Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/1F8DAB7605A511EEA86A0C2BC4F9AE02.roa
File: 1F8DAB7605A511EEA86A0C2BC4F9AE02.roa (raw, json)
Hash identifier: 7JTfUzPCYP9CQY4ivuqT8ZqfnlPxo5TVsv4Jbu1fcC0=
Subject key identifier: A5:B3:F0:EE:E5:20:99:6B:6B:3F:08:69:C4:31:E3:D3:23:A5:13:A9
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1987
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/1F8DAB7605A511EEA86A0C2BC4F9AE02.roa
Signing time: Thu 08 Jun 2023 02:35:25 +0000
ROA not before: Thu 08 Jun 2023 02:35:25 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 135061
IP address blocks: 112.95.139.0/24 maxlen: 24
112.95.140.0/24 maxlen: 24
112.95.234.0/24 maxlen: 24
112.95.237.0/24 maxlen: 24
112.95.240.0/22 maxlen: 22
120.80.96.0/24 maxlen: 24
120.80.98.0/23 maxlen: 23
122.13.32.0/24 maxlen: 24
122.13.152.0/23 maxlen: 23
163.177.63.0/24 maxlen: 24
163.177.75.0/24 maxlen: 24
163.177.76.0/22 maxlen: 22
163.177.81.0/24 maxlen: 24
163.177.84.0/23 maxlen: 23
163.177.86.0/24 maxlen: 24
163.177.95.0/24 maxlen: 24
210.22.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6535 (0x1987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 02:35:25 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64813e6d-e80c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ba:69:65:05:30:3b:03:19:67:e7:83:7f:cf:
1b:49:ee:50:66:04:71:6e:7b:6e:74:a2:5b:41:c0:
81:62:c9:4b:23:3b:38:90:b5:45:33:be:02:6b:67:
e1:a6:1c:94:ff:9c:e6:0b:5f:a0:c7:da:8a:9f:91:
ec:e8:a7:2a:5a:0a:b1:80:d8:01:31:74:38:28:19:
7a:20:1f:66:83:80:24:d4:79:52:0f:89:8f:64:b2:
5c:a5:67:0c:3d:b8:53:c0:4f:55:6f:31:c5:9f:e1:
f2:6b:63:0c:f1:71:91:eb:7c:64:9b:6f:39:1e:56:
a1:31:6d:0c:e6:b7:f5:f7:f9:c8:79:b5:d8:15:36:
83:86:c0:21:55:d4:83:3f:e8:b4:fd:9a:8c:1a:5b:
29:fb:dc:fb:88:fb:52:e8:6b:0d:fc:cc:2f:62:72:
0f:46:ad:67:35:57:af:f6:59:1b:d0:c0:41:21:d4:
a4:66:92:76:83:92:2f:0e:e6:de:ea:f0:fc:a9:2e:
72:ee:36:35:f7:59:23:e6:0b:52:5e:7d:ce:d0:f9:
81:72:8a:89:7e:94:a7:3b:11:a2:4f:f4:a5:c8:88:
8e:b0:be:c4:26:fd:2e:23:5e:4d:13:a4:b3:1f:d3:
04:af:7a:f2:4a:67:99:a8:13:fc:7e:61:68:dc:c3:
3e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B3:F0:EE:E5:20:99:6B:6B:3F:08:69:C4:31:E3:D3:23:A5:13:A9
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/1F8DAB7605A511EEA86A0C2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.95.139.0-112.95.140.255
112.95.234.0/24
112.95.237.0/24
112.95.240.0/22
120.80.96.0/24
