Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/2B82127CE2BE11EEAC4CE33CC4F9AE02.roa
File: 2B82127CE2BE11EEAC4CE33CC4F9AE02.roa (raw, json)
Hash identifier: jWzqsy5RMkog5QsaqBkyDUDyR2uSmqdSmXBIWDSIvJQ=
Subject key identifier: C3:73:FC:51:9A:BA:B3:5B:26:35:3F:C1:95:18:07:B5:DE:B7:41:24
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3554
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/2B82127CE2BE11EEAC4CE33CC4F9AE02.roa
Signing time: Fri 15 Mar 2024 11:21:30 +0000
ROA not before: Fri 15 Mar 2024 11:21:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38616
IP address blocks: 111.88.76.0/24 maxlen: 24
111.88.77.0/24 maxlen: 24
111.88.79.0/24 maxlen: 24
111.88.138.0/24 maxlen: 24
111.88.139.0/24 maxlen: 24
111.88.144.0/20 maxlen: 23
111.88.144.0/23 maxlen: 24
111.88.146.0/24 maxlen: 24
111.88.150.0/23 maxlen: 24
111.88.152.0/23 maxlen: 24
111.88.156.0/22 maxlen: 24
111.88.164.0/22 maxlen: 23
111.88.166.0/23 maxlen: 24
111.88.168.0/22 maxlen: 24
111.88.184.0/22 maxlen: 23
111.88.233.0/24 maxlen: 24
111.88.234.0/24 maxlen: 24
111.88.240.0/24 maxlen: 24
111.88.251.0/24 maxlen: 24
111.88.252.0/24 maxlen: 24
111.88.253.0/24 maxlen: 24
111.88.254.0/24 maxlen: 24
115.186.0.0/24 maxlen: 24
115.186.19.0/24 maxlen: 24
115.186.48.0/21 maxlen: 24
115.186.64.0/19 maxlen: 21
115.186.64.0/21 maxlen: 24
115.186.76.0/22 maxlen: 24
115.186.80.0/20 maxlen: 24
115.186.97.0/24 maxlen: 24
115.186.99.0/24 maxlen: 24
115.186.100.0/22 maxlen: 22
115.186.100.0/24 maxlen: 24
115.186.104.0/24 maxlen: 24
115.186.105.0/24 maxlen: 24
115.186.114.0/24 maxlen: 24
115.186.116.0/22 maxlen: 22
115.186.116.0/24 maxlen: 24
115.186.122.0/23 maxlen: 23
115.186.126.0/23 maxlen: 23
115.186.127.0/24 maxlen: 24
117.102.11.0/24 maxlen: 24
117.102.12.0/22 maxlen: 22
117.102.12.0/23 maxlen: 24
117.102.15.0/24 maxlen: 24
117.102.29.0/24 maxlen: 24
117.102.30.0/24 maxlen: 24
117.102.31.0/24 maxlen: 24
203.81.216.0/24 maxlen: 24
203.81.219.0/24 maxlen: 24
203.81.220.0/22 maxlen: 22
203.81.220.0/24 maxlen: 24
203.81.221.0/24 maxlen: 24
203.81.222.0/24 maxlen: 24
203.81.223.0/24 maxlen: 24
203.81.224.0/22 maxlen: 22
203.81.224.0/24 maxlen: 24
203.81.225.0/24 maxlen: 24
203.81.226.0/24 maxlen: 24
203.81.227.0/24 maxlen: 24
203.81.228.0/23 maxlen: 24
203.81.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13652 (0x3554)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B
Validity
Not Before: Mar 15 11:21:30 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65f42f39-33c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:09:c2:35:99:86:1a:af:05:f7:87:81:88:e9:
90:08:77:aa:0f:ec:0c:90:7e:ec:3f:44:52:8a:03:
a2:05:fd:29:5b:16:30:b3:74:29:2b:a2:65:ee:ac:
23:ab:37:de:fe:09:ef:ac:7e:d5:cc:62:ca:c9:45:
b5:e2:83:72:31:d6:01:e4:1a:72:1f:12:a0:2e:c4:
b7:85:7a:79:0c:56:8b:17:38:06:49:99:f9:2f:6b:
e3:ca:0e:fc:26:4b:fe:75:95:14:68:e4:0d:8a:cd:
cb:24:60:fa:9b:eb:cc:5b:84:0d:95:0f:8d:a4:36:
f2:db:b5:ce:b6:a2:9f:86:f1:04:53:76:f8:9f:29:
d4:f6:65:f3:76:c9:1b:5b:15:78:45:e7:0a:69:3e:
6f:d7:32:16:08:81:c8:1b:a5:c3:35:8d:3c:f4:20:
0e:a3:75:cb:f4:ab:05:b0:3c:e5:7e:2e:8e:47:f0:
04:c9:f3:b2:eb:16:7e:ae:b4:a5:a9:b1:3e:41:35:
4e:7f:7a:3a:66:07:8b:32:94:70:e6:d0:d5:65:f7:
19:e1:c9:13:7e:f8:ef:e8:10:5c:b5:75:f9:9c:ae:
