Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/DEE4C99821F111ED9ED74866C4F9AE02.roa
File: DEE4C99821F111ED9ED74866C4F9AE02.roa (raw, json)
Hash identifier: mamy1eUsndzpiayVIRi3GBOKj6mQSndhkJN56SY9IS4=
Subject key identifier: DB:7A:0E:E5:C6:6B:BB:49:B9:D7:B8:DC:E8:4A:A4:B9:D7:9F:51:20
Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Certificate serial: 32EC
Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/DEE4C99821F111ED9ED74866C4F9AE02.roa
Signing time: Mon 22 Aug 2022 08:10:23 +0000
ROA not before: Mon 22 Aug 2022 08:10:23 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 18042
IP address blocks: 58.114.0.0/15 maxlen: 16
58.114.0.0/17 maxlen: 17
58.114.0.0/18 maxlen: 18
58.114.64.0/18 maxlen: 18
58.114.128.0/18 maxlen: 18
58.114.192.0/18 maxlen: 18
58.115.0.0/18 maxlen: 21
58.115.64.0/18 maxlen: 18
58.115.128.0/18 maxlen: 18
58.115.192.0/18 maxlen: 18
61.70.0.0/15 maxlen: 15
61.70.0.0/16 maxlen: 24
61.71.0.0/16 maxlen: 24
111.184.0.0/15 maxlen: 24
182.233.0.0/16 maxlen: 24
182.234.0.0/15 maxlen: 24
202.2.52.0/22 maxlen: 24
203.133.0.0/17 maxlen: 24
203.187.27.0/24 maxlen: 24
203.187.82.0/24 maxlen: 24
203.203.0.0/16 maxlen: 24
203.204.0.0/16 maxlen: 24
219.68.0.0/16 maxlen: 24
219.69.0.0/17 maxlen: 24
219.70.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13036 (0x32ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Validity
Not Before: Aug 22 08:10:23 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=630339ef-c4b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a2:02:9d:23:80:81:0a:c2:b3:80:60:96:28:
65:28:46:ed:ef:7c:c0:c0:fa:0f:75:15:64:a8:8f:
21:ca:06:0c:6b:6e:c6:91:cf:e4:93:9f:13:ba:42:
5b:b4:4e:d4:b8:9f:b6:d9:85:f0:82:a5:3c:4f:4b:
78:a0:24:fc:ce:a0:d7:bb:ba:03:e0:9b:b3:a8:af:
10:9c:96:0b:98:2d:e9:b7:a9:e6:31:fd:7b:84:9d:
0a:d4:ec:66:3f:d0:b5:88:39:bf:03:2e:2c:e2:c8:
b1:cd:e7:71:ca:e4:aa:14:e0:0d:1d:b1:2c:6d:6b:
2f:d8:57:b9:3b:fb:50:5e:38:1c:fa:9f:69:95:5c:
6f:97:b6:0b:e2:61:15:6b:99:4f:76:43:85:04:6e:
81:bf:33:a7:3c:43:55:06:06:56:f9:dc:1b:96:7a:
09:cd:ff:00:07:dc:b9:e0:83:83:eb:fd:dd:65:a1:
af:a8:59:9a:6a:60:af:d9:0f:98:21:c4:5b:f6:96:
c5:00:f4:29:c6:ef:26:6f:50:93:c8:fa:be:3f:28:
f5:03:23:00:c7:74:62:bd:b8:a1:08:bb:b9:b5:ff:
a8:c5:f4:cb:45:b3:8b:fe:ac:fe:f2:92:c8:cb:0f:
4f:63:80:71:1c:86:d2:5e:c4:68:be:b0:20:02:49:
a2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7A:0E:E5:C6:6B:BB:49:B9:D7:B8:DC:E8:4A:A4:B9:D7:9F:51:20
X509v3 Authority Key Identifier:
keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/DEE4C99821F111ED9ED74866C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.114.0.0/15
