Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/EB948A4E05B111EEB557BC73C4F9AE02.roa
File: EB948A4E05B111EEB557BC73C4F9AE02.roa (raw, json)
Hash identifier: pEuNhez2fH59/0bfdMh5KQTXwa29LpWg9btd5eGWclk=
Subject key identifier: 1F:90:86:CD:66:27:63:8A:8A:3B:6B:5D:A9:8E:2D:B1:98:AB:2C:63
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 1998
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/EB948A4E05B111EEB557BC73C4F9AE02.roa
Signing time: Thu 08 Jun 2023 04:07:02 +0000
ROA not before: Thu 08 Jun 2023 04:07:02 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 140726
IP address blocks: 58.242.0.0/21 maxlen: 21
58.242.32.0/21 maxlen: 21
203.93.240.0/21 maxlen: 21
218.104.64.0/24 maxlen: 24
218.104.65.0/24 maxlen: 24
218.104.68.0/24 maxlen: 24
218.104.69.0/24 maxlen: 24
218.104.70.0/24 maxlen: 24
218.104.71.0/24 maxlen: 24
218.104.72.0/24 maxlen: 24
218.104.73.0/24 maxlen: 24
218.104.74.0/24 maxlen: 24
218.104.75.0/24 maxlen: 24
218.104.76.0/24 maxlen: 24
218.104.77.0/24 maxlen: 24
218.104.78.0/24 maxlen: 24
218.104.79.0/24 maxlen: 24
220.248.224.0/24 maxlen: 24
220.248.226.0/24 maxlen: 24
220.248.228.0/24 maxlen: 24
220.248.229.0/24 maxlen: 24
220.248.230.0/24 maxlen: 24
220.248.231.0/24 maxlen: 24
220.248.232.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6552 (0x1998)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 04:07:02 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=648153e5-9c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4b:73:2e:7c:d8:3e:0b:5b:94:f0:27:76:2b:
bc:fe:54:c7:d5:59:94:d6:9f:b3:bf:63:7e:79:55:
7b:d3:e4:2d:b5:81:59:9b:55:0f:f7:b5:1d:39:56:
3f:5b:c1:56:2f:80:09:1f:52:c1:d8:8c:76:58:ae:
e1:d9:ab:74:33:52:eb:51:c7:53:2d:8f:13:49:e6:
55:63:29:14:c1:e9:e6:23:c4:71:e8:ae:3f:d0:c8:
12:64:7d:08:51:1f:40:9b:ee:b8:db:c2:59:55:f2:
09:df:c9:da:e8:87:d6:f2:c7:07:a3:b2:d2:cc:f1:
c7:80:70:3c:83:fb:62:33:56:09:23:d0:ad:7b:f5:
fb:ff:e1:22:cb:2e:8f:39:dd:17:83:71:05:c2:f9:
8e:a2:6b:53:00:6e:98:7b:8c:d8:9e:8e:7f:90:4a:
38:3c:8f:6a:45:bf:97:d7:71:3a:f2:76:e6:1b:38:
bf:eb:6d:7a:05:cc:9b:42:14:3b:5e:45:f4:8b:fe:
78:ed:38:4c:af:78:03:62:8c:36:f0:66:00:d4:b6:
a0:8c:44:a9:93:10:60:cd:36:b2:45:ec:5d:3b:85:
b0:27:05:26:99:50:71:89:45:41:b3:52:33:02:b9:
39:2f:f2:5a:29:95:10:f7:7a:a4:75:8b:3e:14:ab:
e6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:90:86:CD:66:27:63:8A:8A:3B:6B:5D:A9:8E:2D:B1:98:AB:2C:63
