Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/B123AFA28B7E11EB8833C957C4F9AE02.roa
File: B123AFA28B7E11EB8833C957C4F9AE02.roa (raw, json)
Hash identifier: 6Vh0H9sjSAr6N43Zu9vRIQKJZrRPjoGJ1vFx5BhPp8U=
Subject key identifier: 1C:57:D4:78:99:19:00:7F:44:C9:B8:35:1E:CB:08:64:A4:0D:7E:84
Certificate issuer: /CN=A916A983/serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Certificate serial: 0DA2
Authority key identifier: 88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/B123AFA28B7E11EB8833C957C4F9AE02.roa
Signing time: Tue 27 Jul 2021 06:18:25 +0000
ROA not before: Tue 27 Jul 2021 06:18:25 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 1221
IP address blocks: 137.147.0.0/16 maxlen: 16
138.130.0.0/16 maxlen: 16
138.217.0.0/16 maxlen: 16
139.130.0.0/16 maxlen: 16
139.134.0.0/16 maxlen: 16
139.168.0.0/16 maxlen: 16
143.238.0.0/16 maxlen: 16
144.130.0.0/15 maxlen: 15
144.132.0.0/14 maxlen: 14
144.136.0.0/15 maxlen: 15
144.139.0.0/16 maxlen: 16
144.140.0.0/16 maxlen: 16
147.69.0.0/16 maxlen: 16
149.135.0.0/16 maxlen: 16
165.228.0.0/16 maxlen: 16
192.67.84.0/24 maxlen: 24
192.70.219.0/24 maxlen: 24
192.73.66.0/24 maxlen: 24
192.74.139.0/24 maxlen: 24
192.74.140.0/22 maxlen: 26
192.74.144.0/20 maxlen: 20
192.74.160.0/19 maxlen: 19
192.74.192.0/20 maxlen: 20
192.74.208.0/24 maxlen: 24
192.82.143.0/24 maxlen: 24
192.111.105.0/24 maxlen: 24
192.131.27.0/24 maxlen: 24
192.131.28.0/23 maxlen: 23
192.131.30.0/24 maxlen: 24
192.148.116.0/22 maxlen: 22
192.148.120.0/21 maxlen: 21
192.148.128.0/19 maxlen: 19
192.148.160.0/22 maxlen: 22
192.148.164.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3490 (0xda2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983/serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Validity
Not Before: Jul 27 06:18:25 2021 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=60ffa530-1253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:21:e7:d8:54:94:3a:66:d1:ea:30:b9:c3:f5:
60:16:d3:10:ac:19:01:2a:08:01:76:f6:96:ae:c1:
02:be:65:e3:4b:4e:8d:1b:66:65:ee:82:d0:a8:c7:
34:81:56:94:78:3a:7f:c4:93:cc:1e:ca:ac:11:02:
8c:6a:5d:23:2f:44:32:9b:64:d2:ab:4a:ab:5a:70:
1b:1d:e1:ed:9b:d7:ae:b1:0b:ca:73:84:a5:77:bd:
fc:b0:b7:ac:4e:fd:81:01:a1:dc:8e:10:ec:4b:2e:
8f:56:e6:87:16:39:3d:3f:5d:3e:aa:d6:ac:9e:ad:
1d:a4:58:24:0c:60:5d:1d:4c:41:d3:86:7a:d4:7a:
19:bb:e6:8f:fe:43:b6:43:d7:45:5c:2c:b4:63:42:
8e:ee:93:ee:43:5a:e9:59:df:07:48:84:30:b3:15:
00:de:a8:3f:17:2a:55:56:b1:94:0c:7a:5e:41:50:
7e:ab:5b:1c:27:e2:9f:e6:7d:de:9f:c6:4b:59:0d:
a6:91:51:53:f2:76:e6:da:99:92:aa:54:a5:4e:0d:
d9:52:f2:5c:28:a1:d4:f2:1b:79:e1:aa:92:fc:67:
9b:ab:09:ed:b4:cc:54:15:8e:69:1e:6e:97:5a:82:
8a:6b:77:ee:b7:7a:10:9a:20:a5:a5:43:8a:8a:47:
43:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:57:D4:78:99:19:00:7F:44:C9:B8:35:1E:CB:08:64:A4:0D:7E:84
X509v3 Authority Key Identifier:
keyid:88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/B123AFA28B7E11EB8833C957C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
137.147.0.0/16
138.130.0.0/16
138.217.0.0/16
