Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/26F7A95205A511EEA86A0C2BC4F9AE02.roa
File: 26F7A95205A511EEA86A0C2BC4F9AE02.roa (raw, json)
Hash identifier: 4v2hq7fFJiBfGYBpxyiP+VI1VvdOQjVsFZy7KwozHBg=
Subject key identifier: 34:8E:89:11:91:B8:AC:11:91:63:9A:3C:E0:C0:B8:C8:83:20:EB:00
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 198D
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/26F7A95205A511EEA86A0C2BC4F9AE02.roa
Signing time: Thu 08 Jun 2023 02:35:38 +0000
ROA not before: Thu 08 Jun 2023 02:35:38 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 9929
IP address blocks: 42.84.176.0/21 maxlen: 21
43.243.88.0/22 maxlen: 22
43.250.128.0/22 maxlen: 22
113.200.230.0/23 maxlen: 23
113.207.132.0/23 maxlen: 23
113.207.240.0/20 maxlen: 20
114.254.4.0/23 maxlen: 23
120.86.8.0/23 maxlen: 23
122.97.0.0/18 maxlen: 18
124.130.192.0/20 maxlen: 20
125.46.122.0/23 maxlen: 23
203.93.64.0/20 maxlen: 20
203.93.82.0/24 maxlen: 24
203.93.83.0/24 maxlen: 24
203.93.96.0/20 maxlen: 20
203.93.156.0/22 maxlen: 22
203.93.208.0/20 maxlen: 20
203.93.224.0/20 maxlen: 20
210.13.96.0/20 maxlen: 20
210.13.98.0/24 maxlen: 24
210.13.112.0/20 maxlen: 20
210.13.113.0/24 maxlen: 24
210.13.192.0/19 maxlen: 19
210.15.64.0/19 maxlen: 19
210.21.191.0/24 maxlen: 24
210.22.116.0/24 maxlen: 24
210.22.117.0/24 maxlen: 24
210.22.192.0/18 maxlen: 18
210.22.193.0/24 maxlen: 24
210.22.194.0/24 maxlen: 24
210.22.195.0/24 maxlen: 24
210.22.199.0/24 maxlen: 24
210.22.200.0/24 maxlen: 24
210.22.206.0/24 maxlen: 24
210.22.209.0/24 maxlen: 24
210.22.253.0/24 maxlen: 24
210.51.21.0/24 maxlen: 24
210.51.22.0/24 maxlen: 24
210.51.29.0/24 maxlen: 24
210.51.30.0/23 maxlen: 23
210.51.33.0/24 maxlen: 24
210.51.39.0/24 maxlen: 24
210.51.43.0/24 maxlen: 24
210.51.45.0/24 maxlen: 24
210.51.48.0/24 maxlen: 24
210.51.192.0/18 maxlen: 18
210.51.192.0/24 maxlen: 24
210.51.193.0/24 maxlen: 24
210.51.197.0/24 maxlen: 24
210.51.201.0/24 maxlen: 24
210.51.202.0/24 maxlen: 24
210.51.203.0/24 maxlen: 24
210.51.204.0/22 maxlen: 22
210.51.208.0/22 maxlen: 22
210.51.224.0/23 maxlen: 23
210.51.226.0/24 maxlen: 24
210.51.227.0/24 maxlen: 24
210.51.228.0/24 maxlen: 24
210.51.229.0/24 maxlen: 24
210.51.230.0/23 maxlen: 23
210.51.232.0/23 maxlen: 23
210.51.235.0/24 maxlen: 24
210.51.240.0/24 maxlen: 24
210.51.243.0/24 maxlen: 24
210.51.250.0/24 maxlen: 24
