Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/7F16C75EB5D611EDB935E477C4F9AE02.roa
File: 7F16C75EB5D611EDB935E477C4F9AE02.roa (raw, json)
Hash identifier: r3JX1wjFrVWBlI3vjb/f2vU3RV5kw6UIHzYyoC2aQzA=
Subject key identifier: 5F:0B:78:2F:BD:5A:E5:9E:F7:92:BC:4F:02:DF:E5:6C:81:65:E9:A8
Certificate issuer: /CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248
Certificate serial: 0A52
Authority key identifier: B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/7F16C75EB5D611EDB935E477C4F9AE02.roa
Signing time: Sun 26 Feb 2023 13:07:18 +0000
ROA not before: Sun 26 Feb 2023 13:07:18 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 38565
IP address blocks: 36.252.0.0/15 maxlen: 23
43.243.96.0/22 maxlen: 24
49.126.0.0/16 maxlen: 20
103.38.196.0/22 maxlen: 24
116.68.208.0/21 maxlen: 24
2400:9500::/32 maxlen: 32
2400:9500:4000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2642 (0xa52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248
Validity
Not Before: Feb 26 13:07:18 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63fb5986-8262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:77:ec:57:09:bb:07:d3:2b:0b:19:20:83:77:
bc:75:d4:49:0a:ae:52:9d:ef:13:0b:bc:c1:f4:7a:
d7:db:d6:ac:e8:a5:ec:e2:27:5e:86:96:dd:db:9b:
06:c1:cb:60:5b:e5:21:d8:40:98:63:36:95:2b:f8:
12:0d:d4:bd:bd:2f:0c:94:f8:32:f6:2c:38:9a:0f:
c7:02:e8:7e:ae:2d:7d:b4:6f:54:f1:ff:1b:cb:af:
16:cc:a7:16:85:c3:31:48:27:e9:47:91:e7:ac:7e:
e5:32:d1:20:3b:a9:10:9a:1d:68:cc:3c:c2:1b:ab:
bc:3e:01:4a:56:66:ba:0f:4f:50:17:33:1b:56:a1:
a0:3b:5c:d7:9d:7c:c3:50:c2:80:a7:45:9e:15:03:
b3:48:8f:5a:11:27:3a:5d:3e:8d:2d:09:74:08:86:
a4:d8:cd:4e:cd:28:a8:22:ff:96:da:ad:db:9e:14:
c2:0a:74:03:42:16:56:c9:1f:71:5d:25:d5:68:98:
ca:c1:73:3e:20:14:ce:14:f2:11:0a:46:3e:36:69:
94:93:f1:95:59:83:fd:bf:af:15:a5:9e:de:3b:2e:
90:59:63:23:11:56:f2:11:a8:d4:f8:ec:dd:6d:7e:
78:b9:4e:38:00:f0:57:5c:9d:ce:bd:29:d4:01:2a:
b8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0B:78:2F:BD:5A:E5:9E:F7:92:BC:4F:02:DF:E5:6C:81:65:E9:A8
X509v3 Authority Key Identifier:
keyid:B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/7F16C75EB5D611EDB935E477C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.252.0.0/15
43.243.96.0/22
49.126.0.0/16
103.38.196.0/22
116.68.208.0/21
IPv6:
2400:9500::/32
Signature Algorithm: sha256WithRSAEncryption
91:1a:e7:4c:b5:94:ba:5c:87:e5:0f:35:49:ad:4a:da:f8:47:
d6:d5:99:2a:63:ac:56:ff:46:55:45:37:f5:76:aa:aa:bd:42:
