Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/5FE2A770012811EEA97F422EC4F9AE02.roa
File: 5FE2A770012811EEA97F422EC4F9AE02.roa (raw, json)
Hash identifier: trVWPCmFbrV0xovYs2uHC1HTF1KRwh6qAUxFvcUdhZc=
Subject key identifier: EE:41:C4:C5:5B:45:D0:97:AC:E8:FE:2C:FB:9F:9B:0F:0A:8E:A4:20
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1972
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/5FE2A770012811EEA97F422EC4F9AE02.roa
Signing time: Fri 02 Jun 2023 09:32:22 +0000
ROA not before: Fri 02 Jun 2023 09:32:22 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 134543
IP address blocks: 112.90.88.0/21 maxlen: 21
112.90.90.0/24 maxlen: 24
112.90.216.0/21 maxlen: 21
112.90.221.0/24 maxlen: 24
112.90.222.0/24 maxlen: 24
112.91.91.0/24 maxlen: 24
112.91.92.0/24 maxlen: 24
112.91.94.0/24 maxlen: 24
112.96.8.0/24 maxlen: 24
112.97.160.0/19 maxlen: 19
112.97.208.0/20 maxlen: 20
112.97.240.0/20 maxlen: 20
120.80.72.0/22 maxlen: 22
122.13.156.0/24 maxlen: 24
122.13.160.0/24 maxlen: 24
122.13.162.0/24 maxlen: 24
122.13.163.0/24 maxlen: 24
163.177.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6514 (0x1972)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 2 09:32:22 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6479b725-85b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:67:f6:fd:35:cc:fb:eb:86:ff:00:9d:70:7e:
d8:45:43:7f:82:bc:a5:7e:cb:51:9e:2a:d3:19:49:
c6:20:a7:c3:85:22:55:17:bb:1a:f6:34:75:79:3b:
27:11:29:75:f6:db:d9:65:53:d4:c8:12:1d:2c:02:
21:47:d0:e8:76:99:66:79:f8:35:71:be:c5:07:17:
df:61:ad:fa:3e:ce:9b:37:d2:a2:e2:b3:2d:87:75:
6f:c4:de:2f:83:02:e7:ca:b4:ef:60:ad:8c:af:ae:
48:e4:32:8d:59:fd:bf:32:1e:22:71:35:ba:93:39:
f3:b0:2e:c8:3c:a3:b8:0f:63:0b:0f:40:ab:bf:6f:
8a:bc:de:6c:95:ce:20:f9:3b:ca:f5:2b:c2:eb:36:
d6:04:33:fc:c1:3c:2f:d3:d5:44:43:d3:47:22:9c:
16:70:00:c5:8f:62:89:90:8a:ea:94:c5:68:1e:1e:
fc:64:a4:33:48:ab:36:ff:71:12:40:cf:a7:c9:2b:
60:2d:00:4d:d6:7d:c4:6e:d4:d3:6e:bd:17:3c:57:
29:6e:d7:c8:c8:17:bc:01:0d:21:23:4d:0f:38:fe:
fe:40:1d:b8:0e:52:b2:8b:b6:cb:a1:33:42:78:ad:
22:2f:78:1a:ab:83:ec:de:f4:8e:d3:e5:ec:08:c7:
62:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:41:C4:C5:5B:45:D0:97:AC:E8:FE:2C:FB:9F:9B:0F:0A:8E:A4:20
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/5FE2A770012811EEA97F422EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.90.88.0/21
112.90.216.0/21
112.91.91.0-112.91.92.255
112.91.94.0/24
112.96.8.0/24
112.97.160.0/19
112.97.208.0/20
112.97.240.0/20
120.80.72.0/22
122.13.156.0/24
122.13.160.0/24
122.13.162.0/23
163.177.216.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:43:52:fb:4b:4b:5c:23:1b:81:2d:ee:75:17:77:58:97:36:
2c:98:59:eb:de:7c:93:13:6a:01:25:9f:39:48:7e:fa:9d:4d:
2e:93:67:2c:a4:84:99:2f:fd:d3:ad:96:97:9d:92:3c:fd:a9:
35:c8:98:94:82:58:87:c2:e1:60:69:e2:42:ea:74:9b:5d:09:
0f:9f:ee:68:4b:f6:dc:b8:65:4a:08:10:d6:a2:32:10:3d:28:
1b:49:0d:6c:49:da:c9:e7:75:7f:27:01:81:be:53:63:c1:97:
fc:11:9a:ee:01:35:17:cf:76:06:11:a1:1a:d4:b3:d5:3f:14:
00:6d:b7:0d:2b:7a:07:ce:e5:04:58:fa:55:8c:b0:5a:1f:60:
26:7f:0a:8f:01:79:5f:59:96:7f:ec:a0:ef:59:82:4c:e7:fd:
a4:bf:e3:e3:ea:40:08:89:57:d1:2c:8e:d5:b2:b4:f6:42:f5:
ce:a9:5a:a9:5c:dd:a8:c3:65:ab:bd:ee:59:e4:c1:ae:eb:37:
02:0a:5f:e8:0e:16:23:55:cf:0a:d2:7e:83:7d:5c:b5:f0:1b:
66:24:2f:13:7e:ed:4d:29:a9:d3:89:47:16:b7:cf:62:79:c2:
5e:ad:94:e1:d3:bd:f6:e6:73:4d:e8:87:ea:2c:e0:e1:93:81:
ba:69:c0:fc
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICGXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjAyMDkzMjIyWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5YjcyNS04NWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA52f2/TXM++uG/wCdcH7YRUN/grylfstRnirTGUnGIKfDhSJVF7sa9jR1eTsn
ESl19tvZZVPUyBIdLAIhR9Dodplmefg1cb7FBxffYa36Ps6bN9Ki4rMth3VvxN4v
gwLnyrTvYK2Mr65I5DKNWf2/Mh4icTW6kznzsC7IPKO4D2MLD0Crv2+KvN5slc4g
+TvK9SvC6zbWBDP8wTwv09VEQ9NHIpwWcADFj2KJkIrqlMVoHh78ZKQzSKs2/3ES
QM+nyStgLQBN1n3EbtTTbr0XPFcpbtfIyBe8AQ0hI00POP7+QB24DlKyi7bLoTNC
eK0iL3gaq4Ps3vSO0+XsCMdi9wIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFO5BxMVb
RdCXrOj+LPufmw8KjqQgMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvNUZFMkE3NzAw
MTI4MTFFRUE5N0Y0MjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMFwEAgABMFYDBANwWlgDBANwWtgwDAMEAHBbWwMEAHBbXAMEAHBbXgMEAHBg
CAMEBXBhoAMEBHBh0AMEBHBh8AMEAnhQSAMEAHoNnAMEAHoNoAMEAXoNogMEA6Ox
2DANBgkqhkiG9w0BAQsFAAOCAQEAHENS+0tLXCMbgS3udRd3WJc2LJhZ6958kxNq
ASWfOUh++p1NLpNnLKSEmS/9062Wl52SPP2pNciYlIJYh8LhYGniQup0m10JD5/u
aEv23LhlSggQ1qIyED0oG0kNbEnayed1fycBgb5TY8GX/BGa7gE1F892BhGhGtSz
1T8UAG23DSt6B87lBFj6VYywWh9gJn8KjwF5X1mWf+yg71mCTOf9pL/j4+pACIlX
0SyO1bK09kL1zqlaqVzdqMNlq73uWeTBrus3Agpf6A4WI1XPCtJ+g31ctfAbZiQv
E37tTSmp04lHFrfPYnnCXq2U4dO99uZzTeiH6izg4ZOBumnA/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org