218.24.22.0/24 maxlen: 24
218.24.23.0/24 maxlen: 24
218.104.32.0/20 maxlen: 20
218.107.224.0/19 maxlen: 19
220.248.59.0/24 maxlen: 24
220.248.202.0/24 maxlen: 24
220.249.0.0/18 maxlen: 18
2408:8120:1::/48 maxlen: 48
2408:8120:2::/48 maxlen: 48
2408:8120:7000::/36 maxlen: 36
2408:8a00:c000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6541 (0x198d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 02:35:38 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64813e7a-bd23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c2:4a:49:9b:0f:60:df:0c:25:0c:73:c1:db:
dd:a6:ca:cc:0c:3a:15:ca:2d:7d:39:de:7d:94:d6:
2a:dc:43:dc:b2:e1:6f:7e:6c:d0:71:02:cc:8b:11:
71:58:f3:6b:89:6e:20:8d:04:98:4a:15:ba:c4:7a:
dc:af:aa:44:76:59:31:e9:3d:02:da:53:7a:b6:70:
85:36:7c:14:e2:6a:31:92:6a:79:e6:a1:dc:3d:7d:
85:0f:30:3b:e0:56:da:33:80:b7:da:12:ee:42:42:
25:7c:bb:85:26:2c:20:38:06:4b:57:98:87:de:ef:
7c:4d:5b:ae:6d:1c:e1:c2:e8:ec:2a:9c:ae:96:9f:
11:51:2f:36:54:3e:de:d7:22:a6:b8:ea:1c:2b:40:
9d:ab:cf:8e:fb:00:d0:8e:ff:9b:4c:ce:42:39:6e:
e9:9b:03:ab:4f:83:a2:45:d9:57:37:03:19:25:79:
1f:18:ae:dc:4f:d9:37:00:56:ac:c6:28:b9:23:35:
33:14:85:2d:22:34:28:65:23:7d:48:f3:73:23:e0:
de:58:3d:e3:e3:af:dc:7a:ab:98:37:ff:a9:e4:1b:
93:f3:de:e5:67:e7:22:ad:88:03:d5:f9:15:27:34:
5c:6c:3a:7e:d8:d2:73:65:a2:fa:a1:27:8e:e2:c2:
9c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8E:89:11:91:B8:AC:11:91:63:9A:3C:E0:C0:B8:C8:83:20:EB:00
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/26F7A95205A511EEA86A0C2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.84.176.0/21
43.243.88.0/22
43.250.128.0/22
113.200.230.0/23
113.207.132.0/23
113.207.240.0/20
114.254.4.0/23
120.86.8.0/23
122.97.0.0/18
124.130.192.0/20
125.46.122.0/23
203.93.64.0/20
203.93.82.0/23
203.93.96.0/20
203.93.156.0/22
203.93.208.0-203.93.239.255
210.13.96.0/19
210.13.192.0/19
210.15.64.0/19
210.21.191.0/24
210.22.116.0/23
210.22.192.0/18
210.51.21.0-210.51.22.255
210.51.29.0-210.51.31.255
210.51.33.0/24
210.51.39.0/24
210.51.43.0/24
210.51.45.0/24
210.51.48.0/24
210.51.192.0/18
218.24.22.0/23
218.104.32.0/20
218.107.224.0/19
220.248.59.0/24
220.248.202.0/24
220.249.0.0/18
IPv6:
2408:8120:1::-2408:8120:2:ffff:ffff:ffff:ffff:ffff
2408:8120:7000::/36
2408:8a00:c000::/36
Signature Algorithm: sha256WithRSAEncryption
0c:ce:2b:b2:7c:3c:4b:64:99:da:30:10:58:a3:14:76:c6:f0:
