Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/EAB96914C9BC11EC97686449C4F9AE02.roa
File: EAB96914C9BC11EC97686449C4F9AE02.roa (raw, json)
Hash identifier: 2Je3XFc+4oHda9dWlYbBS0HaPDdfVMe/MXY6lUstP7s=
Subject key identifier: B1:74:B6:0F:56:4D:50:D1:20:E6:0F:14:D0:AF:37:73:DF:6C:04:B4
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 064A
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/EAB96914C9BC11EC97686449C4F9AE02.roa
Signing time: Mon 02 May 2022 02:09:37 +0000
ROA not before: Mon 02 May 2022 02:09:37 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 24093
IP address blocks: 125.63.0.0/19 maxlen: 19
125.63.8.0/24 maxlen: 24
125.63.9.0/24 maxlen: 24
125.63.12.0/24 maxlen: 24
125.63.13.0/24 maxlen: 24
125.63.14.0/24 maxlen: 24
125.63.15.0/24 maxlen: 24
125.63.19.0/24 maxlen: 24
125.253.0.0/18 maxlen: 18
125.253.8.0/24 maxlen: 24
125.253.11.0/24 maxlen: 24
125.253.14.0/24 maxlen: 24
125.253.16.0/24 maxlen: 24
125.253.25.0/24 maxlen: 24
125.253.28.0/23 maxlen: 23
125.253.28.0/24 maxlen: 24
125.253.29.0/24 maxlen: 24
125.253.32.0/24 maxlen: 24
125.253.33.0/24 maxlen: 24
125.253.34.0/24 maxlen: 24
125.253.35.0/24 maxlen: 24
125.253.41.0/24 maxlen: 24
125.253.42.0/24 maxlen: 24
125.253.43.0/24 maxlen: 24
125.253.44.0/24 maxlen: 24
125.253.45.0/24 maxlen: 24
125.253.46.0/24 maxlen: 24
125.253.47.0/24 maxlen: 24
125.253.48.0/24 maxlen: 24
125.253.50.0/23 maxlen: 23
125.253.50.0/24 maxlen: 24
125.253.51.0/24 maxlen: 24
125.253.60.0/24 maxlen: 24
125.253.61.0/24 maxlen: 24
125.253.96.0/20 maxlen: 20
125.253.96.0/24 maxlen: 24
125.253.97.0/24 maxlen: 24
125.253.98.0/24 maxlen: 24
125.253.99.0/24 maxlen: 24
125.253.100.0/24 maxlen: 24
125.253.101.0/24 maxlen: 24
125.253.102.0/24 maxlen: 24
125.253.103.0/24 maxlen: 24
125.253.106.0/24 maxlen: 24
125.253.107.0/24 maxlen: 24
125.253.109.0/24 maxlen: 24
125.253.110.0/24 maxlen: 24
202.171.160.0/19 maxlen: 19
202.171.160.0/24 maxlen: 24
202.171.163.0/24 maxlen: 24
202.171.164.0/24 maxlen: 24
202.171.165.0/24 maxlen: 24
202.171.167.0/24 maxlen: 24
202.171.168.0/24 maxlen: 24
202.171.169.0/24 maxlen: 24
202.171.170.0/24 maxlen: 24
202.171.172.0/23 maxlen: 23
202.171.175.0/24 maxlen: 24
202.171.176.0/24 maxlen: 24
202.171.177.0/24 maxlen: 24
202.171.178.0/24 maxlen: 24
202.171.179.0/24 maxlen: 24
202.171.180.0/23 maxlen: 23
202.171.184.0/23 maxlen: 23
202.171.186.0/23 maxlen: 23
202.171.189.0/24 maxlen: 24
202.171.190.0/24 maxlen: 24
202.171.191.0/24 maxlen: 24
203.25.102.0/24 maxlen: 24
223.27.66.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1610 (0x64a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: May 2 02:09:37 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=626f3d61-b83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:25:c9:9e:b0:59:41:77:fb:dd:80:f2:6f:8e:
cd:2c:f3:f1:e9:4a:b5:ce:4c:be:15:04:ac:90:39:
1d:a5:8d:d1:de:90:8f:32:d0:f9:2e:3c:b3:25:15:
9f:e4:d9:eb:ec:f4:01:00:a7:02:20:d3:5a:29:64:
44:bb:aa:cc:f2:53:ae:01:ef:94:68:bc:58:ff:af:
4c:25:32:88:e7:69:8a:9a:fa:7e:a6:e7:d1:92:a9:
72:ce:d6:0c:9b:84:06:0b:77:49:1c:f8:14:15:7f:
e8:91:45:60:c6:50:2d:24:5b:53:9c:12:fe:3e:8f:
89:12:9f:2f:59:0b:7b:d0:c6:ad:64:0b:e3:1d:c1:
19:0b:3d:03:ca:fe:73:66:88:8b:41:c9:dc:d0:9c:
5c:b8:e1:0f:c1:9f:c2:93:e7:12:98:00:3f:90:41:
e0:b0:23:65:c1:c4:9d:6a:15:7c:7c:d8:5f:37:c4:
ae:b7:d2:ff:f4:e7:55:0f:41:d2:f3:1b:af:93:1b:
dc:28:8f:8a:7a:bb:15:41:30:5d:0e:b1:ce:5a:aa:
05:88:69:eb:d0:ea:1c:a7:b8:4c:84:cb:81:b7:c4:
90:41:58:d1:56:f1:32:98:bf:7d:cc:5c:40:0b:cf:
ea:44:c9:48:0d:1f:90:f1:ec:b3:b0:c0:12:e7:e0:
ca:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:74:B6:0F:56:4D:50:D1:20:E6:0F:14:D0:AF:37:73:DF:6C:04:B4
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/EAB96914C9BC11EC97686449C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.63.0.0/19
125.253.0.0/18
125.253.96.0/20
202.171.160.0/19
203.25.102.0/24
223.27.66.0/23
Signature Algorithm: sha256WithRSAEncryption
58:ff:32:1a:ba:59:47:52:63:c7:4f:92:28:36:0f:a0:ca:2f:
2a:6d:a1:78:e0:b2:83:d2:8c:0f:c0:ec:2d:c3:4e:61:fb:33:
f1:3c:f9:3b:b9:37:66:52:65:68:00:b6:78:d5:8f:73:61:27:
2f:03:9b:95:21:fe:34:c2:95:72:fa:96:a5:1c:e8:ad:e2:d7:
fd:e1:6b:0b:f9:81:96:21:2a:07:23:5a:57:be:08:f4:b2:23:
76:18:4f:e7:c8:13:7d:86:2f:f3:40:fc:6a:cf:39:1d:2e:c4:
7c:b9:2f:27:a8:32:57:bf:a3:f2:8c:a0:cd:bc:3b:b0:16:15:
f3:87:1d:37:2d:a6:ec:08:73:1a:87:87:be:b3:4f:c8:c5:c5:
bc:0d:bc:19:d5:77:46:e6:ac:13:86:71:85:63:1a:c9:7a:4d:
bc:27:27:fc:67:98:c6:30:f9:76:3b:9b:a0:58:6c:27:ce:a8:
6f:ec:4b:da:81:75:24:e5:92:70:00:e7:ce:10:a2:5d:a8:c9:
81:44:59:c3:60:d2:78:6c:48:33:04:7e:f7:4d:54:c1:36:e2:
4f:6a:a2:94:e6:43:28:15:fc:bc:3d:8d:b8:d3:c5:fd:21:40:
d5:ff:20:a5:c0:75:7d:b5:28:ef:7f:09:d9:3a:40:cf:de:fa:
4a:81:69:71
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjIwNTAyMDIwOTM3WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZmM2Q2MS1iODNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3CXJnrBZQXf73YDyb47NLPPx6Uq1zky+FQSskDkdpY3R3pCPMtD5LjyzJRWf
5Nnr7PQBAKcCINNaKWREu6rM8lOuAe+UaLxY/69MJTKI52mKmvp+pufRkqlyztYM
m4QGC3dJHPgUFX/okUVgxlAtJFtTnBL+Po+JEp8vWQt70MatZAvjHcEZCz0Dyv5z
ZoiLQcnc0JxcuOEPwZ/Ck+cSmAA/kEHgsCNlwcSdahV8fNhfN8Sut9L/9OdVD0HS
8xuvkxvcKI+KersVQTBdDrHOWqoFiGnr0Oocp7hMhMuBt8SQQVjRVvEymL99zFxA
C8/qRMlIDR+Q8eyzsMAS5+DKfwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFLF0tg9W
TVDRIOYPFNCvN3PfbAS0MB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvRUFCOTY5MTRD
OUJDMTFFQzk3Njg2NDQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAV9PwADBAZ9/QADBAR9/WADBAXKq6ADBADLGWYDBAHfG0Iw
DQYJKoZIhvcNAQELBQADggEBAFj/Mhq6WUdSY8dPkig2D6DKLyptoXjgsoPSjA/A
7C3DTmH7M/E8+Tu5N2ZSZWgAtnjVj3NhJy8Dm5Uh/jTClXL6lqUc6K3i1/3hawv5
gZYhKgcjWle+CPSyI3YYT+fIE32GL/NA/GrPOR0uxHy5LyeoMle/o/KMoM28O7AW
FfOHHTctpuwIcxqHh76zT8jFxbwNvBnVd0bmrBOGcYVjGsl6TbwnJ/xnmMYw+XY7
m6BYbCfOqG/sS9qBdSTlknAA584Qol2oyYFEWcNg0nhsSDMEfvdNVME24k9qopTm
QygV/Lw9jbjTxf0hQNX/IKXAdX21KO9/Cdk6QM/e+kqBaXE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org