Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/E78D2A3EE7E711EC9B0A0D70C4F9AE02.roa
File: E78D2A3EE7E711EC9B0A0D70C4F9AE02.roa (raw, json)
Hash identifier: m5CKGarZmq4lZL9tb9lSE0CtmlnRZN+Mu88jzWWull8=
Subject key identifier: 67:16:14:5E:6B:0B:4A:3C:05:9B:8F:EF:D1:76:41:0C:F0:2E:B3:29
Certificate issuer: /CN=A915CCEA/serialNumber=862B73B9CE3504B0BA241D14FDAC0EC4B4E4ADC2
Certificate serial: 0657
Authority key identifier: 86:2B:73:B9:CE:35:04:B0:BA:24:1D:14:FD:AC:0E:C4:B4:E4:AD:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/E78D2A3EE7E711EC9B0A0D70C4F9AE02.roa
Signing time: Thu 09 Jun 2022 12:02:51 +0000
ROA not before: Thu 09 Jun 2022 12:02:51 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 3300
IP address blocks: 61.14.0.0/18 maxlen: 18
61.14.1.0/24 maxlen: 24
61.14.2.0/23 maxlen: 23
61.14.4.0/22 maxlen: 22
61.14.7.0/24 maxlen: 24
61.14.8.0/22 maxlen: 22
61.14.11.0/24 maxlen: 24
61.14.12.0/22 maxlen: 22
61.14.12.0/24 maxlen: 24
61.14.15.0/24 maxlen: 24
61.14.24.0/22 maxlen: 22
61.14.24.0/24 maxlen: 24
61.14.25.0/24 maxlen: 24
61.14.26.0/24 maxlen: 24
61.14.27.0/24 maxlen: 24
61.14.28.0/22 maxlen: 22
61.14.31.0/24 maxlen: 24
61.14.32.0/22 maxlen: 22
61.14.32.0/24 maxlen: 24
61.14.33.0/24 maxlen: 24
61.14.34.0/24 maxlen: 24
61.14.35.0/24 maxlen: 24
61.14.36.0/22 maxlen: 22
61.14.36.0/24 maxlen: 24
61.14.40.0/24 maxlen: 24
61.14.44.0/22 maxlen: 22
61.14.48.0/22 maxlen: 22
61.14.52.0/24 maxlen: 24
203.187.128.0/19 maxlen: 19
203.187.128.0/22 maxlen: 22
203.187.128.0/24 maxlen: 24
203.187.129.0/24 maxlen: 24
203.187.130.0/24 maxlen: 24
203.187.131.0/24 maxlen: 24
203.187.145.0/24 maxlen: 24
203.187.146.0/24 maxlen: 24
2402:fb00::/32 maxlen: 32
2402:fb00::/36 maxlen: 36
2402:fb00:f00::/40 maxlen: 40
2402:fb00:1000::/36 maxlen: 36
2402:fb00:1f00::/40 maxlen: 40
2402:fb00:2000::/36 maxlen: 36
2402:fb00:2f00::/40 maxlen: 40
2402:fb00:3000::/36 maxlen: 36
2402:fb00:3f00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1623 (0x657)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915CCEA/serialNumber=862B73B9CE3504B0BA241D14FDAC0EC4B4E4ADC2
Validity
Not Before: Jun 9 12:02:51 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62a1e16b-73f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:82:21:34:8e:7f:eb:3c:10:d8:6e:6e:ed:
a1:65:cd:45:a8:6d:be:08:bc:31:79:b5:35:1f:96:
82:b1:c0:4f:25:1c:a5:20:8a:c3:c9:69:62:ee:17:
9e:f1:9e:05:68:54:4e:05:71:6c:77:ea:a7:4d:da:
1a:12:b4:a9:a9:00:83:06:f8:9f:7b:79:77:0c:f1:
2f:7c:4e:74:b0:bc:f2:9c:fa:fa:f2:d8:38:e3:51:
0d:71:1b:8a:b9:c5:0a:11:69:bd:4b:bf:04:a6:05:
bb:b5:b3:6f:84:e5:77:f1:16:12:ff:84:2b:f2:10:
84:38:d3:4d:6a:a8:17:49:d8:31:dc:4a:72:9c:6c:
b1:3d:78:bd:5d:f8:55:97:76:47:9d:32:a0:93:f1:
a5:a0:7e:04:89:15:35:e3:86:b3:be:16:29:c8:35:
e3:f5:aa:82:b6:91:17:3c:fc:02:80:8a:c4:ee:cc:
22:37:5f:5f:13:8b:a5:fa:12:14:82:7b:29:17:ed:
67:87:58:f7:17:d7:9d:95:7a:ae:6c:bc:57:71:8d:
e8:b8:9b:f0:a5:06:84:0c:9b:64:f8:2e:8f:d3:da:
93:b4:4b:7f:2c:3f:22:3f:82:37:42:e0:f6:d1:69:
