Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/BFEA3A4E30B311ECA42CF927C4F9AE02.roa
File: BFEA3A4E30B311ECA42CF927C4F9AE02.roa (raw, json)
Hash identifier: ds1UEmtUJdJL6Ah/2Z4B+WlUnHh268bO3Qcy2GfE9Ws=
Subject key identifier: DB:E7:09:E0:22:AC:0F:60:E5:36:AC:E2:3C:08:33:93:EC:F4:1B:82
Certificate issuer: /CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Certificate serial: 04C5
Authority key identifier: 7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/BFEA3A4E30B311ECA42CF927C4F9AE02.roa
Signing time: Mon 28 Mar 2022 07:31:02 +0000
ROA not before: Mon 28 Mar 2022 07:31:02 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 10122
IP address blocks: 169.136.68.0/24 maxlen: 24
169.136.71.0/24 maxlen: 24
169.136.73.0/24 maxlen: 24
169.136.76.0/24 maxlen: 24
169.136.77.0/24 maxlen: 24
169.136.78.0/24 maxlen: 24
169.136.79.0/24 maxlen: 24
169.136.80.0/24 maxlen: 24
169.136.81.0/24 maxlen: 24
169.136.82.0/24 maxlen: 24
169.136.83.0/24 maxlen: 24
169.136.84.0/24 maxlen: 24
169.136.85.0/24 maxlen: 24
169.136.86.0/24 maxlen: 24
169.136.87.0/24 maxlen: 24
169.136.88.0/23 maxlen: 23
169.136.88.0/24 maxlen: 24
169.136.89.0/24 maxlen: 24
169.136.90.0/24 maxlen: 24
169.136.91.0/24 maxlen: 24
169.136.92.0/24 maxlen: 24
169.136.93.0/24 maxlen: 24
169.136.94.0/24 maxlen: 24
169.136.95.0/24 maxlen: 24
169.136.96.0/24 maxlen: 24
169.136.97.0/24 maxlen: 24
169.136.98.0/24 maxlen: 24
169.136.99.0/24 maxlen: 24
169.136.100.0/24 maxlen: 24
169.136.101.0/24 maxlen: 24
169.136.102.0/24 maxlen: 24
169.136.103.0/24 maxlen: 24
169.136.104.0/24 maxlen: 24
169.136.105.0/24 maxlen: 24
169.136.106.0/24 maxlen: 24
169.136.107.0/24 maxlen: 24
169.136.108.0/24 maxlen: 24
169.136.109.0/24 maxlen: 24
169.136.110.0/24 maxlen: 24
169.136.111.0/24 maxlen: 24
169.136.112.0/24 maxlen: 24
169.136.113.0/24 maxlen: 24
169.136.114.0/24 maxlen: 24
169.136.115.0/24 maxlen: 24
169.136.116.0/24 maxlen: 24
169.136.117.0/24 maxlen: 24
169.136.118.0/24 maxlen: 24
169.136.119.0/24 maxlen: 24
169.136.121.0/24 maxlen: 24
169.136.123.0/24 maxlen: 24
169.136.124.0/24 maxlen: 24
169.136.125.0/24 maxlen: 24
169.136.126.0/24 maxlen: 24
169.136.127.0/24 maxlen: 24
169.136.128.0/24 maxlen: 24
169.136.129.0/24 maxlen: 24
169.136.130.0/24 maxlen: 24
169.136.136.0/24 maxlen: 24
169.136.144.0/24 maxlen: 24
169.136.155.0/24 maxlen: 24
169.136.156.0/24 maxlen: 24
169.136.157.0/24 maxlen: 24
169.136.158.0/24 maxlen: 24
169.136.159.0/24 maxlen: 24
169.136.160.0/24 maxlen: 24
169.136.161.0/24 maxlen: 24
169.136.162.0/24 maxlen: 24
169.136.163.0/24 maxlen: 24
169.136.164.0/24 maxlen: 24