139.130.0.0/16
139.134.0.0/16
139.168.0.0/16
143.238.0.0/16
144.130.0.0-144.137.255.255
144.139.0.0-144.140.255.255
147.69.0.0/16
149.135.0.0/16
165.228.0.0/16
192.67.84.0/24
192.70.219.0/24
192.73.66.0/24
192.74.139.0-192.74.208.255
192.82.143.0/24
192.111.105.0/24
192.131.27.0-192.131.30.255
192.148.116.0-192.148.165.255
Signature Algorithm: sha256WithRSAEncryption
7f:c9:3b:2b:ea:b1:07:ef:f7:a5:e6:60:5e:b5:28:7d:30:e2:
7e:6a:0e:4f:08:19:02:df:65:dc:60:a9:2f:6f:df:20:55:ab:
71:b2:c9:a9:f0:60:7e:11:6c:19:84:b0:84:89:53:ad:b5:4e:
c7:56:08:f1:f8:5e:da:b4:00:be:fe:f7:af:6d:64:9b:41:36:
47:85:5c:3d:58:33:14:74:fe:77:dd:70:3c:59:54:23:ee:f4:
d6:2a:eb:00:95:1e:3a:b8:79:bb:72:a3:7d:5b:33:7a:72:39:
05:b8:dc:c9:86:97:2c:43:53:71:1f:ae:a3:23:1f:1c:8e:af:
e8:36:29:5e:95:cb:b4:97:a9:f5:bf:44:7c:b1:8a:a1:24:23:
9b:a0:a2:55:be:01:15:05:63:bb:88:a4:2e:ea:06:30:a5:19:
04:ad:75:de:d3:e0:cd:25:1e:49:37:a3:ea:4a:49:c5:bc:3f:
2e:43:6c:38:7d:2e:84:20:8c:fa:7b:49:d8:17:0f:03:e4:9c:
13:e8:1c:59:06:cb:80:9a:9c:d4:5d:f3:75:fe:70:7f:b9:67:
79:df:85:8e:0c:af:8d:8f:a3:09:48:dc:2f:f8:41:1a:70:da:
71:46:b1:d5:6c:2c:7c:bd:0c:7c:1d:fe:e8:49:64:20:f6:ab:
e4:2f:22:0f
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICDaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDg4RDg3QjEwMkY1QzI3NzFDMzY3MDY0RTIwNDlCNjhB
OTAzQzcxQjUwHhcNMjEwNzI3MDYxODI1WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGZmYTUzMC0xMjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqyHn2FSUOmbR6jC5w/VgFtMQrBkBKggBdvaWrsECvmXjS06NG2Zl7oLQqMc0
gVaUeDp/xJPMHsqsEQKMal0jL0Qym2TSq0qrWnAbHeHtm9eusQvKc4Sld738sLes
Tv2BAaHcjhDsSy6PVuaHFjk9P10+qtasnq0dpFgkDGBdHUxB04Z61HoZu+aP/kO2
Q9dFXCy0Y0KO7pPuQ1rpWd8HSIQwsxUA3qg/FypVVrGUDHpeQVB+q1scJ+Kf5n3e
n8ZLWQ2mkVFT8nbm2pmSqlSlTg3ZUvJcKKHU8ht54aqS/GebqwnttMxUFY5pHm6X
WoKKa3fut3oQmiClpUOKikdDZwIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFBxX1HiZ
GQB/RMm4NR7LCGSkDX6EMB8GA1UdIwQYMBaAFIjYexAvXCdxw2cGTiBJtoqQPHG1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8wRTA4MkU3MkNE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9pTmg3RUM5Y0ozSERad1pPSUVtMmlwQThj
YlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lOaDdFQzljSjNIRFp3Wk9JRW0yaXBBOGNiVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMEUwODJFNzJDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvQjEyM0FGQTI4
QjdFMTFFQjg4MzNDOTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMIGZBAIAATCBkgMDAImTAwMAioIDAwCK2QMDAIuCAwMAi4YDAwCLqAMD
AI/uMAoDAwGQggMDAZCIMAoDAwCQiwMDAJCMAwMAk0UDAwCVhwMDAKXkAwQAwENU
AwQAwEbbAwQAwElCMAwDBADASosDBADAStADBADAUo8DBADAb2kwDAMEAMCDGwME
AMCDHjAMAwQCwJR0AwQBwJSkMA0GCSqGSIb3DQEBCwUAA4IBAQB/yTsr6rEH7/el
5mBetSh9MOJ+ag5PCBkC32XcYKkvb98gVatxssmp8GB+EWwZhLCEiVOttU7HVgjx
+F7atAC+/vevbWSbQTZHhVw9WDMUdP533XA8WVQj7vTWKusAlR46uHm7cqN9WzN6
cjkFuNzJhpcsQ1NxH66jIx8cjq/oNilelcu0l6n1v0R8sYqhJCOboKJVvgEVBWO7
iKQu6gYwpRkErXXe0+DNJR5JN6PqSknFvD8uQ2w4fS6EIIz6e0nYFw8D5JwT6BxZ
BsuAmpzUXfN1/nB/uWd534WODK+Nj6MJSNwv+EEacNpxRrHVbCx8vQx8Hf7oSWQg
9qvkLyIP
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org