68:23:5b:e0:d0:97:80:97:45:d3:c9:5f:77:18:48:
23:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:16:14:5E:6B:0B:4A:3C:05:9B:8F:EF:D1:76:41:0C:F0:2E:B3:29
X509v3 Authority Key Identifier:
keyid:86:2B:73:B9:CE:35:04:B0:BA:24:1D:14:FD:AC:0E:C4:B4:E4:AD:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/hitzuc41BLC6JB0U_awOxLTkrcI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/E78D2A3EE7E711EC9B0A0D70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.14.0.0/18
203.187.128.0/19
IPv6:
2402:fb00::/32
Signature Algorithm: sha256WithRSAEncryption
b3:cc:13:1e:c3:cf:12:ef:02:5b:3e:a3:7a:7a:31:e5:48:2e:
11:61:19:6e:bf:74:b2:0f:d2:9c:73:20:1c:15:d6:71:5b:d0:
52:62:ad:d0:33:eb:2f:14:3b:9f:d8:a4:f6:d9:cb:d6:92:c1:
49:4d:27:6d:e2:67:be:d9:bd:a5:b5:ce:94:f3:9f:48:ec:ce:
a7:a1:c2:da:f2:b5:94:f2:28:4f:62:74:99:0f:5d:f7:7d:ea:
0a:f5:d1:50:65:2a:be:ae:ed:3c:b5:7b:d1:17:dd:f7:3a:04:
c1:bc:a4:79:9a:72:82:69:9c:04:90:f9:3d:cb:86:05:72:89:
c7:07:86:e2:0b:58:cb:bf:33:0a:ea:73:70:fe:10:11:a0:db:
8f:2a:ff:08:b9:6d:3c:3b:e3:32:c4:ff:8b:87:84:00:24:71:
63:53:48:b8:ed:8b:6f:44:ef:33:fd:1c:52:33:7f:d1:84:2c:
31:08:61:5b:fd:c0:19:da:d1:d2:4e:00:c8:13:47:1c:12:68:
fc:47:56:5e:3d:c0:7a:17:a4:51:32:4d:59:48:41:0b:40:3b:
9b:24:14:b4:0d:f3:c0:24:d3:8b:fe:44:45:87:1b:05:8c:51:
04:15:44:81:13:ef:40:5e:af:73:63:a9:8c:8e:bf:23:10:01:
1e:2f:6c:9a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUNDRUExMTAvBgNVBAUTKDg2MkI3M0I5Q0UzNTA0QjBCQTI0MUQxNEZEQUMwRUM0
QjRFNEFEQzIwHhcNMjIwNjA5MTIwMjUxWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmExZTE2Yi03M2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArnqCITSOf+s8ENhubu2hZc1FqG2+CLwxebU1H5aCscBPJRylIIrDyWli7hee
8Z4FaFROBXFsd+qnTdoaErSpqQCDBvife3l3DPEvfE50sLzynPr68tg441ENcRuK
ucUKEWm9S78EpgW7tbNvhOV38RYS/4Qr8hCEONNNaqgXSdgx3EpynGyxPXi9XfhV
l3ZHnTKgk/GloH4EiRU144azvhYpyDXj9aqCtpEXPPwCgIrE7swiN19fE4ul+hIU
gnspF+1nh1j3F9edlXqubLxXcY3ouJvwpQaEDJtk+C6P09qTtEt/LD8iP4I3QuD2
0WloI1vg0JeAl0XTyV93GEgj5QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGcWFF5r
C0o8BZuP79F2QQzwLrMpMB8GA1UdIwQYMBaAFIYrc7nONQSwuiQdFP2sDsS05K3C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Q0NFQS80MDZFRjE3OEEw
QzMxMUVBODc2NDIzNkZDNEY5QUUwMi9oaXR6dWM0MUJMQzZKQjBVX2F3T3hMVGty
Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hpdHp1YzQxQkxDNkpCMFVfYXdPeExUa3JjSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUNDRUEvNDA2RUYxNzhBMEMzMTFFQTg3NjQyMzZGQzRGOUFFMDIvRTc4RDJBM0VF
N0U3MTFFQzlCMEEwRDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAY9DgADBAXLu4AwDQQCAAIwBwMFACQC+wAwDQYJKoZIhvcN
AQELBQADggEBALPMEx7DzxLvAls+o3p6MeVILhFhGW6/dLIP0pxzIBwV1nFb0FJi
rdAz6y8UO5/YpPbZy9aSwUlNJ23iZ77ZvaW1zpTzn0jszqehwtrytZTyKE9idJkP
Xfd96gr10VBlKr6u7Ty1e9EX3fc6BMG8pHmacoJpnASQ+T3LhgVyiccHhuILWMu/
Mwrqc3D+EBGg248q/wi5bTw74zLE/4uHhAAkcWNTSLjti29E7zP9HFIzf9GELDEI
YVv9wBna0dJOAMgTRxwSaPxHVl49wHoXpFEyTVlIQQtAO5skFLQN88Ak04v+REWH
GwWMUQQVRIET70Ber3NjqYyOvyMQAR4vbJo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:43 2023 by rpki-client on console-fra.rpki-client.org