Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/AF8B0C70F99111E8AC072E13C4F9AE02.roa
File: AF8B0C70F99111E8AC072E13C4F9AE02.roa (raw, json)
Hash identifier: xqtPlpwteDvGmIC1ChKWl7tJlzma8HFquhHQZuMEFyw=
Subject key identifier: 99:65:B3:41:57:0B:FE:34:86:8A:40:AC:08:8C:6F:B5:A4:1A:C5:2F
Certificate issuer: /CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Certificate serial: 202D
Authority key identifier: 51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/AF8B0C70F99111E8AC072E13C4F9AE02.roa
Signing time: Fri 09 Dec 2022 19:22:39 +0000
ROA not before: Fri 09 Dec 2022 19:22:39 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 63980
IP address blocks: 59.153.200.0/22 maxlen: 22
59.153.200.0/23 maxlen: 23
59.153.200.0/24 maxlen: 24
59.153.201.0/24 maxlen: 24
59.153.202.0/23 maxlen: 23
59.153.202.0/24 maxlen: 24
59.153.203.0/24 maxlen: 24
103.57.20.0/22 maxlen: 22
103.57.20.0/23 maxlen: 23
103.57.20.0/24 maxlen: 24
103.57.21.0/24 maxlen: 24
103.57.22.0/23 maxlen: 23
103.57.22.0/24 maxlen: 24
103.57.23.0/24 maxlen: 24
2402:5380::/32 maxlen: 32
2402:5380::/36 maxlen: 36
2402:5380:1000::/36 maxlen: 36
2402:5380:2000::/36 maxlen: 36
2402:5380:3000::/36 maxlen: 36
2402:5380:4000::/36 maxlen: 36
2402:5380:5000::/36 maxlen: 36
2402:5380:6000::/36 maxlen: 36
2402:5380:7000::/36 maxlen: 36
2402:5380:8000::/36 maxlen: 36
2402:5380:9000::/36 maxlen: 36
2402:5380:a000::/36 maxlen: 36
2402:5380:b000::/36 maxlen: 36
2402:5380:c000::/36 maxlen: 36
2402:5380:d000::/36 maxlen: 36
2402:5380:e000::/36 maxlen: 36
2402:5380:f000::/36 maxlen: 36
2402:5381::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8237 (0x202d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA1C/serialNumber=51C2611B461DD511835A5141F8AEE502D3A39AEB
Validity
Not Before: Dec 9 19:22:39 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=63938aff-be30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:76:5f:8d:80:5c:08:22:73:d3:f5:dc:9b:08:
91:a4:fd:c4:fb:9f:bb:bf:dc:bb:6e:71:5b:bc:52:
97:ab:1f:4f:ae:62:90:f6:3a:fe:7d:68:a6:a4:23:
18:83:5f:82:85:96:1b:56:88:ff:9f:d6:63:54:39:
b1:45:de:4b:b2:5e:8b:db:cd:7c:f1:4c:66:27:d1:
d7:63:e3:e6:ef:e3:88:35:19:98:d4:dc:d6:df:e6:
59:91:13:c8:4f:f8:4b:e4:53:52:9b:e7:3d:c3:6d:
94:82:4b:a4:f2:30:e5:25:73:f1:24:c9:5f:09:9d:
67:ac:dd:63:e1:4c:5e:2d:7e:ba:4e:4c:0f:68:7e:
d0:72:7d:f7:e5:8c:a9:33:1c:36:58:d6:98:cf:2d:
fb:b1:81:1e:93:77:63:2a:34:97:0f:8d:eb:e9:74:
cb:8d:de:c7:78:c1:e4:64:20:e3:68:74:c5:06:e7:
ae:e7:81:71:78:1c:01:42:b5:ee:7a:98:dc:e8:44:
47:27:59:f0:0d:52:62:8c:ea:f7:fb:53:91:00:9c:
6b:dd:56:8d:ac:38:9d:d8:27:c5:2c:7b:4e:a2:e3:
33:d3:be:8c:89:56:4c:70:7c:09:fc:eb:07:d2:fd:
85:a1:f1:d4:82:86:0d:fb:48:8c:44:c6:0c:ac:0c:
87:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:65:B3:41:57:0B:FE:34:86:8A:40:AC:08:8C:6F:B5:A4:1A:C5:2F
X509v3 Authority Key Identifier:
