Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/F0B407C6E71611ECA4C60269C4F9AE02.roa
File: F0B407C6E71611ECA4C60269C4F9AE02.roa (raw, json)
Hash identifier: lqyUNfQECSCwWYnqF9UvvSKxqSihj3k1ELp3ILyAegs=
Subject key identifier: 26:76:33:1B:C5:B7:C9:D5:C9:DB:B3:08:6A:74:71:19:5E:27:1E:3F
Certificate issuer: /CN=A915CCEA/serialNumber=862B73B9CE3504B0BA241D14FDAC0EC4B4E4ADC2
Certificate serial: 064C
Authority key identifier: 86:2B:73:B9:CE:35:04:B0:BA:24:1D:14:FD:AC:0E:C4:B4:E4:AD:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/F0B407C6E71611ECA4C60269C4F9AE02.roa
Signing time: Wed 08 Jun 2022 10:37:06 +0000
ROA not before: Wed 08 Jun 2022 10:37:06 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 3300
IP address blocks: 61.14.0.0/18 maxlen: 18
61.14.1.0/24 maxlen: 24
61.14.2.0/23 maxlen: 23
61.14.4.0/22 maxlen: 22
61.14.7.0/24 maxlen: 24
61.14.8.0/22 maxlen: 22
61.14.11.0/24 maxlen: 24
61.14.12.0/24 maxlen: 24
61.14.15.0/24 maxlen: 24
61.14.24.0/22 maxlen: 22
61.14.24.0/24 maxlen: 24
61.14.25.0/24 maxlen: 24
61.14.26.0/24 maxlen: 24
61.14.27.0/24 maxlen: 24
61.14.28.0/22 maxlen: 22
61.14.31.0/24 maxlen: 24
61.14.32.0/22 maxlen: 22
61.14.32.0/24 maxlen: 24
61.14.33.0/24 maxlen: 24
61.14.34.0/24 maxlen: 24
61.14.35.0/24 maxlen: 24
61.14.36.0/24 maxlen: 24
61.14.40.0/22 maxlen: 22
61.14.44.0/22 maxlen: 22
61.14.48.0/22 maxlen: 22
61.14.52.0/24 maxlen: 24
203.187.128.0/19 maxlen: 19
203.187.128.0/22 maxlen: 22
203.187.128.0/24 maxlen: 24
203.187.129.0/24 maxlen: 24
203.187.130.0/24 maxlen: 24
203.187.131.0/24 maxlen: 24
203.187.145.0/24 maxlen: 24
203.187.146.0/24 maxlen: 24
2402:fb00::/32 maxlen: 32
2402:fb00::/36 maxlen: 36
2402:fb00:f00::/40 maxlen: 40
2402:fb00:1000::/36 maxlen: 36
2402:fb00:1f00::/40 maxlen: 40
2402:fb00:2000::/36 maxlen: 36
2402:fb00:2f00::/40 maxlen: 40
2402:fb00:3000::/36 maxlen: 36
2402:fb00:3f00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612 (0x64c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915CCEA/serialNumber=862B73B9CE3504B0BA241D14FDAC0EC4B4E4ADC2
Validity
Not Before: Jun 8 10:37:06 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62a07bd1-d2ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b1:50:53:72:a2:c1:6b:fb:dc:4b:f1:d5:2a:
bf:91:66:76:1d:e1:f9:ee:42:b5:15:49:9c:e5:60:
3a:8e:c3:7f:8f:c7:cc:be:6c:35:43:26:77:1a:66:
b1:37:10:3c:ed:e4:a1:f0:97:b9:31:a6:43:8f:85:
5d:6b:6f:77:41:65:e0:bb:0c:ac:43:f4:cf:30:df:
be:25:6a:a4:83:38:eb:ea:29:af:4d:ac:69:7a:3a:
86:90:00:b4:db:00:d6:a0:3f:f0:1e:cc:a1:b0:7e:
fc:75:ab:ec:a6:b9:9e:25:fc:76:65:ba:8e:5d:f4:
e1:b4:44:d7:bf:93:14:86:9a:ff:de:47:00:ba:45:
a4:7d:45:db:61:fe:da:19:94:e5:e4:8d:dc:e0:86:
f4:fb:82:2c:77:19:04:93:b8:2b:4c:a1:0e:02:a9:
b2:55:ed:52:c0:1b:2c:cf:7f:22:34:6b:9f:2e:b5:
b2:cc:87:3d:cf:02:c3:6b:a3:72:0d:c5:4c:06:05:
12:02:99:f9:74:3b:fb:af:d2:8d:1a:67:f2:0a:b5:
2c:6e:2f:3c:32:76:21:7b:74:a4:85:b9:ab:c0:b9:
c9:b5:26:6a:47:21:e7:f4:10:8e:0d:f9:7b:7d:9e:
5d:43:5a:37:93:9c:9f:ef:5a:e7:74:6a:78:cf:d6:
42:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:76:33:1B:C5:B7:C9:D5:C9:DB:B3:08:6A:74:71:19:5E:27:1E:3F