169.136.165.0/24 maxlen: 24
169.136.166.0/24 maxlen: 24
169.136.167.0/24 maxlen: 24
169.136.168.0/24 maxlen: 24
169.136.169.0/24 maxlen: 24
169.136.170.0/24 maxlen: 24
169.136.171.0/24 maxlen: 24
169.136.172.0/24 maxlen: 24
169.136.173.0/24 maxlen: 24
169.136.174.0/24 maxlen: 24
169.136.175.0/24 maxlen: 24
169.136.176.0/24 maxlen: 24
169.136.177.0/24 maxlen: 24
169.136.178.0/24 maxlen: 24
169.136.179.0/24 maxlen: 24
169.136.180.0/24 maxlen: 24
169.136.181.0/24 maxlen: 24
169.136.182.0/24 maxlen: 24
169.136.183.0/24 maxlen: 24
169.136.184.0/24 maxlen: 24
169.136.185.0/24 maxlen: 24
169.136.186.0/24 maxlen: 24
169.136.187.0/24 maxlen: 24
169.136.188.0/24 maxlen: 24
169.136.189.0/24 maxlen: 24
169.136.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1221 (0x4c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF93A/serialNumber=7E244310D7A456EB127B926C42F26D79E9ACDB88
Validity
Not Before: Mar 28 07:31:02 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=62416436-c8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:52:94:3a:07:7d:db:35:79:7b:61:6d:eb:c3:
70:bd:b6:9b:94:68:c7:3e:e6:8b:e2:2a:68:3e:3e:
a2:a2:38:57:34:06:aa:ac:47:ef:2e:0f:81:7a:17:
51:b7:d5:d7:e7:64:75:12:c0:a9:7d:8c:81:c0:07:
c0:dd:b7:f7:01:32:87:a4:fc:fa:c2:ca:e7:ef:85:
4c:62:fc:16:eb:ed:58:f8:62:e1:4e:e4:d7:ab:9e:
e5:2b:de:29:07:5e:31:be:6c:ea:72:dd:73:99:5b:
34:a7:2e:9e:e8:94:09:fc:94:fb:e8:ab:22:61:93:
52:de:5c:e8:2f:0f:99:91:b9:88:e6:03:fc:5c:e3:
32:6e:bc:44:ba:36:7f:c6:b4:64:63:1f:e1:7b:a2:
f1:39:90:fd:12:d3:86:dd:9e:01:0c:9d:8d:f1:e6:
0f:b4:49:17:f8:c6:ae:a2:9e:34:09:cf:fc:41:a2:
48:11:7d:aa:09:0c:6a:b2:81:2b:13:21:2f:d2:a5:
00:ca:92:b0:c9:5e:a8:f9:bc:8f:5c:05:37:3f:04:
6e:93:31:f3:fd:63:c2:4c:61:8a:ac:11:da:67:f1:
62:81:f3:12:43:fd:7e:58:3b:56:8a:02:57:60:b8:
3e:e6:a5:c4:9f:17:7f:ca:31:b6:ec:27:4e:ff:39:
55:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E7:09:E0:22:AC:0F:60:E5:36:AC:E2:3C:08:33:93:EC:F4:1B:82
X509v3 Authority Key Identifier:
keyid:7E:24:43:10:D7:A4:56:EB:12:7B:92:6C:42:F2:6D:79:E9:AC:DB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/fiRDENekVusSe5JsQvJteems24g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/fiRDENekVusSe5JsQvJteems24g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF93A/F7DFA72EE5F311EAB3A91561C4F9AE02/BFEA3A4E30B311ECA42CF927C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.136.68.0/24
169.136.71.0/24
169.136.73.0/24
169.136.76.0-169.136.119.255
169.136.121.0/24
169.136.123.0-169.136.130.255
169.136.136.0/24
169.136.144.0/24
169.136.155.0-169.136.190.255
Signature Algorithm: sha256WithRSAEncryption
