Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/961FD9EC05D411EE9ED75861C4F9AE02.roa
File: 961FD9EC05D411EE9ED75861C4F9AE02.roa (raw, json)
Hash identifier: 4An8vc+VpxLpRLnMJJQCSfPvZw3ylyOJnQKknKR8Jas=
Subject key identifier: 18:16:B7:73:07:60:CD:4E:28:60:12:AC:7A:03:EE:30:1A:1B:D4:AC
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1C4A
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/961FD9EC05D411EE9ED75861C4F9AE02.roa
Signing time: Thu 08 Jun 2023 08:15:11 +0000
ROA not before: Thu 08 Jun 2023 08:15:11 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 4812
IP address blocks: 116.232.0.0/16 maxlen: 22
124.74.0.0/17 maxlen: 24
124.74.128.0/17 maxlen: 24
124.75.0.0/16 maxlen: 16
124.76.0.0/15 maxlen: 22
124.78.0.0/15 maxlen: 22
202.96.194.0/24 maxlen: 24
202.101.0.0/19 maxlen: 24
202.101.32.0/19 maxlen: 19
202.109.0.0/18 maxlen: 18
202.109.64.0/18 maxlen: 18
202.109.72.0/23 maxlen: 23
218.1.0.0/16 maxlen: 24
218.30.132.0/24 maxlen: 24
222.68.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7242 (0x1c4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jun 8 08:15:11 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64818e0e-3b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8c:8a:f1:af:10:30:47:5c:84:1d:06:fa:53:
a2:a8:93:c6:06:42:fa:c2:db:2d:ce:50:d4:07:57:
05:9a:6a:54:1b:f1:09:43:9d:f1:0d:79:66:5d:af:
c7:79:e9:92:72:6d:af:9f:f8:be:c2:02:dd:8d:f9:
96:79:b4:9b:b9:4b:90:21:74:b8:eb:9a:04:2a:5f:
52:1c:c9:f3:13:f3:c0:b6:09:26:8d:50:b8:6d:d8:
08:73:1c:f6:ad:46:e5:54:17:28:88:a8:2e:23:d4:
2b:e1:f3:73:8f:64:c0:90:ae:0c:a1:ff:a3:80:de:
4a:4b:be:c6:04:89:54:0d:fe:91:72:06:73:55:7a:
97:41:da:a0:09:db:e6:a5:a1:2d:05:64:95:ca:e6:
42:05:eb:a2:fd:a7:4c:66:b1:5c:cf:12:ad:7e:e6:
97:31:dd:28:8e:91:a8:f0:cf:01:7c:1b:e5:fb:e2:
db:64:df:34:fb:fb:cb:3a:9b:4c:8f:be:2b:6d:4d:
fa:f2:7a:11:51:4b:18:97:66:8a:20:61:84:d9:af:
17:7d:09:f0:0a:30:52:4f:ad:5f:67:be:13:1f:dd:
72:02:c3:9b:8a:d9:4d:c3:b2:3d:95:e7:59:b7:6c:
1c:36:e5:31:c6:f1:f4:49:95:7c:76:af:5f:b6:aa:
cc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:16:B7:73:07:60:CD:4E:28:60:12:AC:7A:03:EE:30:1A:1B:D4:AC
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/961FD9EC05D411EE9ED75861C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.232.0.0/16
124.74.0.0-124.79.255.255
202.96.194.0/24
202.101.0.0/18
202.109.0.0/17
218.1.0.0/16
218.30.132.0/24
222.68.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:e6:f1:eb:be:70:89:2c:63:19:b5:dd:73:77:24:e3:20:45:
4b:0c:9a:84:49:42:58:20:0c:99:69:34:99:c9:e7:31:50:05:
46:79:b0:9b:4f:bc:05:22:61:cd:39:0e:dc:05:3d:8c:1b:43:
d3:0d:13:4f:81:ed:ba:55:92:3a:17:92:e5:32:10:f4:d6:36:
a3:28:93:11:44:73:3c:b7:17:85:f7:44:f1:28:43:94:82:08:
c7:bb:b5:51:bd:4b:1a:40:d5:13:c1:46:a5:5c:10:4d:4d:fb:
87:81:89:0d:75:5b:98:f6:f4:a5:9d:96:b2:23:88:fe:88:d8:
ad:5e:df:be:c3:c0:72:eb:ab:14:35:b2:9f:fd:cb:b5:ad:ee:
ba:ce:71:b3:ce:03:da:ff:7a:c6:13:25:51:f5:50:e6:54:05:
24:8a:fd:fc:c0:58:3a:45:7e:2a:84:1f:bf:e4:ff:78:5f:f6:
92:3e:77:1d:43:96:b6:10:a4:39:dd:1a:87:7e:55:2b:a8:28:
9d:f6:50:0f:c0:72:ca:4f:17:e8:6e:9b:63:20:5a:c2:9e:3e:
4f:9d:f9:dd:e9:76:5b:39:62:e4:6f:81:bc:70:85:e0:c2:3d:
ec:ac:72:e4:20:53:72:63:9d:32:07:cf:e2:0c:45:87:12:e4:
49:df:b1:18
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICHEowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjMwNjA4MDgxNTExWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxOGUwZS0zYjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu4yK8a8QMEdchB0G+lOiqJPGBkL6wtstzlDUB1cFmmpUG/EJQ53xDXlmXa/H
eemScm2vn/i+wgLdjfmWebSbuUuQIXS465oEKl9SHMnzE/PAtgkmjVC4bdgIcxz2
rUblVBcoiKguI9Qr4fNzj2TAkK4Mof+jgN5KS77GBIlUDf6RcgZzVXqXQdqgCdvm
paEtBWSVyuZCBeui/adMZrFczxKtfuaXMd0ojpGo8M8BfBvl++LbZN80+/vLOptM
j74rbU368noRUUsYl2aKIGGE2a8XfQnwCjBST61fZ74TH91yAsObitlNw7I9ledZ
t2wcNuUxxvH0SZV8dq9ftqrM0QIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFBgWt3MH
YM1OKGASrHoD7jAaG9SsMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvOTYxRkQ5RUMw
NUQ0MTFFRTlFRDc1ODYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQDAwB06DAKAwMBfEoDAwR8QAMEAMpgwgMEBsplAAMEB8ptAAMD
ANoBAwQA2h6EAwQE3kTwMA0GCSqGSIb3DQEBCwUAA4IBAQAP5vHrvnCJLGMZtd1z
dyTjIEVLDJqESUJYIAyZaTSZyecxUAVGebCbT7wFImHNOQ7cBT2MG0PTDRNPge26
VZI6F5LlMhD01jajKJMRRHM8txeF90TxKEOUggjHu7VRvUsaQNUTwUalXBBNTfuH
gYkNdVuY9vSlnZayI4j+iNitXt++w8By66sUNbKf/cu1re66znGzzgPa/3rGEyVR
9VDmVAUkiv38wFg6RX4qhB+/5P94X/aSPncdQ5a2EKQ53RqHflUrqCid9lAPwHLK
TxfobptjIFrCnj5Pnfnd6XZbOWLkb4G8cIXgwj3srHLkIFNyY50yB8/iDEWHEuRJ
37EY
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org