Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/290C0032513511ED9255DB7CC4F9AE02.roa
File: 290C0032513511ED9255DB7CC4F9AE02.roa (raw, json)
Hash identifier: 73KNwkvtSt34dx7f1EzviEZXXNDMhrBg8+WQI4ySJZ8=
Subject key identifier: F6:5F:CF:2F:CA:44:90:2E:F5:37:B2:42:AF:B3:9A:F9:60:EA:D4:18
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3397
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/290C0032513511ED9255DB7CC4F9AE02.roa
Signing time: Fri 21 Oct 2022 11:40:29 +0000
ROA not before: Fri 21 Oct 2022 11:40:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38616
IP address blocks: 111.88.144.0/20 maxlen: 24
111.88.184.0/21 maxlen: 24
115.186.0.0/24 maxlen: 24
115.186.19.0/24 maxlen: 24
115.186.48.0/21 maxlen: 24
115.186.64.0/19 maxlen: 21
115.186.64.0/21 maxlen: 24
115.186.76.0/22 maxlen: 24
115.186.80.0/20 maxlen: 24
115.186.97.0/24 maxlen: 24
115.186.99.0/24 maxlen: 24
115.186.100.0/22 maxlen: 22
115.186.100.0/24 maxlen: 24
115.186.104.0/24 maxlen: 24
115.186.105.0/24 maxlen: 24
115.186.114.0/24 maxlen: 24
115.186.116.0/22 maxlen: 22
115.186.116.0/24 maxlen: 24
115.186.122.0/23 maxlen: 23
115.186.126.0/23 maxlen: 23
115.186.127.0/24 maxlen: 24
117.102.13.0/24 maxlen: 24
117.102.29.0/24 maxlen: 24
117.102.30.0/24 maxlen: 24
117.102.31.0/24 maxlen: 24
203.81.216.0/24 maxlen: 24
203.81.219.0/24 maxlen: 24
203.81.220.0/22 maxlen: 22
203.81.220.0/24 maxlen: 24
203.81.221.0/24 maxlen: 24
203.81.222.0/24 maxlen: 24
203.81.223.0/24 maxlen: 24
203.81.224.0/22 maxlen: 22
203.81.224.0/24 maxlen: 24
203.81.225.0/24 maxlen: 24
203.81.226.0/24 maxlen: 24
203.81.227.0/24 maxlen: 24
203.81.228.0/23 maxlen: 24
203.81.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13207 (0x3397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Oct 21 11:40:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6352852c-16aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a9:5f:8e:b9:ed:b8:62:01:ca:7a:c4:5b:e3:
72:52:c6:b2:88:2d:e3:d1:1d:9d:f4:23:19:9c:ae:
34:7e:8e:d2:a7:a0:ed:86:78:77:77:26:aa:84:1b:
1c:d0:d5:1e:e1:41:ee:9b:60:b8:91:00:26:ba:4e:
ab:d8:1a:7a:09:67:34:b5:38:9e:88:c1:76:17:a3:
52:57:e7:59:a1:58:e4:03:1b:64:53:3d:04:6f:ca:
f1:72:d2:1f:0d:74:85:75:81:44:a4:7a:c3:29:18:
8e:ac:b1:bc:46:bc:98:13:f3:c0:69:8b:0c:a6:d1:
01:46:42:04:06:ad:f6:aa:91:bd:bc:ca:0a:6e:51:
d6:d4:93:84:42:94:8e:13:b0:5b:9c:67:2a:58:33:
83:3b:4b:1a:00:d0:45:f9:50:13:ba:31:b5:ee:e4:
8f:b6:25:dc:5f:80:66:74:d5:2e:9a:3b:43:df:75:
fe:b8:5f:20:6b:29:4d:42:53:e4:08:98:28:a2:d5:
3c:7d:13:6f:2c:6f:55:e8:bf:b4:89:d9:b6:76:14:
a3:84:74:ec:dd:21:0f:9b:91:30:12:af:53:c6:98:
ae:52:48:91:d5:2d:9a:5f:15:cc:46:ef:ef:33:03:
b6:30:d2:62:6f:ce:d9:a1:4a:6d:35:ca:43:f7:df:
09:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5F:CF:2F:CA:44:90:2E:F5:37:B2:42:AF:B3:9A:F9:60:EA:D4:18