X509v3 Authority Key Identifier:
keyid:86:2B:73:B9:CE:35:04:B0:BA:24:1D:14:FD:AC:0E:C4:B4:E4:AD:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/hitzuc41BLC6JB0U_awOxLTkrcI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hitzuc41BLC6JB0U_awOxLTkrcI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915CCEA/406EF178A0C311EA8764236FC4F9AE02/F0B407C6E71611ECA4C60269C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.14.0.0/18
203.187.128.0/19
IPv6:
2402:fb00::/32
Signature Algorithm: sha256WithRSAEncryption
ae:ad:36:45:13:aa:e7:8e:01:bf:b4:be:72:d3:aa:25:78:32:
22:35:06:06:a3:aa:4a:18:2e:6c:5d:cf:84:0d:47:e2:9d:da:
f6:1b:76:c9:b1:1d:02:60:61:ab:86:ba:69:35:24:33:06:00:
cb:4c:03:64:87:2a:0e:5d:8c:4d:dd:f9:40:dd:66:d5:f4:df:
f2:e4:50:40:f1:2b:6e:0c:2e:cc:e3:9f:d5:48:b5:80:ef:14:
b3:d1:24:54:6f:c3:72:0c:3b:87:ab:e1:e1:12:9e:af:ba:a0:
18:6b:48:6c:0e:59:c1:b6:a5:93:d1:61:bb:7b:04:54:a1:c3:
c4:dd:a6:76:25:98:14:64:96:95:c8:82:64:09:9b:95:b9:58:
89:c5:db:83:80:58:c3:4e:39:3d:4d:b9:40:a4:16:37:d3:68:
da:ce:90:3b:f0:06:c4:ea:52:a4:89:89:84:a2:06:0e:f3:c8:
ce:69:17:75:10:59:80:d5:df:0e:c1:65:59:f0:3b:ab:d2:cb:
59:60:43:c4:aa:44:ce:af:ed:42:e0:71:b1:ac:b0:b2:26:0f:
e9:b5:30:e7:0e:34:e0:df:e6:24:db:b1:a9:e9:2f:f3:ec:e1:
28:0c:17:04:d5:36:12:77:72:de:f7:e4:1a:f7:fe:72:a4:08:
3b:78:81:7c
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBkwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUNDRUExMTAvBgNVBAUTKDg2MkI3M0I5Q0UzNTA0QjBCQTI0MUQxNEZEQUMwRUM0
QjRFNEFEQzIwHhcNMjIwNjA4MTAzNzA2WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmEwN2JkMS1kMmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy7FQU3KiwWv73Evx1Sq/kWZ2HeH57kK1FUmc5WA6jsN/j8fMvmw1QyZ3Gmax
NxA87eSh8Je5MaZDj4Vda293QWXguwysQ/TPMN++JWqkgzjr6imvTaxpejqGkAC0
2wDWoD/wHsyhsH78davsprmeJfx2ZbqOXfThtETXv5MUhpr/3kcAukWkfUXbYf7a
GZTl5I3c4Ib0+4IsdxkEk7grTKEOAqmyVe1SwBssz38iNGufLrWyzIc9zwLDa6Ny
DcVMBgUSApn5dDv7r9KNGmfyCrUsbi88MnYhe3SkhbmrwLnJtSZqRyHn9BCODfl7
fZ5dQ1o3k5yf71rndGp4z9ZCLQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCZ2MxvF
t8nVyduzCGp0cRleJx4/MB8GA1UdIwQYMBaAFIYrc7nONQSwuiQdFP2sDsS05K3C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Q0NFQS80MDZFRjE3OEEw
QzMxMUVBODc2NDIzNkZDNEY5QUUwMi9oaXR6dWM0MUJMQzZKQjBVX2F3T3hMVGty
Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hpdHp1YzQxQkxDNkpCMFVfYXdPeExUa3JjSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUNDRUEvNDA2RUYxNzhBMEMzMTFFQTg3NjQyMzZGQzRGOUFFMDIvRjBCNDA3QzZF
NzE2MTFFQ0E0QzYwMjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAY9DgADBAXLu4AwDQQCAAIwBwMFACQC+wAwDQYJKoZIhvcN
AQELBQADggEBAK6tNkUTqueOAb+0vnLTqiV4MiI1BgajqkoYLmxdz4QNR+Kd2vYb
dsmxHQJgYauGumk1JDMGAMtMA2SHKg5djE3d+UDdZtX03/LkUEDxK24MLszjn9VI
tYDvFLPRJFRvw3IMO4er4eESnq+6oBhrSGwOWcG2pZPRYbt7BFShw8TdpnYlmBRk
lpXIgmQJm5W5WInF24OAWMNOOT1NuUCkFjfTaNrOkDvwBsTqUqSJiYSiBg7zyM5p
F3UQWYDV3w7BZVnwO6vSy1lgQ8SqRM6v7ULgcbGssLImD+m1MOcONODf5iTbsanp
L/Ps4SgMFwTVNhJ3ct735Br3/nKkCDt4gXw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:43 2023 by rpki-client on console-fra.rpki-client.org