Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/21C9C74E05A511EEA86A0C2BC4F9AE02.roa
File: 21C9C74E05A511EEA86A0C2BC4F9AE02.roa (raw, json)
Hash identifier: uR/itM54KzqaG2+2mftAERpxyracYUQH8alqdHd/t+4=
Subject key identifier: 4A:80:F5:5D:F1:20:4C:A7:E0:61:61:56:11:9E:1E:9E:C9:3D:48:7C
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1989
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/21C9C74E05A511EEA86A0C2BC4F9AE02.roa
Signing time: Thu 08 Jun 2023 02:35:29 +0000
ROA not before: Thu 08 Jun 2023 02:35:29 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 136959
IP address blocks: 27.36.112.0/24 maxlen: 24
27.36.113.0/24 maxlen: 24
27.36.118.0/23 maxlen: 23
27.36.120.0/21 maxlen: 21
27.36.224.0/22 maxlen: 22
27.45.144.0/24 maxlen: 24
27.45.150.0/23 maxlen: 23
27.45.164.0/22 maxlen: 22
112.93.116.0/22 maxlen: 22
120.83.13.0/24 maxlen: 24
120.83.144.0/22 maxlen: 22
120.83.180.0/22 maxlen: 22
120.87.152.0/22 maxlen: 22
122.13.168.0/21 maxlen: 21
122.13.254.0/24 maxlen: 24
163.177.152.0/21 maxlen: 21
221.4.146.0/24 maxlen: 24
221.4.154.0/24 maxlen: 24
221.4.159.0/24 maxlen: 24
221.5.35.0/24 maxlen: 24
221.5.37.0/24 maxlen: 24
221.5.100.0/24 maxlen: 24
221.5.102.0/23 maxlen: 23
221.5.105.0/24 maxlen: 24
221.5.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6537 (0x1989)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 02:35:29 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64813e71-1a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:28:4a:ee:31:a5:51:38:06:e6:19:c8:bf:
c2:da:f1:3a:2d:ef:f5:13:00:5a:e0:93:14:bc:3e:
30:05:de:f6:3f:b4:4f:55:cb:25:b1:37:1c:46:19:
d8:44:7a:be:c5:3c:8a:43:7f:dd:27:33:60:65:5b:
3d:d4:e7:b1:62:4b:e7:c3:da:28:b9:2f:19:4a:5a:
ce:c9:dd:17:04:75:b5:05:8a:66:3d:cb:35:ee:ab:
e8:55:82:7a:4a:1f:39:d6:60:bf:0b:30:28:e8:08:
f1:f7:b1:71:04:f7:e1:4c:5c:20:4b:ad:06:29:3c:
76:ca:f9:b9:14:4a:e5:27:a4:b3:b5:30:e7:b2:5d:
99:8a:8a:71:83:38:e0:b7:5d:8f:4c:b4:8e:66:66:
94:f0:ec:1a:a8:98:33:07:86:51:14:d1:82:05:79:
68:06:e6:15:38:19:8a:bd:b8:f8:74:1d:ce:a4:5e:
1e:03:36:6c:b9:9a:4d:93:f9:62:28:68:29:21:2a:
13:4e:41:f2:e7:21:fc:e4:e5:d1:37:2b:ac:5b:f4:
1d:0e:7c:94:37:cd:0d:a7:ef:7a:bc:3b:7e:2c:f8:
29:0d:01:41:08:3a:b9:bb:48:bc:dc:d2:c4:5c:ea:
93:cd:b0:84:4b:30:e4:7e:4e:b2:88:c8:3a:ab:08:
3a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:80:F5:5D:F1:20:4C:A7:E0:61:61:56:11:9E:1E:9E:C9:3D:48:7C
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/21C9C74E05A511EEA86A0C2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.36.112.0/23
27.36.118.0-27.36.127.255
27.36.224.0/22
27.45.144.0/24
