Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/64B17220535F11EE9BC85F83C4F9AE02.roa
File: 64B17220535F11EE9BC85F83C4F9AE02.roa (raw, json)
Hash identifier: AbeWbQOrdr5E5XXQP7hJPyFhJ4d15o4fT04aBOxunIc=
Subject key identifier: 63:34:23:A0:61:1D:77:3D:53:77:62:37:9F:3D:A4:B7:D3:B9:8E:3D
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0B41
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/64B17220535F11EE9BC85F83C4F9AE02.roa
Signing time: Tue 16 Apr 2024 06:52:11 +0000
ROA not before: Tue 16 Apr 2024 06:52:11 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 18206
IP address blocks: 49.236.192.0/24 maxlen: 24
49.236.193.0/24 maxlen: 24
49.236.194.0/24 maxlen: 24
49.236.195.0/24 maxlen: 24
49.236.197.0/24 maxlen: 24
49.236.199.0/24 maxlen: 24
49.236.203.0/24 maxlen: 24
49.236.204.0/24 maxlen: 24
112.137.160.0/24 maxlen: 24
112.137.161.0/24 maxlen: 24
112.137.162.0/24 maxlen: 24
112.137.169.0/24 maxlen: 24
112.137.170.0/24 maxlen: 24
112.137.172.0/24 maxlen: 24
112.137.173.0/24 maxlen: 24
112.137.175.0/24 maxlen: 24
119.110.102.0/24 maxlen: 24
124.197.224.0/20 maxlen: 20
124.197.225.0/24 maxlen: 24
124.197.233.0/24 maxlen: 24
124.197.238.0/24 maxlen: 24
202.75.45.0/24 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
210.48.146.0/24 maxlen: 24
210.48.151.0/24 maxlen: 24
2401:b000::/32 maxlen: 32
2404:b8::/32 maxlen: 32
2404:b8::/48 maxlen: 48
2404:b8:1::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
2404:b8:20::/43 maxlen: 43
2404:b8:2000::/44 maxlen: 44
2404:b8:2020::/43 maxlen: 43
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2881 (0xb41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78, serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Apr 16 06:52:11 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=661e201b-db1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2f:02:dc:e3:13:79:27:d0:1a:2c:0d:65:bd:
ac:c1:13:35:75:bc:af:bb:b3:68:b7:55:e8:c8:b0:
9e:90:2c:f0:80:d3:e9:3c:1d:9b:1e:57:32:ea:ea:
c9:2d:28:3d:b5:4f:c6:4a:95:a3:6e:a7:f0:d9:19:
83:a5:af:43:fa:a8:ef:05:1e:44:f4:45:19:21:fe:
ba:0e:a4:a9:f7:c1:9f:27:04:65:1a:e7:bf:e2:fb:
9f:7d:48:7d:a3:ee:bc:98:f0:b1:bd:60:df:18:1a:
98:15:85:93:1c:ea:20:c5:5c:66:eb:51:cb:72:d6:
dc:4b:cc:ea:08:25:05:8f:5d:9e:a6:4d:88:ff:f0:
e3:f3:a8:d1:ec:77:87:27:dc:e8:15:6e:ae:2e:38:
1a:ee:d1:f3:60:20:85:4d:25:38:78:1b:70:f5:cc:
49:af:10:3b:fe:4f:df:4f:4d:05:42:c1:ca:1f:07:
45:f7:7b:c8:e5:55:fc:9c:86:4e:ee:5a:4d:0f:06:
e4:01:46:a9:65:fc:4d:21:e7:cf:0c:c5:6e:7c:cd:
a7:b9:ac:a0:79:33:39:d2:3c:69:3b:02:3f:57:66:
82:79:60:55:ff:eb:a4:8a:79:0d:f8:22:4b:53:80:
e5:ca:36:5a:bc:88:da:9d:69:b2:16:9a:c0:eb:73:
79:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:34:23:A0:61:1D:77:3D:53:77:62:37:9F:3D:A4:B7:D3:B9:8E:3D
