Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/6476002AF50911EB986E737CC4F9AE02.roa
File: 6476002AF50911EB986E737CC4F9AE02.roa (raw, json)
Hash identifier: myI595iGvrK/DAu7la72k3CAq5XP8Vfia58Wbz7p/+E=
Subject key identifier: 74:85:54:95:FF:3F:68:E4:1E:2A:49:53:1B:AB:5D:39:B0:1B:B4:2D
Certificate issuer: /CN=A9129E3A/serialNumber=5A96D4EC3D352494D9239D52AF35AC104DA12F9D
Certificate serial: 30ED
Authority key identifier: 5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/6476002AF50911EB986E737CC4F9AE02.roa
Signing time: Fri 28 Jan 2022 14:50:39 +0000
ROA not before: Fri 28 Jan 2022 14:50:39 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 17408
IP address blocks: 202.3.160.0/20 maxlen: 23
202.3.160.0/21 maxlen: 24
202.3.168.0/23 maxlen: 24
202.3.170.0/24 maxlen: 24
202.3.172.0/22 maxlen: 24
202.3.176.0/21 maxlen: 24
202.3.186.0/23 maxlen: 24
202.3.188.0/22 maxlen: 24
202.55.224.0/19 maxlen: 23
202.55.224.0/21 maxlen: 24
202.55.232.0/23 maxlen: 24
202.55.235.0/24 maxlen: 24
202.55.236.0/22 maxlen: 24
202.55.240.0/21 maxlen: 24
202.55.248.0/22 maxlen: 24
202.55.252.0/24 maxlen: 24
202.55.254.0/23 maxlen: 24
202.153.160.0/23 maxlen: 23
202.153.160.0/24 maxlen: 24
202.153.161.0/24 maxlen: 24
202.153.162.0/23 maxlen: 23
202.153.162.0/24 maxlen: 24
202.153.164.0/24 maxlen: 24
202.153.165.0/24 maxlen: 24
202.153.167.0/24 maxlen: 24
202.153.168.0/23 maxlen: 23
202.153.168.0/24 maxlen: 24
202.153.169.0/24 maxlen: 24
202.153.170.0/24 maxlen: 24
202.153.172.0/24 maxlen: 24
202.153.173.0/24 maxlen: 24
202.153.174.0/23 maxlen: 23
202.153.174.0/24 maxlen: 24
202.153.175.0/24 maxlen: 24
202.153.176.0/22 maxlen: 22
202.153.176.0/23 maxlen: 24
202.153.178.0/23 maxlen: 23
202.153.178.0/24 maxlen: 24
202.153.179.0/24 maxlen: 24
202.153.180.0/24 maxlen: 24
202.153.181.0/24 maxlen: 24
202.153.182.0/23 maxlen: 24
202.153.184.0/21 maxlen: 21
202.153.184.0/24 maxlen: 24
202.153.187.0/24 maxlen: 24
202.153.188.0/24 maxlen: 24
202.153.189.0/24 maxlen: 24
202.153.190.0/23 maxlen: 24
202.153.193.0/24 maxlen: 24
202.153.194.0/23 maxlen: 23
202.153.194.0/24 maxlen: 24
202.153.196.0/22 maxlen: 22
202.153.196.0/23 maxlen: 24
202.153.198.0/23 maxlen: 24
202.153.202.0/23 maxlen: 24
202.153.204.0/22 maxlen: 22
202.153.204.0/23 maxlen: 24
202.153.206.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12525 (0x30ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129E3A/serialNumber=5A96D4EC3D352494D9239D52AF35AC104DA12F9D
Validity
Not Before: Jan 28 14:50:39 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=61f402bf-a8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:27:5a:de:34:5d:f0:df:93:e7:37:79:02:6d:
a2:24:2d:d9:c6:32:c9:7c:34:f0:72:70:58:7c:e0:
8a:63:b0:1c:57:60:44:20:69:e9:2a:ef:52:e7:ce:
0f:92:7d:5c:a9:08:eb:f2:2d:1b:24:83:72:cc:28:
4a:61:ac:60:ea:78:99:4a:70:a9:23:95:4c:5e:36:
8c:7e:4f:d8:a2:84:45:47:2f:26:09:17:27:7a:c6:
b2:43:9d:27:fc:f7:f6:fc:1b:3d:24:5f:09:7d:25:
c0:73:dc:0e:c2:94:1e:9a:f0:db:2f:f9:6c:1d:0a:
ad:d0:d7:77:6c:ec:9a:d3:49:58:dc:c1:8b:74:4d:
5f:4c:66:75:69:ad:a3:4c:da:73:f0:e2:74:5c:e5:
05:56:99:38:cc:24:3f:06:59:63:bd:59:e7:cc:87:
63:b6:05:17:e5:8f:44:5d:46:d0:fa:8e:c9:97:df:
f3:77:04:1e:7e:95:5f:a1:16:75:3e:c2:b5:db:bb:
0d:9a:4d:45:df:5c:6f:4a:87:e8:2d:b6:89:41:25:
ee:c7:e7:90:0d:90:30:12:b2:9f:03:c1:8a:98:cc:
