Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/BC87F29CC3A111EDB2B78374C4F9AE02.roa
File: BC87F29CC3A111EDB2B78374C4F9AE02.roa (raw, json)
Hash identifier: Mx9qy1QKXptrdCXkfOYHlH2iDVbXRyGDRBQAonqDIsg=
Subject key identifier: 3E:0B:5B:04:14:3A:E7:34:9D:5A:4B:B9:A6:3A:4A:14:48:23:14:9D
Certificate issuer: /CN=A916A983/serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Certificate serial: 1176
Authority key identifier: 88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/BC87F29CC3A111EDB2B78374C4F9AE02.roa
Signing time: Fri 31 Mar 2023 02:05:22 +0000
ROA not before: Fri 31 Mar 2023 02:05:22 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 1221
IP address blocks: 137.147.0.0/16 maxlen: 16
138.130.0.0/16 maxlen: 16
138.217.0.0/16 maxlen: 16
139.130.0.0/16 maxlen: 16
139.134.0.0/16 maxlen: 16
139.168.0.0/16 maxlen: 16
143.238.0.0/16 maxlen: 16
144.130.0.0/15 maxlen: 15
144.130.0.0/17 maxlen: 17
144.130.144.0/20 maxlen: 20
144.130.160.0/19 maxlen: 19
144.130.192.0/18 maxlen: 18
144.131.0.0/16 maxlen: 16
144.132.0.0/14 maxlen: 14
144.136.0.0/15 maxlen: 15
144.139.0.0/16 maxlen: 16
144.140.0.0/16 maxlen: 16
147.69.0.0/16 maxlen: 16
149.135.0.0/16 maxlen: 16
165.228.0.0/16 maxlen: 16
192.67.84.0/24 maxlen: 24
192.70.219.0/24 maxlen: 24
192.73.66.0/24 maxlen: 24
192.74.139.0/24 maxlen: 25
192.74.140.0/22 maxlen: 26
192.74.144.0/20 maxlen: 20
192.74.160.0/19 maxlen: 19
192.74.192.0/20 maxlen: 20
192.74.208.0/24 maxlen: 24
192.82.143.0/24 maxlen: 24
192.111.105.0/24 maxlen: 24
192.131.27.0/24 maxlen: 24
192.131.28.0/23 maxlen: 23
192.131.30.0/24 maxlen: 24
192.148.116.0/22 maxlen: 22
192.148.120.0/21 maxlen: 21
192.148.128.0/19 maxlen: 19
192.148.160.0/22 maxlen: 22
192.148.164.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4470 (0x1176)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983/serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Validity
Not Before: Mar 31 02:05:22 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=64263fe2-26f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:19:45:65:a0:16:30:f7:a5:94:52:0d:47:2a:
89:d4:97:e1:61:e5:bb:a8:39:8e:74:2f:a3:99:0c:
56:d5:72:09:d3:03:3c:22:68:bc:2d:76:0b:ea:a5:
24:a7:67:40:5a:a1:5e:c6:95:ae:2c:23:c2:c8:e3:
23:59:18:54:60:9a:f9:79:55:43:26:75:84:09:14:
4c:0c:9d:b8:b0:60:ab:07:16:3e:9e:30:ca:16:b5:
9c:99:c1:8f:de:46:c5:24:44:53:83:8f:45:40:68:
4e:a7:ac:65:ea:81:fd:17:d7:3f:c7:9a:12:50:83:
45:29:69:ae:ed:81:35:a9:a2:ce:18:49:ac:e9:90:
0f:52:5c:07:d9:c3:ea:62:4d:61:66:c8:af:9c:9b:
97:28:10:73:83:bd:53:5b:c2:4a:f4:f4:da:e9:47:
90:32:35:a3:ec:89:79:51:33:27:bd:fe:08:91:89:
bb:6b:57:ce:5e:5b:e3:eb:09:e8:7d:0f:3a:36:ca:
87:1b:d9:d0:53:96:b4:62:d5:8f:c1:0e:9d:e0:3e:
20:d2:e9:ad:4a:bf:99:1a:72:87:fc:f7:fa:ca:2c:
b9:75:16:9c:fc:a0:a4:4d:fc:f9:1f:8f:d6:99:7b:
3e:43:11:1f:db:9f:13:9c:be:f5:ae:28:c9:00:76:
a1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:0B:5B:04:14:3A:E7:34:9D:5A:4B:B9:A6:3A:4A:14:48:23:14:9D
X509v3 Authority Key Identifier:
keyid:88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/BC87F29CC3A111EDB2B78374C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
