Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9144F59/44A6FF6400CB11E8BEB1EF10C4F9AE02/0C6D23DA4B8111EC8EB17D38C4F9AE02.roa
File: 0C6D23DA4B8111EC8EB17D38C4F9AE02.roa (raw, json)
Hash identifier: 1wUGNVhN1GcUvhWiVXNNcgRyFYklyUiSPor/RQe3q0g=
Subject key identifier: 90:1E:37:9E:57:6C:53:F4:7F:D7:6D:E6:6B:08:47:2C:27:5E:3D:AB
Certificate issuer: /CN=A9144F59/serialNumber=26743B1E4E0E90A19B240C0936979CA237688DF2
Certificate serial: 14DE
Authority key identifier: 26:74:3B:1E:4E:0E:90:A1:9B:24:0C:09:36:97:9C:A2:37:68:8D:F2
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JnQ7Hk4OkKGbJAwJNpecojdojfI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9144F59/44A6FF6400CB11E8BEB1EF10C4F9AE02/0C6D23DA4B8111EC8EB17D38C4F9AE02.roa
Signing time: Tue 06 Dec 2022 17:44:16 +0000
ROA not before: Tue 06 Dec 2022 17:44:16 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 55821
IP address blocks: 146.88.64.0/20 maxlen: 20
146.88.64.0/22 maxlen: 22
146.88.64.0/24 maxlen: 24
146.88.65.0/24 maxlen: 24
146.88.66.0/24 maxlen: 24
146.88.67.0/24 maxlen: 24
146.88.68.0/22 maxlen: 22
146.88.68.0/24 maxlen: 24
146.88.69.0/24 maxlen: 24
146.88.70.0/24 maxlen: 24
146.88.71.0/24 maxlen: 24
146.88.72.0/22 maxlen: 22
146.88.72.0/24 maxlen: 24
146.88.73.0/24 maxlen: 24
146.88.74.0/24 maxlen: 24
146.88.75.0/24 maxlen: 24
146.88.76.0/22 maxlen: 22
146.88.76.0/24 maxlen: 24
146.88.77.0/24 maxlen: 24
146.88.78.0/24 maxlen: 24
146.88.79.0/24 maxlen: 24
155.137.64.0/18 maxlen: 22
155.137.94.0/23 maxlen: 23
155.137.108.0/22 maxlen: 23
155.137.115.0/24 maxlen: 24
209.141.0.0/20 maxlen: 20
209.141.0.0/22 maxlen: 22
209.141.4.0/23 maxlen: 23
209.141.5.0/24 maxlen: 24
209.141.6.0/23 maxlen: 23
209.141.8.0/23 maxlen: 23
209.141.10.0/24 maxlen: 24
209.141.11.0/24 maxlen: 24
209.141.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5342 (0x14de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9144F59
Validity
Not Before: Dec 6 17:44:16 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=638f7f70-1a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c6:59:8f:99:84:12:dc:a9:92:a9:93:0b:fb:
c0:4a:35:47:38:9c:40:af:e5:4f:64:07:e2:55:ec:
0c:d3:60:73:d6:50:f6:65:4e:41:df:2d:80:38:4f:
50:56:44:8c:df:19:a7:95:0a:8c:5d:ec:ab:dd:a8:
b3:26:83:8b:e7:57:0f:b9:6c:22:ad:ab:dd:7f:5a:
12:d7:29:73:1e:cc:07:06:1b:4d:14:f9:18:76:1f:
63:11:7f:7b:b9:b2:92:07:55:9e:b6:cf:4e:99:63:
1c:c6:26:4e:1c:ed:e3:2e:ba:04:55:ed:c2:fb:18:
f5:e0:94:2d:95:5d:b2:fc:ac:e7:2b:1d:48:fe:fd:
40:63:af:d1:91:cb:aa:19:9d:c0:8b:52:85:82:0f:
90:94:15:9b:fd:fa:cc:d4:f9:06:0c:ba:57:7e:6b:
30:11:05:55:52:d7:eb:05:57:9e:61:39:c2:ad:05:
c3:a4:72:9d:96:d1:cd:75:ea:4f:5f:e3:bf:51:17:
35:aa:f1:84:50:3b:d7:a8:4a:84:65:18:01:00:4e:
7d:3e:13:3c:14:52:18:84:28:e1:b5:33:ff:cc:89:
6d:6f:37:e3:7a:3a:31:31:8a:67:3e:df:1a:56:a0:
98:56:7d:63:ad:9c:05:da:45:6d:1d:be:01:4e:c4:
f2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1E:37:9E:57:6C:53:F4:7F:D7:6D:E6:6B:08:47:2C:27:5E:3D:AB
X509v3 Authority Key Identifier:
