Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/687E1330E3EA11EC8B5B8025C4F9AE02.roa
File: 687E1330E3EA11EC8B5B8025C4F9AE02.roa (raw, json)
Hash identifier: Pt3LD2PXRyb9xwmN9+AJgjqvhh+r/U4/BxvkicC5/N0=
Subject key identifier: DB:57:C5:3C:18:5D:DC:57:B1:EF:BA:68:94:B2:BE:07:CD:E9:59:FF
Certificate issuer: /CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Certificate serial: 21A7
Authority key identifier: 11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/687E1330E3EA11EC8B5B8025C4F9AE02.roa
Signing time: Tue 07 Jun 2022 09:20:46 +0000
ROA not before: Tue 07 Jun 2022 09:20:46 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 13335
IP address blocks: 96.9.64.0/24 maxlen: 24
96.9.65.0/24 maxlen: 24
96.9.66.0/24 maxlen: 24
96.9.67.0/24 maxlen: 24
96.9.68.0/24 maxlen: 24
96.9.69.0/24 maxlen: 24
96.9.70.0/24 maxlen: 24
96.9.71.0/24 maxlen: 24
96.9.72.0/24 maxlen: 24
96.9.73.0/24 maxlen: 24
96.9.74.0/24 maxlen: 24
96.9.75.0/24 maxlen: 24
96.9.76.0/24 maxlen: 24
96.9.77.0/24 maxlen: 24
96.9.78.0/24 maxlen: 24
96.9.79.0/24 maxlen: 24
96.9.80.0/24 maxlen: 24
96.9.81.0/24 maxlen: 24
96.9.82.0/24 maxlen: 24
96.9.83.0/24 maxlen: 24
96.9.84.0/24 maxlen: 24
96.9.85.0/24 maxlen: 24
96.9.86.0/24 maxlen: 24
96.9.87.0/24 maxlen: 24
96.9.88.0/24 maxlen: 24
96.9.89.0/24 maxlen: 24
96.9.90.0/24 maxlen: 24
96.9.91.0/24 maxlen: 24
96.9.92.0/24 maxlen: 24
96.9.93.0/24 maxlen: 24
96.9.94.0/24 maxlen: 24
96.9.95.0/24 maxlen: 24
136.228.128.0/24 maxlen: 24
136.228.129.0/24 maxlen: 24
136.228.130.0/24 maxlen: 24
136.228.131.0/24 maxlen: 24
136.228.132.0/24 maxlen: 24
136.228.133.0/24 maxlen: 24
136.228.134.0/24 maxlen: 24
136.228.135.0/24 maxlen: 24
136.228.136.0/24 maxlen: 24
136.228.140.0/24 maxlen: 24
136.228.141.0/24 maxlen: 24
136.228.142.0/24 maxlen: 24
136.228.145.0/24 maxlen: 24
136.228.146.0/24 maxlen: 24
136.228.147.0/24 maxlen: 24
136.228.148.0/24 maxlen: 24
136.228.149.0/24 maxlen: 24
136.228.150.0/24 maxlen: 24
136.228.151.0/24 maxlen: 24
136.228.156.0/24 maxlen: 24
136.228.157.0/24 maxlen: 24
136.228.158.0/24 maxlen: 24
136.228.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8615 (0x21a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Validity
Not Before: Jun 7 09:20:46 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=629f186e-99fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6e:c1:33:56:09:98:f4:63:e0:91:9a:f0:9c:
37:f9:02:0a:09:00:ee:86:77:64:63:ea:18:df:3c:
03:90:d1:5a:d9:d5:82:7b:f6:7d:18:02:3d:3d:fe:
2b:5a:94:f4:31:6d:0e:f3:6b:6c:73:b4:82:11:ff:
a8:1a:5d:89:7e:40:39:f2:8c:a2:b4:02:22:fc:74:
1f:d5:a8:3b:84:1c:4d:ce:ae:a8:1d:76:29:e5:91:
db:ed:63:1e:3e:a3:fd:f8:9e:be:70:c7:46:74:13:
45:47:4b:5b:03:4a:54:0e:c2:9a:9a:ff:10:80:af:
a2:69:82:1b:d2:86:46:8a:02:c7:8d:a3:7b:1c:c2:
21:8d:9c:86:da:8c:87:b4:a5:d1:5c:0e:de:5f:33:
18:7d:dc:c6:fa:09:ca:a4:4c:c2:e5:44:35:a3:43:
60:46:7b:7d:34:08:7f:46:84:80:1f:63:62:b0:b9:
72:7e:aa:f5:ab:de:d2:7e:5b:a8:84:77:16:ea:0f:
c7:91:09:f2:c6:be:ba:69:d9:d9:0c:49:b4:3c:92:
23:18:29:a5:9e:7b:17:f9:83:45:c6:ba:bd:d4:50:
