Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/BB0D0368BD3011EB9ED6507AC4F9AE02.roa
File: BB0D0368BD3011EB9ED6507AC4F9AE02.roa (raw, json)
Hash identifier: 5u9yc19qlcVWioNERqI2e0b4ngb5La5SM8KYhFbQ8oE=
Subject key identifier: 55:22:45:07:FD:02:24:A1:43:BF:39:54:A7:32:BB:84:A9:E0:30:AF
Certificate issuer: /CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Certificate serial: 1ED6
Authority key identifier: 11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/BB0D0368BD3011EB9ED6507AC4F9AE02.roa
Signing time: Thu 01 Jul 2021 15:30:48 +0000
ROA not before: Thu 01 Jul 2021 15:30:48 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 131207
IP address blocks: 96.9.64.0/24 maxlen: 24
96.9.65.0/24 maxlen: 24
96.9.66.0/24 maxlen: 24
96.9.67.0/24 maxlen: 24
96.9.68.0/24 maxlen: 24
96.9.69.0/24 maxlen: 24
96.9.70.0/24 maxlen: 24
96.9.71.0/24 maxlen: 24
96.9.72.0/24 maxlen: 24
96.9.73.0/24 maxlen: 24
96.9.74.0/24 maxlen: 24
96.9.75.0/24 maxlen: 24
96.9.76.0/24 maxlen: 24
96.9.77.0/24 maxlen: 24
96.9.78.0/24 maxlen: 24
96.9.79.0/24 maxlen: 24
96.9.80.0/24 maxlen: 24
96.9.81.0/24 maxlen: 24
96.9.82.0/24 maxlen: 24
96.9.83.0/24 maxlen: 24
96.9.84.0/24 maxlen: 24
96.9.85.0/24 maxlen: 24
96.9.86.0/24 maxlen: 24
96.9.87.0/24 maxlen: 24
96.9.88.0/24 maxlen: 24
96.9.89.0/24 maxlen: 24
96.9.90.0/24 maxlen: 24
96.9.91.0/24 maxlen: 24
96.9.92.0/24 maxlen: 24
96.9.93.0/24 maxlen: 24
96.9.94.0/24 maxlen: 24
96.9.95.0/24 maxlen: 24
136.228.128.0/24 maxlen: 24
136.228.129.0/24 maxlen: 24
136.228.130.0/24 maxlen: 24
136.228.131.0/24 maxlen: 24
136.228.132.0/23 maxlen: 23
136.228.132.0/24 maxlen: 24
136.228.134.0/23 maxlen: 23
136.228.134.0/24 maxlen: 24
136.228.136.0/22 maxlen: 22
136.228.136.0/24 maxlen: 24
136.228.140.0/24 maxlen: 24
136.228.141.0/24 maxlen: 24
136.228.142.0/24 maxlen: 24
136.228.143.0/24 maxlen: 24
136.228.145.0/24 maxlen: 24
136.228.146.0/24 maxlen: 24
136.228.147.0/24 maxlen: 24
136.228.148.0/24 maxlen: 24
136.228.149.0/24 maxlen: 24
136.228.150.0/24 maxlen: 24
136.228.151.0/24 maxlen: 24
136.228.156.0/24 maxlen: 24
136.228.157.0/24 maxlen: 24
136.228.158.0/24 maxlen: 24
136.228.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7894 (0x1ed6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Validity
Not Before: Jul 1 15:30:48 2021 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=60dddfa8-2b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:04:94:c5:8f:06:a2:07:b4:e1:bf:16:7a:91:
e6:a7:e9:2b:16:fe:3e:fa:41:1b:c3:bc:b0:b1:6b:
b4:52:46:5e:c3:33:b4:6d:ca:4e:7c:be:bf:b3:5f:
44:c1:80:64:e1:f3:d1:51:f8:c5:26:a5:dc:2f:b4:
ac:f4:a0:9b:24:aa:7e:aa:06:c5:96:02:20:28:91:
ba:8c:e2:f1:c4:5d:9e:10:b0:8d:65:2c:10:bb:7b:
92:34:ae:b0:b2:cc:62:07:56:02:66:66:db:62:d9:
9d:c0:2b:99:be:6e:f8:29:38:11:73:09:70:1d:e0:
f5:f2:7f:cd:2f:b4:4d:a9:d1:1d:d4:d9:21:5e:d5:
4f:86:5c:d0:e8:f0:d9:4b:97:e6:6d:25:c4:16:a2:
4d:7b:59:e6:08:39:17:1f:02:87:0c:db:64:fa:af:
f2:18:0b:f1:98:69:85:de:35:49:28:01:91:26:1c:
84:50:8d:d0:72:fe:e7:19:ec:17:21:00:29:15:6d:
