Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/615FDF6E012811EEA97F422EC4F9AE02.roa
File: 615FDF6E012811EEA97F422EC4F9AE02.roa (raw, json)
Hash identifier: A/zKDx/LN7g89KayOi7ADmt+4cGlctjUnHNf4ViYVo4=
Subject key identifier: 40:0B:41:4E:7A:52:F6:07:13:09:CD:ED:5B:39:48:DC:2B:3B:E2:93
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1974
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/615FDF6E012811EEA97F422EC4F9AE02.roa
Signing time: Fri 02 Jun 2023 09:32:24 +0000
ROA not before: Fri 02 Jun 2023 09:32:24 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 136958
IP address blocks: 58.254.160.0/19 maxlen: 19
58.254.198.0/23 maxlen: 23
112.90.0.0/20 maxlen: 20
112.90.32.0/22 maxlen: 22
112.90.37.0/24 maxlen: 24
112.90.38.0/24 maxlen: 24
112.97.160.0/19 maxlen: 19
120.80.23.0/24 maxlen: 24
120.80.136.0/24 maxlen: 24
120.82.6.0/24 maxlen: 24
120.83.2.0/24 maxlen: 24
120.83.4.0/24 maxlen: 24
122.13.0.0/21 maxlen: 21
122.13.8.0/23 maxlen: 23
122.13.14.0/23 maxlen: 23
122.13.16.0/24 maxlen: 24
122.13.18.0/24 maxlen: 24
122.13.20.0/24 maxlen: 24
122.13.24.0/22 maxlen: 22
122.13.38.0/23 maxlen: 23
122.13.64.0/20 maxlen: 20
122.13.80.0/21 maxlen: 21
122.13.88.0/24 maxlen: 24
122.13.130.0/23 maxlen: 23
122.13.132.0/23 maxlen: 23
122.13.134.0/24 maxlen: 24
122.13.138.0/24 maxlen: 24
122.13.150.0/23 maxlen: 23
122.13.152.0/22 maxlen: 22
122.13.157.0/24 maxlen: 24
122.13.158.0/24 maxlen: 24
122.13.202.0/23 maxlen: 23
122.13.204.0/22 maxlen: 22
122.13.208.0/23 maxlen: 23
122.13.210.0/24 maxlen: 24
122.13.213.0/24 maxlen: 24
122.13.219.0/24 maxlen: 24
163.177.0.0/19 maxlen: 19
163.177.32.0/20 maxlen: 20
163.177.144.0/21 maxlen: 21
221.5.32.0/23 maxlen: 23
221.5.34.0/24 maxlen: 24
221.5.36.0/24 maxlen: 24
221.5.38.0/23 maxlen: 23
221.5.92.0/22 maxlen: 22
221.5.106.0/24 maxlen: 24
221.5.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6516 (0x1974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 2 09:32:24 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6479b728-4a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:79:f3:6a:98:d9:5e:be:be:a5:06:c2:10:24:
7a:56:80:a8:ff:f8:02:04:c8:ca:9b:78:8d:94:c4:
59:f3:37:bc:85:b5:10:e6:a4:7f:5e:0d:8a:a2:25:
5c:18:f3:2a:8d:0e:90:c1:97:8d:12:b1:00:81:b3:
a7:8f:f3:68:db:62:4d:a7:bd:2d:55:e5:e1:98:38:
74:92:38:59:de:68:2e:d7:2b:fb:04:1e:e2:da:b6:
98:1c:2d:97:ad:94:55:f0:d3:17:9f:d9:1b:74:31:
36:22:6f:02:48:54:66:0c:30:9e:97:9f:0f:f2:ed:
a6:64:bc:11:b7:92:0a:32:7d:4b:da:53:51:6b:ad:
a5:94:dd:78:47:59:3c:b5:a5:42:7d:ff:fd:bb:e4:
28:1e:c0:f2:eb:dd:7c:c0:d3:6e:bd:ac:f0:c3:fb:
19:a2:2c:0c:e0:12:18:fa:6c:30:32:1b:66:3b:a9:
6c:9d:c7:05:db:ef:30:bf:39:70:80:8f:5f:c7:34:
f1:92:4c:61:eb:4f:40:81:be:98:d1:20:34:ae:0c:
ac:af:1a:8e:54:97:b9:b7:b5:92:ae:c3:91:cb:b9:
e8:ce:4a:d6:42:b3:ab:bf:f0:52:60:9c:f5:71:b5:
b2:29:c2:ff:a5:e0:95:8a:53:e1:aa:ae:e0:fa:03:
0b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:0B:41:4E:7A:52:F6:07:13:09:CD:ED:5B:39:48:DC:2B:3B:E2:93
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/615FDF6E012811EEA97F422EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.254.160.0/19
