Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BA6F640A6DCF11ECBECB137AC4F9AE02.roa
File: BA6F640A6DCF11ECBECB137AC4F9AE02.roa (raw, json)
Hash identifier: gak0ST2YZGfThHgHJGnxLbEN5w92eNfVsummXXwzTjs=
Subject key identifier: 7D:95:D3:4A:CC:79:89:40:BD:0F:C0:21:20:1D:FF:04:05:38:DF:88
Certificate issuer: /CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Certificate serial: 20C4
Authority key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BA6F640A6DCF11ECBECB137AC4F9AE02.roa
Signing time: Fri 08 Apr 2022 10:42:34 +0000
ROA not before: Fri 08 Apr 2022 10:42:34 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 45352
IP address blocks: 14.102.144.0/22 maxlen: 24
14.102.148.0/24 maxlen: 24
14.102.149.0/24 maxlen: 24
14.102.150.0/24 maxlen: 24
14.102.151.0/24 maxlen: 24
43.252.152.0/23 maxlen: 23
43.252.154.0/23 maxlen: 23
43.252.154.0/24 maxlen: 24
43.252.155.0/24 maxlen: 24
45.64.168.0/22 maxlen: 22
45.64.168.0/23 maxlen: 23
45.64.168.0/24 maxlen: 24
45.64.169.0/24 maxlen: 24
45.64.170.0/24 maxlen: 24
45.64.171.0/24 maxlen: 24
58.84.8.0/22 maxlen: 22
103.3.172.0/24 maxlen: 24
103.3.173.0/24 maxlen: 24
103.3.174.0/23 maxlen: 24
103.10.156.0/23 maxlen: 24
103.10.158.0/23 maxlen: 24
118.107.200.0/21 maxlen: 21
118.107.208.0/24 maxlen: 24
118.107.209.0/24 maxlen: 24
118.107.210.0/23 maxlen: 23
118.107.232.0/24 maxlen: 24
118.107.233.0/24 maxlen: 24
118.107.234.0/23 maxlen: 23
118.107.235.0/24 maxlen: 24
118.107.236.0/24 maxlen: 24
118.107.237.0/24 maxlen: 24
118.107.238.0/24 maxlen: 24
118.107.239.0/24 maxlen: 24
118.107.240.0/24 maxlen: 24
118.107.241.0/24 maxlen: 24
118.107.242.0/24 maxlen: 24
118.107.243.0/24 maxlen: 24
183.81.160.0/21 maxlen: 24
192.82.56.0/21 maxlen: 21
192.82.57.0/24 maxlen: 24
192.82.58.0/24 maxlen: 24
192.82.60.0/24 maxlen: 24
192.82.61.0/24 maxlen: 24
192.82.62.0/24 maxlen: 24
210.5.40.0/22 maxlen: 24
210.5.44.0/22 maxlen: 24
2401:3400::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8388 (0x20c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Validity
Not Before: Apr 8 10:42:34 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=6250119a-5d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:16:de:ef:d6:30:e9:84:db:c6:a5:4d:fb:80:
58:8e:01:b5:32:0c:e3:3d:34:55:a1:c2:2a:07:e7:
5f:16:33:3c:8a:c9:ae:15:e0:9c:bc:11:e4:c3:db:
f4:8f:5c:2d:15:a1:9a:bf:73:fb:24:60:6b:57:62:
b0:da:06:5f:cc:96:b1:6f:40:4e:e6:a0:a3:a0:b3:
98:69:07:88:02:85:74:3b:b7:2b:24:fc:7b:ec:5b:
c0:76:8e:e0:ec:cf:cd:4d:41:4b:51:63:4b:6f:12:
df:67:46:05:8e:32:69:9b:a7:01:69:b3:b4:25:6d:
bb:1e:9e:b2:ee:3f:dd:0f:98:9d:97:45:6e:af:10:
99:4d:87:98:d4:ac:85:a3:4c:9c:0e:b3:b8:54:02:
1f:2b:82:0f:0c:46:38:cb:4c:ef:75:5a:10:a9:5b:
0c:05:ad:73:b7:85:d0:b0:03:ca:de:be:c0:d0:ad:
6f:a1:10:97:bc:10:99:31:4f:bc:c9:78:43:62:56:
f1:e2:e7:8a:29:c3:e8:3a:82:08:b4:87:ec:95:13:
a7:89:76:91:56:66:6d:59:a8:a0:db:80:cc:16:08:
20:d9:45:13:f4:b5:b1:9c:d6:11:ce:9b:1b:c9:a3:
32:40:ee:c4:2d:be:c1:f6:3a:f1:d5:f4:c5:05:30:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:95:D3:4A:CC:79:89:40:BD:0F:C0:21:20:1D:FF:04:05:38:DF:88
X509v3 Authority Key Identifier:
keyid:7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BA6F640A6DCF11ECBECB137AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
3c:f0:37:4c:78:7e:fa:7a:a3:61:ba:ac:b7:3c:10:73:85:df:
86:00:80:dc:8c:15:5f:27:87:4d:5d:84:81:24:19:97:67:fc:
e2:87:4f:a9:7e:5a:6c:0e:ce:a5:3a:d8:59:69:e4:fd:81:c4:
5f:51:21:8c:96:80:5b:26:ae:02:5c:97:49:46:5a:9c:b1:e0:
25:51:cb:35:83:8b:2f:4a:da:b3:8f:30:22:dd:43:b0:13:4b:
2b:90:64:6f:f9:94:7f:09:d5:3d:1b:59:89:f0:e2:75:ec:15:
fe:14:36:ac:83:87:93:ed:7c:a0:6a:38:12:23:38:90:34:c0:
c7:77:ad:ad:99:92:c4:a7:ad:d3:01:2e:87:45:da:24:80:e7:
11:98:20:c6:ce:fb:ba:e7:2c:64:9a:20:12:06:8e:61:55:55:
20:5d:fe:fc:e3:5b:f3:09:92:22:b6:af:6a:9b:f3:26:5a:e3:
9a:21:cd:b2:38:aa:bb:f1:62:bc:1a:57:a4:d5:83:b8:e1:e4:
23:12:5c:50:a7:9e:c8:3d:7f:b5:25:a9:51:23:9a:5f:c0:a5:
94:7b:27:77:41:2f:c3:9e:6e:4f:4c:b9:2e:bd:bb:8d:fe:1d:
68:3b:54:f5:0f:2a:2a:a0:cb:32:3a:36:0c:7c:3c:26:07:96:
c3:c8:a3:49
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICIMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRGN0Y1NDVFOEM5
NDk5M0Q2MUMwHhcNMjIwNDA4MTA0MjM0WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjUwMTE5YS01ZDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApRbe79Yw6YTbxqVN+4BYjgG1MgzjPTRVocIqB+dfFjM8ismuFeCcvBHkw9v0
j1wtFaGav3P7JGBrV2Kw2gZfzJaxb0BO5qCjoLOYaQeIAoV0O7crJPx77FvAdo7g
7M/NTUFLUWNLbxLfZ0YFjjJpm6cBabO0JW27Hp6y7j/dD5idl0VurxCZTYeY1KyF
o0ycDrO4VAIfK4IPDEY4y0zvdVoQqVsMBa1zt4XQsAPK3r7A0K1voRCXvBCZMU+8
yXhDYlbx4ueKKcPoOoIItIfslROniXaRVmZtWaig24DMFggg2UUT9LWxnNYRzpsb
yaMyQO7ELb7B9jrx1fTFBTAtbQIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFH2V00rM
eYlAvQ/AISAd/wQFON+IMB8GA1UdIwQYMBaAFHrAwA8Pykee5GXk9/VF6MlJk9Yc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81QUZDMjY5MjY1
MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdfS1I1N2taZVQzOVVYb3lVbVQx
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzREFEd19LUjU3a1plVDM5VVhveVVtVDFody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNUFGQzI2OTI2NTJCMTFFNTk3QTg2ODgxQzRGOUFFMDIvQkE2RjY0MEE2
RENGMTFFQ0JFQ0IxMzdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwegYIKwYBBQUHAQcBAf8E
azBpMFgEAgABMFIDBAMOZpADBAIr/JgDBAItQKgDBAI6VAgDBAJnA6wDBAJnCpww
DAMEA3ZryAMEAnZr0DAMAwQDdmvoAwQCdmvwAwQDt1GgAwQDwFI4AwQD0gUoMA0E
AgACMAcDBQAkATQAMA0GCSqGSIb3DQEBCwUAA4IBAQA88DdMeH76eqNhuqy3PBBz
hd+GAIDcjBVfJ4dNXYSBJBmXZ/zih0+pflpsDs6lOthZaeT9gcRfUSGMloBbJq4C
XJdJRlqcseAlUcs1g4svStqzjzAi3UOwE0srkGRv+ZR/CdU9G1mJ8OJ17BX+FDas
g4eT7XygajgSIziQNMDHd62tmZLEp63TAS6HRdokgOcRmCDGzvu65yxkmiASBo5h
VVUgXf7841vzCZIitq9qm/MmWuOaIc2yOKq78WK8Glek1YO44eQjElxQp57IPX+1
JalRI5pfwKWUeyd3QS/Dnm5PTLkuvbuN/h1oO1T1DyoqoMsyOjYMfDwmB5bDyKNJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org