120.80.98.0/23
122.13.32.0/24
122.13.152.0/23
163.177.63.0/24
163.177.75.0-163.177.79.255
163.177.81.0/24
163.177.84.0-163.177.86.255
163.177.95.0/24
210.22.12.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:cc:4a:22:5e:70:a1:c4:48:bc:6a:57:1a:46:01:a6:23:6e:
f8:24:a9:7c:24:b0:e3:db:eb:95:56:ec:b8:eb:d1:ed:aa:45:
b6:07:0a:aa:b2:dc:0d:1e:6c:d9:04:9e:0f:b7:34:84:b7:e1:
2f:9b:af:9c:36:d5:ca:43:04:30:d8:90:a4:04:26:8d:55:20:
c2:5c:0d:a3:60:53:f3:af:51:3e:24:95:58:23:14:31:b4:58:
0b:0a:35:6d:13:e3:bf:e6:34:f8:34:25:c4:23:1d:1c:6b:e8:
cf:27:6d:9b:12:23:5f:ce:b4:59:98:34:41:d9:28:c7:70:70:
1a:c9:9d:e7:9f:36:0d:11:56:cd:4d:95:81:db:53:e8:07:2e:
c2:6a:89:29:19:12:d7:a9:0b:c7:a8:74:d7:f6:4a:e5:2b:f9:
d1:3b:2b:72:ed:c8:a6:2a:57:f3:cf:96:21:9f:44:ad:3d:52:
0d:2a:e6:bf:67:fc:dd:a3:7c:77:36:ec:0b:91:75:ec:2f:d3:
97:b7:55:f8:89:a0:a8:1a:26:07:09:83:2b:b5:41:17:10:5e:
05:01:92:a1:81:a3:08:2e:b5:66:d3:51:39:83:d7:f9:d2:40:
91:7c:23:b6:78:32:6f:03:c2:8b:da:a3:45:8a:36:05:cd:28:
d7:89:3e:72
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICGYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDIzNTI1WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxM2U2ZC1lODBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvLppZQUwOwMZZ+eDf88bSe5QZgRxbntudKJbQcCBYslLIzs4kLVFM74Ca2fh
phyU/5zmC1+gx9qKn5Hs6KcqWgqxgNgBMXQ4KBl6IB9mg4Ak1HlSD4mPZLJcpWcM
PbhTwE9VbzHFn+Hya2MM8XGR63xkm285HlahMW0M5rf19/nIebXYFTaDhsAhVdSD
P+i0/ZqMGlsp+9z7iPtS6GsN/MwvYnIPRq1nNVev9lkb0MBBIdSkZpJ2g5IvDube
6vD8qS5y7jY191kj5gtSXn3O0PmBcoqJfpSnOxGiT/SlyIiOsL7EJv0uI15NE6Sz
H9MEr3rySmeZqBP8fmFo3MM+0wIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFKWz8O7l
IJlraz8IacQx49MjpROpMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvMUY4REFCNzYw
NUE1MTFFRUE4NkEwQzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDByBAIAATBsMAwDBABwX4sDBABwX4wDBABwX+oDBABwX+0DBAJwX/ADBAB4
UGADBAF4UGIDBAB6DSADBAF6DZgDBACjsT8wDAMEAKOxSwMEBKOxQAMEAKOxUTAM
AwQCo7FUAwQAo7FWAwQAo7FfAwQC0hYMMA0GCSqGSIb3DQEBCwUAA4IBAQBuzEoi
XnChxEi8alcaRgGmI274JKl8JLDj2+uVVuy469HtqkW2BwqqstwNHmzZBJ4PtzSE
t+Evm6+cNtXKQwQw2JCkBCaNVSDCXA2jYFPzr1E+JJVYIxQxtFgLCjVtE+O/5jT4
NCXEIx0ca+jPJ22bEiNfzrRZmDRB2SjHcHAayZ3nnzYNEVbNTZWB21PoBy7Caokp
GRLXqQvHqHTX9krlK/nROyty7cimKlfzz5Yhn0StPVINKua/Z/zdo3x3NuwLkXXs
L9OXt1X4iaCoGiYHCYMrtUEXEF4FAZKhgaMILrVm01E5g9f50kCRfCO2eDJvA8KL
2qNFijYFzSjXiT5y
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org