Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/E867581892D811EBAAA2486EC4F9AE02.roa
File: E867581892D811EBAAA2486EC4F9AE02.roa (raw, json)
Hash identifier: H2ZSxYgdYhM1aPPqJ/vb4ypxpJz4Rg9Ln8Rc0dgg4lQ=
Subject key identifier: D0:70:25:2E:5E:6C:31:EF:77:B2:66:33:1A:EA:44:34:B5:DD:56:05
Certificate issuer: /CN=A91EC9A5/serialNumber=E83FCF4C6FC8D74F3B6AB425606E2BC7746D6640
Certificate serial: 034C
Authority key identifier: E8:3F:CF:4C:6F:C8:D7:4F:3B:6A:B4:25:60:6E:2B:C7:74:6D:66:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6D_PTG_I1087arQlYG4rx3RtZkA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/E867581892D811EBAAA2486EC4F9AE02.roa
Signing time: Sat 14 Aug 2021 10:58:26 +0000
ROA not before: Sat 14 Aug 2021 10:58:26 +0000
ROA not after: Sun 01 May 2022 00:00:00 +0000
asID: 136246
IP address blocks: 14.128.12.0/22 maxlen: 22
14.128.12.0/23 maxlen: 23
14.128.12.0/24 maxlen: 24
14.128.13.0/24 maxlen: 24
14.128.14.0/23 maxlen: 23
14.128.14.0/24 maxlen: 24
14.128.15.0/24 maxlen: 24
103.84.172.0/22 maxlen: 22
103.84.172.0/23 maxlen: 23
103.84.172.0/24 maxlen: 24
103.84.173.0/24 maxlen: 24
103.84.174.0/23 maxlen: 23
103.84.174.0/24 maxlen: 24
103.84.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 844 (0x34c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EC9A5/serialNumber=E83FCF4C6FC8D74F3B6AB425606E2BC7746D6640
Validity
Not Before: Aug 14 10:58:26 2021 GMT
Not After : May 1 00:00:00 2022 GMT
Subject: CN=6117a1d1-0b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4c:64:9d:ef:ec:0f:68:40:d2:68:5a:2a:9b:
80:4a:03:aa:90:81:6d:6d:88:80:02:37:47:52:9d:
a8:4a:4b:2f:63:95:4a:29:34:d0:f1:6d:a2:a9:15:
8d:78:94:c5:20:f5:45:e7:d9:ae:88:09:69:25:26:
58:c3:a7:a7:2e:e6:a4:e3:54:02:a0:b1:41:3a:c2:
13:44:43:1c:6c:73:be:de:48:e2:cc:c7:ad:cb:90:
c0:84:83:6c:36:ec:b2:e5:10:ce:3f:08:4d:53:c7:
d0:c0:52:1f:fd:f9:9a:99:98:c8:10:3f:24:8f:7c:
ad:3e:4c:70:34:3f:0d:5d:2d:7b:9e:33:9e:67:ea:
41:d2:ca:9b:f9:6c:a9:74:c0:08:1e:d7:38:c7:42:
d0:35:55:24:49:22:09:c1:d4:f5:29:ac:47:26:e7:
aa:25:d9:85:5f:ce:23:f5:17:52:45:46:5a:30:01:
c3:4f:79:d8:f8:72:96:d7:04:43:5e:33:99:d3:8c:
fe:df:97:94:f5:4a:28:d4:57:66:74:e3:4d:e0:ff:
c1:ad:49:10:e2:2b:c0:e5:6a:e6:c1:3e:55:fd:6e:
1e:15:c2:ad:7a:11:79:fe:99:9a:95:19:28:f1:d8:
da:68:20:1f:78:c4:e7:35:28:56:0b:7d:c9:77:04:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:70:25:2E:5E:6C:31:EF:77:B2:66:33:1A:EA:44:34:B5:DD:56:05
X509v3 Authority Key Identifier:
keyid:E8:3F:CF:4C:6F:C8:D7:4F:3B:6A:B4:25:60:6E:2B:C7:74:6D:66:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/6D_PTG_I1087arQlYG4rx3RtZkA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6D_PTG_I1087arQlYG4rx3RtZkA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC9A5/0E82C2ECC4F011EA91DCDF77C4F9AE02/E867581892D811EBAAA2486EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.128.12.0/22
