:41:4b:a7:f2:fa:fc:02:d5:26:20:5e:74:46:2c:
b2:f3:57:af:f2:ed:12:19:29:56:8c:a5:fb:e5:64:
7b:12:f3:7b:ca:4c:e4:a3:14:5e:4c:cf:80:0b:72:
61:fd:c0:20:1a:39:d9:5a:9b:b3:55:52:20:e0:c8:
b6:ce:7d:c0:fc:cf:77:fe:a6:b8:9a:48:9f:53:27:
6f:88:b5:f9:84:f4:ea:5c:e4:c1:cf:f8:8a:10:68:
ad:d8:52:9e:9a:07:2c:40:7a:27:c1:31:10:10:4c:
e2:e7:9c:26:d2:1d:a3:e4:7b:6b:32:96:68:30:3d:
fc:c3:b7:99:33:56:47:5e:e9:ce:d5:32:da:cd:92:
4b:a3:5b:52:d7:3d:00:05:9d:20:8b:d7:6c:41:ef:
57:a0:02:68:02:1e:bc:cf:d3:52:f1:a5:33:58:20:
b6:12:bd:5f:7e:32:08:ee:a3:62:db:2d:ab:40:62:
69:40:8c:31:15:c8:16:86:03:77:8f:f4:c6:b2:86:
12:40:74:bf:34:59:f7:3f:8d:e9:4f:c6:fb:75:7a:
d8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:6C:9E:8D:70:15:32:DA:0D:EA:1A:FC:CC:0C:DB:21:03:EF:A9:37
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C82B0B9E78A411EE9B727757C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.96.0-116.90.105.255
116.90.112.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:b2:bd:23:a4:d0:a1:dd:18:8a:13:ca:bd:ab:c4:04:4f:a4:
eb:d2:b0:a0:01:64:81:d1:f0:5d:7d:ce:92:fd:f5:7a:55:95:
65:85:24:88:d6:9a:46:df:09:8e:11:98:ef:b4:cc:ff:62:04:
a0:61:a0:08:7c:66:7c:7e:99:a8:3e:7a:38:ba:48:4f:0a:67:
2f:6e:55:34:9c:11:ae:73:65:db:c4:c6:24:ba:33:c2:c3:62:
7c:71:19:b4:7b:7f:51:78:7b:b7:b0:85:4d:3a:48:fe:50:05:
a0:0b:00:3c:d5:ed:bd:b5:15:ca:8d:bc:53:65:f3:fa:34:f0:
70:f1:d1:40:fe:fa:d2:47:e8:fe:72:6d:65:b9:c5:80:e4:5e:
be:f9:6b:76:b0:2f:58:a2:73:52:69:58:1f:48:75:2e:31:09:
d7:1e:1b:30:3b:20:5d:e2:7c:9a:12:4f:bd:9a:92:fa:11:0f:
66:58:89:27:e2:7e:8d:d5:13:b9:c9:6c:d6:ba:c1:66:10:98:
6d:43:5f:a1:9a:c2:dd:de:5a:c6:b2:ed:34:c3:dc:b2:2b:7d:
4a:b4:2a:b0:36:15:04:7e:8c:83:5f:82:d6:4c:25:e4:20:ef:
51:ad:20:d3:12:84:7f:a6:d8:13:6b:23:6e:b1:ab:d8:7f:83:
27:87:b5:88
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICNAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMxMTAxMTA1MjQyWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQyMmRmYS1jNDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwxLKUgYB6V0QA4gwqgRLg9v67VxicFbovDKVI1lGz0gvwN5L+P0ZAxWFlDcH
QUun8vr8AtUmIF50Riyy81ev8u0SGSlWjKX75WR7EvN7ykzkoxReTM+AC3Jh/cAg
GjnZWpuzVVIg4Mi2zn3A/M93/qa4mkifUydviLX5hPTqXOTBz/iKEGit2FKemgcs
QHonwTEQEEzi55wm0h2j5HtrMpZoMD38w7eZM1ZHXunO1TLazZJLo1tS1z0ABZ0g
i9dsQe9XoAJoAh68z9NS8aUzWCC2Er1ffjII7qNi2y2rQGJpQIwxFcgWhgN3j/TG
soYSQHS/NFn3P43pT8b7dXrYUQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFN1sno1w
FTLaDeoa/MwM2yED76k3MB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvQzgyQjBCOUU3
OEE0MTFFRTlCNzI3NzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEBXRaYAMEAXRaaAMEAnRacDANBgkqhkiG9w0BAQsFAAOC
AQEAoLK9I6TQod0YihPKvavEBE+k69KwoAFkgdHwXX3Okv31elWVZYUkiNaaRt8J
jhGY77TM/2IEoGGgCHxmfH6ZqD56OLpITwpnL25VNJwRrnNl28TGJLozwsNifHEZ
tHt/UXh7t7CFTTpI/lAFoAsAPNXtvbUVyo28U2Xz+jTwcPHRQP760kfo/nJtZbnF
gORevvlrdrAvWKJzUmlYH0h1LjEJ1x4bMDsgXeJ8mhJPvZqS+hEPZliJJ+J+jdUT
ucls1rrBZhCYbUNfoZrC3d5axrLtNMPcsit9SrQqsDYVBH6Mg1+C1kwl5CDvUa0g
0xKEf6bYE2sjbrGr2H+DJ4e1iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org