95:07:ad:95:a6:16:d1:25:25:40:05:34:de:f0:d6:
2e:c5:b5:4d:79:09:1c:e1:2f:31:5c:f4:7b:9a:42:
2d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:85:54:95:FF:3F:68:E4:1E:2A:49:53:1B:AB:5D:39:B0:1B:B4:2D
X509v3 Authority Key Identifier:
keyid:5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/6476002AF50911EB986E737CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.3.160.0-202.3.183.255
202.3.186.0-202.3.191.255
202.55.224.0/19
202.153.160.0-202.153.165.255
202.153.167.0-202.153.170.255
202.153.172.0-202.153.191.255
202.153.193.0-202.153.199.255
202.153.202.0-202.153.207.255
Signature Algorithm: sha256WithRSAEncryption
71:0e:22:c9:1a:8a:1a:24:de:25:13:e9:2e:31:c9:da:8d:79:
d3:3a:e3:79:77:d6:73:3d:9b:8d:d3:fe:b8:28:71:f2:59:7b:
16:d2:fd:27:61:0a:af:6a:8e:33:a4:d0:6d:c3:17:16:54:94:
74:7f:a6:8a:8b:88:41:23:27:89:4e:70:2d:18:79:e1:ae:f7:
4c:5f:60:38:59:f1:6f:6d:43:56:14:e1:a7:76:0f:e0:b5:86:
b1:24:68:81:e9:ab:51:d1:a8:07:87:68:c0:03:52:0f:c5:84:
b1:ef:51:6f:fb:a1:d1:65:4d:90:0c:5a:f2:42:06:73:aa:50:
1b:3b:2d:d0:6d:a7:a4:66:4c:f8:37:f4:e6:00:3c:cf:2b:cc:
ae:0e:e3:93:45:b9:2b:50:19:78:95:c9:26:56:50:38:9e:8e:
c8:c2:6e:ac:71:0a:6f:b2:24:c5:61:f0:59:71:45:8a:f0:c5:
df:00:ce:ac:b1:5f:b6:cc:7a:03:30:f6:ab:77:20:5e:ac:86:
15:2c:56:e4:5c:00:7a:a2:4d:34:9a:72:3a:54:8b:df:5e:b6:
1b:51:dd:de:ce:ba:99:40:c9:f8:d8:90:44:85:92:56:b2:5c:
88:b7:1d:f2:67:c2:85:61:c4:1c:ef:74:1f:a4:4a:46:4e:0e:
ee:91:bb:f7
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICMO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlFM0ExMTAvBgNVBAUTKDVBOTZENEVDM0QzNTI0OTREOTIzOUQ1MkFGMzVBQzEw
NERBMTJGOUQwHhcNMjIwMTI4MTQ1MDM5WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWY0MDJiZi1hOGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqCda3jRd8N+T5zd5Am2iJC3ZxjLJfDTwcnBYfOCKY7AcV2BEIGnpKu9S584P
kn1cqQjr8i0bJINyzChKYaxg6niZSnCpI5VMXjaMfk/YooRFRy8mCRcnesayQ50n
/Pf2/Bs9JF8JfSXAc9wOwpQemvDbL/lsHQqt0Nd3bOya00lY3MGLdE1fTGZ1aa2j
TNpz8OJ0XOUFVpk4zCQ/BlljvVnnzIdjtgUX5Y9EXUbQ+o7Jl9/zdwQefpVfoRZ1
PsK127sNmk1F31xvSofoLbaJQSXux+eQDZAwErKfA8GKmMyVB62VphbRJSVABTTe
8NYuxbVNeQkc4S8xXPR7mkIt2wIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFHSFVJX/
P2jkHipJUxurXTmwG7QtMB8GA1UdIwQYMBaAFFqW1Ow9NSSU2SOdUq81rBBNoS+d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUUzQS8xOTdFQzBCNjFE
ODYxMUUyQUJFRjIyREQwOEIwMkNEMi9XcGJVN0QwMUpKVFpJNTFTcnpXc0VFMmhM
NTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dwYlU3RDAxSkpUWkk1MVNyeldzRUUyaEw1MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlFM0EvMTk3RUMwQjYxRDg2MTFFMkFCRUYyMkREMDhCMDJDRDIvNjQ3NjAwMkFG
NTA5MTFFQjk4NkU3MzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBuBAIAATBoMAwDBAXKA6ADBAPKA7AwDAMEAcoDugMEBsoDgAMEBco34DAM
AwQFypmgAwQBypmkMAwDBADKmacDBADKmaowDAMEAsqZrAMEBsqZgDAMAwQAypnB
AwQDypnAMAwDBAHKmcoDBATKmcAwDQYJKoZIhvcNAQELBQADggEBAHEOIskaihok
3iUT6S4xydqNedM643l31nM9m43T/rgocfJZexbS/SdhCq9qjjOk0G3DFxZUlHR/
poqLiEEjJ4lOcC0YeeGu90xfYDhZ8W9tQ1YU4ad2D+C1hrEkaIHpq1HRqAeHaMAD
Ug/FhLHvUW/7odFlTZAMWvJCBnOqUBs7LdBtp6RmTPg39OYAPM8rzK4O45NFuStQ
GXiVySZWUDiejsjCbqxxCm+yJMVh8FlxRYrwxd8AzqyxX7bMegMw9qt3IF6shhUs
VuRcAHqiTTSacjpUi99ethtR3d7OuplAyfjYkESFklayXIi3HfJnwoVhxBzvdB+k
SkZODu6Ru/c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:37 2023 by rpki-client on console-fra.rpki-client.org