Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
File: CFAE1776E7C811ECA2BF6554C4F9AE02.roa (raw, json)
Hash identifier: QARDRv4cItQzZWCbzQNYEiniGbYK33outlCobD5Vmvg=
Subject key identifier: F9:A0:35:CB:0C:98:6E:85:21:03:5C:A2:31:73:1B:53:0B:0E:AD:06
Certificate issuer: /CN=A9182CFC/serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Certificate serial: 3496
Authority key identifier: 80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
Signing time: Thu 20 Mar 2025 14:50:27 +0000
ROA not before: Thu 20 Mar 2025 14:50:27 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9892
IP address blocks: 114.129.32.0/22 maxlen: 22
114.129.33.0/24 maxlen: 24
114.129.36.0/22 maxlen: 22
114.129.36.0/24 maxlen: 24
114.129.38.0/24 maxlen: 24
114.129.40.0/23 maxlen: 23
114.129.41.0/24 maxlen: 24
114.129.45.0/24 maxlen: 24
114.129.46.0/24 maxlen: 24
114.129.47.0/24 maxlen: 24
123.100.235.0/24 maxlen: 24
123.100.236.0/22 maxlen: 22
123.100.236.0/24 maxlen: 24
123.100.237.0/24 maxlen: 24
123.100.238.0/23 maxlen: 23
123.100.240.0/22 maxlen: 22
123.100.241.0/24 maxlen: 24
123.100.244.0/23 maxlen: 23
123.100.244.0/24 maxlen: 24
123.100.245.0/24 maxlen: 24
123.100.248.0/21 maxlen: 21
123.100.251.0/24 maxlen: 24
123.100.252.0/24 maxlen: 24
202.157.128.0/19 maxlen: 19
202.157.128.0/21 maxlen: 21
202.157.136.0/22 maxlen: 22
202.157.142.0/23 maxlen: 23
202.157.148.0/24 maxlen: 24
202.157.152.0/24 maxlen: 24
202.157.160.0/20 maxlen: 20
202.157.160.0/21 maxlen: 21
202.157.168.0/21 maxlen: 21
202.160.120.0/24 maxlen: 24
202.160.121.0/24 maxlen: 24
202.160.122.0/24 maxlen: 24
202.160.123.0/24 maxlen: 24
203.83.250.0/24 maxlen: 24
203.142.16.0/21 maxlen: 21
203.142.24.0/23 maxlen: 23
203.142.27.0/24 maxlen: 24
203.169.6.0/24 maxlen: 24
203.169.7.0/24 maxlen: 24
2404:4800::/48 maxlen: 48
2404:4800:1::/48 maxlen: 48
2404:4800:2::/48 maxlen: 48
2404:4800:3::/48 maxlen: 48
2404:4800:20::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13462 (0x3496)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182CFC
Validity
Not Before: Mar 20 14:50:27 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dc2b33-c303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:39:21:fa:45:85:c2:e3:c9:32:97:a1:44:35:
38:7d:21:7d:9d:3b:ff:72:7f:79:ae:ad:4a:90:45:
9e:60:84:85:1c:cd:1d:78:8c:65:a7:69:3a:91:a6:
ff:aa:34:51:80:39:f4:21:f9:43:81:fd:28:31:d5:
2c:55:83:81:96:9e:8e:13:93:79:99:25:17:8b:20:
7c:42:7f:ea:b1:b6:60:68:86:9d:a5:2a:22:0f:27:
12:d9:7d:53:8c:ad:0d:75:4a:be:95:1b:41:55:86:
80:49:99:92:52:97:1e:48:28:17:40:15:66:d4:18:
9f:be:b2:d1:66:74:c4:4e:de:5a:06:fd:93:c6:68:
d3:0e:62:aa:7e:9d:48:7a:68:97:0a:0e:3c:7c:87:
8c:10:51:ba:4b:9c:e5:a2:67:7f:63:b9:ac:03:76:
c9:5e:54:8e:75:5a:1a:51:a5:d4:f7:cc:82:55:ee:
ab:44:eb:a3:3a:e0:e1:d8:28:6c:00:11:0a:f3:1f:
9b:8e:24:d0:c2:89:c2:96:5f:ac:03:0d:32:93:31:
51:82:4a:90:29:5d:8e:06:00:8b:fd:cc:f3:d8:14:
e9:b8:43:81:bf:51:13:2a:a7:9d:79:b3:47:24:ff:
70:d7:20:fa:8c:df:6d:9f:af:46:9c:31:5e:36:57:
ea:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A0:35:CB:0C:98:6E:85:21:03:5C:A2:31:73:1B:53:0B:0E:AD:06
