Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/F6C356B6DA5511ED85BAFC0FC4F9AE02.roa
File: F6C356B6DA5511ED85BAFC0FC4F9AE02.roa (raw, json)
Hash identifier: t4qq/Vbyf75WoZFtbFUPED0ujuk3gLDVfr3iamGxTU8=
Subject key identifier: 95:47:94:CD:23:9C:43:AF:E2:C3:BE:10:A4:C4:35:E6:03:AF:1E:7D
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 340B
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/F6C356B6DA5511ED85BAFC0FC4F9AE02.roa
Signing time: Fri 14 Apr 2023 00:10:28 +0000
ROA not before: Fri 14 Apr 2023 00:10:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133933
IP address blocks: 111.88.147.0/24 maxlen: 24
111.88.148.0/24 maxlen: 24
111.88.154.0/24 maxlen: 24
111.88.155.0/24 maxlen: 24
111.88.184.0/24 maxlen: 24
111.88.185.0/24 maxlen: 24
111.88.186.0/24 maxlen: 24
111.88.187.0/24 maxlen: 24
111.88.188.0/24 maxlen: 24
111.88.189.0/24 maxlen: 24
111.88.190.0/24 maxlen: 24
111.88.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13323 (0x340b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Apr 14 00:10:28 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=643899f3-3d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f5:4b:af:4e:ec:95:8c:7b:c6:88:fe:2f:5e:
f8:b9:50:2b:46:7a:8d:3f:cc:d4:23:f7:8f:22:3c:
6d:b7:37:0d:9f:a5:49:0b:a6:4b:62:e6:4f:ce:a1:
0c:59:15:ba:48:af:8d:20:c4:14:30:0e:b4:aa:2c:
a7:86:a9:da:b4:54:d8:70:0d:cb:36:a5:dd:d3:2d:
bb:d4:f3:8d:00:58:e0:ba:d9:97:81:08:b3:e2:c1:
3d:ae:6b:eb:93:c7:0f:8f:d5:fd:46:65:25:85:94:
3b:3f:90:e4:3e:2c:cf:65:dd:86:b9:a0:67:52:84:
fe:47:c3:9b:e4:5a:1e:bc:1d:89:83:c6:df:c7:b0:
a4:da:f3:fa:24:5f:8a:e5:94:be:5a:e1:d4:b0:93:
c0:71:10:2f:cd:80:48:8c:24:15:ff:a6:f4:71:4a:
ac:d9:7d:89:63:8b:9e:c0:08:c7:21:07:01:ff:fd:
2c:76:51:97:5a:7a:82:b4:70:e4:4f:1c:70:2c:1a:
68:9e:43:ee:25:bf:8b:5a:17:8d:12:e4:25:36:6f:
5e:f0:05:9d:42:56:b9:91:e5:4e:83:c3:a3:66:6a:
5b:ee:1d:17:ff:7a:40:6a:4f:83:8a:1e:3f:0b:18:
31:28:a1:36:a3:7b:88:08:49:7c:e0:06:af:63:7e:
9e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:47:94:CD:23:9C:43:AF:E2:C3:BE:10:A4:C4:35:E6:03:AF:1E:7D
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/F6C356B6DA5511ED85BAFC0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.147.0-111.88.148.255
111.88.154.0/23
111.88.184.0/21
Signature Algorithm: sha256WithRSAEncryption
82:66:90:79:05:de:26:61:8c:0d:7c:98:8f:d2:b3:14:60:33:
13:99:9e:83:f9:f9:5e:a4:54:bb:bd:09:79:8f:2a:3e:f0:f7:
60:3f:f8:6e:81:a4:7e:83:f9:5f:9c:5a:65:d6:eb:dd:bc:ec:
ca:88:11:0d:1b:a2:7a:8b:d5:6d:23:54:60:50:c4:29:8f:7e:
bc:2b:9a:23:be:67:74:bb:fd:c1:90:00:39:ca:17:58:49:67:
6c:ea:a2:ce:27:0a:28:42:c0:63:f1:06:8b:1f:d5:fc:a0:a5:
e1:d2:50:86:b3:e2:ab:9a:27:69:49:39:aa:f2:20:58:43:dc:
9b:35:66:f2:c5:c3:db:23:65:37:c5:8b:a5:2d:e1:e7:e0:9d:
fb:12:b3:bf:58:4e:e0:16:54:54:b5:c4:11:10:1c:6d:e9:2c:
48:65:83:e1:53:b1:cf:58:30:5b:0b:0f:d8:2f:19:8e:dc:3c:
b2:c7:38:db:d0:cd:66:24:40:ae:2a:f5:42:d4:4e:81:b8:c6:
e1:6e:64:46:f0:84:1b:5b:1b:ab:c7:78:6a:ca:9d:8a:c4:bc:
b7:aa:33:25:c1:ff:ac:a7:48:22:cc:e1:71:77:67:d4:b2:a5:
79:e9:1f:01:02:07:9c:20:11:1d:de:aa:e5:29:b5:3b:6c:fb:
41:a2:cb:ab
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICNAswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMwNDE0MDAxMDI4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM4OTlmMy0zZDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtPVLr07slYx7xoj+L174uVArRnqNP8zUI/ePIjxttzcNn6VJC6ZLYuZPzqEM
WRW6SK+NIMQUMA60qiynhqnatFTYcA3LNqXd0y271PONAFjgutmXgQiz4sE9rmvr
k8cPj9X9RmUlhZQ7P5DkPizPZd2GuaBnUoT+R8Ob5FoevB2Jg8bfx7Ck2vP6JF+K
5ZS+WuHUsJPAcRAvzYBIjCQV/6b0cUqs2X2JY4uewAjHIQcB//0sdlGXWnqCtHDk
TxxwLBponkPuJb+LWheNEuQlNm9e8AWdQla5keVOg8OjZmpb7h0X/3pAak+Dih4/
CxgxKKE2o3uICEl84AavY36eHQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFJVHlM0j
nEOv4sO+EKTENeYDrx59MB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvRjZDMzU2QjZE
QTU1MTFFRDg1QkFGQzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAG9YkwMEAG9YlAMEAW9YmgMEA29YuDANBgkqhkiG9w0B
AQsFAAOCAQEAgmaQeQXeJmGMDXyYj9KzFGAzE5meg/n5XqRUu70JeY8qPvD3YD/4
boGkfoP5X5xaZdbr3bzsyogRDRuieovVbSNUYFDEKY9+vCuaI75ndLv9wZAAOcoX
WElnbOqizicKKELAY/EGix/V/KCl4dJQhrPiq5onaUk5qvIgWEPcmzVm8sXD2yNl
N8WLpS3h5+Cd+xKzv1hO4BZUVLXEERAcbeksSGWD4VOxz1gwWwsP2C8Zjtw8ssc4
29DNZiRArir1QtROgbjG4W5kRvCEG1sbq8d4asqdisS8t6ozJcH/rKdIIszhcXdn
1LKleekfAQIHnCARHd6q5Sm1O2z7QaLLqw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:43 2023 by rpki-client on console-ams.rpki-client.org