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/EB948A4E05B111EEB557BC73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.242.0.0/21
58.242.32.0/21
203.93.240.0/21
218.104.64.0/23
218.104.68.0-218.104.79.255
220.248.224.0/24
220.248.226.0/24
220.248.228.0-220.248.232.255
Signature Algorithm: sha256WithRSAEncryption
47:50:c3:a3:85:36:9c:e7:11:a4:9c:6e:c9:58:cd:b4:54:f4:
fe:95:3f:e3:57:f0:27:34:52:55:91:58:5d:94:70:42:07:91:
b4:64:76:ff:c8:9b:9b:8a:64:38:1c:3c:18:b8:1e:34:03:2a:
b5:c2:28:59:68:ff:93:e9:d4:1b:10:57:92:30:87:2e:10:57:
56:d7:2e:77:3f:0f:09:15:24:c6:fb:9b:0b:2c:ea:51:e4:ba:
ca:75:59:3a:d1:f9:0b:c9:b4:4a:10:92:ae:4c:eb:ac:ef:69:
12:06:f4:0f:26:3c:df:04:04:d1:59:54:ad:d9:96:fb:8a:07:
3b:81:0d:c1:1d:a5:11:6e:41:65:0c:8d:2d:b8:47:63:69:cb:
a7:61:eb:d1:74:3f:c8:77:27:a3:1f:49:2a:dd:cc:0e:5a:15:
13:eb:81:62:b3:ae:1d:0d:55:96:9d:51:81:5c:ce:5b:a8:66:
f8:4b:52:64:b3:60:f7:93:62:33:9b:4f:14:f9:fc:b8:18:c6:
5d:56:e3:f0:09:6d:13:43:4d:f7:cb:05:db:90:92:5c:f8:35:
f6:aa:65:6d:94:c2:42:6f:d4:61:d4:ba:af:09:df:a0:6b:23:
0a:23:56:01:a2:95:2e:f6:22:c7:0a:4c:17:fc:de:c9:aa:43:
20:ae:cc:41
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICGZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDQwNzAyWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxNTNlNS05YzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxktzLnzYPgtblPAndiu8/lTH1VmU1p+zv2N+eVV70+QttYFZm1UP97UdOVY/
W8FWL4AJH1LB2Ix2WK7h2at0M1LrUcdTLY8TSeZVYykUwenmI8Rx6K4/0MgSZH0I
UR9Am+6428JZVfIJ38na6IfW8scHo7LSzPHHgHA8g/tiM1YJI9Cte/X7/+Eiyy6P
Od0Xg3EFwvmOomtTAG6Ye4zYno5/kEo4PI9qRb+X13E68nbmGzi/6216BcybQhQ7
XkX0i/547ThMr3gDYow28GYA1LagjESpkxBgzTayRexdO4WwJwUmmVBxiUVBs1Iz
Ark5L/JaKZUQ93qkdYs+FKvmOQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFB+Qhs1m
J2OKijtrXamOLbGYqyxjMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvRUI5NDhBNEUw
NUIxMTFFRUI1NTdCQzczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBAM68gADBAM68iADBAPLXfADBAHaaEAwDAMEAtpoRAMEBNpo
QAMEANz44AMEANz44jAMAwQC3PjkAwQA3PjoMA0GCSqGSIb3DQEBCwUAA4IBAQBH
UMOjhTac5xGknG7JWM20VPT+lT/jV/AnNFJVkVhdlHBCB5G0ZHb/yJubimQ4HDwY
uB40Ayq1wihZaP+T6dQbEFeSMIcuEFdW1y53Pw8JFSTG+5sLLOpR5LrKdVk60fkL
ybRKEJKuTOus72kSBvQPJjzfBATRWVSt2Zb7igc7gQ3BHaURbkFlDI0tuEdjacun
YevRdD/IdyejH0kq3cwOWhUT64Fis64dDVWWnVGBXM5bqGb4S1Jks2D3k2Izm08U
+fy4GMZdVuPwCW0TQ033ywXbkJJc+DX2qmVtlMJCb9Rh1LqvCd+gayMKI1YBopUu
9iLHCkwX/N7JqkMgrsxB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org