Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/2448539605A511EEA86A0C2BC4F9AE02.roa
File: 2448539605A511EEA86A0C2BC4F9AE02.roa (raw, json)
Hash identifier: +vlyOim8omHs5e+awLBHPH8FWqtQBVuQXx8yp0BTi0A=
Subject key identifier: 03:28:3C:18:64:5B:BA:1C:D4:FC:7D:27:B5:41:CD:5D:7F:4A:7E:47
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 198B
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/2448539605A511EEA86A0C2BC4F9AE02.roa
Signing time: Thu 08 Jun 2023 02:35:34 +0000
ROA not before: Thu 08 Jun 2023 02:35:34 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 4808
IP address blocks: 114.241.176.0/22 maxlen: 22
114.241.180.0/22 maxlen: 22
114.241.184.0/22 maxlen: 22
114.241.188.0/22 maxlen: 22
114.252.136.0/22 maxlen: 22
114.252.140.0/22 maxlen: 22
114.254.11.0/24 maxlen: 24
114.254.12.0/24 maxlen: 24
123.112.88.0/21 maxlen: 21
123.117.144.0/21 maxlen: 21
123.117.240.0/20 maxlen: 20
123.126.160.0/19 maxlen: 19
123.126.224.0/19 maxlen: 19
124.65.200.0/21 maxlen: 21
125.35.0.0/19 maxlen: 19
125.35.32.0/19 maxlen: 19
125.35.119.0/24 maxlen: 24
202.96.26.0/24 maxlen: 24
202.106.236.0/24 maxlen: 24
221.216.64.0/22 maxlen: 22
221.220.48.0/22 maxlen: 22
221.222.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6539 (0x198b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 02:35:34 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64813e75-447c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fc:c4:8a:68:f9:92:15:e9:82:64:ed:7d:11:
f4:ac:da:56:b6:37:3b:43:2c:9a:c3:c5:5a:cf:3e:
6e:36:dc:be:af:43:3e:33:7a:09:dd:85:e7:bd:b5:
f7:d7:87:f0:44:33:0d:b1:3c:c8:54:d7:e6:8f:fa:
eb:4a:b6:64:e8:a9:d1:72:ec:b4:b9:20:58:93:bf:
eb:99:21:c6:9e:ad:58:cc:40:33:6c:f5:28:af:e5:
34:9c:46:28:8c:00:67:12:fb:75:4c:e1:67:7a:73:
12:ec:6f:2f:7f:1a:86:d1:a2:31:f3:af:ec:26:0e:
1b:82:b3:b1:a2:3c:ad:85:64:43:95:4d:ce:6d:d2:
4c:f3:ce:75:33:db:78:72:dc:bf:ca:ec:de:50:e8:
49:ab:cd:bd:89:3c:b7:8a:f5:d7:98:ff:7a:66:cb:
ab:17:1a:75:25:7e:2d:8d:4e:36:fd:1e:eb:d4:6d:
6f:8a:aa:f6:cc:98:32:1f:72:f7:88:c8:13:7e:3c:
06:d2:c0:4a:12:c3:ed:32:51:71:9d:c1:ef:89:b3:
fc:ff:da:d1:f0:21:5e:cf:48:48:23:d3:20:95:52:
c6:d9:d7:e8:c4:0c:9b:5e:5c:3f:03:80:f0:e8:64:
ed:1c:aa:61:68:29:25:5b:8a:f3:53:d2:65:83:42:
13:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:28:3C:18:64:5B:BA:1C:D4:FC:7D:27:B5:41:CD:5D:7F:4A:7E:47
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/2448539605A511EEA86A0C2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.241.176.0/20
