Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/E279DA3C29CD11EEBA2A317BC4F9AE02.roa
File: E279DA3C29CD11EEBA2A317BC4F9AE02.roa (raw, json)
Hash identifier: swI63TyDnzZlDxRM7nOPc0Gu6diNEvzGCe+n6JQZDGE=
Subject key identifier: 8D:0B:5F:21:08:67:0B:2A:C9:CE:21:7E:58:F2:0D:EE:6A:DF:B9:F1
Certificate issuer: /CN=A918A996/serialNumber=8386BE861BDBDB6D0165087DC044A07FA4D4F089
Certificate serial: 15
Authority key identifier: 83:86:BE:86:1B:DB:DB:6D:01:65:08:7D:C0:44:A0:7F:A4:D4:F0:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g4a-hhvb220BZQh9wESgf6TU8Ik.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/E279DA3C29CD11EEBA2A317BC4F9AE02.roa
Signing time: Mon 24 Jul 2023 04:37:02 +0000
ROA not before: Mon 24 Jul 2023 04:37:02 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 10118
IP address blocks: 117.103.144.0/20 maxlen: 20
117.103.144.0/20 maxlen: 24
117.103.152.0/23 maxlen: 23
117.103.156.0/24 maxlen: 24
117.103.157.0/24 maxlen: 24
117.103.158.0/24 maxlen: 24
117.103.159.0/24 maxlen: 24
124.217.128.0/18 maxlen: 18
124.217.128.0/24 maxlen: 24
124.217.129.0/24 maxlen: 24
124.217.130.0/24 maxlen: 24
124.217.131.0/24 maxlen: 24
124.217.132.0/23 maxlen: 23
124.217.136.0/23 maxlen: 24
124.217.138.0/24 maxlen: 24
124.217.139.0/24 maxlen: 24
124.217.140.0/24 maxlen: 24
124.217.141.0/24 maxlen: 24
124.217.142.0/24 maxlen: 24
124.217.143.0/24 maxlen: 24
124.217.144.0/20 maxlen: 20
124.217.160.0/20 maxlen: 20
124.217.178.0/24 maxlen: 24
124.217.179.0/24 maxlen: 24
124.217.180.0/22 maxlen: 22
124.217.184.0/24 maxlen: 24
124.217.185.0/24 maxlen: 24
124.217.186.0/24 maxlen: 24
124.217.187.0/24 maxlen: 24
124.217.188.0/24 maxlen: 24
124.217.189.0/24 maxlen: 24
124.217.190.0/24 maxlen: 24
124.217.191.0/24 maxlen: 24
180.188.128.0/18 maxlen: 24
180.188.144.0/20 maxlen: 20
180.188.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21 (0x15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918A996/serialNumber=8386BE861BDBDB6D0165087DC044A07FA4D4F089
Validity
Not Before: Jul 24 04:37:02 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64bdffee-b0b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e4:26:e2:20:5f:12:a3:6c:c8:cd:a7:60:6e:
4a:ee:e9:04:71:d2:76:e6:76:40:2d:5f:9f:6a:e6:
dc:48:f4:49:5a:3a:3b:f4:73:40:21:30:31:74:4a:
9f:e9:2c:ee:b9:cc:fe:41:e8:36:57:ee:b8:0e:16:
ab:06:a6:78:e0:25:ce:bb:90:84:a0:53:db:c4:c8:
4a:6c:ad:fb:82:5b:2c:49:5f:31:55:4b:29:c0:a4:
4c:d1:13:16:c0:a0:82:81:2d:d0:01:3b:39:8c:30:
2c:14:eb:50:a3:35:aa:17:e3:94:01:e6:73:13:9c:
4b:5a:d9:09:f1:b0:e2:74:03:c2:ff:3b:fe:39:fd:
2a:91:9e:28:06:be:75:c1:50:05:0d:e2:b2:4f:ef:
3b:e1:02:76:a1:f1:83:5a:14:81:7c:85:cf:dc:d7:
79:b2:17:2c:f9:5d:a7:c8:ed:e5:b3:fd:b9:cc:cc:
87:28:4c:41:5d:46:d5:ba:3b:c7:6b:8f:ad:04:68:
96:70:5e:42:26:b4:fd:a8:f9:50:84:d9:73:98:f6:
e7:af:06:0d:2c:0b:e2:72:ca:a5:48:41:31:0e:dd:
e2:74:e0:50:fa:94:2f:c6:d6:64:ef:fa:b7:92:0d:
1a:97:17:c5:c3:f2:43:13:8f:b3:04:9a:31:50:09:
d7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0B:5F:21:08:67:0B:2A:C9:CE:21:7E:58:F2:0D:EE:6A:DF:B9:F1
