Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/46F1031CDA8E11EDB0D87A0CC4F9AE02.roa
File: 46F1031CDA8E11EDB0D87A0CC4F9AE02.roa (raw, json)
Hash identifier: tCAPGKp3qzOxn5drMEbv14kreRciwYRpnQRBrX/I9VA=
Subject key identifier: B2:65:AD:CF:FA:09:2F:A8:3F:39:9E:35:3A:AD:92:03:4F:5D:46:78
Certificate issuer: /CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Certificate serial: 1A8F
Authority key identifier: 7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/46F1031CDA8E11EDB0D87A0CC4F9AE02.roa
Signing time: Fri 14 Apr 2023 06:33:33 +0000
ROA not before: Fri 14 Apr 2023 06:33:33 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 4761
IP address blocks: 114.0.0.0/16 maxlen: 24
114.1.0.0/16 maxlen: 24
114.2.0.0/16 maxlen: 24
114.3.0.0/16 maxlen: 24
114.4.0.0/16 maxlen: 24
114.5.0.0/16 maxlen: 24
114.6.0.0/16 maxlen: 24
114.7.0.0/16 maxlen: 24
114.8.0.0/16 maxlen: 24
114.9.0.0/16 maxlen: 24
114.10.0.0/16 maxlen: 23
114.10.0.0/19 maxlen: 24
114.10.33.0/24 maxlen: 24
114.10.34.0/23 maxlen: 24
114.10.36.0/22 maxlen: 24
114.10.40.0/21 maxlen: 24
114.10.48.0/20 maxlen: 24
114.10.64.0/18 maxlen: 24
114.10.128.0/17 maxlen: 24
114.11.0.0/16 maxlen: 24
114.12.0.0/16 maxlen: 24
114.13.0.0/16 maxlen: 24
114.14.0.0/16 maxlen: 24
114.15.0.0/16 maxlen: 24
124.195.6.0/23 maxlen: 24
124.195.8.0/23 maxlen: 24
124.195.12.0/23 maxlen: 24
124.195.26.0/23 maxlen: 24
124.195.28.0/23 maxlen: 24
124.195.32.0/23 maxlen: 24
124.195.34.0/23 maxlen: 24
124.195.36.0/23 maxlen: 24
124.195.52.0/24 maxlen: 24
124.195.54.0/23 maxlen: 24
124.195.58.0/23 maxlen: 24
124.195.124.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6799 (0x1a8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Validity
Not Before: Apr 14 06:33:33 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6438f3bd-b545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c9:25:47:50:5e:12:61:17:66:6b:21:53:a0:
0c:a9:f3:59:e5:a8:46:89:7e:67:6b:43:c9:17:e3:
a1:7f:9b:2d:fb:5a:3b:e4:60:28:79:eb:a3:11:7c:
55:13:fa:05:9d:49:16:90:a5:5a:f9:2f:0a:b0:9d:
f1:62:cd:73:54:f2:e3:ec:d6:0b:76:c0:7d:63:47:
ce:a1:77:68:c9:2b:74:f2:70:c6:6a:16:18:c8:bb:
f3:a5:9c:5a:97:e5:84:ca:9b:86:a1:05:53:20:18:
a9:16:c7:46:b6:c0:4b:eb:c9:a3:0a:04:1c:b2:5c:
19:85:39:f0:fe:cb:d5:08:65:80:ae:b3:84:59:92:
a5:21:62:e6:ea:fc:39:2c:3a:eb:09:cd:40:1c:88:
f4:1d:66:9a:1e:72:6b:3b:9a:4b:9a:f3:20:0b:42:
5b:d0:96:38:2f:fa:cf:20:7b:18:3e:ba:0f:9f:16:
6a:3c:27:9a:d6:d5:36:92:6a:c1:56:60:b2:d9:bb:
9c:1f:90:e9:ba:f1:af:2d:5a:01:0c:6f:a0:cc:7a:
27:31:bd:83:b6:cd:0d:12:a0:16:6c:24:2e:ef:11:
fa:8c:20:c3:81:67:b2:b4:a6:65:42:85:a4:13:2b:
16:53:e7:e3:c2:60:37:d0:80:0e:ac:16:1f:b3:97:
79:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:65:AD:CF:FA:09:2F:A8:3F:39:9E:35:3A:AD:92:03:4F:5D:46:78
X509v3 Authority Key Identifier:
keyid:7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/46F1031CDA8E11EDB0D87A0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.0.0.0/12
124.195.6.0-124.195.9.255
124.195.12.0/23
124.195.26.0-124.195.29.255
124.195.32.0-124.195.37.255
124.195.52.0/24
124.195.54.0/23
124.195.58.0/23
124.195.124.0/23
Signature Algorithm: sha256WithRSAEncryption
09:a5:61:df:1a:11:37:0d:4c:2e:75:7c:c4:e2:40:7e:3c:cf:
55:70:4e:c0:2d:86:90:ed:40:6e:2e:d9:af:13:40:dc:b3:48:
37:05:9d:5c:19:da:c6:c4:12:87:74:1c:8a:82:05:dc:4a:68:
89:01:6b:68:3b:8a:87:3c:9f:da:00:56:89:f2:27:af:1a:df:
53:2a:95:1f:44:a1:5d:1d:a8:47:e9:20:26:af:d1:24:2d:82:
eb:ef:ba:1b:38:ea:62:9e:77:c8:ed:ae:26:fe:62:a7:5f:7a:
ec:c8:3e:46:91:9a:0d:df:25:bd:48:7d:60:ea:96:4c:b9:58:
5a:f1:90:2b:39:f1:4a:1d:11:9b:f5:b4:21:d4:46:ca:d9:73:
9c:b6:e7:98:b2:55:a6:c9:0f:e7:84:56:63:e1:fb:56:cd:77:
b1:1b:7b:a4:4f:52:33:f7:6d:72:91:01:79:4f:3d:c5:0d:0a:
c1:69:37:f5:7f:f1:f0:c9:62:98:2a:bb:e4:f9:25:81:4c:2b:
2f:91:ae:1e:a3:9a:c9:60:30:88:02:dc:ff:28:75:65:21:70:
e5:b1:ca:b5:5d:b0:b4:3b:a6:c6:eb:0a:90:54:c4:70:a1:a2:
07:f9:08:bb:f1:12:c6:f5:ad:20:c4:39:5c:90:92:68:73:78:
34:57:e0:a7
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICGo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzk4QUQxMTAvBgNVBAUTKDdDMUEwRjQ4RUE0MzIzMUZBMzM0M0Q1OTI4MjFFRjI5
RThEMkIzMUIwHhcNMjMwNDE0MDYzMzMzWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM4ZjNiZC1iNTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwcklR1BeEmEXZmshU6AMqfNZ5ahGiX5na0PJF+Ohf5st+1o75GAoeeujEXxV
E/oFnUkWkKVa+S8KsJ3xYs1zVPLj7NYLdsB9Y0fOoXdoySt08nDGahYYyLvzpZxa
l+WEypuGoQVTIBipFsdGtsBL68mjCgQcslwZhTnw/svVCGWArrOEWZKlIWLm6vw5
LDrrCc1AHIj0HWaaHnJrO5pLmvMgC0Jb0JY4L/rPIHsYProPnxZqPCea1tU2kmrB
VmCy2bucH5DpuvGvLVoBDG+gzHonMb2Dts0NEqAWbCQu7xH6jCDDgWeytKZlQoWk
EysWU+fjwmA30IAOrBYfs5d5OQIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFLJlrc/6
CS+oPzmeNTqtkgNPXUZ4MB8GA1UdIwQYMBaAFHwaD0jqQyMfozQ9WSgh7yno0rMb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OThBRC83MEVGQjRBQ0ZF
MkExMUU2OEYyQzVBMTNDNEY5QUUwMi9mQm9QU09wREl4LWpORDFaS0NIdktlalNz
eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZCb1BTT3BESXgtak5EMVpLQ0h2S2VqU3N4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzk4QUQvNzBFRkI0QUNGRTJBMTFFNjhGMkM1QTEzQzRGOUFFMDIvNDZGMTAzMUNE
QThFMTFFREIwRDg3QTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMFMEAgABME0DAwRyADAMAwQBfMMGAwQBfMMIAwQBfMMMMAwDBAF8wxoDBAF8
wxwwDAMEBXzDIAMEAXzDJAMEAHzDNAMEAXzDNgMEAXzDOgMEAXzDfDANBgkqhkiG
9w0BAQsFAAOCAQEACaVh3xoRNw1MLnV8xOJAfjzPVXBOwC2GkO1Abi7ZrxNA3LNI
NwWdXBnaxsQSh3QcioIF3EpoiQFraDuKhzyf2gBWifInrxrfUyqVH0ShXR2oR+kg
Jq/RJC2C6++6GzjqYp53yO2uJv5ip1967Mg+RpGaDd8lvUh9YOqWTLlYWvGQKznx
Sh0Rm/W0IdRGytlznLbnmLJVpskP54RWY+H7Vs13sRt7pE9SM/dtcpEBeU89xQ0K
wWk39X/x8MlimCq75PklgUwrL5GuHqOayWAwiALc/yh1ZSFw5bHKtV2wtDumxusK
kFTEcKGiB/kIu/ESxvWtIMQ5XJCSaHN4NFfgpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org