X509v3 Authority Key Identifier:
keyid:80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.129.32.0-114.129.41.255
114.129.45.0-114.129.47.255
123.100.235.0-123.100.245.255
123.100.248.0/21
202.157.128.0-202.157.175.255
202.160.120.0/22
203.83.250.0/24
203.142.16.0-203.142.25.255
203.142.27.0/24
203.169.6.0/23
IPv6:
2404:4800::/46
2404:4800:20::/48
Signature Algorithm: sha256WithRSAEncryption
a8:fc:f5:93:d5:66:29:ff:8c:78:2b:dc:29:6c:e9:08:bf:ea:
15:3a:a1:35:56:0c:95:d8:6e:a7:0c:0e:ec:f0:02:6c:35:e5:
f2:47:41:fe:2e:56:d0:a2:0a:79:42:bc:3e:60:00:6a:ad:14:
02:dc:3a:6f:3b:cb:8f:a2:b1:49:55:c0:ec:4d:62:bb:73:51:
1f:c4:84:c2:2e:1c:1b:26:cf:6f:36:64:7b:32:3b:9f:02:9a:
f0:23:00:86:da:91:48:ec:26:17:59:66:cd:ba:0c:80:68:3c:
39:10:59:10:cc:81:12:8a:16:6c:a5:d5:51:6e:d8:5d:ee:59:
bb:15:a6:7d:fd:04:c6:e7:f4:a0:c0:fd:e6:6d:65:d9:1b:d7:
e2:90:ee:b6:df:a2:d9:18:54:d5:09:d8:3e:58:60:3d:49:ac:
a9:b1:5e:4e:b0:d4:3c:a4:61:bf:3b:74:f6:0c:c3:f9:0c:94:
0a:df:41:15:6c:ac:ba:0f:22:41:76:1e:1c:af:e6:be:64:12:
13:3e:97:1e:5b:2e:49:c4:0f:54:46:74:72:1d:eb:65:4c:5c:
e8:de:eb:1a:b2:0d:de:78:5a:7d:59:67:9f:77:40:67:20:22:
79:1c:0e:6f:00:2d:3f:12:8c:0f:fa:1e:a2:9d:d4:5f:9a:7c:
ee:87:e1:bf
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgICNJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODJDRkMxMTAvBgNVBAUTKDgwMjdFMEVGNTREMDBCNjFGNzEzNkYwOTcxOUJGQ0Y0
QzQ1MzM0MDUwHhcNMjUwMzIwMTQ1MDI3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjMmIzMy1jMzAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwjkh+kWFwuPJMpehRDU4fSF9nTv/cn95rq1KkEWeYISFHM0deIxlp2k6kab/
qjRRgDn0IflDgf0oMdUsVYOBlp6OE5N5mSUXiyB8Qn/qsbZgaIadpSoiDycS2X1T
jK0NdUq+lRtBVYaASZmSUpceSCgXQBVm1BifvrLRZnTETt5aBv2TxmjTDmKqfp1I
emiXCg48fIeMEFG6S5zlomd/Y7msA3bJXlSOdVoaUaXU98yCVe6rROujOuDh2Chs
ABEK8x+bjiTQwonCll+sAw0ykzFRgkqQKV2OBgCL/czz2BTpuEOBv1ETKqedebNH
JP9w1yD6jN9tn69GnDFeNlfqaQIDAQABo4IDEDCCAwwwHQYDVR0OBBYEFPmgNcsM
mG6FIQNcojFzG1MLDq0GMB8GA1UdIwQYMBaAFIAn4O9U0Ath9xNvCXGb/PTEUzQF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MkNGQy9CRjg0QjU3NDFE
ODYxMUUyQTc2MzQ0REUwOEIwMkNEMi9nQ2ZnNzFUUUMySDNFMjhKY1p2ODlNUlRO
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dDZmc3MVRRQzJIM0UyOEpjWnY4OU1SVE5BVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODJDRkMvQkY4NEI1NzQxRDg2MTFFMkE3NjM0NERFMDhCMDJDRDIvQ0ZBRTE3NzZF
N0M4MTFFQ0EyQkY2NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZkGCCsGAQUFBwEHAQH/
BIGJMIGGMGoEAgABMGQwDAMEBXKBIAMEAXKBKDAMAwQAcoEtAwQEcoEgMAwDBAB7
ZOsDBAF7ZPQDBAN7ZPgwDAMEB8qdgAMEBMqdoAMEAsqgeAMEAMtT+jAMAwQEy44Q
AwQBy44YAwQAy44bAwQBy6kGMBgEAgACMBIDBwIkBEgAAAADBwAkBEgAACAwDQYJ
KoZIhvcNAQELBQADggEBAKj89ZPVZin/jHgr3Cls6Qi/6hU6oTVWDJXYbqcMDuzw
Amw15fJHQf4uVtCiCnlCvD5gAGqtFALcOm87y4+isUlVwOxNYrtzUR/EhMIuHBsm
z282ZHsyO58CmvAjAIbakUjsJhdZZs26DIBoPDkQWRDMgRKKFmyl1VFu2F3uWbsV
pn39BMbn9KDA/eZtZdkb1+KQ7rbfotkYVNUJ2D5YYD1JrKmxXk6w1DykYb87dPYM
w/kMlArfQRVsrLoPIkF2Hhyv5r5kEhM+lx5bLknED1RGdHId62VMXOje6xqyDd54
Wn1ZZ593QGcgInkcDm8ALT8SjA/6HqKd1F+afO6H4b8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:02:56 2025 by rpki-client