X509v3 Authority Key Identifier:
keyid:83:86:BE:86:1B:DB:DB:6D:01:65:08:7D:C0:44:A0:7F:A4:D4:F0:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/g4a-hhvb220BZQh9wESgf6TU8Ik.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g4a-hhvb220BZQh9wESgf6TU8Ik.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A996/32C68A5E279811EEBD8DC55FC4F9AE02/E279DA3C29CD11EEBA2A317BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.103.144.0/20
124.217.128.0/18
180.188.128.0/18
Signature Algorithm: sha256WithRSAEncryption
01:62:2b:44:26:02:e1:fd:c1:6f:08:41:f0:a7:bb:9e:cc:5f:
70:29:f1:8d:ba:5e:e7:54:34:ef:b2:9b:f7:7e:6f:46:17:10:
1a:4d:f4:31:f4:d4:d9:64:43:9b:44:4d:49:78:bd:9c:9f:1c:
77:b2:54:17:56:37:5f:6c:85:28:49:40:62:4d:7c:21:6d:fc:
ef:06:df:8c:a8:00:8b:8e:3b:bc:81:d6:25:e4:7d:21:08:3b:
0a:d4:e7:f9:b6:77:de:41:8a:e7:ce:59:18:c1:ef:e9:2c:b7:
96:62:5b:35:10:e4:4a:4f:0a:48:59:b2:0c:d4:9a:cc:42:7c:
f7:1e:8c:8a:98:87:00:e7:cd:9a:44:87:21:b4:37:4c:37:f1:
1e:ef:ad:0e:70:05:dd:c3:a2:78:ac:e4:0e:95:87:6c:5a:8d:
e5:60:b8:63:7d:8c:82:1a:10:c6:c4:1f:d9:72:f9:84:8e:bc:
3e:2f:ca:14:2e:4c:b3:f3:a5:03:7d:b1:41:40:49:75:07:63:
13:cf:f0:aa:73:3f:79:30:d8:b3:95:96:11:e7:df:23:65:00:
b2:be:33:66:a7:e7:5c:71:66:72:54:f1:ef:ca:0b:a0:54:2b:
e9:19:6a:77:84:50:23:ee:e6:59:69:bd:59:1d:fc:a8:4a:84:
35:bb:61:03
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QTk5NjExMC8GA1UEBRMoODM4NkJFODYxQkRCREI2RDAxNjUwODdEQzA0NEEwN0ZB
NEQ0RjA4OTAeFw0yMzA3MjQwNDM3MDJaFw0yNDAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0YmRmZmVlLWIwYjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC15CbiIF8So2zIzadgbkru6QRx0nbmdkAtX59q5txI9ElaOjv0c0AhMDF0Sp/p
LO65zP5B6DZX7rgOFqsGpnjgJc67kISgU9vEyEpsrfuCWyxJXzFVSynApEzRExbA
oIKBLdABOzmMMCwU61CjNaoX45QB5nMTnEta2QnxsOJ0A8L/O/45/SqRnigGvnXB
UAUN4rJP7zvhAnah8YNaFIF8hc/c13myFyz5XafI7eWz/bnMzIcoTEFdRtW6O8dr
j60EaJZwXkImtP2o+VCE2XOY9uevBg0sC+JyyqVIQTEO3eJ04FD6lC/G1mTv+reS
DRqXF8XD8kMTj7MEmjFQCddPAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUjQtfIQhn
CyrJziF+WPIN7mrfufEwHwYDVR0jBBgwFoAUg4a+hhvb220BZQh9wESgf6TU8Ikw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBOTk2LzMyQzY4QTVFMjc5
ODExRUVCRDhEQzU1RkM0RjlBRTAyL2c0YS1oaHZiMjIwQlpRaDl3RVNnZjZUVThJ
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZzRhLWhodmIyMjBCWlFoOXdFU2dmNlRVOElrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QTk5Ni8zMkM2OEE1RTI3OTgxMUVFQkQ4REM1NUZDNEY5QUUwMi9FMjc5REEzQzI5
Q0QxMUVFQkEyQTMxN0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEBHVnkAMEBnzZgAMEBrS8gDANBgkqhkiG9w0BAQsFAAOCAQEA
AWIrRCYC4f3BbwhB8Ke7nsxfcCnxjbpe51Q077Kb935vRhcQGk30MfTU2WRDm0RN
SXi9nJ8cd7JUF1Y3X2yFKElAYk18IW387wbfjKgAi447vIHWJeR9IQg7CtTn+bZ3
3kGK585ZGMHv6Sy3lmJbNRDkSk8KSFmyDNSazEJ89x6MipiHAOfNmkSHIbQ3TDfx
Hu+tDnAF3cOieKzkDpWHbFqN5WC4Y32MghoQxsQf2XL5hI68Pi/KFC5Ms/OlA32x
QUBJdQdjE8/wqnM/eTDYs5WWEeffI2UAsr4zZqfnXHFmclTx78oLoFQr6Rlqd4RQ
I+7mWWm9WR38qEqENbthAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org