Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/16DACD60C3DD11EDAAED714EC4F9AE02.roa
File: 16DACD60C3DD11EDAAED714EC4F9AE02.roa (raw, json)
Hash identifier: ZcozUaes0+lj5yF1mJypLkhNZKvva708x9iT1VKMkxQ=
Subject key identifier: 05:2B:CE:26:B6:8D:E9:50:37:F0:B1:FD:46:4B:94:C7:63:09:6D:50
Certificate issuer: /CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Certificate serial: 06C1
Authority key identifier: 7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/16DACD60C3DD11EDAAED714EC4F9AE02.roa
Signing time: Thu 16 Mar 2023 09:29:46 +0000
ROA not before: Thu 16 Mar 2023 09:29:46 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 36131
IP address blocks: 169.136.68.0/24 maxlen: 24
169.136.69.0/24 maxlen: 24
169.136.70.0/24 maxlen: 24
169.136.71.0/24 maxlen: 24
169.136.72.0/24 maxlen: 24
169.136.73.0/24 maxlen: 24
169.136.128.0/24 maxlen: 24
169.136.129.0/24 maxlen: 24
169.136.130.0/24 maxlen: 24
169.136.132.0/24 maxlen: 24
169.136.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1729 (0x6c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Validity
Not Before: Mar 16 09:29:46 2023 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=6412e18a-e5dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:56:43:d0:44:15:29:42:e5:cf:b7:45:15:47:
a0:5c:30:f6:02:e7:85:99:1f:3a:5c:d8:24:7d:ae:
69:87:fe:87:b1:cb:cd:76:22:18:4d:95:61:b6:98:
41:aa:31:c5:48:c8:e5:b9:a0:84:dd:1d:1b:80:5a:
d1:25:a0:45:48:d9:e7:fd:6a:18:e7:87:07:38:68:
ae:e4:bc:13:93:42:2e:5c:8f:c2:b5:2d:b3:23:b2:
87:d9:b7:4e:1d:de:6b:08:83:4d:2a:ea:87:68:0e:
7a:31:8a:c0:93:7a:ec:8a:60:e7:4c:a9:7f:9e:ea:
0d:f7:40:4b:79:48:6a:59:95:a1:77:9b:cf:4e:dd:
d7:d2:c8:25:d1:95:7c:78:1f:75:47:c4:da:58:b7:
5c:6d:62:64:d5:a9:74:b1:90:f7:1d:0f:7b:d9:43:
81:ab:a3:da:b3:33:b3:0a:aa:4a:1c:9b:48:cb:21:
c6:54:ff:1e:8d:b9:78:82:ea:41:fa:b7:4b:2b:65:
b7:4a:4c:cb:c9:27:2a:5f:ef:0a:c7:2e:c0:74:67:
66:fa:a2:80:8c:b6:42:f8:dc:c1:ec:b8:9c:26:c9:
22:0f:86:36:eb:8b:f9:6e:68:25:96:38:36:a2:e9:
3f:c2:fd:66:c6:61:6a:f6:8a:4c:e8:ab:12:75:2e:
fa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:2B:CE:26:B6:8D:E9:50:37:F0:B1:FD:46:4B:94:C7:63:09:6D:50
X509v3 Authority Key Identifier:
keyid:7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/16DACD60C3DD11EDAAED714EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.136.68.0-169.136.73.255
169.136.128.0-169.136.130.255
169.136.132.0/24
169.136.141.0/24
Signature Algorithm: sha256WithRSAEncryption
90:0b:b1:23:32:42:31:cc:27:76:69:1b:b5:c3:b6:ab:24:7c:
3b:65:58:19:72:60:ee:5b:f6:44:ea:8a:a0:c0:15:ae:80:e9:
5a:3e:2c:02:39:d5:fe:71:71:a6:aa:a6:2e:2d:69:b0:df:89:
9c:a9:d2:02:fe:96:7b:fc:dc:5e:d4:99:ba:c1:32:21:90:60:
87:18:6a:92:95:71:db:a0:2c:9d:07:ee:4f:74:60:c5:7b:f1:
ff:c5:6c:8f:4f:b8:6d:34:6f:98:8f:59:67:ab:d2:39:b9:4f:
6b:e1:75:c7:9f:be:d4:c3:e0:da:ac:db:5e:ce:68:ec:ff:73:
b9:60:e6:72:16:70:dc:9a:42:f5:b3:b6:a9:c4:79:77:f2:d7:
06:8b:bf:0f:c6:fd:f8:6d:2e:0d:46:2b:69:51:c7:25:7a:2a:
72:25:3a:2b:70:26:f3:9e:a1:e2:2f:cd:0c:41:4c:17:33:73:
10:67:64:d3:92:e1:a8:69:6b:f0:4b:ef:ab:11:8f:0d:e5:b0:
9e:04:23:b6:a3:cb:93:59:4c:51:34:13:e4:73:4a:76:5c:d1:
72:e6:0c:74:32:d8:a1:b9:85:d6:1f:67:ad:82:df:a2:c6:8e:
5e:cd:d1:0b:53:89:6f:f6:7f:9e:dc:8f:bf:63:ed:a3:92:bf:
85:44:63:75
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBsEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDdFMjQ0MzEwRDdBNDU2RUIxMjdCOTI2QzQyRjI2RDc5
RTlBQ0RCODgwHhcNMjMwMzE2MDkyOTQ2WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDEyZTE4YS1lNWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0FZD0EQVKULlz7dFFUegXDD2AueFmR86XNgkfa5ph/6HscvNdiIYTZVhtphB
qjHFSMjluaCE3R0bgFrRJaBFSNnn/WoY54cHOGiu5LwTk0IuXI/CtS2zI7KH2bdO
Hd5rCINNKuqHaA56MYrAk3rsimDnTKl/nuoN90BLeUhqWZWhd5vPTt3X0sgl0ZV8
eB91R8TaWLdcbWJk1al0sZD3HQ972UOBq6PaszOzCqpKHJtIyyHGVP8ejbl4gupB
+rdLK2W3SkzLyScqX+8Kxy7AdGdm+qKAjLZC+NzB7LicJskiD4Y264v5bmglljg2
ouk/wv1mxmFq9opM6KsSdS76fQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFAUrzia2
jelQN/Cx/UZLlMdjCW1QMB8GA1UdIwQYMBaAFH4kQxDXpFbrEnuSbELybXnprNuI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GN0RGQTcyRUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9maVJERU5la1Z1c1NlNUpzUXZKdGVlbXMy
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ZpUkRFTmVrVnVzU2U1SnNRdkp0ZWVtczI0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRjdERkE3MkVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvMTZEQUNENjBD
M0REMTFFREFBRUQ3MTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgwDAMEAqmIRAMEAamISDAMAwQHqYiAAwQAqYiCAwQAqYiEAwQA
qYiNMA0GCSqGSIb3DQEBCwUAA4IBAQCQC7EjMkIxzCd2aRu1w7arJHw7ZVgZcmDu
W/ZE6oqgwBWugOlaPiwCOdX+cXGmqqYuLWmw34mcqdIC/pZ7/Nxe1Jm6wTIhkGCH
GGqSlXHboCydB+5PdGDFe/H/xWyPT7htNG+Yj1lnq9I5uU9r4XXHn77Uw+DarNte
zmjs/3O5YOZyFnDcmkL1s7apxHl38tcGi78Pxv34bS4NRitpUccleipyJTorcCbz
nqHiL80MQUwXM3MQZ2TTkuGoaWvwS++rEY8N5bCeBCO2o8uTWUxRNBPkc0p2XNFy
5gx0MtihuYXWH2etgt+ixo5ezdELU4lv9n+e3I+/Y+2jkr+FRGN1
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org