keyid:51:C2:61:1B:46:1D:D5:11:83:5A:51:41:F8:AE:E5:02:D3:A3:9A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/UcJhG0Yd1RGDWlFB-K7lAtOjmus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UcJhG0Yd1RGDWlFB-K7lAtOjmus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA1C/63B214A2C81511E581D20884C4F9AE02/AF8B0C70F99111E8AC072E13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.200.0/22
103.57.20.0/22
IPv6:
2402:5380::/31
Signature Algorithm: sha256WithRSAEncryption
9b:4e:6f:61:93:d4:8e:80:0d:e0:8a:00:ab:bf:96:db:67:af:
01:fe:6b:6f:eb:69:a7:13:bc:d9:71:26:a1:d5:5e:fe:ae:3f:
3d:94:9f:31:68:8b:1b:70:cd:4f:d8:10:bc:f8:b1:2e:cc:ff:
48:7b:02:11:0e:a8:bb:d5:9c:32:4b:7a:44:f9:3e:59:25:03:
0a:66:47:28:ed:23:fd:42:c8:ab:04:b7:1e:41:9f:d7:68:8b:
b1:ac:80:b0:bd:86:83:b2:a7:f4:ae:39:6c:f8:23:4a:d0:1c:
81:c6:85:00:7b:0e:81:39:9e:51:ba:07:8b:69:49:e6:5a:fe:
de:a1:16:fa:77:85:23:a3:fc:58:99:68:0e:bb:93:1b:4d:94:
86:5e:2c:fa:a3:e6:00:e9:a4:1a:12:2b:fa:cd:c7:c3:35:19:
17:2b:09:73:fd:b7:a2:e5:89:b6:ed:1d:4f:2f:bf:7e:26:8b:
ec:2e:c7:d3:8d:07:18:3b:78:cd:f0:9d:58:81:8c:7f:81:3b:
8f:69:8b:bd:a1:83:47:17:35:45:e8:e5:a0:35:cd:25:79:24:
73:7b:b3:39:9f:0f:e7:61:fd:56:ec:c3:e0:07:e6:40:18:e4:
82:f8:98:11:14:da:9e:58:e6:53:47:32:0c:14:4d:aa:3c:c2:
12:ee:e6:91
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICIC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMUMxMTAvBgNVBAUTKDUxQzI2MTFCNDYxREQ1MTE4MzVBNTE0MUY4QUVFNTAy
RDNBMzlBRUIwHhcNMjIxMjA5MTkyMjM5WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzkzOGFmZi1iZTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnZfjYBcCCJz0/XcmwiRpP3E+5+7v9y7bnFbvFKXqx9PrmKQ9jr+fWimpCMY
g1+ChZYbVoj/n9ZjVDmxRd5Lsl6L28188UxmJ9HXY+Pm7+OINRmY1NzW3+ZZkRPI
T/hL5FNSm+c9w22Ugkuk8jDlJXPxJMlfCZ1nrN1j4UxeLX66TkwPaH7Qcn335Yyp
Mxw2WNaYzy37sYEek3djKjSXD43r6XTLjd7HeMHkZCDjaHTFBueu54FxeBwBQrXu
epjc6ERHJ1nwDVJijOr3+1ORAJxr3VaNrDid2CfFLHtOouMz076MiVZMcHwJ/OsH
0v2FofHUgoYN+0iMRMYMrAyHJwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJlls0FX
C/40hopArAiMb7WkGsUvMB8GA1UdIwQYMBaAFFHCYRtGHdURg1pRQfiu5QLTo5rr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkExQy82M0IyMTRBMkM4
MTUxMUU1ODFEMjA4ODRDNEY5QUUwMi9VY0poRzBZZDFSR0RXbEZCLUs3bEF0T2pt
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VjSmhHMFlkMVJHRFdsRkItSzdsQXRPam11cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMUMvNjNCMjE0QTJDODE1MTFFNTgxRDIwODg0QzRGOUFFMDIvQUY4QjBDNzBG
OTkxMTFFOEFDMDcyRTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mcgDBAJnORQwDQQCAAIwBwMFASQCU4AwDQYJKoZIhvcN
AQELBQADggEBAJtOb2GT1I6ADeCKAKu/lttnrwH+a2/raacTvNlxJqHVXv6uPz2U
nzFoixtwzU/YELz4sS7M/0h7AhEOqLvVnDJLekT5PlklAwpmRyjtI/1CyKsEtx5B
n9doi7GsgLC9hoOyp/SuOWz4I0rQHIHGhQB7DoE5nlG6B4tpSeZa/t6hFvp3hSOj
/FiZaA67kxtNlIZeLPqj5gDppBoSK/rNx8M1GRcrCXP9t6LlibbtHU8vv34mi+wu
x9ONBxg7eM3wnViBjH+BO49pi72hg0cXNUXo5aA1zSV5JHN7szmfD+dh/Vbsw+AH
5kAY5IL4mBEU2p5Y5lNHMgwUTao8whLu5pE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org