Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148C7B/5BFCFF8CD63011EA940DA039C4F9AE02/C95150B667CE11EC912CC77AC4F9AE02.roa
File: C95150B667CE11EC912CC77AC4F9AE02.roa (raw, json)
Hash identifier: 2ogK+huFNkJAHvO/XAnm67x+qf06EJAdRH/SBDuPC90=
Subject key identifier: 32:8D:A0:E3:FF:63:93:F2:A1:E2:EC:E0:85:03:92:1F:C8:6E:79:7C
Certificate issuer: /CN=A9148C7B/serialNumber=7F79665E63BF3CD56DC24A0A70D57F9A942DD1B8
Certificate serial: 068A
Authority key identifier: 7F:79:66:5E:63:BF:3C:D5:6D:C2:4A:0A:70:D5:7F:9A:94:2D:D1:B8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/f3lmXmO_PNVtwkoKcNV_mpQt0bg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148C7B/5BFCFF8CD63011EA940DA039C4F9AE02/C95150B667CE11EC912CC77AC4F9AE02.roa
Signing time: Tue 08 Nov 2022 15:00:48 +0000
ROA not before: Tue 08 Nov 2022 15:00:48 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 138322
IP address blocks: 23.88.192.0/19 maxlen: 19
23.88.192.0/20 maxlen: 20
23.88.192.0/21 maxlen: 21
23.88.192.0/23 maxlen: 23
23.88.192.0/24 maxlen: 24
23.88.193.0/24 maxlen: 24
23.88.198.0/23 maxlen: 23
23.88.199.0/24 maxlen: 24
23.88.200.0/22 maxlen: 22
23.88.200.0/24 maxlen: 24
23.88.201.0/24 maxlen: 24
23.88.202.0/24 maxlen: 24
23.88.203.0/24 maxlen: 24
23.88.204.0/22 maxlen: 22
23.88.204.0/24 maxlen: 24
23.88.205.0/24 maxlen: 24
23.88.206.0/24 maxlen: 24
23.88.207.0/24 maxlen: 24
23.88.222.0/24 maxlen: 24
23.88.223.0/24 maxlen: 24
152.36.192.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1674 (0x68a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148C7B/serialNumber=7F79665E63BF3CD56DC24A0A70D57F9A942DD1B8
Validity
Not Before: Nov 8 15:00:48 2022 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=636a6f20-8f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e5:7e:9c:6e:0c:98:85:17:c0:cf:14:ba:62:
96:ac:4b:1c:c8:bd:d9:ef:b8:cf:af:a7:fb:5c:4b:
46:6d:18:36:6a:3d:f6:3d:83:33:4f:84:1b:d6:66:
74:d2:5b:66:81:0b:cd:26:af:a1:73:9a:84:9e:99:
7b:61:09:af:ae:67:0c:ce:1e:16:72:9c:82:bc:81:
2b:92:26:04:d6:aa:7a:b7:8a:0d:3b:21:e3:14:4f:
e0:fd:05:24:a7:5b:5d:44:5d:f5:1f:9e:87:b0:e8:
d4:5b:c8:3c:28:56:9f:0d:2f:3f:20:e2:4a:17:27:
22:8e:b0:94:50:a4:a9:65:89:bd:91:af:e3:4b:ac:
d3:98:3a:9f:f0:df:01:f8:53:12:3b:8e:d0:88:50:
89:8f:e1:bc:fa:b6:49:fe:54:2f:66:bb:33:49:aa:
67:86:26:e4:df:98:45:ac:02:b9:be:a4:3a:d9:32:
09:7c:ed:e9:a4:30:cf:71:97:82:23:15:af:a8:84:
1f:60:10:31:88:62:af:12:72:33:62:3d:46:7f:1e:
74:b2:f3:c8:26:9f:f2:35:c8:79:6c:d6:e1:c2:15:
11:be:fa:7f:b5:12:55:0c:f0:98:6f:0e:08:69:16:
97:d7:cd:67:bc:0b:4c:9e:10:b3:36:53:f5:97:95:
7f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8D:A0:E3:FF:63:93:F2:A1:E2:EC:E0:85:03:92:1F:C8:6E:79:7C
X509v3 Authority Key Identifier:
keyid:7F:79:66:5E:63:BF:3C:D5:6D:C2:4A:0A:70:D5:7F:9A:94:2D:D1:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148C7B/5BFCFF8CD63011EA940DA039C4F9AE02/f3lmXmO_PNVtwkoKcNV_mpQt0bg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/f3lmXmO_PNVtwkoKcNV_mpQt0bg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148C7B/5BFCFF8CD63011EA940DA039C4F9AE02/C95150B667CE11EC912CC77AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
23.88.192.0/19
152.36.192.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:65:40:c4:b1:9e:ab:02:dd:4e:1b:31:75:f6:45:35:58:a7:
3e:52:c5:cb:50:df:99:7c:b2:4d:dc:35:18:5a:9f:52:d1:b5:
cb:53:88:60:5d:55:d4:92:8b:97:8c:8a:72:a4:a2:0d:0f:17:
43:39:42:4a:fe:0b:e1:6d:f2:94:4a:3b:1d:91:51:f0:23:ca:
5c:72:81:46:b1:dc:29:41:4f:48:b8:f4:7f:1f:a7:c7:74:1c:
9d:13:37:0d:47:8e:ec:cb:b4:5a:be:fc:50:af:76:fb:ac:2e:
a7:58:78:1f:d9:ba:22:80:d9:1c:2c:e7:a1:37:57:a6:7f:31:
3e:5f:9b:9d:13:ca:dc:63:3b:42:07:03:03:7c:8d:ef:6e:f1:
01:5b:2a:ea:ee:e9:f3:43:78:45:6c:f5:82:d2:ab:28:d3:84:
8d:a8:a7:82:8c:56:ad:8c:b9:1e:e3:8b:bb:46:34:48:59:70:
5e:16:b4:37:c2:49:ec:bb:74:d6:4a:de:60:db:b7:45:88:26:
3f:85:30:ff:3f:05:59:ea:83:b3:d7:7a:23:62:86:77:18:6f:
db:75:ce:2f:70:ec:67:dd:44:16:d5:aa:f1:02:e6:50:65:e8:
86:5d:99:b4:de:34:42:cf:45:ec:b3:9d:23:de:55:8e:a4:7f:
86:de:9c:df
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhDN0IxMTAvBgNVBAUTKDdGNzk2NjVFNjNCRjNDRDU2REMyNEEwQTcwRDU3RjlB
OTQyREQxQjgwHhcNMjIxMTA4MTUwMDQ4WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZhNmYyMC04Zjc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0uV+nG4MmIUXwM8UumKWrEscyL3Z77jPr6f7XEtGbRg2aj32PYMzT4Qb1mZ0
0ltmgQvNJq+hc5qEnpl7YQmvrmcMzh4WcpyCvIErkiYE1qp6t4oNOyHjFE/g/QUk
p1tdRF31H56HsOjUW8g8KFafDS8/IOJKFycijrCUUKSpZYm9ka/jS6zTmDqf8N8B
+FMSO47QiFCJj+G8+rZJ/lQvZrszSapnhibk35hFrAK5vqQ62TIJfO3ppDDPcZeC
IxWvqIQfYBAxiGKvEnIzYj1Gfx50svPIJp/yNch5bNbhwhURvvp/tRJVDPCYbw4I
aRaX181nvAtMnhCzNlP1l5V/YQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDKNoOP/
Y5PyoeLs4IUDkh/Ibnl8MB8GA1UdIwQYMBaAFH95Zl5jvzzVbcJKCnDVf5qULdG4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEM3Qi81QkZDRkY4Q0Q2
MzAxMUVBOTQwREEwMzlDNEY5QUUwMi9mM2xtWG1PX1BOVnR3a29LY05WX21wUXQw
YmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2YzbG1YbU9fUE5WdHdrb0tjTlZfbXBRdDBiZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhDN0IvNUJGQ0ZGOENENjMwMTFFQTk0MERBMDM5QzRGOUFFMDIvQzk1MTUwQjY2
N0NFMTFFQzkxMkNDNzdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAUXWMADBAWYJMAwDQYJKoZIhvcNAQELBQADggEBADtlQMSx
nqsC3U4bMXX2RTVYpz5SxctQ35l8sk3cNRhan1LRtctTiGBdVdSSi5eMinKkog0P
F0M5Qkr+C+Ft8pRKOx2RUfAjylxygUax3ClBT0i49H8fp8d0HJ0TNw1HjuzLtFq+
/FCvdvusLqdYeB/ZuiKA2Rws56E3V6Z/MT5fm50TytxjO0IHAwN8je9u8QFbKuru
6fNDeEVs9YLSqyjThI2op4KMVq2MuR7ji7tGNEhZcF4WtDfCSey7dNZK3mDbt0WI
Jj+FMP8/BVnqg7PXeiNihncYb9t1zi9w7GfdRBbVqvEC5lBl6IZdmbTeNELPReyz
nSPeVY6kf4benN8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:58 2024 by rpki-client on console-ams.rpki-client.org