77:8c:0f:79:55:2e:8f:c9:18:68:41:23:41:36:53:7e:aa:84:
3c:7e:81:9c:63:ee:c0:be:1d:38:32:b3:a5:d3:3b:18:11:58:
ea:61:a9:2e:fd:c3:fc:88:7b:59:81:e5:3f:08:66:01:bf:53:
b4:74:dc:d0:2d:4b:4a:e2:56:eb:95:44:da:30:d9:bd:ea:10:
b5:97:66:51:07:9e:11:81:93:1c:d8:7b:46:2b:4c:1b:27:33:
12:01:64:f0:51:9c:6e:99:28:2c:58:dd:5d:c0:cd:04:39:53:
d6:04:a4:3d:7e:2d:4f:56:2e:d9:20:6b:4d:e9:84:a0:30:30:
4a:71:ad:38:68:e1:72:09:dd:f6:88:14:3d:53:de:04:80:f2:
44:1b:b3:76:f3:a4:9b:49:c9:7f:0c:19:44:0b:df:87:93:bd:
74:5f:99:9c:58:a4:be:49:07:bd:df:10:c8:f7:51:6d:5e:b8:
2e:08:e6:4b:d0:26:80:95:a8:66:cd:97:f5:96:4c:a4:cd:eb:
45:24:9e:09:26:06:56:3c:94:a1:fa:76:35:98:67:e2:c8:95:
fb:e7:03:74:33:97:0e:6a:bc:8b:43:d3:4d:e1:98:ba:80:8c:
e4:e5:25:1c:fc:4d:44:2f:68:eb:7e:43:a9:8f:2a:ff:07:42:
07:e1:d7:b5
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICBMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY5M0ExMTAvBgNVBAUTKDdFMjQ0MzEwRDdBNDU2RUIxMjdCOTI2QzQyRjI2RDc5
RTlBQ0RCODgwHhcNMjIwMzI4MDczMTAyWhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQxNjQzNi1jOGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4lKUOgd92zV5e2Ft68NwvbablGjHPuaL4ipoPj6iojhXNAaqrEfvLg+BehdR
t9XX52R1EsCpfYyBwAfA3bf3ATKHpPz6wsrn74VMYvwW6+1Y+GLhTuTXq57lK94p
B14xvmzqct1zmVs0py6e6JQJ/JT76KsiYZNS3lzoLw+ZkbmI5gP8XOMybrxEujZ/
xrRkYx/he6LxOZD9EtOG3Z4BDJ2N8eYPtEkX+Mauop40Cc/8QaJIEX2qCQxqsoEr
EyEv0qUAypKwyV6o+byPXAU3PwRukzHz/WPCTGGKrBHaZ/FigfMSQ/1+WDtWigJX
YLg+5qXEnxd/yjG27CdO/zlVrwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFNvnCeAi
rA9g5Tas4jwIM5Ps9BuCMB8GA1UdIwQYMBaAFH4kQxDXpFbrEnuSbELybXnprNuI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjkzQS9GN0RGQTcyRUU1
RjMxMUVBQjNBOTE1NjFDNEY5QUUwMi9maVJERU5la1Z1c1NlNUpzUXZKdGVlbXMy
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ZpUkRFTmVrVnVzU2U1SnNRdkp0ZWVtczI0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY5M0EvRjdERkE3MkVFNUYzMTFFQUIzQTkxNTYxQzRGOUFFMDIvQkZFQTNBNEUz
MEIzMTFFQ0E0MkNGOTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMFQEAgABME4DBACpiEQDBACpiEcDBACpiEkwDAMEAqmITAMEA6mIcAMEAKmI
eTAMAwQAqYh7AwQAqYiCAwQAqYiIAwQAqYiQMAwDBACpiJsDBACpiL4wDQYJKoZI
hvcNAQELBQADggEBAHeMD3lVLo/JGGhBI0E2U36qhDx+gZxj7sC+HTgys6XTOxgR
WOphqS79w/yIe1mB5T8IZgG/U7R03NAtS0riVuuVRNow2b3qELWXZlEHnhGBkxzY
e0YrTBsnMxIBZPBRnG6ZKCxY3V3AzQQ5U9YEpD1+LU9WLtkga03phKAwMEpxrTho
4XIJ3faIFD1T3gSA8kQbs3bzpJtJyX8MGUQL34eTvXRfmZxYpL5JB73fEMj3UW1e
uC4I5kvQJoCVqGbNl/WWTKTN60UkngkmBlY8lKH6djWYZ+LIlfvnA3Qzlw5qvItD
003hmLqAjOTlJRz8TUQvaOt+Q6mPKv8HQgfh17U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:31 2024 by rpki-client on console-ams.rpki-client.org