Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/701FE9E22A0F11EB899B5663C4F9AE02.roa
File: 701FE9E22A0F11EB899B5663C4F9AE02.roa (raw, json)
Hash identifier: oQMvoHiSHsasu30CTb2qYAUy+NfsTnLeaA7csYBgd3g=
Subject key identifier: 6C:30:44:31:01:74:45:51:16:D7:F9:94:70:1A:15:0C:A9:67:1E:8C
Certificate issuer: /CN=A9146AD7/serialNumber=BAF5ADA32CA0D34CF3CCF53ABDF86DE6F8ED9005
Certificate serial: 15CA
Authority key identifier: BA:F5:AD:A3:2C:A0:D3:4C:F3:CC:F5:3A:BD:F8:6D:E6:F8:ED:90:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uvWtoyyg00zzzPU6vfht5vjtkAU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/701FE9E22A0F11EB899B5663C4F9AE02.roa
Signing time: Sun 03 Apr 2022 10:23:39 +0000
ROA not before: Sun 03 Apr 2022 10:23:39 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 4768
IP address blocks: 121.72.0.0/15 maxlen: 15
202.37.61.0/24 maxlen: 24
202.78.128.0/19 maxlen: 21
203.79.68.0/23 maxlen: 23
203.79.116.0/22 maxlen: 22
203.97.0.0/17 maxlen: 17
203.97.24.0/24 maxlen: 24
203.97.30.0/24 maxlen: 24
203.97.32.0/21 maxlen: 21
203.97.46.0/24 maxlen: 24
203.97.96.0/20 maxlen: 20
203.97.112.0/20 maxlen: 20
203.97.128.0/17 maxlen: 17
203.97.169.0/24 maxlen: 24
203.97.170.0/23 maxlen: 23
203.97.172.0/23 maxlen: 23
203.97.174.0/24 maxlen: 24
203.97.183.0/24 maxlen: 24
203.97.184.0/23 maxlen: 23
203.97.212.0/22 maxlen: 22
203.97.216.0/23 maxlen: 23
203.97.218.0/24 maxlen: 24
203.97.220.0/22 maxlen: 22
203.97.233.0/24 maxlen: 24
203.97.234.0/23 maxlen: 23
203.97.236.0/24 maxlen: 24
203.97.238.0/23 maxlen: 23
203.97.240.0/24 maxlen: 24
203.97.247.0/24 maxlen: 24
203.97.248.0/21 maxlen: 21
203.98.0.0/18 maxlen: 18
203.98.21.0/24 maxlen: 24
203.98.38.0/24 maxlen: 24
203.167.128.0/17 maxlen: 17
203.167.187.0/24 maxlen: 24
2001:4400::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5578 (0x15ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146AD7/serialNumber=BAF5ADA32CA0D34CF3CCF53ABDF86DE6F8ED9005
Validity
Not Before: Apr 3 10:23:39 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=624975aa-1842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bb:14:38:44:eb:1b:60:1d:7e:c3:02:44:45:
c1:bf:6d:6b:aa:52:76:16:34:9e:22:e5:2f:ba:f6:
9e:18:46:ac:19:85:ce:d5:ea:fd:d7:e4:af:e5:dd:
35:78:97:a0:60:58:a7:d4:39:e3:29:51:8f:3d:d2:
d0:be:c1:ea:a7:3e:6a:ab:ed:4e:9c:b4:f7:0f:e9:
be:81:5e:bb:02:4c:34:c4:84:c3:d2:15:1b:98:67:
d7:98:eb:25:50:ac:55:ac:9f:81:cc:b8:15:ad:75:
24:50:3e:0d:cf:02:32:87:30:e2:77:d5:48:ad:cc:
73:36:86:3e:3b:ae:ae:b1:17:16:c9:9c:80:71:4a:
4d:da:9b:54:64:4b:68:19:c2:10:19:16:54:9f:28:
02:b0:8e:87:e2:03:0d:7b:60:54:8a:39:50:5b:cc:
31:93:2b:52:8b:03:af:c0:66:f8:fd:3b:6f:81:4d:
cb:08:34:05:6f:7b:9d:68:be:76:b3:1f:e0:ba:c9:
74:64:58:09:13:ec:2d:b7:16:10:6f:46:f6:a8:a4:
c8:9f:ba:bd:c7:cb:35:3e:66:b0:4c:d0:93:6b:6b:
57:b3:a0:7c:47:7c:66:6e:03:b6:58:7b:5f:43:19:
1d:0e:be:16:8e:70:f7:8a:a3:17:56:97:37:f9:05:
79:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:30:44:31:01:74:45:51:16:D7:F9:94:70:1A:15:0C:A9:67:1E:8C
X509v3 Authority Key Identifier:
keyid:BA:F5:AD:A3:2C:A0:D3:4C:F3:CC:F5:3A:BD:F8:6D:E6:F8:ED:90:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/uvWtoyyg00zzzPU6vfht5vjtkAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uvWtoyyg00zzzPU6vfht5vjtkAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/701FE9E22A0F11EB899B5663C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.72.0.0/15
202.37.61.0/24
202.78.128.0/19
203.79.68.0/23
203.79.116.0/22
203.97.0.0-203.98.63.255
203.167.128.0/17
IPv6:
2001:4400::/31
Signature Algorithm: sha256WithRSAEncryption
f3:c7:49:92:72:16:9f:e5:d3:57:9d:4f:dd:78:ef:7e:6f:85:
b5:f2:15:ea:ed:91:9f:cc:4a:dd:fb:90:55:fc:8b:07:12:45:
37:4a:69:cd:4e:73:ef:e0:4e:74:60:ce:18:c8:ab:10:7d:f1:
cf:eb:5e:44:44:b7:dc:5e:1f:c3:d4:12:b0:d8:d5:04:b0:1a:
6f:83:42:4b:a1:bd:de:94:c0:f3:db:72:01:65:49:9e:02:d8:
5d:48:58:a6:4e:c0:9b:de:37:27:df:aa:73:10:b6:86:86:00:
b4:95:16:e4:70:c3:17:8a:7e:04:ee:f3:4b:dd:47:40:a1:9c:
42:25:44:a4:b7:23:80:ea:a7:9a:54:87:12:80:50:f9:27:8e:
f5:d6:21:1b:8d:fe:2e:26:3a:3d:50:f8:79:59:74:3f:4b:38:
5b:b9:c4:42:eb:88:58:89:be:15:e4:e0:8a:91:78:f0:51:dc:
6e:22:0b:33:cf:83:5c:da:1b:c1:2e:c9:d3:12:52:fd:83:31:
e1:1f:7c:e4:0c:49:ae:2d:77:7e:65:71:0d:ac:99:dd:d5:f0:
41:b3:3f:04:40:b8:66:c0:ca:43:17:04:05:64:b8:cd:0f:6f:
11:c9:e8:08:79:b1:e7:9b:5d:a6:f8:ae:65:e6:e1:5f:82:37:
0c:75:ab:fe
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICFcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZBRDcxMTAvBgNVBAUTKEJBRjVBREEzMkNBMEQzNENGM0NDRjUzQUJERjg2REU2
RjhFRDkwMDUwHhcNMjIwNDAzMTAyMzM5WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQ5NzVhYS0xODQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAybsUOETrG2AdfsMCREXBv21rqlJ2FjSeIuUvuvaeGEasGYXO1er91+Sv5d01
eJegYFin1DnjKVGPPdLQvsHqpz5qq+1OnLT3D+m+gV67Akw0xITD0hUbmGfXmOsl
UKxVrJ+BzLgVrXUkUD4NzwIyhzDid9VIrcxzNoY+O66usRcWyZyAcUpN2ptUZEto
GcIQGRZUnygCsI6H4gMNe2BUijlQW8wxkytSiwOvwGb4/TtvgU3LCDQFb3udaL52
sx/gusl0ZFgJE+wttxYQb0b2qKTIn7q9x8s1PmawTNCTa2tXs6B8R3xmbgO2WHtf
QxkdDr4WjnD3iqMXVpc3+QV5XwIDAQABo4ICzjCCAsowHQYDVR0OBBYEFGwwRDEB
dEVRFtf5lHAaFQypZx6MMB8GA1UdIwQYMBaAFLr1raMsoNNM88z1Or34beb47ZAF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkFENy9GOEJBQkFDQThC
ODkxMUU3OTAxMTVDM0ZDNEY5QUUwMi91dld0b3l5ZzAwenp6UFU2dmZodDV2anRr
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3V2V3RveXlnMDB6enpQVTZ2Zmh0NXZqdGtBVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDZBRDcvRjhCQUJBQ0E4Qjg5MTFFNzkwMTE1QzNGQzRGOUFFMDIvNzAxRkU5RTIy
QTBGMTFFQjg5OUI1NjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADAwF5SAMEAMolPQMEBcpOgAMEActPRAMEAstPdDALAwMAy2ED
BAbLYgADBAfLp4AwDQQCAAIwBwMFASABRAAwDQYJKoZIhvcNAQELBQADggEBAPPH
SZJyFp/l01edT914735vhbXyFertkZ/MSt37kFX8iwcSRTdKac1Oc+/gTnRgzhjI
qxB98c/rXkREt9xeH8PUErDY1QSwGm+DQkuhvd6UwPPbcgFlSZ4C2F1IWKZOwJve
NyffqnMQtoaGALSVFuRwwxeKfgTu80vdR0ChnEIlRKS3I4Dqp5pUhxKAUPknjvXW
IRuN/i4mOj1Q+HlZdD9LOFu5xELriFiJvhXk4IqRePBR3G4iCzPPg1zaG8EuydMS
Uv2DMeEffOQMSa4td35lcQ2smd3V8EGzPwRAuGbAykMXBAVkuM0PbxHJ6Ah5seeb
Xab4rmXm4V+CNwx1q/4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:38 2023 by rpki-client on console-ams.rpki-client.org