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/64B17220535F11EE9BC85F83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/22
49.236.197.0/24
49.236.199.0/24
49.236.203.0-49.236.204.255
112.137.160.0-112.137.162.255
112.137.169.0-112.137.170.255
112.137.172.0/23
112.137.175.0/24
119.110.102.0/24
124.197.224.0/20
202.75.45.0/24
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
210.48.146.0/24
210.48.151.0/24
IPv6:
2401:b000::/32
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
24:60:85:81:26:13:aa:17:4a:10:bf:88:63:a0:a7:93:fa:26:
86:90:52:67:c8:eb:4d:a9:e3:55:a7:9e:75:2f:ec:01:dd:95:
75:2c:4a:76:10:ed:38:47:00:aa:28:d6:a8:1f:87:9a:d1:31:
0f:6f:5a:fc:bf:95:ff:1a:72:4d:ec:d6:d1:48:aa:0e:70:03:
2e:b9:ac:8c:16:df:b4:04:36:04:e6:34:ef:c5:4e:53:57:dc:
19:dc:11:c8:81:05:21:0d:20:a6:86:db:62:2e:55:3b:b5:7e:
bc:75:37:63:59:95:c5:05:71:a9:86:39:96:3a:f6:1b:a5:51:
2d:4a:7e:ef:a4:8e:23:4b:50:80:89:39:db:bf:c3:51:4c:12:
d4:24:17:0a:da:65:89:0a:74:ea:3e:2c:7a:fe:9e:f7:8d:8a:
2e:d2:49:7f:a9:c4:8b:3c:22:ba:3f:03:93:fd:f6:ea:8a:5f:
6f:8b:7a:b2:95:30:f1:17:cc:a0:97:6d:b2:64:3b:89:7a:64:
42:90:8a:40:c3:de:da:e1:83:2d:af:8b:f3:4e:5a:2f:e9:1c:
9a:f1:c1:7b:8e:eb:24:8f:4f:95:b1:ea:8d:7f:78:78:18:41:
dd:4c:63:c2:5b:66:95:fa:ee:32:0c:f0:a5:ba:5d:11:49:99:
8e:bd:c9:17
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICC0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjQwNDE2MDY1MjExWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFlMjAxYi1kYjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuS8C3OMTeSfQGiwNZb2swRM1dbyvu7Not1XoyLCekCzwgNPpPB2bHlcy6urJ
LSg9tU/GSpWjbqfw2RmDpa9D+qjvBR5E9EUZIf66DqSp98GfJwRlGue/4vuffUh9
o+68mPCxvWDfGBqYFYWTHOogxVxm61HLctbcS8zqCCUFj12epk2I//Dj86jR7HeH
J9zoFW6uLjga7tHzYCCFTSU4eBtw9cxJrxA7/k/fT00FQsHKHwdF93vI5VX8nIZO
7lpNDwbkAUapZfxNIefPDMVufM2nuaygeTM50jxpOwI/V2aCeWBV/+ukinkN+CJL
U4DlyjZavIjanWmyFprA63N5mQIDAQABo4IDIDCCAxwwHQYDVR0OBBYEFGM0I6Bh
HXc9U3diN589pLfTuY49MB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvNjRCMTcyMjA1
MzVGMTFFRTlCQzg1RjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgakGCCsGAQUFBwEHAQH/
BIGZMIGWMH4EAgABMHgDBAIx7MADBAAx7MUDBAAx7McwDAMEADHsywMEADHszDAM
AwQFcImgAwQAcImiMAwDBABwiakDBABwiaoDBAFwiawDBABwia8DBAB3bmYDBAR8
xeADBADKSy0DBAXKogADBAXKpQADBATLmVADBADSMJIDBADSMJcwFAQCAAIwDgMF
ACQBsAADBQAkBAC4MA0GCSqGSIb3DQEBCwUAA4IBAQAkYIWBJhOqF0oQv4hjoKeT
+iaGkFJnyOtNqeNVp551L+wB3ZV1LEp2EO04RwCqKNaoH4ea0TEPb1r8v5X/GnJN
7NbRSKoOcAMuuayMFt+0BDYE5jTvxU5TV9wZ3BHIgQUhDSCmhttiLlU7tX68dTdj
WZXFBXGphjmWOvYbpVEtSn7vpI4jS1CAiTnbv8NRTBLUJBcK2mWJCnTqPix6/p73
jYou0kl/qcSLPCK6PwOT/fbqil9vi3qylTDxF8ygl22yZDuJemRCkIpAw97a4YMt
r4vzTlov6Rya8cF7juskj0+VseqNf3h4GEHdTGPCW2aV+u4yDPClul0RSZmOvckX
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:02:58 2025 by rpki-client