Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/209FBF1805A511EEA86A0C2BC4F9AE02.roa
File: 209FBF1805A511EEA86A0C2BC4F9AE02.roa (raw, json)
Hash identifier: cG1CO2nMThoHJeYAWu1BXjA3KpkB+Xas0/0YDyAzkCw=
Subject key identifier: BD:AE:7A:BF:F9:2C:AC:C9:36:6C:36:83:72:D4:AA:9C:12:83:45:CE
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1988
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/209FBF1805A511EEA86A0C2BC4F9AE02.roa
Signing time: Thu 08 Jun 2023 02:35:27 +0000
ROA not before: Thu 08 Jun 2023 02:35:27 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 136958
IP address blocks: 112.97.160.0/19 maxlen: 19
120.80.23.0/24 maxlen: 24
120.80.136.0/24 maxlen: 24
120.82.6.0/24 maxlen: 24
120.83.2.0/24 maxlen: 24
120.83.4.0/24 maxlen: 24
122.13.0.0/21 maxlen: 21
122.13.8.0/23 maxlen: 23
122.13.14.0/23 maxlen: 23
122.13.16.0/24 maxlen: 24
122.13.18.0/24 maxlen: 24
122.13.20.0/24 maxlen: 24
122.13.24.0/22 maxlen: 22
122.13.38.0/23 maxlen: 23
122.13.64.0/20 maxlen: 20
122.13.80.0/21 maxlen: 21
122.13.88.0/24 maxlen: 24
122.13.130.0/23 maxlen: 23
122.13.132.0/23 maxlen: 23
122.13.134.0/24 maxlen: 24
122.13.138.0/24 maxlen: 24
122.13.150.0/23 maxlen: 23
122.13.152.0/22 maxlen: 22
122.13.157.0/24 maxlen: 24
122.13.158.0/24 maxlen: 24
122.13.202.0/23 maxlen: 23
122.13.204.0/22 maxlen: 22
122.13.208.0/23 maxlen: 23
122.13.210.0/24 maxlen: 24
122.13.213.0/24 maxlen: 24
122.13.219.0/24 maxlen: 24
163.177.0.0/19 maxlen: 19
163.177.32.0/20 maxlen: 20
163.177.144.0/21 maxlen: 21
221.5.32.0/23 maxlen: 23
221.5.34.0/24 maxlen: 24
221.5.36.0/24 maxlen: 24
221.5.38.0/23 maxlen: 23
221.5.92.0/22 maxlen: 22
221.5.106.0/24 maxlen: 24
221.5.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6536 (0x1988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 02:35:27 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64813e6f-7d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:32:16:47:ac:0b:81:cc:fa:fe:b6:70:a5:ca:
95:f5:d2:dc:92:bd:a3:93:07:f5:a1:d4:f9:5d:17:
4d:30:73:a0:22:88:9d:6a:ad:7b:84:e6:b2:d1:94:
49:fb:76:3a:4b:d6:ce:80:06:6a:9b:67:d6:9a:09:
42:fd:61:e8:c2:42:17:e6:51:eb:f9:25:a5:be:63:
45:bf:97:aa:b2:06:4e:c6:d9:46:06:16:97:cd:26:
97:8e:5d:c5:e3:93:4c:b4:b5:47:d6:de:37:a6:73:
20:7a:70:4c:6d:36:79:7b:50:24:2e:25:be:1f:89:
1d:52:75:45:68:d0:bd:1f:7e:f9:7f:a6:f9:41:8e:
8b:b7:4a:f1:c5:c4:da:90:55:ba:5d:30:74:ea:ff:
3a:e0:40:bc:26:43:06:3b:60:c7:5b:87:46:a0:ff:
13:1e:27:10:33:ad:7a:36:11:63:3d:28:7f:ef:d1:
62:a2:12:34:e6:76:1c:5b:e7:e2:90:39:09:b9:5e:
5b:c3:aa:b0:e1:d4:5f:12:e5:f1:ea:cf:bc:1d:2c:
51:e0:87:cb:eb:7a:80:39:71:44:d5:01:79:3c:1d:
69:89:12:a6:c3:94:ef:32:ea:cf:38:61:f5:85:fc:
f0:84:7f:4f:ba:75:ea:5b:6a:6c:74:a2:b5:36:6f:
17:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AE:7A:BF:F9:2C:AC:C9:36:6C:36:83:72:D4:AA:9C:12:83:45:CE
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/209FBF1805A511EEA86A0C2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.97.160.0/19