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/290C0032513511ED9255DB7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.144.0/20
111.88.184.0/21
115.186.0.0/24
115.186.19.0/24
115.186.48.0/21
115.186.64.0/19
115.186.97.0/24
115.186.99.0-115.186.105.255
115.186.114.0/24
115.186.116.0/22
115.186.122.0/23
115.186.126.0/23
117.102.13.0/24
117.102.29.0-117.102.31.255
203.81.216.0/24
203.81.219.0-203.81.229.255
203.81.231.0/24
Signature Algorithm: sha256WithRSAEncryption
08:1c:cf:6d:5f:05:c0:d1:11:8d:2e:2a:a4:ce:bd:63:1a:b9:
63:ac:09:59:14:5d:db:bf:48:cf:71:38:90:21:05:a7:fc:2f:
a3:de:e0:34:14:e2:81:d5:0e:0f:5b:9e:75:b1:b7:10:3f:d9:
fa:d4:16:7b:b8:82:6d:50:89:f3:aa:7d:da:4b:fa:99:63:8c:
14:ea:01:e1:ef:dc:3d:d3:c1:90:8a:77:4e:2f:af:50:4d:99:
da:0c:d4:eb:55:1a:33:02:ba:f8:e6:b2:09:59:e7:1f:f9:09:
40:81:10:1e:b7:ce:d9:33:fe:5b:d9:6a:c0:83:ee:b7:7f:48:
e3:df:6f:76:21:72:05:94:c9:50:4c:2b:d4:b4:9a:be:61:79:
04:bf:18:57:e7:f1:65:85:b9:5e:46:c9:f7:0f:6e:f9:15:4d:
cf:6b:4f:5e:bb:cb:17:67:f6:e9:a7:a2:49:64:03:fc:19:26:
f9:32:70:46:61:39:b7:02:8c:1f:67:59:4f:20:79:68:fd:dc:
1a:fe:68:d9:60:ba:bb:a3:c7:c0:22:2d:0b:82:49:ca:e4:d9:
3c:e5:8b:b3:88:07:0d:c5:8c:53:aa:f4:ab:35:1f:b9:65:8a:
ff:5d:85:3c:00:08:7e:5b:fd:ba:62:58:a4:b6:d0:3f:05:a3:
95:81:db:9d
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgICM5cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjIxMDIxMTE0MDI5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzUyODUyYy0xNmFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5alfjrntuGIBynrEW+NyUsayiC3j0R2d9CMZnK40fo7Sp6Dthnh3dyaqhBsc
0NUe4UHum2C4kQAmuk6r2Bp6CWc0tTieiMF2F6NSV+dZoVjkAxtkUz0Eb8rxctIf
DXSFdYFEpHrDKRiOrLG8RryYE/PAaYsMptEBRkIEBq32qpG9vMoKblHW1JOEQpSO
E7BbnGcqWDODO0saANBF+VATujG17uSPtiXcX4BmdNUumjtD33X+uF8gaylNQlPk
CJgootU8fRNvLG9V6L+0idm2dhSjhHTs3SEPm5EwEq9TxpiuUkiR1S2aXxXMRu/v
MwO2MNJib87ZoUptNcpD998JBQIDAQABo4IDETCCAw0wHQYDVR0OBBYEFPZfzy/K
RJAu9TeyQq+zmvlg6tQYMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvMjkwQzAwMzI1
MTM1MTFFRDkyNTVEQjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZoGCCsGAQUFBwEHAQH/
BIGKMIGHMIGEBAIAATB+AwQEb1iQAwQDb1i4AwQAc7oAAwQAc7oTAwQDc7owAwQF
c7pAAwQAc7phMAwDBABzumMDBAFzumgDBABzunIDBAJzunQDBAFzunoDBAFzun4D
BAB1Zg0wDAMEAHVmHQMEBXVmAAMEAMtR2DAMAwQAy1HbAwQBy1HkAwQAy1HnMA0G
CSqGSIb3DQEBCwUAA4IBAQAIHM9tXwXA0RGNLiqkzr1jGrljrAlZFF3bv0jPcTiQ
IQWn/C+j3uA0FOKB1Q4PW551sbcQP9n61BZ7uIJtUInzqn3aS/qZY4wU6gHh79w9
08GQindOL69QTZnaDNTrVRozArr45rIJWecf+QlAgRAet87ZM/5b2WrAg+63f0jj
3292IXIFlMlQTCvUtJq+YXkEvxhX5/FlhbleRsn3D275FU3Pa09eu8sXZ/bpp6JJ
ZAP8GSb5MnBGYTm3AowfZ1lPIHlo/dwa/mjZYLq7o8fAIi0LgknK5Nk85YuziAcN
xYxTqvSrNR+5ZYr/XYU8AAh+W/26YlikttA/BaOVgdud
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org