Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/2EFE9A100A6C11EC98BA2E41C4F9AE02.roa
File: 2EFE9A100A6C11EC98BA2E41C4F9AE02.roa (raw, json)
Hash identifier: 0Ueinen9WRvVvxWTJNmqY7C1Xhw6QknrwNQU98ciw7g=
Subject key identifier: A4:EE:B2:38:89:C9:A5:90:1A:87:57:05:C8:D8:8C:1F:99:01:75:11
Certificate issuer: /CN=A91E7363/serialNumber=A897C04DE12F0A6F59C1AD1509F0B209FA5438B3
Certificate serial: 31F2
Authority key identifier: A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/2EFE9A100A6C11EC98BA2E41C4F9AE02.roa
Signing time: Wed 08 Jun 2022 05:50:21 +0000
ROA not before: Wed 08 Jun 2022 05:50:21 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 9329
IP address blocks: 112.134.0.0/15 maxlen: 15
112.134.0.0/19 maxlen: 24
112.134.32.0/19 maxlen: 24
112.134.64.0/19 maxlen: 24
112.134.96.0/19 maxlen: 24
112.134.128.0/19 maxlen: 24
112.134.160.0/19 maxlen: 24
112.134.192.0/19 maxlen: 24
112.134.224.0/19 maxlen: 24
112.135.0.0/19 maxlen: 24
112.135.32.0/19 maxlen: 24
112.135.64.0/19 maxlen: 24
112.135.96.0/19 maxlen: 24
112.135.128.0/19 maxlen: 24
112.135.160.0/19 maxlen: 24
112.135.192.0/19 maxlen: 24
112.135.224.0/19 maxlen: 24
124.43.0.0/16 maxlen: 16
124.43.0.0/17 maxlen: 17
124.43.0.0/19 maxlen: 24
124.43.32.0/19 maxlen: 24
124.43.64.0/18 maxlen: 18
124.43.64.0/19 maxlen: 24
124.43.96.0/19 maxlen: 24
124.43.128.0/17 maxlen: 17
124.43.128.0/18 maxlen: 18
124.43.128.0/19 maxlen: 24
124.43.160.0/19 maxlen: 24
124.43.192.0/19 maxlen: 24
124.43.224.0/19 maxlen: 24
203.94.64.0/18 maxlen: 18
203.94.65.0/24 maxlen: 24
203.94.70.0/24 maxlen: 24
203.94.72.0/24 maxlen: 24
203.94.84.0/24 maxlen: 24
203.94.89.0/24 maxlen: 24
203.94.95.0/24 maxlen: 24
203.115.0.0/18 maxlen: 18
203.115.0.0/24 maxlen: 24
203.115.11.0/24 maxlen: 24
220.247.192.0/18 maxlen: 24
222.165.128.0/18 maxlen: 24
2402:d000::/32 maxlen: 40
2402:d000:20::/48 maxlen: 48
2402:d000:21::/48 maxlen: 48
2402:d000:140::/48 maxlen: 48
2402:d000:141::/48 maxlen: 48
2402:d000:142::/48 maxlen: 48
2402:d000:100c::/48 maxlen: 48
2402:d000:1060::/48 maxlen: 48
2402:d000:1064::/48 maxlen: 48
2402:d000:1068::/48 maxlen: 48
2402:d000:106c::/48 maxlen: 48
2402:d000:1074::/48 maxlen: 48
2402:d000:1088::/48 maxlen: 48
2402:d000:7000::/48 maxlen: 48
2402:d000:8100::/48 maxlen: 48
2402:d000:8104::/48 maxlen: 48
2402:d000:8108::/48 maxlen: 48
2402:d000:810c::/48 maxlen: 48
2402:d000:8110::/48 maxlen: 48
2402:d000:8114::/48 maxlen: 48
2402:d000:8118::/48 maxlen: 48
2402:d000:811c::/48 maxlen: 48
2402:d000:8120::/48 maxlen: 48
2402:d000:8124::/48 maxlen: 48
2402:d000:8128::/48 maxlen: 48
2402:d000:812c::/48 maxlen: 48
2402:d000:8130::/48 maxlen: 48
2402:d000:8134::/48 maxlen: 48
2402:d000:8138::/48 maxlen: 48
2402:d000:813c::/48 maxlen: 48
2402:d000:8140::/48 maxlen: 48
2402:d000:8f00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12786 (0x31f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7363/serialNumber=A897C04DE12F0A6F59C1AD1509F0B209FA5438B3
Validity
Not Before: Jun 8 05:50:21 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=62a0389c-34d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f8:23:16:e5:f9:55:c3:d3:84:d4:aa:a3:68:
64:75:40:4a:f3:d4:8b:8b:3f:39:cf:54:07:2b:ed:
3f:f7:c6:08:84:33:90:55:c5:61:b5:ce:25:18:be:
3a:97:ba:28:8e:f8:01:45:13:c8:ea:01:0b:ec:a1:
ed:14:d5:e5:1d:e0:f1:ca:f0:c9:bc:2b:66:f8:a3:
f0:01:85:16:8b:df:c9:ac:94:d2:f1:aa:02:98:66:
6b:76:11:d4:f1:1e:d5:90:dc:b6:b2:1f:54:39:dd:
81:29:f0:66:a9:c1:20:36:dd:e4:42:3e:cf:93:6b:
2b:85:17:4a:c9:c5:2a:1f:bb:43:14:10:f2:5e:c4:
37:34:5d:ad:ce:ac:b5:6e:69:93:9b:4a:ee:81:d6:
42:2d:2c:33:78:d2:02:1e:ef:fc:79:ce:98:53:e4:
66:05:32:b6:9c:27:c6:3f:10:86:a2:f0:32:bb:c2:
c6:1e:a2:b6:14:0c:2b:88:3e:c4:49:d8:dd:56:5e:
92:8d:bd:fd:35:04:73:bc:e7:99:5c:da:a4:a0:6a:
fe:23:4a:58:f3:1a:38:ff:dd:1b:ca:bf:4f:0c:cd:
b6:b6:74:3e:91:0a:15:10:f2:0d:74:0a:56:3c:b6:
9a:82:8f:3f:cb:89:f9:36:43:ff:23:6d:44:3d:39:
3c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EE:B2:38:89:C9:A5:90:1A:87:57:05:C8:D8:8C:1F:99:01:75:11
X509v3 Authority Key Identifier:
keyid:A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/2EFE9A100A6C11EC98BA2E41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.134.0.0/15
124.43.0.0/16
203.94.64.0/18
203.115.0.0/18
220.247.192.0/18
222.165.128.0/18
IPv6:
2402:d000::/32
Signature Algorithm: sha256WithRSAEncryption
61:cd:3b:c1:03:ca:bb:6f:b2:ad:5a:9e:34:54:dc:e7:59:b1:
c5:f3:f8:f8:dc:8f:0c:49:43:78:39:4b:bb:7d:fa:ad:3f:86:
3b:9c:c8:41:7c:59:55:ec:bd:fb:1b:e4:bc:75:63:9b:79:d6:
bf:a6:8d:f1:ca:c5:25:34:43:e1:a5:78:1a:0d:8d:24:12:1f:
7f:48:f5:30:2b:0c:16:60:59:10:7d:58:89:b0:e2:f1:29:fb:
a2:31:a8:32:59:fb:61:a0:d3:66:17:92:39:b3:78:d9:79:c3:
be:38:3c:76:f9:4e:ae:c0:5d:3c:93:46:36:9c:ae:2d:e0:c2:
d0:ca:e8:be:47:fc:63:8e:cd:ec:13:21:ba:35:c1:d4:4b:f6:
ac:c3:a1:60:df:e4:25:62:12:04:0f:b4:b0:fb:11:43:ad:c0:
6f:8b:79:68:b8:22:5f:bc:bd:99:c3:10:f2:b5:d1:81:3c:52:
d4:79:d9:bf:b1:94:18:25:07:8b:d3:89:c9:af:25:19:d0:31:
bb:b8:6c:d2:ac:d7:8f:4c:22:56:7e:bb:59:a5:89:2b:ca:ca:
c2:45:53:37:93:93:1f:38:92:e6:e3:4e:2a:e5:1e:a7:f3:bc:
10:13:1f:54:cf:d5:f4:0e:e1:8a:22:74:e5:51:ca:83:a4:df:
00:bc:48:66
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgICMfIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTczNjMxMTAvBgNVBAUTKEE4OTdDMDRERTEyRjBBNkY1OUMxQUQxNTA5RjBCMjA5
RkE1NDM4QjMwHhcNMjIwNjA4MDU1MDIxWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmEwMzg5Yy0zNGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqfgjFuX5VcPThNSqo2hkdUBK89SLiz85z1QHK+0/98YIhDOQVcVhtc4lGL46
l7oojvgBRRPI6gEL7KHtFNXlHeDxyvDJvCtm+KPwAYUWi9/JrJTS8aoCmGZrdhHU
8R7VkNy2sh9UOd2BKfBmqcEgNt3kQj7Pk2srhRdKycUqH7tDFBDyXsQ3NF2tzqy1
bmmTm0rugdZCLSwzeNICHu/8ec6YU+RmBTK2nCfGPxCGovAyu8LGHqK2FAwriD7E
SdjdVl6Sjb39NQRzvOeZXNqkoGr+I0pY8xo4/90byr9PDM22tnQ+kQoVEPINdApW
PLaago8/y4n5NkP/I21EPTk8SQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFKTusjiJ
yaWQGodXBcjYjB+ZAXURMB8GA1UdIwQYMBaAFKiXwE3hLwpvWcGtFQnwsgn6VDiz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzM2My9GRjhCNEI2QzFE
ODQxMUUyOENEMzNEREIwOEIwMkNEMi9xSmZBVGVFdkNtOVp3YTBWQ2ZDeUNmcFVP
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FKZkFUZUV2Q205WndhMFZDZkN5Q2ZwVU9MTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTczNjMvRkY4QjRCNkMxRDg0MTFFMjhDRDMzRERCMDhCMDJDRDIvMkVGRTlBMTAw
QTZDMTFFQzk4QkEyRTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E
OzA5MCgEAgABMCIDAwFwhgMDAHwrAwQGy15AAwQGy3MAAwQG3PfAAwQG3qWAMA0E
AgACMAcDBQAkAtAAMA0GCSqGSIb3DQEBCwUAA4IBAQBhzTvBA8q7b7KtWp40VNzn
WbHF8/j43I8MSUN4OUu7ffqtP4Y7nMhBfFlV7L37G+S8dWObeda/po3xysUlNEPh
pXgaDY0kEh9/SPUwKwwWYFkQfViJsOLxKfuiMagyWfthoNNmF5I5s3jZecO+ODx2
+U6uwF08k0Y2nK4t4MLQyui+R/xjjs3sEyG6NcHUS/asw6Fg3+QlYhIED7Sw+xFD
rcBvi3louCJfvL2ZwxDytdGBPFLUedm/sZQYJQeL04nJryUZ0DG7uGzSrNePTCJW
frtZpYkrysrCRVM3k5MfOJLm404q5R6n87wQEx9Uz9X0DuGKInTlUcqDpN8AvEhm
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org