Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/698B438405D011EEA4EFFD5BC4F9AE02.roa
File: 698B438405D011EEA4EFFD5BC4F9AE02.roa (raw, json)
Hash identifier: 79rOa2iu8uWjs1a+LZOCnWvTUZr2CQ1PeQ4rGxBK3m4=
Subject key identifier: 9A:7D:55:4D:83:FD:64:5D:17:9A:A7:03:23:F9:3F:E2:EB:39:3D:B4
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1C48
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/698B438405D011EEA4EFFD5BC4F9AE02.roa
Signing time: Thu 08 Jun 2023 07:45:18 +0000
ROA not before: Thu 08 Jun 2023 07:45:18 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 4812
IP address blocks: 116.232.0.0/16 maxlen: 22
124.74.0.0/17 maxlen: 24
124.74.128.0/17 maxlen: 24
124.75.0.0/16 maxlen: 16
124.76.0.0/15 maxlen: 22
124.78.0.0/15 maxlen: 22
202.96.194.0/24 maxlen: 24
202.101.0.0/19 maxlen: 24
202.101.32.0/19 maxlen: 19
202.109.0.0/18 maxlen: 18
202.109.64.0/18 maxlen: 18
202.109.72.0/23 maxlen: 23
218.1.0.0/16 maxlen: 16
218.1.72.0/24 maxlen: 24
218.30.132.0/24 maxlen: 24
222.68.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7240 (0x1c48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jun 8 07:45:18 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6481870e-5451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7a:b6:e8:6f:45:e1:94:76:f9:a3:d1:85:64:
4b:99:49:86:13:51:54:6e:74:87:29:76:7b:21:2f:
74:f4:fb:95:fe:1c:17:bf:09:71:f9:ab:38:b3:c0:
d7:0f:28:58:67:b5:ca:7b:ba:a5:16:2b:66:7f:12:
2c:f2:79:ee:cd:89:ee:1f:ca:48:33:7d:e5:8d:a3:
43:a1:36:78:e5:0e:7d:ca:51:9c:75:ee:23:be:9c:
63:46:56:88:57:85:3d:f8:e8:91:a9:cc:57:0d:2e:
71:64:f5:41:ac:84:2c:5c:66:55:b7:d0:da:5d:30:
79:4a:f0:45:86:aa:50:c9:0a:2d:5b:cd:42:07:92:
e8:d2:f0:03:4f:3f:ab:fd:46:7a:9e:f1:78:07:d9:
e0:bb:49:d5:e6:5c:5a:76:32:e3:1b:f1:49:4f:9f:
14:69:4f:d9:af:57:d3:64:82:11:a0:f6:e8:6c:59:
36:af:05:9a:a0:d7:73:31:6a:7b:bc:1f:bd:4b:c9:
3b:ce:4c:9e:3e:b6:ca:65:07:32:68:47:ef:44:de:
79:ff:7f:d9:0d:db:7a:eb:64:7b:ec:e8:29:b0:d8:
af:1b:a1:a7:43:e5:33:81:e6:9d:be:13:8c:a2:59:
ee:07:4c:80:6e:58:43:79:95:23:fb:a7:10:5c:55:
7c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7D:55:4D:83:FD:64:5D:17:9A:A7:03:23:F9:3F:E2:EB:39:3D:B4
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/698B438405D011EEA4EFFD5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.232.0.0/16
124.74.0.0-124.79.255.255
202.96.194.0/24
202.101.0.0/18
202.109.0.0/17
218.1.0.0/16
218.30.132.0/24
222.68.240.0/20
Signature Algorithm: sha256WithRSAEncryption
6e:3a:7f:9d:d7:2b:07:8f:d2:c0:ce:57:f9:62:d0:24:54:b6:
45:de:4a:b5:45:19:5e:a1:1b:5b:97:07:06:a5:c1:18:71:48:
d3:6e:1b:ca:5c:0b:36:11:8f:5f:33:ae:53:bf:01:ea:a7:aa:
d7:8d:c2:b7:e6:ca:6e:5e:d8:00:2f:f4:54:3a:cb:c5:94:bc:
24:49:c9:e1:ca:b7:04:ad:dc:fc:a6:30:46:02:2f:dd:18:99:
b6:db:3f:74:5b:c6:39:a6:6c:b1:d6:90:c6:c9:d4:2a:f8:f0:
19:9b:c5:1d:b0:04:11:c7:0e:7f:97:a1:ee:8a:69:2c:ef:6c:
c4:9a:ab:32:98:10:f9:6e:b9:fa:94:7a:1f:b3:b1:e1:a1:06:
f2:4f:d5:30:6e:1d:f8:3d:1f:9a:7e:28:7e:6a:8e:f8:1b:4a:
95:3d:13:98:52:61:ef:32:af:43:b6:a7:02:53:eb:57:d2:b5:
10:0e:5c:0e:40:72:58:bb:88:c9:28:71:98:6c:50:de:92:91:
f1:e5:25:fd:e7:7a:d5:2a:1d:28:e4:cc:cf:d4:41:30:14:e4:
c8:17:d5:94:dc:88:7b:e6:4e:17:1c:e6:95:73:11:2b:40:e7:
a6:8a:fb:41:83:91:99:80:c4:11:b7:16:07:83:76:45:7d:51:
5f:10:ce:57
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICHEgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjMwNjA4MDc0NTE4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxODcwZS01NDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsHq26G9F4ZR2+aPRhWRLmUmGE1FUbnSHKXZ7IS909PuV/hwXvwlx+as4s8DX
DyhYZ7XKe7qlFitmfxIs8nnuzYnuH8pIM33ljaNDoTZ45Q59ylGcde4jvpxjRlaI
V4U9+OiRqcxXDS5xZPVBrIQsXGZVt9DaXTB5SvBFhqpQyQotW81CB5Lo0vADTz+r
/UZ6nvF4B9ngu0nV5lxadjLjG/FJT58UaU/Zr1fTZIIRoPbobFk2rwWaoNdzMWp7
vB+9S8k7zkyePrbKZQcyaEfvRN55/3/ZDdt662R77OgpsNivG6GnQ+UzgeadvhOM
olnuB0yAblhDeZUj+6cQXFV8RwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFJp9VU2D
/WRdF5qnAyP5P+LrOT20MB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNjk4QjQzODQw
NUQwMTFFRUE0RUZGRDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQDAwB06DAKAwMBfEoDAwR8QAMEAMpgwgMEBsplAAMEB8ptAAMD
ANoBAwQA2h6EAwQE3kTwMA0GCSqGSIb3DQEBCwUAA4IBAQBuOn+d1ysHj9LAzlf5
YtAkVLZF3kq1RRleoRtblwcGpcEYcUjTbhvKXAs2EY9fM65TvwHqp6rXjcK35spu
XtgAL/RUOsvFlLwkScnhyrcErdz8pjBGAi/dGJm22z90W8Y5pmyx1pDGydQq+PAZ
m8UdsAQRxw5/l6Huimks72zEmqsymBD5brn6lHofs7HhoQbyT9Uwbh34PR+afih+
ao74G0qVPROYUmHvMq9DtqcCU+tX0rUQDlwOQHJYu4jJKHGYbFDekpHx5SX953rV
Kh0o5MzP1EEwFOTIF9WU3Ih75k4XHOaVcxErQOemivtBg5GZgMQRtxYHg3ZFfVFf
EM5X
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org