Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/BB23C47420CA11EC8EB67081C4F9AE02.roa
File: BB23C47420CA11EC8EB67081C4F9AE02.roa (raw, json)
Hash identifier: rWge8Yq5Pv6z5/D1DWbaZ3thgP2zT1pDiSau88d4jAA=
Subject key identifier: C9:BD:4B:5C:DF:77:59:96:D1:EE:46:27:D4:DE:BE:E7:C1:CF:AD:E6
Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Certificate serial: 8D
Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/BB23C47420CA11EC8EB67081C4F9AE02.roa
Signing time: Tue 12 Oct 2021 10:01:48 +0000
ROA not before: Tue 12 Oct 2021 10:01:48 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 45629
IP address blocks: 14.207.0.0/16 maxlen: 17
27.130.0.0/16 maxlen: 17
43.245.144.0/22 maxlen: 23
49.48.0.0/15 maxlen: 17
103.16.204.0/22 maxlen: 23
110.164.0.0/17 maxlen: 17
171.4.0.0/14 maxlen: 17
180.183.0.0/16 maxlen: 17
183.88.0.0/15 maxlen: 17
223.204.0.0/14 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141 (0x8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Validity
Not Before: Oct 12 10:01:48 2021 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=61655d0c-33d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0c:9e:9f:3e:0b:cf:e6:6c:60:de:8a:ba:9d:
f3:d7:1e:86:41:21:24:8d:13:77:62:2b:e7:ff:1e:
c4:f9:19:d2:b6:a7:b8:0f:f7:05:92:a7:38:0d:1d:
71:fa:2a:32:77:08:24:2d:4e:ff:65:b1:83:ed:4d:
46:e1:6e:fe:ab:18:2b:0e:b0:f2:67:ff:b4:a6:88:
99:ae:13:98:e4:ef:eb:f5:3e:14:37:09:70:60:05:
cb:f5:5c:b5:25:cd:bf:57:8c:f9:81:12:ca:d1:2f:
7c:d7:19:bd:4b:b9:19:9b:20:43:ae:cb:0f:78:7b:
f1:8e:ab:62:78:21:c6:ee:c1:72:7b:2b:2c:50:7b:
63:e6:10:6a:8c:97:24:c4:04:dc:b0:35:6b:ab:11:
de:d3:9d:71:fa:fd:66:2c:eb:9e:d5:37:18:70:30:
62:ad:6a:de:e3:e1:92:62:73:1f:af:26:c5:d7:96:
d4:24:d8:3f:57:9b:e6:c8:b4:a2:1a:ae:43:b8:71:
a1:73:53:09:79:dc:46:95:e8:c6:f0:48:e3:ac:a4:
66:3f:65:98:ef:49:b3:03:8e:5f:52:22:f0:d7:dd:
74:0b:01:23:d4:c4:82:86:96:e9:28:2c:56:ab:f1:
5e:3a:66:16:ae:f5:60:f7:5e:ca:4f:e1:37:2e:c4:
c0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BD:4B:5C:DF:77:59:96:D1:EE:46:27:D4:DE:BE:E7:C1:CF:AD:E6
X509v3 Authority Key Identifier:
keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/BB23C47420CA11EC8EB67081C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.207.0.0/16
27.130.0.0/16
43.245.144.0/22
49.48.0.0/15
103.16.204.0/22
110.164.0.0/17
171.4.0.0/14
180.183.0.0/16
183.88.0.0/15
223.204.0.0/14
Signature Algorithm: sha256WithRSAEncryption
28:78:b8:16:dc:9e:ff:2b:ab:50:53:0c:a3:90:8c:1a:d7:96:
d1:df:6f:2d:c9:36:d9:2d:87:bb:c2:8d:a9:a0:13:4f:23:04:
10:3b:2c:d2:e4:88:91:b4:8a:05:fb:4b:92:62:db:34:0b:1d:
7d:41:56:c9:81:ab:a6:a1:28:6c:7d:6c:d0:ec:4d:ae:d2:6f:
3c:68:fd:d7:a1:5a:d4:98:eb:b7:ef:cf:2f:70:74:f0:89:40:
91:9d:97:c5:b0:34:1c:a3:ee:72:1d:69:59:87:34:d2:46:5a:
08:1a:3a:cb:29:65:3f:0f:8b:54:93:c1:0f:d5:80:70:a6:96:
5f:a8:d3:cb:7c:97:0e:da:1e:e4:1c:60:68:80:cf:1c:3e:78:
2a:b3:d0:60:de:19:b6:3f:de:5e:64:02:b8:4f:3e:bd:56:77:
df:2d:37:9a:0a:54:8a:c9:f1:3a:ef:50:cb:a1:b5:7a:60:36:
50:d8:e3:f2:a6:06:e6:bc:be:a4:40:2f:30:b4:65:d1:4f:2f:
c7:3a:49:5d:8e:a2:72:97:66:c2:dd:07:d0:06:c3:72:5e:2d:
b7:2b:51:e5:bb:f8:3d:c4:8c:ff:20:39:bf:d8:dc:ff:8e:1f:
15:1c:c9:ea:fb:37:d4:b8:95:4e:bb:f4:7c:e4:30:7a:bf:e9:
b5:0d:0f:e0
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICAI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE
RDhDRUNEMDQwHhcNMjExMDEyMTAwMTQ4WhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTY1NWQwYy0zM2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4gyenz4Lz+ZsYN6Kup3z1x6GQSEkjRN3Yivn/x7E+RnStqe4D/cFkqc4DR1x
+ioydwgkLU7/ZbGD7U1G4W7+qxgrDrDyZ/+0poiZrhOY5O/r9T4UNwlwYAXL9Vy1
Jc2/V4z5gRLK0S981xm9S7kZmyBDrssPeHvxjqtieCHG7sFyeyssUHtj5hBqjJck
xATcsDVrqxHe051x+v1mLOue1TcYcDBirWre4+GSYnMfrybF15bUJNg/V5vmyLSi
Gq5DuHGhc1MJedxGlejG8EjjrKRmP2WY70mzA45fUiLw1910CwEj1MSChpbpKCxW
q/FeOmYWrvVg917KT+E3LsTAqwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFMm9S1zf
d1mW0e5GJ9TevufBz63mMB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1
NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96
UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvQkIyM0M0NzQy
MENBMTFFQzhFQjY3MDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MDsEAgABMDUDAwAOzwMDABuCAwQCK/WQAwMBMTADBAJnEMwDBAdupAADAwKr
BAMDALS3AwMBt1gDAwLfzDANBgkqhkiG9w0BAQsFAAOCAQEAKHi4Ftye/yurUFMM
o5CMGteW0d9vLck22S2Hu8KNqaATTyMEEDss0uSIkbSKBftLkmLbNAsdfUFWyYGr
pqEobH1s0OxNrtJvPGj916Fa1Jjrt+/PL3B08IlAkZ2XxbA0HKPuch1pWYc00kZa
CBo6yyllPw+LVJPBD9WAcKaWX6jTy3yXDtoe5BxgaIDPHD54KrPQYN4Ztj/eXmQC
uE8+vVZ33y03mgpUisnxOu9Qy6G1emA2UNjj8qYG5ry+pEAvMLRl0U8vxzpJXY6i
cpdmwt0H0AbDcl4ttytR5bv4PcSM/yA5v9jc/44fFRzJ6vs31LiVTrv0fOQwer/p
tQ0P4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:46 2024 by rpki-client on console-fra.rpki-client.org