Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/478FBD60325511EB9A3B0872C4F9AE02.roa
File: 478FBD60325511EB9A3B0872C4F9AE02.roa (raw, json)
Hash identifier: 19mbq5kg1QdaIPd1/qZz+qXn5cDgW+lLZqgQBc97Ivw=
Subject key identifier: A4:D5:C0:E1:F7:4F:E8:E1:8E:02:F8:9C:6F:BB:7F:52:F5:61:19:98
Certificate issuer: /CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Certificate serial: 1A0A
Authority key identifier: 7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/478FBD60325511EB9A3B0872C4F9AE02.roa
Signing time: Fri 16 Sep 2022 05:13:40 +0000
ROA not before: Fri 16 Sep 2022 05:13:40 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 4761
IP address blocks: 114.0.0.0/16 maxlen: 24
114.1.0.0/16 maxlen: 24
114.2.0.0/16 maxlen: 24
114.3.0.0/16 maxlen: 24
114.4.0.0/16 maxlen: 24
114.5.0.0/16 maxlen: 24
114.6.0.0/16 maxlen: 24
114.7.0.0/16 maxlen: 24
114.8.0.0/16 maxlen: 24
114.9.0.0/16 maxlen: 24
114.10.0.0/16 maxlen: 24
114.11.0.0/16 maxlen: 24
114.12.0.0/16 maxlen: 24
114.13.0.0/16 maxlen: 24
114.14.0.0/16 maxlen: 24
114.15.0.0/16 maxlen: 24
124.195.6.0/23 maxlen: 24
124.195.8.0/23 maxlen: 24
124.195.12.0/23 maxlen: 24
124.195.26.0/23 maxlen: 24
124.195.28.0/23 maxlen: 24
124.195.32.0/23 maxlen: 24
124.195.34.0/23 maxlen: 24
124.195.36.0/23 maxlen: 24
124.195.52.0/24 maxlen: 24
124.195.54.0/23 maxlen: 24
124.195.58.0/23 maxlen: 24
124.195.124.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6666 (0x1a0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Validity
Not Before: Sep 16 05:13:40 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63240604-6957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:af:01:1c:13:55:7a:32:29:07:60:af:f8:ec:
cd:ac:e9:17:e2:5c:72:f7:9a:fc:6f:00:79:cc:f5:
e7:34:52:2b:d9:a7:20:d7:ae:16:fe:94:6b:e9:e5:
9c:22:4e:15:54:a8:a8:7c:ef:6b:29:68:37:e3:d4:
59:63:1e:46:d5:82:09:ef:75:38:22:aa:db:da:c3:
f2:a4:1f:f7:66:4f:6c:06:77:ab:ac:9f:b3:13:a8:
27:19:2c:a2:57:ff:5f:8f:67:5b:21:9a:b6:a0:cc:
f6:8b:16:be:92:59:54:20:fa:2d:17:91:06:a5:0f:
d9:1c:51:73:c4:3f:b6:a7:e8:16:15:57:8d:b7:43:
e8:59:19:c5:66:cc:f6:f3:2b:a8:48:3c:43:0f:8b:
c0:18:e5:3d:b1:3d:c9:cc:f7:e3:1c:c3:dd:71:6d:
3d:f3:28:17:f2:5b:25:a5:8b:64:db:69:4a:cd:96:
63:f3:3b:1a:c1:05:90:89:41:8e:76:b4:41:ee:50:
f3:1c:ab:0d:ae:bf:d9:43:24:32:89:63:9c:bc:40:
ef:1b:12:de:45:24:f7:fd:87:6b:87:be:00:e8:fe:
6e:b3:14:75:08:f5:2e:b2:3f:a2:a9:8d:42:f1:12:
02:a5:c1:ed:28:c1:b3:4d:46:8e:37:f5:e7:d0:e4:
9a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D5:C0:E1:F7:4F:E8:E1:8E:02:F8:9C:6F:BB:7F:52:F5:61:19:98
X509v3 Authority Key Identifier:
keyid:7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/478FBD60325511EB9A3B0872C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.0.0.0/12
124.195.6.0-124.195.9.255