23:f9:fc:4f:1d:4c:4b:9f:f6:8c:2c:84:af:a8:45:83:8d:9a:
e8:46:a6:e2:93:db:07:5a:1a:cd:b3:76:5f:7f:fa:05:e0:df:
5c:7c:1c:e5:fb:91:ec:ad:78:4a:40:e0:21:43:92:7b:6b:cd:
83:b8:8f:04:82:ec:b7:89:d8:af:0f:39:ac:da:22:8e:72:3d:
fa:65:09:8d:94:97:dc:6d:61:ae:9b:de:e6:4a:8a:76:46:79:
9b:d9:19:f8:e7:82:cf:47:b5:c6:0b:78:14:69:98:cf:35:89:
aa:e7:22:86:2d:d3:2c:46:43:cd:f4:92:57:b2:e6:7d:63:6e:
75:1f:c4:e0:e2:c9:fa:84:f2:e5:2d:62:59:c7:7c:6e:f5:1d:
10:c2:4b:3a:6b:3e:ba:54:e7:59:82:3e:3d:b8:2c:e3:f5:fc:
25:83:34:22:7b:f5:00:82:dc:e7:c1:70:bc:f8:ca:1e:4f:c4:
5a:e8:1a:ff:5c:b4:21:4b:cf:f8:0e:0a:15:0f:6e:82:70:ea:
e1:0e:70:24:46:ce:e2:42:f2:22:b4:1a:e7:d6:3d:ef:17:e4:
b3:90:96:3b
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICClIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkM5NjYxMTAvBgNVBAUTKEIyQTI1RERFMUE5RUM5MUI1OTk4NkE1MzJGNzg4MzU0
MzYxODMyNDgwHhcNMjMwMjI2MTMwNzE4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ZiNTk4Ni04MjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA03fsVwm7B9MrCxkgg3e8ddRJCq5Sne8TC7zB9HrX29as6KXs4idehpbd25sG
wctgW+Uh2ECYYzaVK/gSDdS9vS8MlPgy9iw4mg/HAuh+ri19tG9U8f8by68WzKcW
hcMxSCfpR5HnrH7lMtEgO6kQmh1ozDzCG6u8PgFKVma6D09QFzMbVqGgO1zXnXzD
UMKAp0WeFQOzSI9aESc6XT6NLQl0CIak2M1OzSioIv+W2q3bnhTCCnQDQhZWyR9x
XSXVaJjKwXM+IBTOFPIRCkY+NmmUk/GVWYP9v68VpZ7eOy6QWWMjEVbyEajU+Ozd
bX54uU44APBXXJ3OvSnUASq4zQIDAQABo4ICujCCArYwHQYDVR0OBBYEFF8LeC+9
WuWe95K8TwLf5WyBZemoMB8GA1UdIwQYMBaAFLKiXd4anskbWZhqUy94g1Q2GDJI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzk2Ni9BMTk1MkJBMjFD
MTExMUVBQjZDM0M3NkRDNEY5QUUwMi9zcUpkM2hxZXlSdFptR3BUTDNpRFZEWVlN
a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NxSmQzaHFleVJ0Wm1HcFRMM2lEVkRZWU1rZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkM5NjYvQTE5NTJCQTIxQzExMTFFQUI2QzNDNzZEQzRGOUFFMDIvN0YxNkM3NUVC
NUQ2MTFFREI5MzVFNDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCIEAgABMBwDAwEk/AMEAivzYAMDADF+AwQCZybEAwQDdETQMA0EAgACMAcD
BQAkAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQCRGudMtZS6XIflDzVJrUra+EfW1Zkq
Y6xW/0ZVRTf1dqqqvUIj+fxPHUxLn/aMLISvqEWDjZroRqbik9sHWhrNs3Zff/oF
4N9cfBzl+5HsrXhKQOAhQ5J7a82DuI8Eguy3idivDzms2iKOcj36ZQmNlJfcbWGu
m97mSop2Rnmb2Rn454LPR7XGC3gUaZjPNYmq5yKGLdMsRkPN9JJXsuZ9Y251H8Tg
4sn6hPLlLWJZx3xu9R0Qwks6az66VOdZgj49uCzj9fwlgzQie/UAgtznwXC8+Moe
T8Ra6Br/XLQhS8/4DgoVD26CcOrhDnAkRs7iQvIitBrn1j3vF+SzkJY7
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:39 2024 by rpki-client on console-fra.rpki-client.org