Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/AF198BF8D61911EE8E010D27C4F9AE02.roa
File: AF198BF8D61911EE8E010D27C4F9AE02.roa (raw, json)
Hash identifier: IRLNQugyD4yaVOsLbGNigKernp9eK+plXZHFMHm2kuU=
Subject key identifier: B0:85:52:11:12:87:26:79:BB:28:B3:68:97:E2:E5:9F:2E:BB:1A:67
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3524
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/AF198BF8D61911EE8E010D27C4F9AE02.roa
Signing time: Wed 28 Feb 2024 09:13:49 +0000
ROA not before: Wed 28 Feb 2024 09:13:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 111.88.138.0/24 maxlen: 24
111.88.139.0/24 maxlen: 24
111.88.165.0/24 maxlen: 24
111.88.166.0/24 maxlen: 24
111.88.167.0/24 maxlen: 24
111.88.168.0/24 maxlen: 24
111.88.169.0/24 maxlen: 24
111.88.170.0/24 maxlen: 24
111.88.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13604 (0x3524)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B, serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Feb 28 09:13:49 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65def94d-9d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:64:93:ea:4d:68:fa:95:df:02:36:06:77:78:
a2:83:6f:3e:fd:75:d4:13:08:fd:e4:35:b6:45:ef:
e8:4d:1d:0e:c6:fb:05:af:3f:b2:c2:5f:9f:e7:aa:
34:31:90:72:ec:67:92:4d:f1:a6:c9:67:c9:c1:6d:
fe:b2:59:f3:de:ef:98:45:86:8d:be:b6:6a:86:4a:
af:8d:8c:3f:ee:6a:20:73:a9:88:d3:96:ed:c9:59:
d8:f8:5d:24:d2:07:1c:35:91:79:9a:a7:09:66:56:
f0:48:a9:97:48:61:a9:ea:16:da:1e:58:33:d7:0d:
b1:4c:2e:17:19:de:d4:57:3d:9c:52:a8:12:b8:4e:
ac:17:51:ae:31:4e:b2:3c:bd:01:b4:07:5d:48:fa:
c9:ef:cd:b0:8a:eb:55:6e:07:be:05:1a:b8:3f:5b:
33:49:18:9d:f8:78:e1:0c:e6:58:08:c3:30:99:6a:
e2:91:f8:3b:e7:1d:03:ee:90:5c:f2:54:41:ef:56:
39:6e:ee:f4:8f:02:a2:b2:4f:a1:bc:8b:14:a6:00:
44:17:e7:ef:6f:bb:56:be:32:15:ba:d9:ec:8e:39:
82:26:82:df:ae:e4:a3:6e:0a:da:0a:9f:d9:33:f1:
89:25:7f:3a:1d:4e:f2:29:03:2f:c6:b5:c6:0c:ed:
e2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:85:52:11:12:87:26:79:BB:28:B3:68:97:E2:E5:9F:2E:BB:1A:67
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/AF198BF8D61911EE8E010D27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.138.0/23
111.88.165.0-111.88.171.255
Signature Algorithm: sha256WithRSAEncryption
68:eb:63:6d:18:7a:f4:b5:70:15:34:56:7d:2a:a8:52:cc:96:
7c:bd:2e:6a:6e:a7:07:8e:87:8e:90:7d:e9:d8:86:73:c9:2e:
07:f5:45:37:eb:69:ea:73:10:48:83:42:22:ee:cc:3f:c2:a9:
f4:ac:4a:db:ee:93:7d:23:c2:29:43:68:c3:9f:65:d0:c7:a1:
2d:ee:df:9f:8c:15:34:d7:e3:2e:79:6f:dc:30:3a:00:16:d2:
22:46:16:0c:20:ce:cd:82:df:25:09:b0:92:36:97:09:b0:3d:
37:09:0d:22:15:3b:68:a5:23:b2:e7:47:8b:5c:5d:d0:45:89:
c2:c9:47:92:cd:97:d2:6d:97:6c:5c:07:dd:d5:34:71:5f:e4:
24:4f:bc:f4:d7:28:61:6f:ea:6a:bd:f4:0b:88:79:0a:16:17:
04:47:f9:1a:ce:d8:d7:6e:f1:13:c3:a2:d1:58:8b:3a:62:7f:
e3:52:52:9b:4c:15:2a:c7:e9:64:35:15:a1:90:e8:78:15:12:
01:78:2d:48:70:b8:f4:44:83:9c:99:1d:db:2a:76:b5:6e:24:
bc:bc:a2:a3:28:12:9a:c5:c0:ab:4c:c9:f3:6e:a5:ee:15:a5:
0b:d1:00:89:4a:d3:ad:7b:8f:b1:1b:c4:96:96:3c:1a:8c:d1:
f2:8e:39:48
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICNSQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjQwMjI4MDkxMzQ5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRlZjk0ZC05ZDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2WST6k1o+pXfAjYGd3iig28+/XXUEwj95DW2Re/oTR0OxvsFrz+ywl+f56o0
MZBy7GeSTfGmyWfJwW3+slnz3u+YRYaNvrZqhkqvjYw/7mogc6mI05btyVnY+F0k
0gccNZF5mqcJZlbwSKmXSGGp6hbaHlgz1w2xTC4XGd7UVz2cUqgSuE6sF1GuMU6y
PL0BtAddSPrJ782wiutVbge+BRq4P1szSRid+HjhDOZYCMMwmWrikfg75x0D7pBc
8lRB71Y5bu70jwKisk+hvIsUpgBEF+fvb7tWvjIVutnsjjmCJoLfruSjbgraCp/Z
M/GJJX86HU7yKQMvxrXGDO3iaQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFLCFUhES
hyZ5uyizaJfi5Z8uuxpnMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQUYxOThCRjhE
NjE5MTFFRThFMDEwRDI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAFvWIowDAMEAG9YpQMEAm9YqDANBgkqhkiG9w0BAQsFAAOC
AQEAaOtjbRh69LVwFTRWfSqoUsyWfL0uam6nB46HjpB96diGc8kuB/VFN+tp6nMQ
SINCIu7MP8Kp9KxK2+6TfSPCKUNow59l0MehLe7fn4wVNNfjLnlv3DA6ABbSIkYW
DCDOzYLfJQmwkjaXCbA9NwkNIhU7aKUjsudHi1xd0EWJwslHks2X0m2XbFwH3dU0
cV/kJE+89NcoYW/qar30C4h5ChYXBEf5Gs7Y127xE8Oi0ViLOmJ/41JSm0wVKsfp
ZDUVoZDoeBUSAXgtSHC49ESDnJkd2yp2tW4kvLyioygSmsXAq0zJ826l7hWlC9EA
iUrTrXuPsRvElpY8GozR8o45SA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:21:12 2025 by rpki-client