keyid:26:74:3B:1E:4E:0E:90:A1:9B:24:0C:09:36:97:9C:A2:37:68:8D:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9144F59/44A6FF6400CB11E8BEB1EF10C4F9AE02/JnQ7Hk4OkKGbJAwJNpecojdojfI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JnQ7Hk4OkKGbJAwJNpecojdojfI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9144F59/44A6FF6400CB11E8BEB1EF10C4F9AE02/0C6D23DA4B8111EC8EB17D38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
146.88.64.0/20
155.137.64.0/18
209.141.0.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:70:28:d2:e3:7a:f1:2a:2a:58:71:89:02:e7:36:87:ba:e9:
57:d6:90:2b:b3:fc:e8:a9:cb:33:3f:fc:73:2d:4b:68:7e:94:
50:68:d0:71:c1:9c:eb:98:21:c5:97:66:5f:dc:9c:d1:05:b2:
60:bb:6b:d9:ba:86:4c:4c:5d:e4:2d:e9:0f:d5:af:4c:6b:b2:
e4:79:e0:8d:39:98:8c:61:df:b5:f0:b7:0a:0a:92:79:3f:eb:
57:23:cf:e4:86:5e:67:f8:84:26:6c:4d:4f:b7:54:18:31:bf:
ed:3c:ca:f9:29:24:9e:17:c8:3d:c0:84:14:21:2d:e7:f8:ff:
e8:3e:fd:66:4e:ad:7e:0f:47:e2:a7:45:2d:88:2f:94:58:9c:
9b:3c:61:3f:8c:54:b2:74:4a:63:38:e4:bf:d6:10:c7:c5:9c:
5c:f5:b1:dd:39:6f:74:a4:cf:c1:87:d6:de:e9:ae:dd:a2:3f:
9a:74:15:77:63:b0:8a:84:70:0e:23:77:d2:18:64:ea:c7:88:
70:b4:13:60:51:f6:c8:88:43:fc:c2:b1:84:e9:a7:de:b5:b4:
50:a8:7c:5d:84:96:6d:19:27:bb:43:b5:14:43:fc:33:b1:6b:
19:76:e6:fc:66:60:d7:c0:59:f0:06:7d:e8:c2:90:c7:3f:d8:
bf:c6:c3:73
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICFN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDRGNTkxMTAvBgNVBAUTKDI2NzQzQjFFNEUwRTkwQTE5QjI0MEMwOTM2OTc5Q0Ey
Mzc2ODhERjIwHhcNMjIxMjA2MTc0NDE2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhmN2Y3MC0xYTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr8ZZj5mEEtypkqmTC/vASjVHOJxAr+VPZAfiVewM02Bz1lD2ZU5B3y2AOE9Q
VkSM3xmnlQqMXeyr3aizJoOL51cPuWwiravdf1oS1ylzHswHBhtNFPkYdh9jEX97
ubKSB1Wets9OmWMcxiZOHO3jLroEVe3C+xj14JQtlV2y/KznKx1I/v1AY6/Rkcuq
GZ3Ai1KFgg+QlBWb/frM1PkGDLpXfmswEQVVUtfrBVeeYTnCrQXDpHKdltHNdepP
X+O/URc1qvGEUDvXqEqEZRgBAE59PhM8FFIYhCjhtTP/zIltbzfjejoxMYpnPt8a
VqCYVn1jrZwF2kVtHb4BTsTyvQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJAeN55X
bFP0f9dt5msIRywnXj2rMB8GA1UdIwQYMBaAFCZ0Ox5ODpChmyQMCTaXnKI3aI3y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NEY1OS80NEE2RkY2NDAw
Q0IxMUU4QkVCMUVGMTBDNEY5QUUwMi9KblE3SGs0T2tLR2JKQXdKTnBlY29qZG9q
ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0puUTdIazRPa0tHYkpBd0pOcGVjb2pkb2pmSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDRGNTkvNDRBNkZGNjQwMENCMTFFOEJFQjFFRjEwQzRGOUFFMDIvMEM2RDIzREE0
QjgxMTFFQzhFQjE3RDM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBASSWEADBAabiUADBATRjQAwDQYJKoZIhvcNAQELBQADggEB
AKRwKNLjevEqKlhxiQLnNoe66VfWkCuz/OipyzM//HMtS2h+lFBo0HHBnOuYIcWX
Zl/cnNEFsmC7a9m6hkxMXeQt6Q/Vr0xrsuR54I05mIxh37XwtwoKknk/61cjz+SG
Xmf4hCZsTU+3VBgxv+08yvkpJJ4XyD3AhBQhLef4/+g+/WZOrX4PR+KnRS2IL5RY
nJs8YT+MVLJ0SmM45L/WEMfFnFz1sd05b3Skz8GH1t7prt2iP5p0FXdjsIqEcA4j
d9IYZOrHiHC0E2BR9siIQ/zCsYTpp961tFCofF2Elm0ZJ7tDtRRD/DOxaxl25vxm
YNfAWfAGfejCkMc/2L/Gw3M=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:33 2025 by rpki-client