Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/DDA5ECAA012111EE9BBB0A1FC4F9AE02.roa
File: DDA5ECAA012111EE9BBB0A1FC4F9AE02.roa (raw, json)
Hash identifier: R3+sEAhq6dEmWnRqi7aq5aSR7VRifG5Z4NTxQnyfRaU=
Subject key identifier: 2D:54:AA:05:2F:BB:69:92:0C:07:80:30:DC:9A:B2:66:C6:92:D7:01
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1978
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/DDA5ECAA012111EE9BBB0A1FC4F9AE02.roa
Signing time: Fri 02 Jun 2023 09:32:29 +0000
ROA not before: Fri 02 Jun 2023 09:32:29 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 4808
IP address blocks: 61.48.138.0/24 maxlen: 24
61.48.164.0/22 maxlen: 22
61.50.0.0/20 maxlen: 20
61.135.227.0/24 maxlen: 24
111.194.16.0/21 maxlen: 21
114.241.176.0/22 maxlen: 22
114.241.180.0/22 maxlen: 22
114.241.184.0/22 maxlen: 22
114.241.188.0/22 maxlen: 22
114.252.136.0/22 maxlen: 22
114.252.140.0/22 maxlen: 22
114.254.11.0/24 maxlen: 24
114.254.12.0/24 maxlen: 24
123.112.88.0/21 maxlen: 21
123.117.144.0/21 maxlen: 21
123.117.240.0/20 maxlen: 20
123.126.160.0/19 maxlen: 19
123.126.224.0/19 maxlen: 19
124.65.200.0/21 maxlen: 21
125.35.0.0/19 maxlen: 19
125.35.32.0/19 maxlen: 19
125.35.119.0/24 maxlen: 24
202.96.26.0/24 maxlen: 24
202.106.236.0/24 maxlen: 24
221.216.64.0/22 maxlen: 22
221.220.48.0/22 maxlen: 22
221.222.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6520 (0x1978)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 2 09:32:29 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=6479b72c-a5c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1b:b0:0d:70:c4:a2:40:3c:f9:8a:b7:43:e5:
dc:16:dd:35:2f:ad:3b:35:36:7e:39:4c:95:1b:63:
8f:00:db:b1:98:e3:50:b1:1e:cd:9e:48:0c:64:0b:
d3:f9:34:22:aa:22:c8:c8:ad:af:bf:92:b6:cc:60:
0d:2a:e5:ab:c3:35:9c:50:16:13:4a:69:5e:fd:4f:
32:ac:70:50:ed:22:d3:53:b9:3a:43:08:39:ea:46:
40:a6:8d:4a:63:00:2c:27:52:f1:4b:d1:d8:d0:89:
c2:5f:83:ed:0f:d9:13:1a:21:4f:43:8f:11:85:94:
97:65:73:66:a2:c1:fa:bf:fc:6a:d3:39:8d:ef:26:
f8:28:78:13:c3:e9:b7:c6:45:62:d7:ae:34:22:b7:
ef:27:71:a0:d2:3a:7b:03:98:db:f8:67:27:cb:d7:
02:98:c0:f3:cf:d5:e0:97:94:d4:bd:6e:80:37:17:
2c:44:bd:5c:50:6b:a3:f1:83:1b:08:0c:6a:0b:46:
46:c1:ea:9c:6a:57:10:58:40:30:3e:f8:f2:77:8d:
f4:57:12:02:f9:c3:b6:23:5c:3f:dd:83:2d:33:63:
14:99:e1:5e:a0:04:55:54:d7:87:db:ca:39:68:12:
b2:99:55:1d:84:e5:a0:e4:b4:1c:01:97:ad:d3:f4:
d5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:54:AA:05:2F:BB:69:92:0C:07:80:30:DC:9A:B2:66:C6:92:D7:01
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/DDA5ECAA012111EE9BBB0A1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.48.138.0/24
