Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C3A67198DA5811EDAE826A0DC4F9AE02.roa
File: C3A67198DA5811EDAE826A0DC4F9AE02.roa (raw, json)
Hash identifier: 9FaMq7HyXox/X6MEV439qylkUICPfVoQ0UGKfYojhG8=
Subject key identifier: D1:B1:2A:20:34:0D:BD:06:50:23:08:1D:EB:B3:0C:70:0F:32:17:96
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 340C
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C3A67198DA5811EDAE826A0DC4F9AE02.roa
Signing time: Fri 14 Apr 2023 00:10:29 +0000
ROA not before: Fri 14 Apr 2023 00:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38616
IP address blocks: 111.88.79.0/24 maxlen: 24
111.88.138.0/24 maxlen: 24
111.88.139.0/24 maxlen: 24
111.88.144.0/20 maxlen: 23
111.88.144.0/23 maxlen: 24
111.88.146.0/24 maxlen: 24
111.88.149.0/24 maxlen: 24
111.88.150.0/23 maxlen: 24
111.88.152.0/23 maxlen: 24
111.88.156.0/22 maxlen: 24
111.88.164.0/22 maxlen: 24
111.88.168.0/22 maxlen: 24
111.88.184.0/22 maxlen: 23
111.88.232.0/21 maxlen: 24
115.186.0.0/24 maxlen: 24
115.186.19.0/24 maxlen: 24
115.186.48.0/21 maxlen: 24
115.186.64.0/19 maxlen: 21
115.186.64.0/21 maxlen: 24
115.186.76.0/22 maxlen: 24
115.186.80.0/20 maxlen: 24
115.186.97.0/24 maxlen: 24
115.186.99.0/24 maxlen: 24
115.186.100.0/22 maxlen: 22
115.186.100.0/24 maxlen: 24
115.186.104.0/24 maxlen: 24
115.186.105.0/24 maxlen: 24
115.186.114.0/24 maxlen: 24
115.186.116.0/22 maxlen: 22
115.186.116.0/24 maxlen: 24
115.186.122.0/23 maxlen: 23
115.186.126.0/23 maxlen: 23
115.186.127.0/24 maxlen: 24
117.102.13.0/24 maxlen: 24
117.102.29.0/24 maxlen: 24
117.102.30.0/24 maxlen: 24
117.102.31.0/24 maxlen: 24
203.81.216.0/24 maxlen: 24
203.81.219.0/24 maxlen: 24
203.81.220.0/22 maxlen: 22
203.81.220.0/24 maxlen: 24
203.81.221.0/24 maxlen: 24
203.81.222.0/24 maxlen: 24
203.81.223.0/24 maxlen: 24
203.81.224.0/22 maxlen: 22
203.81.224.0/24 maxlen: 24
203.81.225.0/24 maxlen: 24
203.81.226.0/24 maxlen: 24
203.81.227.0/24 maxlen: 24
203.81.228.0/23 maxlen: 24
203.81.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13324 (0x340c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B
Validity
Not Before: Apr 14 00:10:29 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=643899f5-35c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f8:dc:ed:bd:50:58:c6:11:f3:ad:fa:57:9c:
3d:4d:91:cc:27:aa:41:fe:73:f9:86:de:8c:21:98:
e8:85:62:86:73:7c:55:82:13:14:01:0d:75:53:74:
ed:10:13:6f:c6:d1:be:85:ef:b0:e9:98:1d:e2:3a:
6b:b6:93:0f:e0:62:78:d0:c8:30:1d:22:fc:16:2f:
6b:2c:30:90:ef:f5:c9:ed:6d:df:e4:46:a6:cc:52:
67:58:2c:66:57:66:83:f8:50:bc:eb:fa:c6:db:5b:
86:20:55:c0:1a:bd:99:a5:6c:49:1c:97:77:03:54:
ca:49:51:12:a2:f1:ef:42:10:d9:4e:b6:da:85:4f:
cc:e6:cc:f2:4a:c9:47:86:6d:06:9b:f2:ce:12:a2:
ca:5d:f5:d2:7d:3c:10:d0:3a:11:6b:70:8f:81:b1:
13:ff:29:89:e2:e6:a7:f9:2d:62:0c:22:25:4f:93:
b5:5c:3d:25:59:43:61:7f:a0:f3:a6:54:63:e4:28:
a2:a6:5a:b2:2d:78:bc:19:08:74:8f:9f:be:f9:8a:
a8:bf:34:eb:14:7a:ca:e0:a3:cc:80:02:35:09:3c:
32:db:0c:57:46:71:33:5f:85:39:58:cf:46:ea:76:
77:57:fe:e1:9f:27:87:b8:77:cd:f7:b5:90:4e:d9:
48:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B1:2A:20:34:0D:BD:06:50:23:08:1D:EB:B3:0C:70:0F:32:17:96
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/C3A67198DA5811EDAE826A0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.79.0/24
111.88.138.0/23
111.88.144.0/20
111.88.164.0-111.88.171.255
111.88.184.0/22
111.88.232.0/21
115.186.0.0/24
115.186.19.0/24
115.186.48.0/21
115.186.64.0/19
115.186.97.0/24
115.186.99.0-115.186.105.255
115.186.114.0/24
115.186.116.0/22
115.186.122.0/23
115.186.126.0/23
117.102.13.0/24
117.102.29.0-117.102.31.255
203.81.216.0/24
203.81.219.0-203.81.229.255
203.81.231.0/24
Signature Algorithm: sha256WithRSAEncryption
42:7c:f7:c4:ae:e1:56:e4:c4:68:84:23:98:86:b1:4b:0c:aa:
02:9a:6f:ba:3f:a6:7d:6d:84:41:6c:c2:5d:80:e8:0a:00:ff:
32:c2:38:de:11:65:04:24:ea:bf:d0:dc:f5:f5:54:67:c8:a9:
ce:6c:bd:ac:96:6a:c3:03:45:24:a8:58:0c:de:b1:57:2b:ab:
54:a8:44:f6:8f:d4:e4:5f:6d:2d:f5:d3:5d:67:ac:b9:fd:16:
d6:68:9b:89:e8:5f:0f:dc:a8:52:5f:54:6b:46:ed:3f:0a:41:
f6:49:3f:20:01:06:90:71:f1:73:18:49:4e:c5:58:d4:66:a8:
28:41:bc:40:75:30:93:49:dd:00:b3:17:79:4e:4e:b5:1e:99:
74:06:77:55:54:55:a2:47:47:94:bd:d7:73:e1:b0:6d:be:c2:
30:73:01:22:b5:47:8e:71:80:7f:84:7c:22:16:00:f3:42:a6:
99:ac:98:8d:f0:52:3e:04:e7:2f:d6:07:fc:18:07:d0:8f:ab:
ec:ef:56:05:9c:86:92:e9:2f:40:80:ac:94:f3:31:b0:36:b8:
8d:ea:3c:96:46:4b:20:34:c4:f0:b4:07:4a:0f:a9:47:e2:8a:
ea:72:f1:5d:fc:d8:19:4f:36:2e:8e:a7:eb:a4:87:39:2a:01:
c9:2a:4d:4e
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgICNAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMwNDE0MDAxMDI5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM4OTlmNS0zNWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn/jc7b1QWMYR8636V5w9TZHMJ6pB/nP5ht6MIZjohWKGc3xVghMUAQ11U3Tt
EBNvxtG+he+w6Zgd4jprtpMP4GJ40MgwHSL8Fi9rLDCQ7/XJ7W3f5EamzFJnWCxm
V2aD+FC86/rG21uGIFXAGr2ZpWxJHJd3A1TKSVESovHvQhDZTrbahU/M5szySslH
hm0Gm/LOEqLKXfXSfTwQ0DoRa3CPgbET/ymJ4uan+S1iDCIlT5O1XD0lWUNhf6Dz
plRj5CiiplqyLXi8GQh0j5+++YqovzTrFHrK4KPMgAI1CTwy2wxXRnEzX4U5WM9G
6nZ3V/7hnyeHuHfN97WQTtlI+QIDAQABo4IDMjCCAy4wHQYDVR0OBBYEFNGxKiA0
Db0GUCMIHeuzDHAPMheWMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQzNBNjcxOThE
QTU4MTFFREFFODI2QTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbsGCCsGAQUFBwEHAQH/
BIGrMIGoMIGlBAIAATCBngMEAG9YTwMEAW9YigMEBG9YkDAMAwQCb1ikAwQCb1io
AwQCb1i4AwQDb1joAwQAc7oAAwQAc7oTAwQDc7owAwQFc7pAAwQAc7phMAwDBABz
umMDBAFzumgDBABzunIDBAJzunQDBAFzunoDBAFzun4DBAB1Zg0wDAMEAHVmHQME
BXVmAAMEAMtR2DAMAwQAy1HbAwQBy1HkAwQAy1HnMA0GCSqGSIb3DQEBCwUAA4IB
AQBCfPfEruFW5MRohCOYhrFLDKoCmm+6P6Z9bYRBbMJdgOgKAP8ywjjeEWUEJOq/
0Nz19VRnyKnObL2slmrDA0UkqFgM3rFXK6tUqET2j9TkX20t9dNdZ6y5/RbWaJuJ
6F8P3KhSX1RrRu0/CkH2ST8gAQaQcfFzGElOxVjUZqgoQbxAdTCTSd0Asxd5Tk61
Hpl0BndVVFWiR0eUvddz4bBtvsIwcwEitUeOcYB/hHwiFgDzQqaZrJiN8FI+BOcv
1gf8GAfQj6vs71YFnIaS6S9AgKyU8zGwNriN6jyWRksgNMTwtAdKD6lH4orqcvFd
/NgZTzYujqfrpIc5KgHJKk1O
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:42 2025 by rpki-client