82:9b:e7:ef:92:e9:4d:5a:bb:10:3a:32:d2:e2:97:
12:7d:90:61:7a:59:ce:3b:d7:71:25:08:99:01:af:
d1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:73:FC:51:9A:BA:B3:5B:26:35:3F:C1:95:18:07:B5:DE:B7:41:24
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/2B82127CE2BE11EEAC4CE33CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.76.0/23
111.88.79.0/24
111.88.138.0/23
111.88.144.0/20
111.88.164.0-111.88.171.255
111.88.184.0/22
111.88.233.0-111.88.234.255
111.88.240.0/24
111.88.251.0-111.88.254.255
115.186.0.0/24
115.186.19.0/24
115.186.48.0/21
115.186.64.0/19
115.186.97.0/24
115.186.99.0-115.186.105.255
115.186.114.0/24
115.186.116.0/22
115.186.122.0/23
115.186.126.0/23
117.102.11.0-117.102.15.255
117.102.29.0-117.102.31.255
203.81.216.0/24
203.81.219.0-203.81.229.255
203.81.231.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b3:7a:4a:ef:3b:1a:7f:25:52:a5:f0:75:70:8c:f5:75:61:
c2:f7:80:2e:c3:95:8f:e4:3e:64:75:66:82:89:f7:be:9b:b0:
59:77:6c:c5:54:50:ae:89:b2:aa:e2:9e:a5:6b:63:0c:45:c5:
79:f1:5a:29:a6:7f:0e:1c:52:2d:bd:e1:5f:63:02:d5:56:52:
05:8c:5b:a2:a2:69:be:52:6e:00:dc:7f:41:73:d1:40:63:64:
d9:06:b4:ab:03:2a:3c:6b:9a:fc:18:42:b2:ae:84:03:8a:1c:
e7:c4:25:cc:c1:79:ff:74:b3:94:7e:d6:ff:0c:85:af:b7:6b:
e8:60:e9:68:59:a7:1f:30:52:6f:86:16:6f:40:6f:fd:88:f6:
85:7d:e4:d8:24:5a:b1:80:e8:6e:47:cf:be:05:f8:d7:c1:02:
56:d0:72:82:48:37:01:70:ab:66:0d:42:81:32:d1:d0:5d:4b:
80:99:a0:0a:13:70:b7:21:ad:87:7a:e3:58:83:a7:e8:78:36:
b1:7c:89:68:bf:a5:5d:aa:e1:b6:64:c5:ea:72:6e:c3:17:c8:
7a:57:9c:61:89:81:1f:a5:4a:12:4c:ec:ad:16:6c:48:7b:6c:
29:83:b9:59:bb:b0:48:24:3a:40:e2:d8:29:cb:fe:f5:ad:d9:
e5:3b:5b:9b
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgICNVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjQwMzE1MTEyMTMwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWY0MmYzOS0zM2MxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0AnCNZmGGq8F94eBiOmQCHeqD+wMkH7sP0RSigOiBf0pWxYws3QpK6Jl7qwj
qzfe/gnvrH7VzGLKyUW14oNyMdYB5BpyHxKgLsS3hXp5DFaLFzgGSZn5L2vjyg78
Jkv+dZUUaOQNis3LJGD6m+vMW4QNlQ+NpDby27XOtqKfhvEEU3b4nynU9mXzdskb
WxV4RecKaT5v1zIWCIHIG6XDNY089CAOo3XL9KsFsDzlfi6OR/AEyfOy6xZ+rrSl
qbE+QTVOf3o6ZgeLMpRw5tDVZfcZ4ckTfvjv6BBctXX5nK6Cm+fvkulNWrsQOjLS
4pcSfZBhelnOO9dxJQiZAa/RXQIDAQABo4IDXDCCA1gwHQYDVR0OBBYEFMNz/FGa
urNbJjU/wZUYB7Xet0EkMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvMkI4MjEyN0NF
MkJFMTFFRUFDNENFMzNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeUGCCsGAQUFBwEHAQH/
BIHVMIHSMIHPBAIAATCByAMEAW9YTAMEAG9YTwMEAW9YigMEBG9YkDAMAwQCb1ik
AwQCb1ioAwQCb1i4MAwDBABvWOkDBABvWOoDBABvWPAwDAMEAG9Y+wMEAG9Y/gME
AHO6AAMEAHO6EwMEA3O6MAMEBXO6QAMEAHO6YTAMAwQAc7pjAwQBc7poAwQAc7py
AwQCc7p0AwQBc7p6AwQBc7p+MAwDBAB1ZgsDBAR1ZgAwDAMEAHVmHQMEBXVmAAME
AMtR2DAMAwQAy1HbAwQBy1HkAwQAy1HnMA0GCSqGSIb3DQEBCwUAA4IBAQB+s3pK
7zsafyVSpfB1cIz1dWHC94Auw5WP5D5kdWaCife+m7BZd2zFVFCuibKq4p6la2MM
RcV58Voppn8OHFItveFfYwLVVlIFjFuiomm+Um4A3H9Bc9FAY2TZBrSrAyo8a5r8
GEKyroQDihznxCXMwXn/dLOUftb/DIWvt2voYOloWacfMFJvhhZvQG/9iPaFfeTY
JFqxgOhuR8++BfjXwQJW0HKCSDcBcKtmDUKBMtHQXUuAmaAKE3C3Ia2HeuNYg6fo
eDaxfIlov6VdquG2ZMXqcm7DF8h6V5xhiYEfpUoSTOytFmxIe2wpg7lZu7BIJDpA
4tgpy/71rdnlO1ub
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:37 2025 by rpki-client