61.48.164.0/22
61.50.0.0/20
61.135.227.0/24
111.194.16.0/21
114.241.176.0/20
114.252.136.0/21
114.254.11.0-114.254.12.255
123.112.88.0/21
123.117.144.0/21
123.117.240.0/20
123.126.160.0/19
123.126.224.0/19
124.65.200.0/21
125.35.0.0/18
125.35.119.0/24
202.96.26.0/24
202.106.236.0/24
221.216.64.0/22
221.220.48.0/22
221.222.120.0/21
Signature Algorithm: sha256WithRSAEncryption
36:0e:8a:c8:56:4a:b9:16:48:10:40:15:61:66:72:89:c1:42:
8e:7a:a2:fa:fb:28:bb:ee:3d:d0:8e:3e:f8:fa:17:06:2d:48:
66:33:6b:da:df:5f:df:53:cd:c8:c9:ab:17:54:e6:02:b0:c4:
fc:cd:ea:89:8c:34:fe:34:5b:cb:03:b1:14:fc:dc:f0:29:9f:
15:52:d6:bf:12:f3:db:4c:4f:03:6e:9a:3e:fd:b1:bd:c9:ad:
7d:fa:02:64:d5:e7:cf:5c:78:95:40:43:e1:d3:f6:d3:1b:40:
ef:34:f8:a7:59:d7:91:17:84:e3:b1:08:55:73:40:84:c2:8c:
64:62:f5:10:9d:e4:be:dc:20:18:b6:29:40:88:b5:12:07:e4:
e9:2f:ca:d2:f5:a9:ab:4c:a5:62:d7:78:22:c7:8d:93:9e:e7:
35:a8:ac:fe:b5:c9:65:09:59:9c:d5:71:5c:26:3a:d2:9f:1f:
1f:7e:55:34:33:e6:3f:38:e8:0b:77:a4:04:0b:d6:b4:b9:b1:
8a:06:fe:fa:84:47:b9:d1:df:af:41:fc:6c:40:7b:da:a8:23:
fe:cf:2b:5a:a2:8b:c2:2d:41:2b:62:ce:4a:1c:db:3f:f2:8a:
6e:17:73:63:5a:33:c6:d4:36:84:89:f0:d2:34:50:de:01:7e:
1b:a1:c1:75
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgICGXgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjAyMDkzMjI5WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc5YjcyYy1hNWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0xuwDXDEokA8+Yq3Q+XcFt01L607NTZ+OUyVG2OPANuxmONQsR7NnkgMZAvT
+TQiqiLIyK2vv5K2zGANKuWrwzWcUBYTSmle/U8yrHBQ7SLTU7k6Qwg56kZApo1K
YwAsJ1LxS9HY0InCX4PtD9kTGiFPQ48RhZSXZXNmosH6v/xq0zmN7yb4KHgTw+m3
xkVi1640IrfvJ3Gg0jp7A5jb+Gcny9cCmMDzz9Xgl5TUvW6ANxcsRL1cUGuj8YMb
CAxqC0ZGweqcalcQWEAwPvjyd430VxIC+cO2I1w/3YMtM2MUmeFeoARVVNeH28o5
aBKymVUdhOWg5LQcAZet0/TVowIDAQABo4IDGjCCAxYwHQYDVR0OBBYEFC1UqgUv
u2mSDAeAMNyasmbGktcBMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvRERBNUVDQUEw
MTIxMTFFRTlCQkIwQTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaMGCCsGAQUFBwEHAQH/
BIGTMIGQMIGNBAIAATCBhgMEAD0wigMEAj0wpAMEBD0yAAMEAD2H4wMEA2/CEAME
BHLxsAMEA3L8iDAMAwQAcv4LAwQAcv4MAwQDe3BYAwQDe3WQAwQEe3XwAwQFe36g
AwQFe37gAwQDfEHIAwQGfSMAAwQAfSN3AwQAymAaAwQAymrsAwQC3dhAAwQC3dww
AwQD3d54MA0GCSqGSIb3DQEBCwUAA4IBAQA2DorIVkq5FkgQQBVhZnKJwUKOeqL6
+yi77j3Qjj74+hcGLUhmM2va31/fU83IyasXVOYCsMT8zeqJjDT+NFvLA7EU/Nzw
KZ8VUta/EvPbTE8Dbpo+/bG9ya19+gJk1efPXHiVQEPh0/bTG0DvNPinWdeRF4Tj
sQhVc0CEwoxkYvUQneS+3CAYtilAiLUSB+TpL8rS9amrTKVi13gix42Tnuc1qKz+
tcllCVmc1XFcJjrSnx8fflU0M+Y/OOgLd6QEC9a0ubGKBv76hEe50d+vQfxsQHva
qCP+zytaoovCLUErYs5KHNs/8opuF3NjWjPG1DaEifDSNFDeAX4bocF1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org