27.45.150.0/23
27.45.164.0/22
112.93.116.0/22
120.83.13.0/24
120.83.144.0/22
120.83.180.0/22
120.87.152.0/22
122.13.168.0/21
122.13.254.0/24
163.177.152.0/21
221.4.146.0/24
221.4.154.0/24
221.4.159.0/24
221.5.35.0/24
221.5.37.0/24
221.5.100.0/24
221.5.102.0/23
221.5.105.0/24
221.5.107.0/24
Signature Algorithm: sha256WithRSAEncryption
38:e9:38:6b:e8:7a:fc:0c:5c:49:0d:01:11:2f:72:65:70:b0:
10:2f:f6:52:8a:36:7a:0c:b1:a2:6f:f1:72:4a:2a:ab:6d:53:
e4:b8:bf:b0:a5:d2:2a:d3:9a:83:94:7c:4d:d1:6f:f2:5a:e7:
90:f4:4d:10:e1:af:a8:8a:43:d2:6f:53:ae:ea:74:1f:47:3d:
f1:76:47:c6:57:45:e8:19:3d:1c:81:91:5a:2b:66:8b:7a:78:
3c:5e:61:c1:1a:de:2d:8b:a3:3e:f0:d4:a5:29:fe:04:41:d9:
3a:ee:1c:36:40:9b:31:2b:f4:2d:b4:20:24:14:58:bf:ae:52:
e1:14:f1:4e:46:b0:a2:86:a6:f7:0c:75:13:d8:60:89:ab:0d:
a6:aa:3d:02:7f:eb:37:b2:12:1b:ee:bd:22:0c:76:88:8e:38:
f4:32:ea:89:97:b2:e7:f0:50:e3:1c:0f:ac:71:1f:a0:23:38:
6e:54:c0:70:9c:e9:18:14:fc:72:01:5b:e6:26:e2:3c:51:95:
d3:5d:b5:42:3b:db:68:42:34:6c:09:27:1c:eb:92:53:22:e7:
a0:45:61:46:3d:a8:e6:bf:89:2f:f7:a3:69:46:25:c5:df:39:
7e:69:b3:a1:70:b6:c6:2d:23:fa:be:4a:e6:60:dc:ac:1f:3f:
49:40:88:15
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICGYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDIzNTI5WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxM2U3MS0xYTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqk8oSu4xpVE4BuYZyL/C2vE6Le/1EwBa4JMUvD4wBd72P7RPVcslsTccRhnY
RHq+xTyKQ3/dJzNgZVs91OexYkvnw9oouS8ZSlrOyd0XBHW1BYpmPcs17qvoVYJ6
Sh851mC/CzAo6Ajx97FxBPfhTFwgS60GKTx2yvm5FErlJ6SztTDnsl2Ziopxgzjg
t12PTLSOZmaU8OwaqJgzB4ZRFNGCBXloBuYVOBmKvbj4dB3OpF4eAzZsuZpNk/li
KGgpISoTTkHy5yH85OXRNyusW/QdDnyUN80Np+96vDt+LPgpDQFBCDq5u0i83NLE
XOqTzbCESzDkfk6yiMg6qwg6vQIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFEqA9V3x
IEyn4GFhVhGeHp7JPUh8MB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvMjFDOUM3NEUw
NUE1MTFFRUE4NkEwQzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMIGZBAIAATCBkgMEARskcDAMAwQBGyR2AwQHGyQAAwQCGyTgAwQAGy2Q
AwQBGy2WAwQCGy2kAwQCcF10AwQAeFMNAwQCeFOQAwQCeFO0AwQCeFeYAwQDeg2o
AwQAeg3+AwQDo7GYAwQA3QSSAwQA3QSaAwQA3QSfAwQA3QUjAwQA3QUlAwQA3QVk
AwQB3QVmAwQA3QVpAwQA3QVrMA0GCSqGSIb3DQEBCwUAA4IBAQA46Thr6Hr8DFxJ
DQERL3JlcLAQL/ZSijZ6DLGib/FySiqrbVPkuL+wpdIq05qDlHxN0W/yWueQ9E0Q
4a+oikPSb1Ou6nQfRz3xdkfGV0XoGT0cgZFaK2aLeng8XmHBGt4ti6M+8NSlKf4E
Qdk67hw2QJsxK/QttCAkFFi/rlLhFPFORrCihqb3DHUT2GCJqw2mqj0Cf+s3shIb
7r0iDHaIjjj0MuqJl7Ln8FDjHA+scR+gIzhuVMBwnOkYFPxyAVvmJuI8UZXTXbVC
O9toQjRsCScc65JTIuegRWFGPajmv4kv96NpRiXF3zl+abOhcLbGLSP6vkrmYNys
Hz9JQIgV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org