53:95:94:d8:0a:ca:78:0e:f1:11:3d:d1:89:76:23:11:f4:78:
b9:49:93:a5:b3:96:be:23:12:a5:40:0b:28:21:68:fa:3c:00:
3a:ee:60:1f:42:5f:97:a3:d8:d0:b0:9d:05:d0:96:87:7f:17:
c1:3e:89:af:11:62:d0:4b:91:c7:cf:6f:60:ce:5f:9d:ab:28:
43:4e:46:3e:d1:9f:6a:bd:3b:75:b4:2d:93:dc:33:9c:84:4e:
66:9a:10:1c:d0:02:55:db:c7:74:2a:24:c7:a8:a3:4a:b9:1a:
6a:73:64:d0:57:06:d9:a0:78:c4:39:ce:21:ec:e7:6a:1a:03:
78:16:c0:88:89:b8:5a:5d:05:35:64:2a:8c:c8:87:74:b6:ae:
61:26:ff:1f:81:41:60:13:e7:b2:25:8b:75:d6:86:9c:6c:ae:
42:58:eb:43:84:5c:1b:c6:dc:ca:02:3d:f6:47:14:d8:a5:e6:
f2:06:75:55:14:87:22:0d:ee:aa:0a:9b:98:44:f7:cc:e9:a3:
73:5c:ec:61:e2:9d:a7:e0:4a:d1:7b:82:28:47:99:5b:c9:ae:
1f:fe:22:80:b1:43:cf:a2:6b:07:02:49:fb:4d:d5:04:61:27:
c5:78:b2:9f
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgICGY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDIzNTM4WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxM2U3YS1iZDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucJKSZsPYN8MJQxzwdvdpsrMDDoVyi19Od59lNYq3EPcsuFvfmzQcQLMixFx
WPNriW4gjQSYShW6xHrcr6pEdlkx6T0C2lN6tnCFNnwU4moxkmp55qHcPX2FDzA7
4FbaM4C32hLuQkIlfLuFJiwgOAZLV5iH3u98TVuubRzhwujsKpyulp8RUS82VD7e
1yKmuOocK0Cdq8+O+wDQjv+bTM5COW7pmwOrT4OiRdlXNwMZJXkfGK7cT9k3AFas
xii5IzUzFIUtIjQoZSN9SPNzI+DeWD3j46/cequYN/+p5BuT897lZ+cirYgD1fkV
JzRcbDp+2NJzZaL6oSeO4sKcfQIDAQABo4IDszCCA68wHQYDVR0OBBYEFDSOiRGR
uKwRkWOaPODAuMiDIOsAMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvMjZGN0E5NTIw
NUE1MTFFRUE4NkEwQzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggE7BggrBgEFBQcBBwEB
/wSCASowggEmMIH3BAIAATCB8AMEAypUsAMEAivzWAMEAiv6gAMEAXHI5gMEAXHP
hAMEBHHP8AMEAXL+BAMEAXhWCAMEBnphAAMEBHyCwAMEAX0uegMEBMtdQAMEActd
UgMEBMtdYAMEAstdnDAMAwQEy13QAwQEy13gAwQF0g1gAwQF0g3AAwQF0g9AAwQA
0hW/AwQB0hZ0AwQG0hbAMAwDBADSMxUDBADSMxYwDAMEANIzHQMEBdIzAAMEANIz
IQMEANIzJwMEANIzKwMEANIzLQMEANIzMAMEBtIzwAMEAdoYFgMEBNpoIAMEBdpr
4AMEANz4OwMEANz4ygMEBtz5ADAqBAIAAjAkMBIDBwAkCIEgAAEDBwAkCIEgAAID
BgQkCIEgcAMGBCQIigDAMA0GCSqGSIb3DQEBCwUAA4IBAQAMziuyfDxLZJnaMBBY
oxR2xvBTlZTYCsp4DvERPdGJdiMR9Hi5SZOls5a+IxKlQAsoIWj6PAA67mAfQl+X
o9jQsJ0F0JaHfxfBPomvEWLQS5HHz29gzl+dqyhDTkY+0Z9qvTt1tC2T3DOchE5m
mhAc0AJV28d0KiTHqKNKuRpqc2TQVwbZoHjEOc4h7OdqGgN4FsCIibhaXQU1ZCqM
yId0tq5hJv8fgUFgE+eyJYt11oacbK5CWOtDhFwbxtzKAj32RxTYpebyBnVVFIci
De6qCpuYRPfM6aNzXOxh4p2n4ErRe4IoR5lbya4f/iKAsUPPomsHAkn7TdUEYSfF
eLKf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org