124.195.12.0/23
124.195.26.0-124.195.29.255
124.195.32.0-124.195.37.255
124.195.52.0/24
124.195.54.0/23
124.195.58.0/23
124.195.124.0/23
Signature Algorithm: sha256WithRSAEncryption
32:f6:7b:34:78:ab:9e:e0:8b:45:37:89:94:dc:19:d3:6b:01:
18:43:ca:f7:fd:a4:f4:07:f3:17:d8:45:9f:4a:82:02:4b:0e:
2a:ec:ae:7f:06:09:9c:82:9b:d7:78:31:c2:49:dd:65:72:59:
ba:89:1c:95:1f:16:d3:2c:7b:3f:6e:bd:4c:b3:cd:c5:95:e3:
43:f9:11:c3:2c:ea:23:75:3f:83:c3:47:da:aa:64:f4:6f:c1:
63:4f:30:22:b8:b8:90:65:2f:07:77:0f:68:c7:9f:cf:3b:54:
20:d2:ee:29:dc:d9:e0:21:eb:9c:c0:ab:94:b2:0c:83:5f:c4:
f7:51:0e:ac:5c:21:5c:08:67:ba:ad:51:06:62:c6:2c:ce:ab:
b9:76:a6:61:6d:40:24:af:20:10:f9:7b:39:87:b0:13:3f:be:
65:b4:52:a8:6d:13:09:4f:60:e2:55:09:20:8b:e8:76:a9:fb:
9f:11:86:03:fb:a8:01:fc:cf:46:c9:ea:de:7b:ba:cf:d3:b0:
62:7e:2e:04:06:ff:d2:e5:65:b7:76:13:15:3c:c7:28:f8:62:
bd:d5:4a:3c:ad:14:07:17:43:fc:21:4a:49:34:fc:08:3b:41:
04:21:5a:83:1b:79:ff:a9:59:b0:bd:eb:0a:07:7d:3a:99:95:
44:2b:99:4c
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICGgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzk4QUQxMTAvBgNVBAUTKDdDMUEwRjQ4RUE0MzIzMUZBMzM0M0Q1OTI4MjFFRjI5
RThEMkIzMUIwHhcNMjIwOTE2MDUxMzQwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzI0MDYwNC02OTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl68BHBNVejIpB2Cv+OzNrOkX4lxy95r8bwB5zPXnNFIr2acg164W/pRr6eWc
Ik4VVKiofO9rKWg349RZYx5G1YIJ73U4Iqrb2sPypB/3Zk9sBnerrJ+zE6gnGSyi
V/9fj2dbIZq2oMz2ixa+kllUIPotF5EGpQ/ZHFFzxD+2p+gWFVeNt0PoWRnFZsz2
8yuoSDxDD4vAGOU9sT3JzPfjHMPdcW098ygX8lslpYtk22lKzZZj8zsawQWQiUGO
drRB7lDzHKsNrr/ZQyQyiWOcvEDvGxLeRST3/Ydrh74A6P5usxR1CPUusj+iqY1C
8RICpcHtKMGzTUaON/Xn0OSaZwIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFKTVwOH3
T+jhjgL4nG+7f1L1YRmYMB8GA1UdIwQYMBaAFHwaD0jqQyMfozQ9WSgh7yno0rMb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OThBRC83MEVGQjRBQ0ZF
MkExMUU2OEYyQzVBMTNDNEY5QUUwMi9mQm9QU09wREl4LWpORDFaS0NIdktlalNz
eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZCb1BTT3BESXgtak5EMVpLQ0h2S2VqU3N4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzk4QUQvNzBFRkI0QUNGRTJBMTFFNjhGMkM1QTEzQzRGOUFFMDIvNDc4RkJENjAz
MjU1MTFFQjlBM0IwODcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMFMEAgABME0DAwRyADAMAwQBfMMGAwQBfMMIAwQBfMMMMAwDBAF8wxoDBAF8
wxwwDAMEBXzDIAMEAXzDJAMEAHzDNAMEAXzDNgMEAXzDOgMEAXzDfDANBgkqhkiG
9w0BAQsFAAOCAQEAMvZ7NHirnuCLRTeJlNwZ02sBGEPK9/2k9AfzF9hFn0qCAksO
KuyufwYJnIKb13gxwkndZXJZuokclR8W0yx7P269TLPNxZXjQ/kRwyzqI3U/g8NH
2qpk9G/BY08wIri4kGUvB3cPaMefzztUINLuKdzZ4CHrnMCrlLIMg1/E91EOrFwh
XAhnuq1RBmLGLM6ruXamYW1AJK8gEPl7OYewEz++ZbRSqG0TCU9g4lUJIIvodqn7
nxGGA/uoAfzPRsnq3nu6z9OwYn4uBAb/0uVlt3YTFTzHKPhivdVKPK0UBxdD/CFK
STT8CDtBBCFagxt5/6lZsL3rCgd9OpmVRCuZTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org