120.80.23.0/24
120.80.136.0/24
120.82.6.0/24
120.83.2.0/24
120.83.4.0/24
122.13.0.0-122.13.9.255
122.13.14.0-122.13.16.255
122.13.18.0/24
122.13.20.0/24
122.13.24.0/22
122.13.38.0/23
122.13.64.0-122.13.88.255
122.13.130.0-122.13.134.255
122.13.138.0/24
122.13.150.0-122.13.155.255
122.13.157.0-122.13.158.255
122.13.202.0-122.13.210.255
122.13.213.0/24
122.13.219.0/24
163.177.0.0-163.177.47.255
163.177.144.0/21
221.5.32.0-221.5.34.255
221.5.36.0/24
221.5.38.0/23
221.5.92.0/22
221.5.106.0/24
221.5.108.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:a9:1b:8e:4b:5b:2b:f7:de:c7:3e:58:16:9b:bf:dc:2a:b0:
29:73:50:15:66:50:2d:91:0d:f1:cb:e5:41:43:d2:e1:e4:b6:
1a:ab:53:c2:2a:7b:0b:17:bf:eb:7c:c2:e9:1a:b4:35:f3:4c:
2c:ec:ae:b7:2b:10:a5:87:97:f0:de:10:25:9e:50:5b:5f:8f:
d9:d8:aa:9f:34:d3:71:f8:97:c8:f3:81:ec:73:e2:81:d6:e8:
da:ee:f0:f9:a0:07:b2:90:ba:1f:58:76:b4:f9:b9:c1:64:61:
08:c7:c3:ff:38:a4:9d:b9:76:ac:e0:f9:72:0c:12:61:65:7f:
87:5a:df:88:b8:64:8c:b2:2f:5d:e0:b5:c1:db:bc:57:63:29:
d9:cc:91:f3:45:29:58:53:3d:7e:0e:81:b1:34:3f:96:b8:e3:
25:f4:bb:a9:f9:74:c0:5e:b0:c1:8a:f9:78:3b:22:17:8c:1a:
e7:2c:73:14:e6:d5:03:5c:5e:58:0b:a7:7c:2d:ce:c1:e5:50:
52:7b:1d:52:23:28:c3:ac:70:31:5d:51:9f:95:c8:c0:c7:97:
a5:13:fe:9f:a1:d3:a7:eb:d4:64:8e:4c:11:ba:1d:d0:66:8a:
c2:20:95:e5:53:87:a9:bf:cd:73:32:65:37:19:aa:fe:bd:c3:
e5:72:be:ca
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgICGYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDIzNTI3WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxM2U2Zi03ZDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5TIWR6wLgcz6/rZwpcqV9dLckr2jkwf1odT5XRdNMHOgIoidaq17hOay0ZRJ
+3Y6S9bOgAZqm2fWmglC/WHowkIX5lHr+SWlvmNFv5eqsgZOxtlGBhaXzSaXjl3F
45NMtLVH1t43pnMgenBMbTZ5e1AkLiW+H4kdUnVFaNC9H375f6b5QY6Lt0rxxcTa
kFW6XTB06v864EC8JkMGO2DHW4dGoP8THicQM616NhFjPSh/79FiohI05nYcW+fi
kDkJuV5bw6qw4dRfEuXx6s+8HSxR4IfL63qAOXFE1QF5PB1piRKmw5TvMurPOGH1
hfzwhH9PunXqW2psdKK1Nm8XuwIDAQABo4IDgzCCA38wHQYDVR0OBBYEFL2uer/5
LKzJNmw2g3LUqpwSg0XOMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvMjA5RkJGMTgw
NUE1MTFFRUE4NkEwQzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggELBggrBgEFBQcBBwEB
/wSB+zCB+DCB9QQCAAEwge4DBAVwYaADBAB4UBcDBAB4UIgDBAB4UgYDBAB4UwID
BAB4UwQwCwMDAHoNAwQBeg0IMAwDBAF6DQ4DBAB6DRADBAB6DRIDBAB6DRQDBAJ6
DRgDBAF6DSYwDAMEBnoNQAMEAHoNWDAMAwQBeg2CAwQAeg2GAwQAeg2KMAwDBAF6
DZYDBAJ6DZgwDAMEAHoNnQMEAHoNnjAMAwQBeg3KAwQAeg3SAwQAeg3VAwQAeg3b
MAsDAwCjsQMEBKOxIAMEA6OxkDAMAwQF3QUgAwQA3QUiAwQA3QUkAwQB3QUmAwQC
3QVcAwQA3QVqAwQC3QVsMA0GCSqGSIb3DQEBCwUAA4IBAQA/qRuOS1sr997HPlgW
m7/cKrApc1AVZlAtkQ3xy+VBQ9Lh5LYaq1PCKnsLF7/rfMLpGrQ180ws7K63KxCl
h5fw3hAlnlBbX4/Z2KqfNNNx+JfI84Hsc+KB1uja7vD5oAeykLofWHa0+bnBZGEI
x8P/OKSduXas4PlyDBJhZX+HWt+IuGSMsi9d4LXB27xXYynZzJHzRSlYUz1+DoGx
ND+WuOMl9Lup+XTAXrDBivl4OyIXjBrnLHMU5tUDXF5YC6d8Lc7B5VBSex1SIyjD
rHAxXVGflcjAx5elE/6fodOn69RkjkwRuh3QZorCIJXlU4epv81zMmU3Gar+vcPl
cr7K
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org