Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/14A4C750CDDB11ED90586709C4F9AE02.roa
File: 14A4C750CDDB11ED90586709C4F9AE02.roa (raw, json)
Hash identifier: yWHlcwZ9VJ++wpZkvnhK6yJOkep+dhji7CeD6iXwqeg=
Subject key identifier: A5:45:A2:29:F8:47:69:8E:F8:91:C3:F4:64:FF:97:C4:EA:3B:75:36
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3C63
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/14A4C750CDDB11ED90586709C4F9AE02.roa
Signing time: Wed 29 Mar 2023 02:40:35 +0000
ROA not before: Wed 29 Mar 2023 02:40:35 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 131429
IP address blocks: 42.1.64.0/18 maxlen: 24
45.121.24.0/22 maxlen: 24
59.153.220.0/22 maxlen: 24
59.153.224.0/22 maxlen: 24
59.153.228.0/22 maxlen: 24
59.153.232.0/22 maxlen: 24
59.153.236.0/22 maxlen: 24
59.153.240.0/22 maxlen: 24
59.153.244.0/22 maxlen: 24
59.153.248.0/22 maxlen: 24
59.153.252.0/22 maxlen: 24
103.7.174.0/23 maxlen: 24
103.53.252.0/22 maxlen: 24
103.156.0.0/23 maxlen: 23
103.156.0.0/24 maxlen: 24
103.156.1.0/24 maxlen: 24
103.156.2.0/23 maxlen: 23
103.156.2.0/24 maxlen: 24
103.156.3.0/24 maxlen: 24
103.156.4.0/23 maxlen: 23
103.156.4.0/24 maxlen: 24
103.156.5.0/24 maxlen: 24
103.156.6.0/24 maxlen: 24
103.156.7.0/24 maxlen: 24
103.156.8.0/24 maxlen: 24
103.156.9.0/24 maxlen: 24
103.156.38.0/24 maxlen: 24
103.156.39.0/24 maxlen: 24
103.156.40.0/24 maxlen: 24
103.156.41.0/24 maxlen: 24
103.156.42.0/24 maxlen: 24
103.156.43.0/24 maxlen: 24
103.156.44.0/24 maxlen: 24
103.156.45.0/24 maxlen: 24
103.156.46.0/24 maxlen: 24
103.156.47.0/24 maxlen: 24
103.156.48.0/24 maxlen: 24
103.156.49.0/24 maxlen: 24
103.156.58.0/24 maxlen: 24
103.156.59.0/24 maxlen: 24
103.156.60.0/24 maxlen: 24
103.156.61.0/24 maxlen: 24
103.199.20.0/22 maxlen: 24
103.199.28.0/22 maxlen: 24
103.199.32.0/23 maxlen: 24
103.199.36.0/22 maxlen: 24
103.199.40.0/22 maxlen: 24
103.199.44.0/22 maxlen: 24
103.199.48.0/22 maxlen: 24
103.199.52.0/22 maxlen: 24
103.199.56.0/22 maxlen: 24
103.199.60.0/22 maxlen: 24
103.199.68.0/22 maxlen: 24
103.199.72.0/22 maxlen: 24
103.199.76.0/22 maxlen: 24
137.59.26.0/24 maxlen: 24
137.59.28.0/22 maxlen: 24
137.59.32.0/23 maxlen: 24
137.59.36.0/22 maxlen: 24
137.59.40.0/22 maxlen: 24
137.59.44.0/22 maxlen: 24
2402:9d80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15459 (0x3c63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Mar 29 02:40:35 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6423a522-6b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:3b:d3:9d:b2:bf:d2:f8:1a:e9:24:3b:8d:85:
f9:a5:cb:32:9b:78:c7:8e:91:f7:8a:83:8d:cf:12:
50:eb:60:99:0d:3b:9e:45:0f:cc:f5:2e:24:5d:47:
3f:3c:cd:31:8c:cd:11:54:e7:ce:eb:15:01:91:08:
aa:b9:61:d2:da:56:15:7a:ab:35:94:e6:b1:4f:e4:
90:64:8a:cc:be:e3:ff:09:c8:bf:81:a2:f1:04:62:
6d:2c:e1:69:c1:6a:b6:69:bb:01:5f:34:8a:b4:d0:
5c:8e:fd:2c:91:95:46:2b:b7:66:d8:f6:9a:f2:fd:
71:e9:4e:b9:38:4b:41:4f:69:ca:4f:53:e0:f0:9d:
50:08:53:af:88:2e:ff:a8:d6:b1:25:50:fe:2d:d5:
06:ea:9c:e2:12:1e:17:fe:ee:46:dd:eb:3a:41:37:
61:77:ff:53:56:97:66:92:37:d7:28:46:a7:63:92:
84:d4:f9:55:83:36:3e:6c:66:58:07:50:e7:d9:11:
73:40:85:b4:25:f9:3d:cd:6f:aa:ad:5d:b9:39:ea:
ce:5a:92:c3:65:39:d0:94:84:cc:b2:44:35:b3:12:
6e:50:43:16:f4:bf:91:e7:08:d8:bf:0e:0d:14:71:
c5:ec:9e:b6:b8:76:5f:3d:fe:8f:97:14:06:29:66:
55:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:45:A2:29:F8:47:69:8E:F8:91:C3:F4:64:FF:97:C4:EA:3B:75:36
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/14A4C750CDDB11ED90586709C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.1.64.0/18
45.121.24.0/22
59.153.220.0-59.153.255.255
103.7.174.0/23
103.53.252.0/22
103.156.0.0-103.156.9.255
103.156.38.0-103.156.49.255
103.156.58.0-103.156.61.255
103.199.20.0/22
103.199.28.0-103.199.33.255
103.199.36.0-103.199.63.255
103.199.68.0-103.199.79.255
137.59.26.0/24
137.59.28.0-137.59.33.255
137.59.36.0-137.59.47.255
IPv6:
2402:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
67:e2:a7:66:07:97:0d:e2:8f:08:38:19:bd:c6:d9:df:81:a4:
da:cb:c1:d9:a5:cd:1d:93:0b:3c:86:57:0d:f6:7b:db:ce:23:
f3:a1:d1:b9:6e:60:d3:2a:56:a1:0d:9b:2e:2a:ec:65:77:75:
c5:a0:e5:e4:86:30:cd:32:af:ae:70:ba:e4:84:ec:1c:88:4f:
8e:a2:5e:7c:01:6b:66:a4:91:2f:59:a7:61:b5:60:96:37:a7:
60:64:c5:68:41:9d:df:b5:96:69:72:8f:79:3c:f1:18:f1:a2:
b5:01:d7:b2:42:2d:ba:3c:e0:44:25:30:58:b0:af:79:42:7e:
75:c2:20:93:04:82:0b:6f:60:e5:4a:85:28:3d:36:87:7c:d3:
b5:6f:a4:e3:76:92:fe:ad:0f:bf:de:22:f6:50:ea:80:8a:f2:
a6:7c:62:ad:36:4a:c4:91:4e:bf:6d:f1:94:df:f5:5b:28:30:
5b:cc:86:00:97:4f:a6:5a:83:fd:ca:6d:81:af:f5:f6:91:3c:
e1:38:84:9e:bc:2b:78:22:1b:2f:da:52:2e:04:3e:37:b5:e0:
20:04:4f:91:2b:e8:8e:2a:b8:cf:85:a0:81:55:fc:92:30:0c:
53:ce:8a:1f:f0:ab:38:d0:51:b1:cc:ec:6f:f4:b3:44:6c:b1:
fe:d0:72:d3
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgICPGMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwMzI5MDI0MDM1WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDIzYTUyMi02YjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6TvTnbK/0vga6SQ7jYX5pcsym3jHjpH3ioONzxJQ62CZDTueRQ/M9S4kXUc/
PM0xjM0RVOfO6xUBkQiquWHS2lYVeqs1lOaxT+SQZIrMvuP/Cci/gaLxBGJtLOFp
wWq2absBXzSKtNBcjv0skZVGK7dm2Paa8v1x6U65OEtBT2nKT1Pg8J1QCFOviC7/
qNaxJVD+LdUG6pziEh4X/u5G3es6QTdhd/9TVpdmkjfXKEanY5KE1PlVgzY+bGZY
B1Dn2RFzQIW0Jfk9zW+qrV25OerOWpLDZTnQlITMskQ1sxJuUEMW9L+R5wjYvw4N
FHHF7J62uHZfPf6PlxQGKWZVGwIDAQABo4IDQzCCAz8wHQYDVR0OBBYEFKVFoin4
R2mO+JHD9GT/l8TqO3U2MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMTRBNEM3NTBD
RERCMTFFRDkwNTg2NzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcwGCCsGAQUFBwEHAQH/
BIG8MIG5MIGnBAIAATCBoAMEBioBQAMEAi15GDALAwQCO5ncAwMBO5gDBAFnB64D
BAJnNfwwCwMDAmecAwQBZ5wIMAwDBAFnnCYDBAFnnDAwDAMEAWecOgMEAWecPAME
AmfHFDAMAwQCZ8ccAwQBZ8cgMAwDBAJnxyQDBAZnxwAwDAMEAmfHRAMEBGfHQAME
AIk7GjAMAwQCiTscAwQBiTsgMAwDBAKJOyQDBASJOyAwDQQCAAIwBwMFACQCnYAw
DQYJKoZIhvcNAQELBQADggEBAGfip2YHlw3ijwg4Gb3G2d+BpNrLwdmlzR2TCzyG
Vw32e9vOI/Oh0bluYNMqVqENmy4q7GV3dcWg5eSGMM0yr65wuuSE7ByIT46iXnwB
a2akkS9Zp2G1YJY3p2BkxWhBnd+1lmlyj3k88RjxorUB17JCLbo84EQlMFiwr3lC
fnXCIJMEggtvYOVKhSg9Nod807VvpON2kv6tD7/eIvZQ6oCK8qZ8Yq02SsSRTr9t
8ZTf9VsoMFvMhgCXT6Zag/3KbYGv9faRPOE4hJ68K3giGy/aUi4EPje14CAET5Er
6I4quM+FoIFV/JIwDFPOih/wqzjQUbHM7G/0s0Rssf7QctM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:35:49 2025 by rpki-client