Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/FF40707EDC7311ED8759C02BC4F9AE02.roa
File: FF40707EDC7311ED8759C02BC4F9AE02.roa (raw, json)
Hash identifier: dSyfA34hapE30HUJYd4CQiWAZ3TV3mX4PtFV/I5vSLo=
Subject key identifier: 9C:30:4C:70:5C:68:21:DE:07:62:98:16:CD:66:D1:88:8C:14:55:1F
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3416
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/FF40707EDC7311ED8759C02BC4F9AE02.roa
Signing time: Sun 16 Apr 2023 17:10:30 +0000
ROA not before: Sun 16 Apr 2023 17:10:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135407
IP address blocks: 111.88.76.0/24 maxlen: 24
111.88.77.0/24 maxlen: 24
111.88.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13334 (0x3416)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Apr 16 17:10:30 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=643c2c05-003f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ec:5f:8a:ae:16:9f:8a:42:6f:2e:73:ca:98:
12:2e:2f:e9:5f:b4:ca:2a:f5:1e:98:44:88:dc:f2:
c6:55:3e:fe:f2:f4:3a:04:b8:58:03:40:9e:0d:c0:
ef:f3:b0:07:17:77:d1:66:73:2a:5e:b7:2d:a9:a6:
25:db:a8:54:eb:08:d0:53:56:ea:bd:68:9e:1c:3b:
4e:89:95:6c:08:9f:84:2d:76:ca:f7:a7:e0:23:49:
87:01:58:8a:18:80:57:e6:60:41:f0:76:4b:0f:7f:
9b:41:a3:a1:e7:dc:3c:f3:db:80:07:b4:b2:56:cf:
68:51:31:8f:34:13:af:cc:0c:d0:15:08:da:6c:45:
bc:5e:bd:4a:94:c6:b6:0e:58:35:e0:69:b3:31:8d:
a7:b0:fb:c2:83:a5:a7:f2:3f:12:10:4b:4d:9e:7a:
50:88:40:a0:3b:4b:2d:fd:7d:f6:61:48:ff:c3:ac:
bf:f7:fd:7c:0e:53:57:fc:c4:b0:dd:e5:85:42:4b:
f4:22:f1:31:03:6a:26:dd:99:0d:29:2a:a9:9b:a6:
4a:df:c8:c2:52:e5:2d:8e:6d:a5:f8:ef:ee:5c:61:
a0:66:cc:2e:b0:1c:e4:bd:16:1f:e1:1f:75:7f:0b:
49:05:2c:07:8a:c0:2a:b6:2d:0e:cb:73:b5:cc:98:
d1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:30:4C:70:5C:68:21:DE:07:62:98:16:CD:66:D1:88:8C:14:55:1F
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/FF40707EDC7311ED8759C02BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.76.0/23
111.88.240.0/24
Signature Algorithm: sha256WithRSAEncryption
33:03:b3:ee:fd:ae:57:de:9f:48:95:cd:36:cb:3e:34:a7:f4:
aa:02:d1:ce:dc:88:62:1c:31:7d:73:54:dc:21:16:24:85:6e:
60:7a:4e:73:64:52:c0:c6:4b:99:f3:df:47:91:6e:ec:ff:2f:
35:33:92:3e:68:8a:13:b5:da:e3:90:ab:fe:9b:cf:f0:cb:4e:
ea:48:e4:6e:28:66:f4:87:a4:ba:dc:94:7e:9d:bd:9d:05:c1:
b2:86:64:d2:95:3f:d1:57:f8:0a:40:7d:52:97:60:26:de:5f:
cf:16:62:34:26:23:ae:e7:25:92:d7:aa:34:10:65:00:6a:da:
99:54:f1:c5:4d:09:92:9a:0a:53:0f:1c:7e:f6:41:73:59:33:
64:f9:1b:c6:26:1f:a6:37:3a:ad:38:88:e6:8f:27:0a:8e:c7:
73:66:5f:73:91:a2:31:92:d1:a8:6b:1c:51:f7:24:c4:53:b3:
2c:42:7a:48:41:4e:06:26:72:82:21:f7:0f:6c:13:37:26:90:
60:2b:2f:25:88:12:83:fa:88:95:22:31:0e:d2:11:8b:6e:ec:
29:aa:66:b4:63:4c:46:5e:c4:25:a3:b8:9d:72:34:2d:11:5c:
25:d9:ae:33:9c:28:3c:2a:30:c8:81:ad:a7:61:48:e8:7d:42:
e6:fa:78:64
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjMwNDE2MTcxMDMwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDNjMmMwNS0wMDNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp+xfiq4Wn4pCby5zypgSLi/pX7TKKvUemESI3PLGVT7+8vQ6BLhYA0CeDcDv
87AHF3fRZnMqXrctqaYl26hU6wjQU1bqvWieHDtOiZVsCJ+ELXbK96fgI0mHAViK
GIBX5mBB8HZLD3+bQaOh59w889uAB7SyVs9oUTGPNBOvzAzQFQjabEW8Xr1KlMa2
Dlg14GmzMY2nsPvCg6Wn8j8SEEtNnnpQiECgO0st/X32YUj/w6y/9/18DlNX/MSw
3eWFQkv0IvExA2om3ZkNKSqpm6ZK38jCUuUtjm2l+O/uXGGgZswusBzkvRYf4R91
fwtJBSwHisAqti0Oy3O1zJjRQwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJwwTHBc
aCHeB2KYFs1m0YiMFFUfMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvRkY0MDcwN0VE
QzczMTFFRDg3NTlDMDJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFvWEwDBABvWPAwDQYJKoZIhvcNAQELBQADggEBADMDs+79
rlfen0iVzTbLPjSn9KoC0c7ciGIcMX1zVNwhFiSFbmB6TnNkUsDGS5nz30eRbuz/
LzUzkj5oihO12uOQq/6bz/DLTupI5G4oZvSHpLrclH6dvZ0FwbKGZNKVP9FX+ApA
fVKXYCbeX88WYjQmI67nJZLXqjQQZQBq2plU8cVNCZKaClMPHH72QXNZM2T5G8Ym
H6Y3Oq04iOaPJwqOx3NmX3ORojGS0ahrHFH3JMRTsyxCekhBTgYmcoIh9w9sEzcm
kGArLyWIEoP6iJUiMQ7SEYtu7CmqZrRjTEZexCWjuJ1yNC0RXCXZrjOcKDwqMMiB
radhSOh9Qub6eGQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-fra.rpki-client.org