114.252.136.0/21
114.254.11.0-114.254.12.255
123.112.88.0/21
123.117.144.0/21
123.117.240.0/20
123.126.160.0/19
123.126.224.0/19
124.65.200.0/21
125.35.0.0/18
125.35.119.0/24
202.96.26.0/24
202.106.236.0/24
221.216.64.0/22
221.220.48.0/22
221.222.120.0/21
Signature Algorithm: sha256WithRSAEncryption
30:0e:30:0f:9e:b6:72:48:1a:8f:18:0c:cd:a1:bc:7e:18:de:
a1:07:83:e8:96:1d:c0:89:8b:0a:cb:91:f1:f5:76:3a:7d:b7:
19:d0:6c:2e:b1:59:1a:30:aa:17:7e:92:aa:60:38:c3:e2:f0:
b2:9e:b1:f7:93:26:ca:30:41:3e:b7:40:da:cf:65:72:3f:b9:
d6:70:86:c8:74:4a:a8:fb:d7:3c:83:7d:ae:87:e7:db:d9:03:
04:a1:49:84:4b:f4:8e:0f:09:bd:23:83:b4:5b:7d:b1:65:7b:
c5:1c:1e:3d:f1:23:8e:06:06:9a:91:53:48:22:05:e6:78:d3:
0b:1d:2b:94:67:d8:5d:34:50:d6:54:2b:7d:7f:60:85:09:a1:
df:71:23:48:f1:d4:87:0e:e4:61:94:72:85:50:ad:92:86:63:
65:99:8e:de:c9:86:2e:11:7d:64:47:c6:5d:ac:36:58:d9:e5:
4e:32:6f:8e:c3:76:5e:fe:c4:ed:b6:ad:bb:a6:5f:d6:f0:4d:
2f:32:e3:54:db:11:8d:15:c0:bc:31:39:e8:d9:96:e1:fd:7c:
b0:c4:05:c7:7e:34:47:d1:eb:62:36:b4:43:24:da:8b:e9:92:
4b:95:7d:c1:98:db:b0:af:f9:e5:73:39:1e:d2:ba:d6:d6:a6:
2d:2b:19:99
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICGYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDIzNTM0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxM2U3NS00NDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl/zEimj5khXpgmTtfRH0rNpWtjc7Qyyaw8Vazz5uNty+r0M+M3oJ3YXnvbX3
14fwRDMNsTzIVNfmj/rrSrZk6KnRcuy0uSBYk7/rmSHGnq1YzEAzbPUor+U0nEYo
jABnEvt1TOFnenMS7G8vfxqG0aIx86/sJg4bgrOxojythWRDlU3ObdJM8851M9t4
cty/yuzeUOhJq829iTy3ivXXmP96ZsurFxp1JX4tjU42/R7r1G1viqr2zJgyH3L3
iMgTfjwG0sBKEsPtMlFxncHvibP8/9rR8CFez0hII9MglVLG2dfoxAybXlw/A4Dw
6GTtHKphaCklW4rzU9Jlg0ITGQIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFAMoPBhk
W7oc1Px9J7VBzV1/Sn5HMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvMjQ0ODUzOTYw
NUE1MTFFRUE4NkEwQzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBuBAIAATBoAwQEcvGwAwQDcvyIMAwDBABy/gsDBABy/gwDBAN7cFgDBAN7
dZADBAR7dfADBAV7fqADBAV7fuADBAN8QcgDBAZ9IwADBAB9I3cDBADKYBoDBADK
auwDBALd2EADBALd3DADBAPd3ngwDQYJKoZIhvcNAQELBQADggEBADAOMA+etnJI
Go8YDM2hvH4Y3qEHg+iWHcCJiwrLkfH1djp9txnQbC6xWRowqhd+kqpgOMPi8LKe
sfeTJsowQT63QNrPZXI/udZwhsh0Sqj71zyDfa6H59vZAwShSYRL9I4PCb0jg7Rb
fbFle8UcHj3xI44GBpqRU0giBeZ40wsdK5Rn2F00UNZUK31/YIUJod9xI0jx1IcO
5GGUcoVQrZKGY2WZjt7Jhi4RfWRHxl2sNljZ5U4yb47Ddl7+xO22rbumX9bwTS8y
41TbEY0VwLwxOejZluH9fLDEBcd+NEfR62I2tEMk2ovpkkuVfcGY27Cv+eVzOR7S
utbWpi0rGZk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org