Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F6A7B7EA913B11EBAA1EB776C4F9AE02.roa
File: F6A7B7EA913B11EBAA1EB776C4F9AE02.roa (raw, json)
Hash identifier: eRm2UqI1JsFbj8pbk02/BEt0fk/7nI33kEoRu3q5Tb0=
Subject key identifier: C3:98:99:50:A7:8F:AF:B5:C8:E8:E4:80:F5:24:E5:C0:35:A4:FD:AD
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 333A
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F6A7B7EA913B11EBAA1EB776C4F9AE02.roa
Signing time: Fri 20 Jan 2023 14:40:29 +0000
ROA not before: Fri 20 Jan 2023 14:40:29 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 141212
IP address blocks: 116.90.96.0/24 maxlen: 24
116.90.97.0/24 maxlen: 24
116.90.98.0/24 maxlen: 24
116.90.99.0/24 maxlen: 24
116.90.100.0/24 maxlen: 24
116.90.101.0/24 maxlen: 24
116.90.102.0/24 maxlen: 24
116.90.103.0/24 maxlen: 24
116.90.104.0/24 maxlen: 24
116.90.105.0/24 maxlen: 24
116.90.112.0/24 maxlen: 24
116.90.113.0/24 maxlen: 24
116.90.114.0/24 maxlen: 24
116.90.115.0/24 maxlen: 24
121.46.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13114 (0x333a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Jan 20 14:40:29 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63caa7dc-5093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bb:fa:81:4f:47:87:b5:d9:d4:97:b5:44:87:
13:1a:33:9d:fb:75:19:66:21:3f:f0:b6:ea:52:ec:
04:ad:e0:33:cb:25:09:c9:07:e5:56:00:20:5d:c8:
a9:b3:2d:b7:34:94:45:39:a9:23:f2:c1:d0:c6:e2:
95:79:71:34:bd:a7:b5:48:73:6f:57:8f:0d:5c:a6:
5f:bc:8f:e5:21:50:93:cd:4c:45:f1:48:7a:90:00:
f1:92:42:c5:9d:0b:ca:86:21:84:ef:e4:ce:02:c8:
d1:d7:8d:dd:ec:68:fa:44:01:50:aa:48:f8:51:0e:
55:5d:2e:cc:86:1e:77:ce:01:ba:2f:c9:21:97:80:
d2:b3:c1:68:9d:b2:03:e0:40:95:5c:15:af:e6:42:
91:bf:b5:32:64:76:d9:b2:19:7b:11:7d:06:3c:50:
90:7e:29:51:23:09:6c:11:4c:41:b6:3e:6d:37:c3:
aa:f4:85:72:47:b7:46:61:20:ce:fd:ac:5f:ed:6e:
5e:ba:4c:72:7d:30:e4:d8:29:fe:3c:c8:73:ad:99:
35:70:ce:a0:f3:ae:dd:9d:4b:90:dc:ad:61:6e:1b:
d6:ae:00:52:ec:86:05:1c:23:ee:ba:2e:7a:9a:07:
50:3a:93:c5:b3:a2:fd:a7:9d:55:4d:f8:ba:30:92:
47:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:98:99:50:A7:8F:AF:B5:C8:E8:E4:80:F5:24:E5:C0:35:A4:FD:AD
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/F6A7B7EA913B11EBAA1EB776C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.96.0-116.90.105.255
116.90.112.0/22
121.46.67.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f6:9e:25:72:0a:87:4b:ff:0c:72:3e:82:d4:d5:a3:6d:9a:
6d:6a:ef:60:ce:69:45:fb:66:96:fb:75:50:13:ef:84:d3:5d:
28:92:e4:6d:0c:07:6b:52:f0:09:93:86:77:98:63:ba:13:e6:
d7:35:35:c8:10:1d:c2:cb:72:75:b3:be:4c:b4:9a:fd:c0:bf:
9d:da:c3:3b:00:e3:3f:b1:b8:05:49:10:3c:b9:0f:86:c3:2f:
ce:2d:3f:ee:b3:a4:ee:88:bd:c5:8f:c0:f6:67:3b:dd:8c:6e:
6b:97:66:1a:47:7b:2d:05:f5:6a:1a:05:3e:75:51:1a:41:14:
64:4c:b7:e6:97:e3:51:1f:5a:54:2b:53:85:ab:1d:77:89:57:
be:07:2e:65:38:a4:8a:ea:b1:20:41:f2:29:28:ac:18:ae:b4:
3d:80:c3:e6:55:be:3c:48:e0:20:2a:87:33:06:51:84:5c:aa:
e5:d1:a2:43:f2:d8:71:26:7f:09:b4:d9:a1:7f:cc:70:31:bb:
a7:24:53:08:f2:91:31:b2:6a:dc:f0:14:17:28:fd:f7:ae:34:
00:37:4d:62:77:07:cf:d5:b0:f7:7f:9b:01:b5:9e:09:1e:7d:
bf:0c:27:b8:00:cc:c3:c0:47:e1:ca:40:13:3e:5a:86:7a:2f:
93:6e:fb:2a
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICMzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjMwMTIwMTQ0MDI5WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2NhYTdkYy01MDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8bv6gU9Hh7XZ1Je1RIcTGjOd+3UZZiE/8LbqUuwEreAzyyUJyQflVgAgXcip
sy23NJRFOakj8sHQxuKVeXE0vae1SHNvV48NXKZfvI/lIVCTzUxF8Uh6kADxkkLF
nQvKhiGE7+TOAsjR143d7Gj6RAFQqkj4UQ5VXS7Mhh53zgG6L8khl4DSs8FonbID
4ECVXBWv5kKRv7UyZHbZshl7EX0GPFCQfilRIwlsEUxBtj5tN8Oq9IVyR7dGYSDO
/axf7W5eukxyfTDk2Cn+PMhzrZk1cM6g867dnUuQ3K1hbhvWrgBS7IYFHCPuui56
mgdQOpPFs6L9p51VTfi6MJJHOwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFMOYmVCn
j6+1yOjkgPUk5cA1pP2tMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRjZBN0I3RUE5
MTNCMTFFQkFBMUVCNzc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEBXRaYAMEAXRaaAMEAnRacAMEAHkuQzANBgkqhkiG9w0B
AQsFAAOCAQEAbPaeJXIKh0v/DHI+gtTVo22abWrvYM5pRftmlvt1UBPvhNNdKJLk
bQwHa1LwCZOGd5hjuhPm1zU1yBAdwstydbO+TLSa/cC/ndrDOwDjP7G4BUkQPLkP
hsMvzi0/7rOk7oi9xY/A9mc73Yxua5dmGkd7LQX1ahoFPnVRGkEUZEy35pfjUR9a
VCtThasdd4lXvgcuZTikiuqxIEHyKSisGK60PYDD5lW+PEjgICqHMwZRhFyq5dGi
Q/LYcSZ/CbTZoX/McDG7pyRTCPKRMbJq3PAUFyj99640ADdNYncHz9Ww93+bAbWe
CR59vwwnuADMw8BH4cpAEz5ahnovk277Kg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org