74:ae:e6:94:66:07:d1:39:7b:54:8c:a8:e8:3e:0b:
69:5e:43:5e:95:25:8b:5e:8d:a1:5c:56:d8:36:49:
e5:0a:13:50:f2:37:6e:b4:16:e4:b4:d3:d0:37:ba:
d1:0c:72:7f:43:e4:d2:72:ba:fc:23:b9:34:11:92:
84:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:22:45:07:FD:02:24:A1:43:BF:39:54:A7:32:BB:84:A9:E0:30:AF
X509v3 Authority Key Identifier:
keyid:11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/BB0D0368BD3011EB9ED6507AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
96.9.64.0/19
136.228.128.0/20
136.228.145.0-136.228.151.255
136.228.156.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:60:a6:85:10:e2:4f:d2:55:74:75:f0:a4:3b:b6:59:62:19:
39:ea:a1:6a:f3:42:e1:4a:b3:a1:b5:9c:d8:99:61:20:6b:60:
af:16:e7:ac:ca:33:a9:e8:f1:53:ec:79:4e:d0:7b:b5:58:6e:
92:f9:9d:e6:46:a2:77:74:e1:54:45:cd:b9:de:7f:5f:22:58:
ab:b6:e0:c2:0b:16:45:0a:26:67:d4:63:4a:df:b3:54:f0:06:
8a:ce:01:e5:cd:1a:21:af:f4:76:10:7e:13:07:51:29:be:8f:
f2:7f:a4:c2:55:fa:7c:b4:be:02:fa:50:21:f7:c9:b7:6e:2c:
f9:24:62:e0:65:ec:8c:6d:10:e7:23:e7:17:c5:f2:47:ab:ab:
da:6e:23:93:5b:e1:31:fe:d0:de:85:c9:85:d3:77:83:27:28:
e2:3a:dc:9e:a6:c2:0d:ba:55:e2:4f:1e:31:e9:92:c7:4d:2b:
2c:c0:d9:fa:01:dd:77:06:a2:84:8a:f7:e9:24:4b:52:d9:80:
cf:7c:6d:be:97:5a:a4:d7:8e:a2:1c:10:d8:b7:ca:d1:72:e9:
cf:54:60:dd:30:37:e3:a8:65:55:b7:5f:89:20:3a:19:88:fd:
2d:a6:c6:2b:27:a6:8f:44:0c:9b:65:f0:9a:3f:d6:52:9d:49:
a6:2b:3a:51
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICHtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKDExMTAzMTBFMEY4MDQ2NzcwM0Q4NDc3RkIzRUUyNUYx
RDg4ODhFOUUwHhcNMjEwNzAxMTUzMDQ4WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGRkZGZhOC0yYjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzASUxY8Goge04b8WepHmp+krFv4++kEbw7ywsWu0UkZewzO0bcpOfL6/s19E
wYBk4fPRUfjFJqXcL7Ss9KCbJKp+qgbFlgIgKJG6jOLxxF2eELCNZSwQu3uSNK6w
ssxiB1YCZmbbYtmdwCuZvm74KTgRcwlwHeD18n/NL7RNqdEd1NkhXtVPhlzQ6PDZ
S5fmbSXEFqJNe1nmCDkXHwKHDNtk+q/yGAvxmGmF3jVJKAGRJhyEUI3Qcv7nGewX
IQApFW10ruaUZgfROXtUjKjoPgtpXkNelSWLXo2hXFbYNknlChNQ8jdutBbktNPQ
N7rRDHJ/Q+TScrr8I7k0EZKELwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFFUiRQf9
AiShQ785VKcyu4Sp4DCvMB8GA1UdIwQYMBaAFBEQMQ4PgEZ3A9hHf7PuJfHYiI6e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC9GREVGRDczNjRC
RDYxMUU1QTdDQTMwMzNDNEY5QUUwMi9FUkF4RGctQVJuY0QyRWRfcy00bDhkaUlq
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VSQXhEZy1BUm5jRDJFZF9zLTRsOGRpSWpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvRkRFRkQ3MzY0QkQ2MTFFNUE3Q0EzMDMzQzRGOUFFMDIvQkIwRDAzNjhC
RDMwMTFFQjlFRDY1MDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAVgCUADBASI5IAwDAMEAIjkkQMEA4jkkAMEAojknDANBgkq
hkiG9w0BAQsFAAOCAQEAbGCmhRDiT9JVdHXwpDu2WWIZOeqhavNC4UqzobWc2Jlh
IGtgrxbnrMozqejxU+x5TtB7tVhukvmd5kaid3ThVEXNud5/XyJYq7bgwgsWRQom
Z9RjSt+zVPAGis4B5c0aIa/0dhB+EwdRKb6P8n+kwlX6fLS+AvpQIffJt24s+SRi
4GXsjG0Q5yPnF8XyR6ur2m4jk1vhMf7Q3oXJhdN3gyco4jrcnqbCDbpV4k8eMemS
x00rLMDZ+gHddwaihIr36SRLUtmAz3xtvpdapNeOohwQ2LfK0XLpz1Rg3TA346hl
VbdfiSA6GYj9LabGKyemj0QMm2Xwmj/WUp1Jpis6UQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org