58.254.198.0/23
112.90.0.0/20
112.90.32.0/22
112.90.37.0-112.90.38.255
112.97.160.0/19
120.80.23.0/24
120.80.136.0/24
120.82.6.0/24
120.83.2.0/24
120.83.4.0/24
122.13.0.0-122.13.9.255
122.13.14.0-122.13.16.255
122.13.18.0/24
122.13.20.0/24
122.13.24.0/22
122.13.38.0/23
122.13.64.0-122.13.88.255
122.13.130.0-122.13.134.255
122.13.138.0/24
122.13.150.0-122.13.155.255
122.13.157.0-122.13.158.255
122.13.202.0-122.13.210.255
122.13.213.0/24
122.13.219.0/24
163.177.0.0-163.177.47.255
163.177.144.0/21
221.5.32.0-221.5.34.255
221.5.36.0/24
221.5.38.0/23
221.5.92.0/22
221.5.106.0/24
221.5.108.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:84:26:52:a0:2b:4f:46:3d:29:72:2b:95:f8:91:68:8b:8a:
ee:22:5b:08:c3:33:a1:8e:c8:a1:9a:3f:0c:21:d9:e2:e8:64:
a1:74:a0:15:08:86:4d:d9:b4:86:9b:ba:e7:51:fd:ad:34:4e:
ac:63:1c:75:2c:82:64:53:7d:54:7e:f0:8c:a0:d6:a4:37:d1:
8d:e9:5a:fe:14:f6:30:7f:6d:57:29:17:e3:11:60:4a:b2:4d:
5e:64:39:87:c9:4f:2b:e5:86:10:8b:1f:51:de:e6:06:7c:7b:
47:83:fa:55:69:8f:6b:c1:df:cc:0f:3b:10:cb:6a:cf:2e:90:
43:82:5e:ed:d6:97:f6:1f:7e:d6:3d:53:9e:e4:dc:5c:9e:53:
fd:8c:66:86:19:b1:4f:a2:5c:02:63:53:40:f4:0d:41:d8:d4:
48:59:cd:dd:d4:a4:42:f3:5f:2e:c0:b0:3f:c2:3f:ba:15:72:
d2:85:d2:8c:9f:e2:5a:fb:cc:a6:7a:59:bb:ab:93:1b:6c:4e:
82:1f:12:0a:99:1d:04:41:f4:f8:f1:97:1b:97:bc:b7:3c:96:
24:8b:5b:4b:5b:b3:c8:c1:52:50:4f:f1:46:76:54:53:d0:b5:
0e:ab:98:91:f5:e5:c5:de:c2:ca:2b:65:82:c0:33:30:54:39:
69:57:8b:dc
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgICGXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjAyMDkzMjI0WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5YjcyOC00YTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA73nzapjZXr6+pQbCECR6VoCo//gCBMjKm3iNlMRZ8ze8hbUQ5qR/Xg2KoiVc
GPMqjQ6QwZeNErEAgbOnj/No22JNp70tVeXhmDh0kjhZ3mgu1yv7BB7i2raYHC2X
rZRV8NMXn9kbdDE2Im8CSFRmDDCel58P8u2mZLwRt5IKMn1L2lNRa62llN14R1k8
taVCff/9u+QoHsDy6918wNNuvazww/sZoiwM4BIY+mwwMhtmO6lsnccF2+8wvzlw
gI9fxzTxkkxh609Agb6Y0SA0rgysrxqOVJe5t7WSrsORy7nozkrWQrOrv/BSYJz1
cbWyKcL/peCVilPhqq7g+gML0wIDAQABo4IDrTCCA6kwHQYDVR0OBBYEFEALQU56
UvYHEwnN7Vs5SNwrO+KTMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvNjE1RkRGNkUw
MTI4MTFFRUE5N0Y0MjJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggE1BggrBgEFBQcBBwEB
/wSCASQwggEgMIIBHAQCAAEwggEUAwQFOv6gAwQBOv7GAwQEcFoAAwQCcFogMAwD
BABwWiUDBABwWiYDBAVwYaADBAB4UBcDBAB4UIgDBAB4UgYDBAB4UwIDBAB4UwQw
CwMDAHoNAwQBeg0IMAwDBAF6DQ4DBAB6DRADBAB6DRIDBAB6DRQDBAJ6DRgDBAF6
DSYwDAMEBnoNQAMEAHoNWDAMAwQBeg2CAwQAeg2GAwQAeg2KMAwDBAF6DZYDBAJ6
DZgwDAMEAHoNnQMEAHoNnjAMAwQBeg3KAwQAeg3SAwQAeg3VAwQAeg3bMAsDAwCj
sQMEBKOxIAMEA6OxkDAMAwQF3QUgAwQA3QUiAwQA3QUkAwQB3QUmAwQC3QVcAwQA
3QVqAwQC3QVsMA0GCSqGSIb3DQEBCwUAA4IBAQCrhCZSoCtPRj0pciuV+JFoi4ru
IlsIwzOhjsihmj8MIdni6GShdKAVCIZN2bSGm7rnUf2tNE6sYxx1LIJkU31UfvCM
oNakN9GN6Vr+FPYwf21XKRfjEWBKsk1eZDmHyU8r5YYQix9R3uYGfHtHg/pVaY9r
wd/MDzsQy2rPLpBDgl7t1pf2H37WPVOe5NxcnlP9jGaGGbFPolwCY1NA9A1B2NRI
Wc3d1KRC818uwLA/wj+6FXLShdKMn+Ja+8ymelm7q5MbbE6CHxIKmR0EQfT48Zcb
l7y3PJYki1tLW7PIwVJQT/FGdlRT0LUOq5iR9eXF3sLKK2WCwDMwVDlpV4vc
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:04 2024 by rpki-client on console-fra.rpki-client.org