Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/48F3A7C6493B11ED8F507E0FC4F9AE02.roa
File: 48F3A7C6493B11ED8F507E0FC4F9AE02.roa (raw, json)
Hash identifier: ntfPTDkjQD/PEsRYN8MQue6yDAEdqkxed3QbMPLB+/A=
Subject key identifier: FE:06:B6:05:A0:37:E4:9B:F0:FF:5C:FD:5E:73:83:88:DB:E4:B0:12
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 1688
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/48F3A7C6493B11ED8F507E0FC4F9AE02.roa
Signing time: Tue 23 May 2023 14:42:17 +0000
ROA not before: Tue 23 May 2023 14:42:17 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 17911
IP address blocks: 122.129.64.0/24 maxlen: 24
122.129.65.0/24 maxlen: 24
122.129.66.0/24 maxlen: 24
122.129.67.0/24 maxlen: 24
122.129.68.0/24 maxlen: 24
122.129.69.0/24 maxlen: 24
122.129.70.0/24 maxlen: 24
122.129.71.0/24 maxlen: 24
122.129.72.0/24 maxlen: 24
122.129.73.0/24 maxlen: 24
122.129.74.0/24 maxlen: 24
122.129.75.0/24 maxlen: 24
122.129.76.0/24 maxlen: 24
122.129.77.0/24 maxlen: 24
122.129.78.0/24 maxlen: 24
122.129.79.0/24 maxlen: 24
122.129.80.0/24 maxlen: 24
122.129.81.0/24 maxlen: 24
122.129.82.0/24 maxlen: 24
122.129.83.0/24 maxlen: 24
122.129.84.0/24 maxlen: 24
122.129.85.0/24 maxlen: 24
122.129.87.0/24 maxlen: 24
122.129.88.0/24 maxlen: 24
122.129.89.0/24 maxlen: 24
122.129.90.0/24 maxlen: 24
122.129.91.0/24 maxlen: 24
122.129.92.0/24 maxlen: 24
122.129.93.0/24 maxlen: 24
122.129.94.0/24 maxlen: 24
122.129.95.0/24 maxlen: 24
203.128.0.0/24 maxlen: 24
203.128.1.0/24 maxlen: 24
203.128.2.0/24 maxlen: 24
203.128.3.0/24 maxlen: 24
203.128.4.0/24 maxlen: 24
203.128.5.0/24 maxlen: 24
203.128.6.0/24 maxlen: 24
203.128.7.0/24 maxlen: 24
203.128.8.0/24 maxlen: 24
203.128.9.0/24 maxlen: 24
203.128.10.0/24 maxlen: 24
203.128.11.0/24 maxlen: 24
203.128.12.0/24 maxlen: 24
203.128.13.0/24 maxlen: 24
203.128.14.0/24 maxlen: 24
203.128.15.0/24 maxlen: 24
203.128.16.0/24 maxlen: 24
203.128.17.0/24 maxlen: 24
203.128.18.0/24 maxlen: 24
203.128.19.0/24 maxlen: 24
203.128.20.0/24 maxlen: 24
203.128.21.0/24 maxlen: 24
203.128.22.0/24 maxlen: 24
203.128.23.0/24 maxlen: 24
203.128.24.0/24 maxlen: 24
203.128.25.0/24 maxlen: 24
203.128.26.0/24 maxlen: 24
203.128.27.0/24 maxlen: 24
203.128.28.0/24 maxlen: 24
203.128.29.0/24 maxlen: 24
203.128.30.0/24 maxlen: 24
203.128.31.0/24 maxlen: 24
2400:4f00::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5768 (0x1688)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: May 23 14:42:17 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=646cd0c9-d19e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f8:3d:e8:a3:bd:64:0c:1f:4e:78:97:61:4a:
77:7a:37:1d:37:7a:4d:fc:3a:63:08:e9:e0:ac:06:
ff:9b:64:f4:60:07:23:02:15:4e:32:41:55:dc:5d:
75:26:0f:49:01:f3:13:63:76:71:8f:f8:da:f8:fa:
13:5c:d0:a7:97:57:e3:65:41:b9:c0:99:34:00:09:
5b:30:94:cf:84:d4:ff:be:7b:66:dd:81:14:d3:6e:
82:c0:dd:bf:23:9d:a6:18:30:db:64:12:be:d5:98:
47:3a:2b:62:e5:eb:6f:c8:88:c2:3b:77:77:08:14:
91:0c:19:af:0b:79:e6:27:39:cb:9b:e3:ae:b3:23:
78:61:26:59:72:87:f7:23:13:7b:ba:5a:c9:c1:82:
11:08:c7:bb:b6:c5:ee:0d:42:1b:76:d7:8d:8b:b3:
4a:18:1f:d7:45:e9:66:39:05:c0:1c:53:ce:41:af:
76:b6:25:73:52:97:15:91:06:67:9f:8d:f9:fb:3f:
fe:dc:ad:b0:59:fc:e5:13:5f:bc:6a:79:56:1f:4f:
65:b4:4b:e5:93:84:6d:cc:92:cc:17:a6:d0:63:09:
f7:60:20:cc:c0:c3:b4:4b:a1:ef:fa:c5:ad:78:dc:
3d:e6:24:e1:6e:68:84:a2:d4:c1:95:53:f7:9f:e7:
f4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:06:B6:05:A0:37:E4:9B:F0:FF:5C:FD:5E:73:83:88:DB:E4:B0:12
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/48F3A7C6493B11ED8F507E0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.129.64.0-122.129.85.255
122.129.87.0-122.129.95.255
203.128.0.0/19
IPv6:
2400:4f00::/36
Signature Algorithm: sha256WithRSAEncryption
c9:9e:56:c5:1b:5f:e5:06:d0:26:5d:05:a1:cc:c8:c9:de:ae:
81:a4:a5:e5:b2:b7:bd:65:24:e3:b1:13:1b:2b:21:52:ed:d9:
c8:99:f1:62:69:78:19:c2:a9:71:1f:dd:ed:3c:94:a3:e1:0b:
c8:66:91:54:23:86:02:4c:b7:2f:a6:5b:3c:d5:94:9b:d2:1c:
34:86:ac:f9:21:e8:76:a0:ad:e1:e0:24:05:81:c7:d5:e1:c9:
a6:49:14:d3:2b:23:23:2d:63:5f:d2:fe:6b:2c:6f:ef:84:20:
35:31:30:58:64:10:ff:e5:9e:9a:73:52:4a:cd:08:aa:e5:7b:
0d:c5:ee:42:d4:c5:a1:2d:cb:68:cc:74:24:f1:0f:23:4a:32:
1e:38:ce:b7:d6:bc:4a:5c:68:1a:9a:f0:19:51:56:98:f2:1b:
67:19:2c:fb:2e:bc:aa:aa:73:2e:84:a5:10:19:41:f3:dc:d4:
a3:36:44:dc:96:8a:6f:71:3d:05:a1:49:9b:bf:8c:71:a1:f1:
3d:60:6f:be:bd:31:d4:0c:ae:0c:b4:5e:de:5f:e0:43:69:b1:
b0:75:5f:8d:4b:d3:f7:8c:e0:05:d2:4d:67:a8:99:96:f1:8b:
6c:37:11:8b:33:81:9e:96:e8:9c:88:3e:14:08:7d:8d:f5:64:
b9:70:73:d9
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICFogwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjMwNTIzMTQ0MjE3WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZjZDBjOS1kMTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyvg96KO9ZAwfTniXYUp3ejcdN3pN/DpjCOngrAb/m2T0YAcjAhVOMkFV3F11
Jg9JAfMTY3Zxj/ja+PoTXNCnl1fjZUG5wJk0AAlbMJTPhNT/vntm3YEU026CwN2/
I52mGDDbZBK+1ZhHOiti5etvyIjCO3d3CBSRDBmvC3nmJznLm+OusyN4YSZZcof3
IxN7ulrJwYIRCMe7tsXuDUIbdteNi7NKGB/XRelmOQXAHFPOQa92tiVzUpcVkQZn
n435+z/+3K2wWfzlE1+8anlWH09ltEvlk4RtzJLMF6bQYwn3YCDMwMO0S6Hv+sWt
eNw95iThbmiEotTBlVP3n+f0oQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFP4GtgWg
N+Sb8P9c/V5zg4jb5LASMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvNDhGM0E3QzY0
OTNCMTFFRDhGNTA3RTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MCgEAgABMCIwDAMEBnqBQAMEAXqBVDAMAwQAeoFXAwQFeoFAAwQFy4AAMA4E
AgACMAgDBgQkAE8AADANBgkqhkiG9w0BAQsFAAOCAQEAyZ5WxRtf5QbQJl0FoczI
yd6ugaSl5bK3vWUk47ETGyshUu3ZyJnxYml4GcKpcR/d7TyUo+ELyGaRVCOGAky3
L6ZbPNWUm9IcNIas+SHodqCt4eAkBYHH1eHJpkkU0ysjIy1jX9L+ayxv74QgNTEw
WGQQ/+WemnNSSs0IquV7DcXuQtTFoS3LaMx0JPEPI0oyHjjOt9a8SlxoGprwGVFW
mPIbZxks+y68qqpzLoSlEBlB89zUozZE3JaKb3E9BaFJm7+McaHxPWBvvr0x1Ayu
DLRe3l/gQ2mxsHVfjUvT94zgBdJNZ6iZlvGLbDcRizOBnpbonIg+FAh9jfVkuXBz
2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org