Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/9A05BA12D86B11E9B8BFCE0AC4F9AE02.roa
File: 9A05BA12D86B11E9B8BFCE0AC4F9AE02.roa (raw, json)
Hash identifier: HY9xEfn+6vmYO3c1datQhbAoooE89tpJMmhSBq7P9FI=
Subject key identifier: EA:2F:F7:96:25:CA:7A:63:EC:37:F3:4A:B6:CD:1F:8B:B7:A7:33:2B
Certificate issuer: /CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Certificate serial: 34BE
Authority key identifier: 4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/9A05BA12D86B11E9B8BFCE0AC4F9AE02.roa
Signing time: Tue 04 Mar 2025 15:31:01 +0000
ROA not before: Tue 04 Mar 2025 15:31:01 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 45629
IP address blocks: 58.82.128.0/24 maxlen: 24
58.82.191.0/24 maxlen: 24
182.50.84.0/22 maxlen: 22
182.50.84.0/23 maxlen: 23
182.50.86.0/23 maxlen: 23
182.50.87.0/24 maxlen: 24
182.50.92.0/22 maxlen: 22
182.50.92.0/24 maxlen: 24
182.50.93.0/24 maxlen: 24
182.50.94.0/24 maxlen: 24
203.209.191.0/24 maxlen: 24
2404:4a00::/32 maxlen: 32
2404:4a00:3293::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13502 (0x34be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914781A
Validity
Not Before: Mar 4 15:31:01 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c71cb5-e86c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ab:e1:95:26:27:d7:b5:5d:5b:22:f9:25:7c:
61:66:70:a0:ce:d6:9c:46:b7:0d:c2:71:58:68:0d:
d1:1c:32:3d:6f:9f:bc:22:2d:d1:e8:7e:5c:a6:05:
dc:95:e8:0b:f1:4a:c6:3e:dc:3c:f5:31:cb:c8:16:
6a:c7:ef:ee:89:af:0a:3a:c2:7a:69:da:fe:61:b5:
cd:15:2c:85:10:aa:24:20:3d:12:f6:9b:54:c5:f0:
a7:cc:b0:cd:d9:d5:74:6a:46:57:2f:82:72:50:1b:
cb:b4:fb:dd:9e:f7:e4:d9:42:3b:5d:c2:04:50:b8:
92:ce:40:97:38:5c:fd:9d:4d:a5:53:01:54:ed:de:
27:a2:c0:78:1f:2c:9b:66:a8:2d:6e:8e:07:e1:3c:
5e:66:fa:7f:be:29:11:84:60:61:e3:24:de:38:84:
6b:eb:cc:b1:95:04:75:70:15:a6:0b:66:a4:ce:76:
3a:3e:60:ca:d9:c6:e3:52:3a:a6:d0:75:c3:34:13:
c6:7e:de:89:09:53:ae:49:98:a4:7c:e7:59:65:10:
a1:65:6a:f3:ae:f0:04:2b:8d:c3:b7:71:4f:30:9f:
ba:8e:07:cf:e3:9a:13:35:64:e4:04:73:7a:39:84:
b5:e5:60:e0:e1:91:36:9d:fd:af:89:47:49:a5:53:
e5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:2F:F7:96:25:CA:7A:63:EC:37:F3:4A:B6:CD:1F:8B:B7:A7:33:2B
X509v3 Authority Key Identifier:
keyid:4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/9A05BA12D86B11E9B8BFCE0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.82.128.0/24
58.82.191.0/24
182.50.84.0/22
182.50.92.0/22
203.209.191.0/24
IPv6:
2404:4a00::/32
Signature Algorithm: sha256WithRSAEncryption