103.84.172.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:1d:bd:6e:61:e1:5c:cf:04:d5:cd:f5:4f:54:be:f2:c0:7d:
74:49:0b:ae:32:59:af:08:e4:fb:f0:f5:d6:6d:4c:38:a6:a2:
6d:e5:41:b3:45:15:9c:93:07:3b:76:b0:4d:5c:21:e4:d4:2f:
94:56:34:72:13:a7:88:56:80:eb:d3:2d:5f:e0:42:51:95:0b:
d7:6b:52:b8:48:94:1d:f6:f2:a0:a7:c8:58:bc:47:74:2e:a1:
87:44:fe:11:eb:d1:94:a6:e0:b8:b6:93:27:5f:bd:1b:7c:2a:
5d:1b:c4:cc:cd:91:23:11:78:ef:81:b8:9f:ca:d3:9c:e3:96:
59:45:6c:08:75:cd:7a:a5:16:ef:5f:59:e7:1f:0c:7a:5f:a4:
4a:49:7d:95:c8:5a:2b:67:ca:14:73:a5:a6:ca:b2:00:fb:ca:
93:86:20:ee:2a:2b:87:be:4b:b8:8f:d1:74:fa:3a:2d:75:d5:
4d:59:4e:e7:0c:27:db:25:9b:01:2d:31:32:ca:a1:be:9b:90:
0d:ad:a6:18:3e:cc:4c:40:13:99:5b:48:ab:9d:05:83:af:74:
9d:07:8f:bd:3b:37:b6:9c:1c:6c:ba:ac:4c:d3:d5:ad:cf:d9:
b7:53:54:42:a5:3f:cb:4c:7c:b8:b8:3c:8a:86:a8:26:61:94:
d9:6e:29:9c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA0wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUM5QTUxMTAvBgNVBAUTKEU4M0ZDRjRDNkZDOEQ3NEYzQjZBQjQyNTYwNkUyQkM3
NzQ2RDY2NDAwHhcNMjEwODE0MTA1ODI2WhcNMjIwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTE3YTFkMS0wYjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1kxkne/sD2hA0mhaKpuASgOqkIFtbYiAAjdHUp2oSksvY5VKKTTQ8W2iqRWN
eJTFIPVF59muiAlpJSZYw6enLuak41QCoLFBOsITREMcbHO+3kjizMety5DAhINs
Nuyy5RDOPwhNU8fQwFIf/fmamZjIED8kj3ytPkxwND8NXS17njOeZ+pB0sqb+Wyp
dMAIHtc4x0LQNVUkSSIJwdT1KaxHJueqJdmFX84j9RdSRUZaMAHDT3nY+HKW1wRD
XjOZ04z+35eU9Uoo1FdmdONN4P/BrUkQ4ivA5WrmwT5V/W4eFcKtehF5/pmalRko
8djaaCAfeMTnNShWC33JdwToXQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNBwJS5e
bDHvd7JmMxrqRDS13VYFMB8GA1UdIwQYMBaAFOg/z0xvyNdPO2q0JWBuK8d0bWZA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzlBNS8wRTgyQzJFQ0M0
RjAxMUVBOTFEQ0RGNzdDNEY5QUUwMi82RF9QVEdfSTEwODdhclFsWUc0cngzUnRa
a0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZEX1BUR19JMTA4N2FyUWxZRzRyeDNSdFprQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUM5QTUvMEU4MkMyRUNDNEYwMTFFQTkxRENERjc3QzRGOUFFMDIvRTg2NzU4MTg5
MkQ4MTFFQkFBQTI0ODZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIOgAwDBAJnVKwwDQYJKoZIhvcNAQELBQADggEBAE0dvW5h
4VzPBNXN9U9UvvLAfXRJC64yWa8I5Pvw9dZtTDimom3lQbNFFZyTBzt2sE1cIeTU
L5RWNHITp4hWgOvTLV/gQlGVC9drUrhIlB328qCnyFi8R3QuoYdE/hHr0ZSm4Li2
kydfvRt8Kl0bxMzNkSMReO+BuJ/K05zjlllFbAh1zXqlFu9fWecfDHpfpEpJfZXI
WitnyhRzpabKsgD7ypOGIO4qK4e+S7iP0XT6Oi111U1ZTucMJ9slmwEtMTLKob6b
kA2tphg+zExAE5lbSKudBYOvdJ0Hj707N7acHGy6rEzT1a3P2bdTVEKlP8tMfLi4
PIqGqCZhlNluKZw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org