Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BF251422E87D11EB91E73C68C4F9AE02.roa
File: BF251422E87D11EB91E73C68C4F9AE02.roa (raw, json)
Hash identifier: nQjExqqjBKfMrL5KgxjUK8IkI6ikiSMWW3oC90k5sYw=
Subject key identifier: 54:E0:6B:30:B2:E2:E3:0D:0C:C4:DF:F1:66:19:4C:AA:D2:D1:3B:0B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3B43
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BF251422E87D11EB91E73C68C4F9AE02.roa
Signing time: Mon 28 Nov 2022 04:00:36 +0000
ROA not before: Mon 28 Nov 2022 04:00:36 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 38732
IP address blocks: 42.96.32.0/24 maxlen: 24
42.96.34.0/23 maxlen: 24
45.122.253.0/24 maxlen: 24
101.99.3.0/24 maxlen: 24
103.6.234.0/23 maxlen: 24
103.21.148.0/22 maxlen: 24
103.63.108.0/23 maxlen: 24
103.252.0.0/22 maxlen: 24
115.146.120.0/21 maxlen: 24
124.158.0.0/21 maxlen: 24
183.91.14.0/24 maxlen: 24
203.205.8.0/24 maxlen: 24
2402:5300:407::/48 maxlen: 48
2402:5300:7000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15171 (0x3b43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Nov 28 04:00:36 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63843264-d56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:49:b4:a5:2d:a5:d1:6e:d0:1f:cc:2b:4f:c1:
ec:8e:27:29:e3:ae:4e:59:7e:ed:4a:9b:e9:d7:a5:
4a:92:2d:99:09:26:21:8d:85:8b:cb:fb:5e:45:53:
be:30:47:44:06:0f:59:e2:ce:e3:6d:ba:db:f7:9b:
57:62:c0:d2:81:eb:44:18:2f:a2:90:2e:e1:fe:e2:
df:5d:61:7f:06:0a:0f:e2:3f:1d:33:e9:ef:8f:d6:
5b:8d:c8:1c:9a:16:a1:33:cb:74:82:c6:15:47:b9:
ba:99:ae:0a:74:ed:66:79:0c:6b:e2:b6:4a:17:76:
9d:3a:a4:72:be:bf:a9:58:47:45:1c:c6:91:07:f4:
ae:3a:01:e1:15:4d:3a:10:72:7b:89:e4:7c:aa:00:
12:b5:b8:21:df:1b:92:86:de:55:f4:ee:b4:28:0c:
c9:f3:17:ba:4e:f9:75:b3:c9:40:29:66:5a:02:f5:
ca:b7:92:df:fa:28:b6:d1:d0:f2:d0:1a:af:6d:75:
a8:7b:79:15:dc:18:13:d9:1e:c9:a1:63:d2:aa:ae:
2b:8a:35:cf:aa:18:8e:c6:15:ae:57:ac:6c:e5:83:
24:36:a4:76:ff:b0:d0:d5:43:15:98:87:8d:b5:72:
0c:44:cc:98:0e:1e:16:fb:57:ca:2e:21:99:50:a0:
8b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E0:6B:30:B2:E2:E3:0D:0C:C4:DF:F1:66:19:4C:AA:D2:D1:3B:0B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BF251422E87D11EB91E73C68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.96.32.0/24
42.96.34.0/23
45.122.253.0/24
101.99.3.0/24
103.6.234.0/23
103.21.148.0/22
103.63.108.0/23
103.252.0.0/22
115.146.120.0/21
124.158.0.0/21
183.91.14.0/24
203.205.8.0/24
IPv6:
2402:5300:407::/48
2402:5300:7000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:e9:67:b1:01:2c:ff:54:e3:4a:65:30:b1:ef:a5:40:16:89:
17:d8:bc:ed:aa:54:0c:11:98:91:8e:73:36:48:f0:47:81:91:
d2:e1:f9:b5:24:13:46:38:a1:45:4f:8c:88:64:d0:60:2f:40:
2f:a1:ab:62:03:e6:48:cc:76:bb:2b:46:49:1f:0c:6d:ee:73:
87:bb:7a:66:d4:a0:75:78:14:2b:e6:75:f2:61:ef:1b:a1:c4:
4b:4b:d5:4a:4f:77:79:77:81:d7:41:9b:16:5b:9b:aa:0b:21:
e8:2b:48:37:3e:6f:22:ef:b7:55:51:80:fd:46:f0:cf:38:a9:
e1:61:f1:ca:8a:ac:e0:02:6e:34:f4:94:3a:80:1c:6d:6b:53:
9c:1a:10:af:95:4d:24:40:56:20:4f:5a:bd:6f:12:75:02:0d:
35:0d:1f:08:26:9e:db:d7:ac:26:6f:bb:c0:4c:ae:b6:46:89:
5a:c0:e5:34:eb:63:d2:e5:dd:89:b3:d1:13:62:ca:f3:39:ff:
24:df:90:d3:7a:5c:bf:e5:74:f0:a7:3c:b7:2f:17:4a:0b:8f:
ab:a5:99:e9:91:04:52:10:92:10:8d:02:d4:8f:2e:39:be:b5:
39:c4:e3:b5:40:9b:d0:4b:e4:0a:06:33:65:33:e4:33:9e:f7:
89:d0:24:80
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICO0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIxMTI4MDQwMDM2WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg0MzI2NC1kNTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw0m0pS2l0W7QH8wrT8Hsjicp465OWX7tSpvp16VKki2ZCSYhjYWLy/teRVO+
MEdEBg9Z4s7jbbrb95tXYsDSgetEGC+ikC7h/uLfXWF/BgoP4j8dM+nvj9Zbjcgc
mhahM8t0gsYVR7m6ma4KdO1meQxr4rZKF3adOqRyvr+pWEdFHMaRB/SuOgHhFU06
EHJ7ieR8qgAStbgh3xuSht5V9O60KAzJ8xe6Tvl1s8lAKWZaAvXKt5Lf+ii20dDy
0BqvbXWoe3kV3BgT2R7JoWPSqq4rijXPqhiOxhWuV6xs5YMkNqR2/7DQ1UMVmIeN
tXIMRMyYDh4W+1fKLiGZUKCLXQIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFFTgazCy
4uMNDMTf8WYZTKrS0TsLMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQkYyNTE0MjJF
ODdEMTFFQjkxRTczQzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwegYIKwYBBQUHAQcBAf8E
azBpME4EAgABMEgDBAAqYCADBAEqYCIDBAAtev0DBABlYwMDBAFnBuoDBAJnFZQD
BAFnP2wDBAJn/AADBANzkngDBAN8ngADBAC3Ww4DBADLzQgwFwQCAAIwEQMHACQC
UwAEBwMGACQCUwBwMA0GCSqGSIb3DQEBCwUAA4IBAQB96WexASz/VONKZTCx76VA
FokX2LztqlQMEZiRjnM2SPBHgZHS4fm1JBNGOKFFT4yIZNBgL0AvoatiA+ZIzHa7
K0ZJHwxt7nOHu3pm1KB1eBQr5nXyYe8bocRLS9VKT3d5d4HXQZsWW5uqCyHoK0g3
Pm8i77dVUYD9RvDPOKnhYfHKiqzgAm409JQ6gBxta1OcGhCvlU0kQFYgT1q9bxJ1
Ag01DR8IJp7b16wmb7vATK62RolawOU062PS5d2Js9ETYsrzOf8k35DTely/5XTw
pzy3LxdKC4+rpZnpkQRSEJIQjQLUjy45vrU5xOO1QJvQS+QKBjNlM+QznveJ0CSA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org