Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D82EA11AA95E11EDBC8EBB57C4F9AE02.roa
File: D82EA11AA95E11EDBC8EBB57C4F9AE02.roa (raw, json)
Hash identifier: XlfUcae8TSKAxMkWABQ8a/8zjWZ6uK+nQnUubFJ+G74=
Subject key identifier: EB:D8:FD:6D:96:09:67:85:1D:4D:08:76:83:16:67:CB:6C:80:FE:21
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3BF2
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D82EA11AA95E11EDBC8EBB57C4F9AE02.roa
Signing time: Fri 10 Feb 2023 16:20:34 +0000
ROA not before: Fri 10 Feb 2023 16:20:34 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 7552
IP address blocks: 27.64.0.0/14 maxlen: 24
27.68.84.0/23 maxlen: 24
27.68.86.0/23 maxlen: 24
27.68.136.0/22 maxlen: 24
27.68.140.0/22 maxlen: 24
27.68.144.0/21 maxlen: 24
27.68.152.0/21 maxlen: 24
27.68.212.0/23 maxlen: 24
27.68.214.0/23 maxlen: 24
27.70.240.0/20 maxlen: 24
27.78.0.0/22 maxlen: 24
27.78.4.0/22 maxlen: 24
27.78.8.0/23 maxlen: 24
27.78.10.0/23 maxlen: 24
115.72.72.0/23 maxlen: 24
115.72.74.0/23 maxlen: 24
115.73.200.0/23 maxlen: 24
115.73.202.0/23 maxlen: 24
115.76.56.0/22 maxlen: 24
115.76.60.0/22 maxlen: 24
125.234.224.0/22 maxlen: 24
125.234.228.0/22 maxlen: 24
125.235.14.0/24 maxlen: 24
125.235.15.0/24 maxlen: 24
125.235.56.0/22 maxlen: 24
125.235.60.0/22 maxlen: 24
125.235.112.0/21 maxlen: 24
125.235.120.0/21 maxlen: 24
125.235.130.0/24 maxlen: 24
125.235.131.0/24 maxlen: 24
125.235.132.0/23 maxlen: 24
125.235.134.0/23 maxlen: 24
125.235.136.0/21 maxlen: 24
125.235.176.0/21 maxlen: 24
125.235.184.0/21 maxlen: 24
125.235.208.0/21 maxlen: 24
125.235.216.0/21 maxlen: 24
171.244.208.0/20 maxlen: 24
171.246.8.0/22 maxlen: 24
171.246.12.0/22 maxlen: 24
171.252.132.0/22 maxlen: 24
171.252.136.0/21 maxlen: 24
171.252.144.0/22 maxlen: 24
171.253.0.0/20 maxlen: 24
171.253.16.0/20 maxlen: 24
171.253.32.0/21 maxlen: 24
171.253.40.0/21 maxlen: 24
171.253.128.0/20 maxlen: 24
171.253.144.0/20 maxlen: 24
171.253.160.0/20 maxlen: 24
171.253.176.0/20 maxlen: 24
171.253.192.0/21 maxlen: 24
171.253.200.0/21 maxlen: 24
171.253.208.0/21 maxlen: 24
171.253.216.0/21 maxlen: 24
171.253.224.0/22 maxlen: 24
171.254.128.0/19 maxlen: 24
171.254.160.0/19 maxlen: 24
171.255.64.0/20 maxlen: 24
171.255.80.0/20 maxlen: 24
171.255.96.0/20 maxlen: 24
171.255.112.0/20 maxlen: 24
171.255.128.0/20 maxlen: 24
171.255.144.0/20 maxlen: 24
171.255.160.0/22 maxlen: 24
171.255.164.0/22 maxlen: 24
171.255.168.0/22 maxlen: 24
171.255.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15346 (0x3bf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Feb 10 16:20:34 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63e66ed2-b838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d5:64:71:28:36:e0:36:a0:56:e1:80:de:17:
16:8a:5e:e9:6a:46:18:96:0c:d0:2a:0c:70:4b:d9:
fc:6a:64:c9:0d:b3:35:54:61:12:f5:f0:ed:13:c0:
e7:e7:79:f0:67:a7:55:fa:09:22:70:3c:10:3f:ba:
24:ba:b5:f2:3a:eb:96:36:54:d4:00:45:4d:98:dd:
04:21:89:fe:10:67:8b:bd:f7:c2:d4:f8:6b:77:c7:
ac:eb:1f:d1:2a:c3:10:0c:7c:ac:4e:8f:0c:7e:e0:
5c:33:96:06:ac:ee:79:e3:4a:9b:a0:59:60:fc:49:
bc:2d:a0:76:a2:4a:80:10:86:a3:58:ae:60:12:66:
a3:b3:9f:d7:04:1a:c2:b5:58:f0:25:7b:79:c4:a7:
16:86:28:8d:0b:36:28:f6:62:01:2e:74:fd:ad:cf:
33:b9:3f:f6:66:27:9d:0e:46:29:fa:11:4e:a4:83:
61:01:5f:4a:71:23:04:c9:cf:bc:1c:08:e9:f0:23:
2b:aa:d7:eb:c1:4a:59:94:65:08:a4:a5:f4:09:9b:
cb:2e:7c:f3:42:f8:6c:75:87:1a:2d:4b:2f:90:86:
03:05:76:b4:e5:25:a6:cf:c8:6b:4d:7a:6d:1f:a9:
b6:a5:f8:86:0f:41:75:8a:bd:ab:7e:dd:f1:49:ae:
6c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D8:FD:6D:96:09:67:85:1D:4D:08:76:83:16:67:CB:6C:80:FE:21
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/D82EA11AA95E11EDBC8EBB57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.64.0.0/14
27.68.84.0/22
27.68.136.0-27.68.159.255
27.68.212.0/22
27.70.240.0/20
27.78.0.0-27.78.11.255
115.72.72.0/22
115.73.200.0/22
115.76.56.0/21
125.234.224.0/21
125.235.14.0/23
125.235.56.0/21
125.235.112.0/20
125.235.130.0-125.235.143.255
125.235.176.0/20
125.235.208.0/20
171.244.208.0/20
171.246.8.0/21
171.252.132.0-171.252.147.255
171.253.0.0-171.253.47.255
171.253.128.0-171.253.227.255
171.254.128.0/18
171.255.64.0-171.255.175.255
Signature Algorithm: sha256WithRSAEncryption
9b:ad:94:8e:a5:fb:f0:76:8c:28:65:9e:28:87:bb:00:34:5c:
35:4c:39:a8:0a:93:e2:13:02:6b:0d:bf:be:a6:b8:6a:f1:09:
0b:a9:52:53:9e:46:dd:5a:ce:67:4a:cb:3e:5a:9d:7a:23:1d:
5a:d8:a7:08:79:f5:64:c4:c2:6e:39:ff:ab:4b:99:2b:ff:0e:
d8:16:1f:24:61:93:53:87:0b:f9:d6:7c:5d:bb:16:66:59:f9:
d3:80:53:63:61:f4:e3:e3:88:3c:62:40:c5:a2:81:06:d5:62:
b2:e9:fe:99:95:3f:4c:e4:76:34:13:77:09:eb:7d:9f:47:30:
82:a5:59:b3:6e:e7:f7:b8:4e:85:5d:7d:f6:29:61:af:ce:b7:
70:31:c2:8f:92:fe:22:b5:4a:d7:81:e5:97:9c:9f:17:38:3d:
4c:5f:a0:55:1b:b5:84:27:01:15:9d:e8:1b:4f:7b:de:6a:9e:
be:24:a2:f4:e9:18:4a:d0:3a:08:37:98:e5:67:2b:01:67:59:
e7:3c:83:12:4c:a3:04:8b:96:4c:df:48:59:c9:79:da:29:b0:
7a:42:7c:cc:f7:a6:d3:96:3b:a5:8a:c3:0f:04:c4:97:b1:07:
23:d8:e7:52:18:21:b4:2b:13:4c:a9:63:a8:27:71:0b:d7:2a:
a9:5c:43:66
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgICO/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwMjEwMTYyMDM0WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2U2NmVkMi1iODM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkdVkcSg24DagVuGA3hcWil7pakYYlgzQKgxwS9n8amTJDbM1VGES9fDtE8Dn
53nwZ6dV+gkicDwQP7okurXyOuuWNlTUAEVNmN0EIYn+EGeLvffC1Phrd8es6x/R
KsMQDHysTo8MfuBcM5YGrO5540qboFlg/Em8LaB2okqAEIajWK5gEmajs5/XBBrC
tVjwJXt5xKcWhiiNCzYo9mIBLnT9rc8zuT/2ZiedDkYp+hFOpINhAV9KcSMEyc+8
HAjp8CMrqtfrwUpZlGUIpKX0CZvLLnzzQvhsdYcaLUsvkIYDBXa05SWmz8hrTXpt
H6m2pfiGD0F1ir2rft3xSa5siwIDAQABo4IDUzCCA08wHQYDVR0OBBYEFOvY/W2W
CWeFHU0IdoMWZ8tsgP4hMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRDgyRUExMUFB
OTVFMTFFREJDOEVCQjU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdwGCCsGAQUFBwEHAQH/
BIHMMIHJMIHGBAIAATCBvwMDAhtAAwQCG0RUMAwDBAMbRIgDBAUbRIADBAIbRNQD
BAQbRvAwCwMDARtOAwQCG04IAwQCc0hIAwQCc0nIAwQDc0w4AwQDfergAwQBfesO
AwQDfes4AwQEfetwMAwDBAF964IDBAR964ADBAR967ADBAR969ADBASr9NADBAOr
9ggwDAMEAqv8hAMEAqv8kDALAwMAq/0DBASr/SAwDAMEB6v9gAMEAqv94AMEBqv+
gDAMAwQGq/9AAwQEq/+gMA0GCSqGSIb3DQEBCwUAA4IBAQCbrZSOpfvwdowoZZ4o
h7sANFw1TDmoCpPiEwJrDb++prhq8QkLqVJTnkbdWs5nSss+Wp16Ix1a2KcIefVk
xMJuOf+rS5kr/w7YFh8kYZNThwv51nxduxZmWfnTgFNjYfTj44g8YkDFooEG1WKy
6f6ZlT9M5HY0E3cJ632fRzCCpVmzbuf3uE6FXX32KWGvzrdwMcKPkv4itUrXgeWX
nJ8XOD1MX6BVG7WEJwEVnegbT3veap6+JKL06RhK0DoIN5jlZysBZ1nnPIMSTKME
i5ZM30hZyXnaKbB6QnzM96bTljulisMPBMSXsQcj2OdSGCG0KxNMqWOoJ3EL1yqp
XENm
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org