61.70.0.0/15
111.184.0.0/15
182.233.0.0-182.235.255.255
202.2.52.0/22
203.133.0.0/17
203.187.27.0/24
203.187.82.0/24
203.203.0.0-203.204.255.255
219.68.0.0-219.69.127.255
219.70.0.0/15
Signature Algorithm: sha256WithRSAEncryption
94:8d:8a:e2:12:da:d4:a3:94:aa:63:7e:9a:c6:96:1e:3a:ba:
26:fe:48:0c:ba:31:5d:4d:97:cf:a9:b7:b6:fc:7c:8e:68:16:
cf:39:21:8f:cb:59:c6:e5:22:0f:a9:07:a6:32:cd:ca:0c:55:
cc:4e:9a:79:c1:7e:18:e3:1d:cd:da:e1:da:a5:83:85:15:2f:
59:60:2d:ab:97:b4:43:80:18:3b:39:b1:ec:b8:77:53:82:1c:
ec:ab:a2:dd:e0:b7:5b:a8:bf:a8:21:78:82:c2:d2:f1:45:31:
0f:4c:95:db:bf:39:a7:40:04:5e:0f:e4:be:93:d8:9a:0f:e8:
8a:52:aa:17:03:4c:2c:77:1b:80:cc:20:03:be:2c:52:e7:9c:
45:18:b6:f1:fd:24:43:9b:6a:9a:53:d3:b6:95:02:68:df:34:
74:50:49:23:fb:de:54:81:25:b7:81:68:47:ab:18:35:ce:9d:
41:9e:2c:f0:22:5e:e9:b3:60:cd:66:2d:df:4e:6d:9f:05:74:
46:7d:be:e0:9a:61:8f:98:35:ff:18:6c:6c:89:27:b6:f5:36:
08:05:46:7c:ec:a3:e5:89:5f:7f:72:73:1d:8e:26:64:be:70:
6d:80:4e:42:fb:d1:e8:74:98:6d:c5:b0:0b:ec:5f:91:47:8f:
bb:31:34:77
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICMuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5
MEZFNzM3NTIwHhcNMjIwODIyMDgxMDIzWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzAzMzllZi1jNGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmaICnSOAgQrCs4BglihlKEbt73zAwPoPdRVkqI8hygYMa27Gkc/kk58TukJb
tE7UuJ+22YXwgqU8T0t4oCT8zqDXu7oD4JuzqK8QnJYLmC3pt6nmMf17hJ0K1Oxm
P9C1iDm/Ay4s4sixzedxyuSqFOANHbEsbWsv2Fe5O/tQXjgc+p9plVxvl7YL4mEV
a5lPdkOFBG6BvzOnPENVBgZW+dwblnoJzf8AB9y54IOD6/3dZaGvqFmaamCv2Q+Y
IcRb9pbFAPQpxu8mb1CTyPq+Pyj1AyMAx3RivbihCLu5tf+oxfTLRbOL/qz+8pLI
yw9PY4BxHIbSXsRovrAgAkmilwIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFNt6DuXG
a7tJude43OhKpLnXn1EgMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE
ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZGNDcvQjRBODZDMzgxRDg0MTFFMjk2OUZDNURBMDhCMDJDRDIvREVFNEM5OTgy
MUYxMTFFRDlFRDc0ODY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMFcEAgABMFEDAwE6cgMDAT1GAwMBb7gwCgMDALbpAwMCtugDBALKAjQDBAfL
hQADBADLuxsDBADLu1IwCgMDAMvLAwMAy8wwCwMDAttEAwQH20UAAwMB20YwDQYJ
KoZIhvcNAQELBQADggEBAJSNiuIS2tSjlKpjfprGlh46uib+SAy6MV1Nl8+pt7b8
fI5oFs85IY/LWcblIg+pB6YyzcoMVcxOmnnBfhjjHc3a4dqlg4UVL1lgLauXtEOA
GDs5sey4d1OCHOyrot3gt1uov6gheILC0vFFMQ9Mldu/OadABF4P5L6T2JoP6IpS
qhcDTCx3G4DMIAO+LFLnnEUYtvH9JEObappT07aVAmjfNHRQSSP73lSBJbeBaEer
GDXOnUGeLPAiXumzYM1mLd9ObZ8FdEZ9vuCaYY+YNf8YbGyJJ7b1NggFRnzso+WJ
X39ycx2OJmS+cG2ATkL70eh0mG3FsAvsX5FHj7sxNHc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-fra.rpki-client.org