00:bd:af:20:f1:8c:c5:c1:42:b6:49:33:2f:7b:05:01:2f:ce:
08:0e:da:b2:34:15:8e:cd:a8:27:d8:c3:a0:d3:06:c6:70:c1:
eb:46:73:d7:97:58:42:5f:09:47:a1:4d:0f:62:84:12:38:c9:
61:b4:75:c1:d9:b2:8f:f8:64:4d:b1:51:6a:25:4d:5e:1c:05:
5e:17:5d:c5:a9:60:68:4f:78:da:07:2a:d2:d0:b4:35:51:d6:
19:09:11:e3:c5:2e:a5:fa:de:24:4f:2d:76:0f:59:6c:b5:27:
b8:4e:cf:4f:50:e7:65:71:bc:c1:c2:7b:d7:7b:51:7e:65:3c:
fc:3e:82:05:0f:31:80:ea:ec:db:66:06:6d:57:76:75:ae:74:
66:ce:88:7d:d1:99:68:6c:70:2b:69:de:db:96:54:89:17:aa:
04:20:b8:ec:10:a9:e0:18:0f:2f:1f:98:5f:50:f1:ec:c3:0d:
58:46:43:8a:b7:97:c4:a8:4f:8e:7c:a9:6e:b6:82:97:58:27:
39:49:40:c2:d9:06:af:2f:42:5b:d3:2a:2b:ca:1b:e6:f4:8f:
a9:6e:7e:49:ff:40:b6:81:bd:4e:39:1c:c7:f9:98:64:2f:aa:
dd:25:ce:7b:9f:21:91:81:a1:e2:58:c8:1f:5e:59:e1:a0:c2:
ed:5b:94:6a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICNL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4MUExMTAvBgNVBAUTKDRENzIzOTU1MjQzQUU4OEQ1NTI0MzlBRjhFNEUwQTA5
QzhGNjU5MEQwHhcNMjUwMzA0MTUzMTAxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3MWNiNS1lODZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtqvhlSYn17VdWyL5JXxhZnCgztacRrcNwnFYaA3RHDI9b5+8Ii3R6H5cpgXc
legL8UrGPtw89THLyBZqx+/uia8KOsJ6adr+YbXNFSyFEKokID0S9ptUxfCnzLDN
2dV0akZXL4JyUBvLtPvdnvfk2UI7XcIEULiSzkCXOFz9nU2lUwFU7d4nosB4Hyyb
Zqgtbo4H4TxeZvp/vikRhGBh4yTeOIRr68yxlQR1cBWmC2akznY6PmDK2cbjUjqm
0HXDNBPGft6JCVOuSZikfOdZZRChZWrzrvAEK43Dt3FPMJ+6jgfP45oTNWTkBHN6
OYS15WDg4ZE2nf2viUdJpVPlUwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOov95Yl
ynpj7DfzSrbNH4u3pzMrMB8GA1UdIwQYMBaAFE1yOVUkOuiNVSQ5r45OCgnI9lkN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS9ENTIxNDI3MDFE
OUIxMUUyQjgyMUZEODkwOEIwMkNEMi9UWEk1VlNRNjZJMVZKRG12ams0S0NjajJX
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYSTVWU1E2NkkxVkpEbXZqazRLQ2NqMldRMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4MUEvRDUyMTQyNzAxRDlCMTFFMkI4MjFGRDg5MDhCMDJDRDIvOUEwNUJBMTJE
ODZCMTFFOUI4QkZDRTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAA6UoADBAA6Ur8DBAK2MlQDBAK2MlwDBADL0b8wDQQCAAIw
BwMFACQESgAwDQYJKoZIhvcNAQELBQADggEBAAC9ryDxjMXBQrZJMy97BQEvzggO
2rI0FY7NqCfYw6DTBsZwwetGc9eXWEJfCUehTQ9ihBI4yWG0dcHZso/4ZE2xUWol
TV4cBV4XXcWpYGhPeNoHKtLQtDVR1hkJEePFLqX63iRPLXYPWWy1J7hOz09Q52Vx
vMHCe9d7UX5lPPw+ggUPMYDq7NtmBm1XdnWudGbOiH3RmWhscCtp3tuWVIkXqgQg
uOwQqeAYDy8fmF9Q8ezDDVhGQ4q3l8SoT458qW62gpdYJzlJQMLZBq8vQlvTKivK
G+b0j6lufkn/QLaBvU45HMf5mGQvqt0lznufIZGBoeJYyB9eWeGgwu1blGo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:34 2025 by rpki-client