137.147.0.0/16
138.130.0.0/16
138.217.0.0/16
139.130.0.0/16
139.134.0.0/16
139.168.0.0/16
143.238.0.0/16
144.130.0.0-144.137.255.255
144.139.0.0-144.140.255.255
147.69.0.0/16
149.135.0.0/16
165.228.0.0/16
192.67.84.0/24
192.70.219.0/24
192.73.66.0/24
192.74.139.0-192.74.208.255
192.82.143.0/24
192.111.105.0/24
192.131.27.0-192.131.30.255
192.148.116.0-192.148.165.255
Signature Algorithm: sha256WithRSAEncryption
75:62:f4:d5:40:4d:e2:8d:aa:12:96:ea:9d:9f:e3:8d:47:fb:
74:92:06:53:3e:f5:2e:61:01:72:55:1f:85:de:7b:1b:d2:e5:
13:fc:f0:4a:be:6f:d9:02:f3:c1:38:a1:94:8b:6d:25:83:a8:
84:a2:cb:83:f1:b1:41:99:6d:0c:20:46:08:df:59:a6:27:d3:
08:f0:cf:c2:95:27:2e:ad:09:5d:4a:76:89:80:01:f6:73:e8:
ea:fc:ec:36:22:b6:16:96:29:8a:8c:74:ed:ce:7f:3c:1d:38:
35:fb:6f:8e:50:a7:ab:be:16:f1:5c:0c:ec:7c:ee:db:91:73:
9a:5c:fa:4c:ab:32:e4:b0:6a:d4:70:c7:06:e9:70:95:f4:3b:
b1:f3:99:00:af:47:87:40:30:e7:d2:33:c6:85:92:22:98:0b:
86:5f:df:98:ad:fd:dc:b0:fb:6c:86:ce:50:7b:2c:da:e1:b0:
05:0f:3e:4f:92:a5:c1:be:c2:9d:91:4b:24:3b:94:3a:31:49:
e2:36:b1:45:69:62:0b:29:e4:58:76:bc:ae:98:0c:43:07:8c:
14:77:9d:a6:bd:e3:45:11:6a:58:3d:54:28:2d:69:5e:ea:7d:
c1:33:17:80:08:27:2f:e4:ed:33:34:14:83:f8:c9:84:00:d6:
58:38:43:c3
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICEXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDg4RDg3QjEwMkY1QzI3NzFDMzY3MDY0RTIwNDlCNjhB
OTAzQzcxQjUwHhcNMjMwMzMxMDIwNTIyWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI2M2ZlMi0yNmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzRlFZaAWMPellFINRyqJ1JfhYeW7qDmOdC+jmQxW1XIJ0wM8Imi8LXYL6qUk
p2dAWqFexpWuLCPCyOMjWRhUYJr5eVVDJnWECRRMDJ24sGCrBxY+njDKFrWcmcGP
3kbFJERTg49FQGhOp6xl6oH9F9c/x5oSUINFKWmu7YE1qaLOGEms6ZAPUlwH2cPq
Yk1hZsivnJuXKBBzg71TW8JK9PTa6UeQMjWj7Il5UTMnvf4IkYm7a1fOXlvj6wno
fQ86NsqHG9nQU5a0YtWPwQ6d4D4g0umtSr+ZGnKH/Pf6yiy5dRac/KCkTfz5H4/W
mXs+QxEf258TnL71rijJAHahDwIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFD4LWwQU
Ouc0nVpLuaY6ShRIIxSdMB8GA1UdIwQYMBaAFIjYexAvXCdxw2cGTiBJtoqQPHG1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8wRTA4MkU3MkNE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9pTmg3RUM5Y0ozSERad1pPSUVtMmlwQThj
YlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lOaDdFQzljSjNIRFp3Wk9JRW0yaXBBOGNiVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMEUwODJFNzJDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvQkM4N0YyOUND
M0ExMTFFREIyQjc4Mzc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMIGZBAIAATCBkgMDAImTAwMAioIDAwCK2QMDAIuCAwMAi4YDAwCLqAMD
AI/uMAoDAwGQggMDAZCIMAoDAwCQiwMDAJCMAwMAk0UDAwCVhwMDAKXkAwQAwENU
AwQAwEbbAwQAwElCMAwDBADASosDBADAStADBADAUo8DBADAb2kwDAMEAMCDGwME
AMCDHjAMAwQCwJR0AwQBwJSkMA0GCSqGSIb3DQEBCwUAA4IBAQB1YvTVQE3ijaoS
luqdn+ONR/t0kgZTPvUuYQFyVR+F3nsb0uUT/PBKvm/ZAvPBOKGUi20lg6iEosuD
8bFBmW0MIEYI31mmJ9MI8M/ClScurQldSnaJgAH2c+jq/Ow2IrYWlimKjHTtzn88
HTg1+2+OUKervhbxXAzsfO7bkXOaXPpMqzLksGrUcMcG6XCV9Dux85kAr0eHQDDn
0jPGhZIimAuGX9+Yrf3csPtshs5Qeyza4bAFDz5PkqXBvsKdkUskO5Q6MUniNrFF
aWILKeRYdryumAxDB4wUd52mveNFEWpYPVQoLWle6n3BMxeACCcv5O0zNBSD+MmE
ANZYOEPD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org