8a:73:54:b3:4e:d3:7f:5a:77:f9:aa:98:34:03:56:
6f:70:4b:fe:7e:31:2c:ea:4c:a8:c3:da:d3:01:03:
93:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:57:C5:3C:18:5D:DC:57:B1:EF:BA:68:94:B2:BE:07:CD:E9:59:FF
X509v3 Authority Key Identifier:
keyid:11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/687E1330E3EA11EC8B5B8025C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
96.9.64.0/19
136.228.128.0-136.228.136.255
136.228.140.0-136.228.142.255
136.228.145.0-136.228.151.255
136.228.156.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:50:91:04:67:fe:cb:7f:58:a1:63:78:23:9c:17:a9:66:dc:
a5:d9:b2:7e:1a:d6:85:a2:3f:82:54:af:05:8c:8e:24:30:ec:
eb:e4:6f:96:40:90:b5:c9:ce:74:4b:ee:0c:f7:15:29:4a:5e:
c3:7d:c8:50:2e:e8:6c:10:c8:32:96:eb:11:1b:18:07:fc:ab:
1a:a8:5a:b2:a0:bb:30:d7:a6:4a:e4:cb:34:52:6e:31:35:1f:
15:9b:48:2b:76:65:84:9c:1e:d4:46:60:a1:78:f4:52:65:b4:
65:8b:2f:0d:7d:61:7f:a5:1c:c6:83:48:f9:73:a4:17:51:2c:
17:fa:11:47:52:a7:3a:12:3c:00:ef:df:cb:b9:c5:c1:66:69:
e7:2e:43:e3:ab:89:eb:be:b3:6d:b6:8c:29:c7:78:0e:29:b6:
e5:a9:2f:ad:25:58:eb:e2:7c:29:d4:10:7e:d1:cd:f9:f5:1f:
db:4b:51:5c:60:79:24:03:9e:9a:3c:27:b1:9e:35:14:b1:7a:
ea:ca:e8:8f:cb:44:fd:73:b9:a3:62:14:f3:1d:82:63:80:83:
ed:6c:42:05:71:7a:86:31:51:5a:a2:f3:10:c9:33:89:57:c0:
49:c0:28:03:20:3f:cd:ab:fb:1c:cb:03:62:cc:63:a7:16:f9:
9f:c6:59:ff
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICIacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKDExMTAzMTBFMEY4MDQ2NzcwM0Q4NDc3RkIzRUUyNUYx
RDg4ODhFOUUwHhcNMjIwNjA3MDkyMDQ2WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjlmMTg2ZS05OWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt27BM1YJmPRj4JGa8Jw3+QIKCQDuhndkY+oY3zwDkNFa2dWCe/Z9GAI9Pf4r
WpT0MW0O82tsc7SCEf+oGl2JfkA58oyitAIi/HQf1ag7hBxNzq6oHXYp5ZHb7WMe
PqP9+J6+cMdGdBNFR0tbA0pUDsKamv8QgK+iaYIb0oZGigLHjaN7HMIhjZyG2oyH
tKXRXA7eXzMYfdzG+gnKpEzC5UQ1o0NgRnt9NAh/RoSAH2NisLlyfqr1q97Sfluo
hHcW6g/HkQnyxr66adnZDEm0PJIjGCmlnnsX+YNFxrq91FCKc1SzTtN/Wnf5qpg0
A1ZvcEv+fjEs6kyow9rTAQOTVwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFNtXxTwY
XdxXse+6aJSyvgfN6Vn/MB8GA1UdIwQYMBaAFBEQMQ4PgEZ3A9hHf7PuJfHYiI6e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC9GREVGRDczNjRC
RDYxMUU1QTdDQTMwMzNDNEY5QUUwMi9FUkF4RGctQVJuY0QyRWRfcy00bDhkaUlq
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VSQXhEZy1BUm5jRDJFZF9zLTRsOGRpSWpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvRkRFRkQ3MzY0QkQ2MTFFNUE3Q0EzMDMzQzRGOUFFMDIvNjg3RTEzMzBF
M0VBMTFFQzhCNUI4MDI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYDBAVgCUAwDAMEB4jkgAMEAIjkiDAMAwQCiOSMAwQAiOSOMAwD
BACI5JEDBAOI5JADBAKI5JwwDQYJKoZIhvcNAQELBQADggEBAJpQkQRn/st/WKFj
eCOcF6lm3KXZsn4a1oWiP4JUrwWMjiQw7Ovkb5ZAkLXJznRL7gz3FSlKXsN9yFAu
6GwQyDKW6xEbGAf8qxqoWrKguzDXpkrkyzRSbjE1HxWbSCt2ZYScHtRGYKF49FJl
tGWLLw19YX+lHMaDSPlzpBdRLBf6EUdSpzoSPADv38u5xcFmaecuQ+Orieu+s222
jCnHeA4ptuWpL60lWOvifCnUEH7Rzfn1H9tLUVxgeSQDnpo8J7GeNRSxeurK6I/L
RP1zuaNiFPMdgmOAg+1sQgVxeoYxUVqi8xDJM4lXwEnAKAMgP82r+xzLA2LMY6cW
+Z/GWf8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org