Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2E524CCA96111ED8CEF2A79C4F9AE02.roa
File: A2E524CCA96111ED8CEF2A79C4F9AE02.roa (raw, json)
Hash identifier: UoF3Ayk9JfZSMHl9HQEANsq2Tn2eJ62u3nF2EsWK/I4=
Subject key identifier: 8A:33:01:EA:6E:42:6E:EA:46:13:D2:CD:BA:DA:9F:97:F4:05:69:63
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3BF4
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2E524CCA96111ED8CEF2A79C4F9AE02.roa
Signing time: Fri 10 Feb 2023 16:40:33 +0000
ROA not before: Fri 10 Feb 2023 16:40:33 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 7552
IP address blocks: 27.64.0.0/14 maxlen: 24
27.68.0.0/15 maxlen: 24
27.78.0.0/22 maxlen: 24
27.78.4.0/22 maxlen: 24
27.78.8.0/23 maxlen: 24
27.78.10.0/23 maxlen: 24
115.72.72.0/23 maxlen: 24
115.72.74.0/23 maxlen: 24
115.73.200.0/23 maxlen: 24
115.73.202.0/23 maxlen: 24
115.76.56.0/22 maxlen: 24
115.76.60.0/22 maxlen: 24
125.234.224.0/22 maxlen: 24
125.234.228.0/22 maxlen: 24
125.235.14.0/24 maxlen: 24
125.235.15.0/24 maxlen: 24
125.235.56.0/22 maxlen: 24
125.235.60.0/22 maxlen: 24
125.235.112.0/21 maxlen: 24
125.235.120.0/21 maxlen: 24
125.235.130.0/24 maxlen: 24
125.235.131.0/24 maxlen: 24
125.235.132.0/23 maxlen: 24
125.235.134.0/23 maxlen: 24
125.235.136.0/21 maxlen: 24
125.235.176.0/21 maxlen: 24
125.235.184.0/21 maxlen: 24
125.235.208.0/21 maxlen: 24
125.235.216.0/21 maxlen: 24
171.244.208.0/20 maxlen: 24
171.246.8.0/22 maxlen: 24
171.246.12.0/22 maxlen: 24
171.252.132.0/22 maxlen: 24
171.252.136.0/21 maxlen: 24
171.252.144.0/22 maxlen: 24
171.253.0.0/20 maxlen: 24
171.253.16.0/20 maxlen: 24
171.253.32.0/21 maxlen: 24
171.253.40.0/21 maxlen: 24
171.253.128.0/20 maxlen: 24
171.253.144.0/20 maxlen: 24
171.253.160.0/20 maxlen: 24
171.253.176.0/20 maxlen: 24
171.253.192.0/21 maxlen: 24
171.253.200.0/21 maxlen: 24
171.253.208.0/21 maxlen: 24
171.253.216.0/21 maxlen: 24
171.253.224.0/22 maxlen: 24
171.254.128.0/19 maxlen: 24
171.254.160.0/19 maxlen: 24
171.255.64.0/20 maxlen: 24
171.255.80.0/20 maxlen: 24
171.255.96.0/20 maxlen: 24
171.255.112.0/20 maxlen: 24
171.255.128.0/20 maxlen: 24
171.255.144.0/20 maxlen: 24
171.255.160.0/22 maxlen: 24
171.255.164.0/22 maxlen: 24
171.255.168.0/22 maxlen: 24
171.255.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15348 (0x3bf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Feb 10 16:40:33 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63e67381-a7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d8:1f:68:f0:9d:f4:85:c4:48:fb:d4:fb:b0:
f7:81:13:e0:b6:51:cf:7c:7a:89:cd:06:d0:55:0f:
77:58:3a:dc:b6:80:74:c2:c2:d1:8f:ce:fe:dd:22:
10:04:5e:5b:45:d3:e3:4a:4c:a4:59:71:58:ec:56:
d6:4f:95:d6:ad:bc:21:55:84:98:d2:73:b8:36:bc:
93:2d:2f:0b:09:50:83:6f:85:11:5e:23:fa:b4:9d:
7f:8b:bf:32:52:8d:16:ee:d9:b7:3e:f5:03:58:5a:
10:01:cc:67:92:05:18:b4:cc:bd:96:75:2a:3a:7d:
06:b3:8f:c5:f5:10:92:8d:8e:99:f4:da:f0:29:08:
55:80:59:02:7e:ac:9f:59:a0:e8:5f:ca:86:89:61:
af:a5:dd:03:13:a4:d1:ad:6d:62:a4:8c:5a:4a:ac:
0b:69:1a:7d:83:8a:7a:29:05:53:e8:8c:eb:3a:70:
89:61:a9:b7:a4:1b:77:02:3e:fa:ad:5c:63:30:af:
a5:f4:f7:dc:46:1e:b0:b4:58:ff:fc:9b:b4:cd:7b:
6f:0e:ef:44:b0:2b:8e:ed:7b:19:cf:e6:e3:28:d9:
b0:bb:dd:15:3d:fb:0f:05:3f:01:22:38:ae:45:24:
19:55:d5:33:7a:a8:ec:e3:4d:01:49:e4:06:80:99:
07:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:33:01:EA:6E:42:6E:EA:46:13:D2:CD:BA:DA:9F:97:F4:05:69:63
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2E524CCA96111ED8CEF2A79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.64.0.0-27.69.255.255
27.78.0.0-27.78.11.255
115.72.72.0/22
115.73.200.0/22
115.76.56.0/21
125.234.224.0/21
125.235.14.0/23
125.235.56.0/21
125.235.112.0/20
125.235.130.0-125.235.143.255
125.235.176.0/20
125.235.208.0/20
171.244.208.0/20
171.246.8.0/21
171.252.132.0-171.252.147.255
171.253.0.0-171.253.47.255
171.253.128.0-171.253.227.255
171.254.128.0/18
171.255.64.0-171.255.175.255
Signature Algorithm: sha256WithRSAEncryption
50:04:19:e2:06:4d:ad:d8:92:9a:cf:a8:bd:9d:74:3b:6e:38:
6f:c8:9f:a3:b0:c2:27:9c:52:96:7b:41:a4:e0:1d:24:8a:d9:
7e:9a:ec:65:bb:60:4d:63:b3:7f:d4:4d:84:34:b2:ca:38:a5:
18:f3:91:dc:63:54:ba:69:a0:75:00:4a:fe:79:b7:4f:37:6b:
00:ee:d5:64:d1:39:cc:b9:07:91:cb:32:25:42:cc:ec:c2:b6:
98:45:87:dd:6d:12:75:64:56:57:57:c8:51:87:4f:e2:b5:49:
48:30:4f:b1:df:c5:07:03:a5:33:f6:ce:8f:6a:de:ba:48:1f:
f2:95:e9:25:d6:64:0f:7e:93:f7:81:5b:b8:ca:08:38:ca:2c:
59:24:b3:4b:7e:ca:62:75:84:57:97:c5:dc:af:d5:50:99:21:
50:a1:65:a6:82:65:ef:e8:a4:6d:ad:86:ab:17:2d:dd:d7:01:
a2:f8:cb:40:01:20:4a:7d:86:5e:fb:29:dd:69:e9:64:55:a9:
a7:11:0a:42:22:52:12:81:16:6a:5c:83:c3:b5:5e:66:aa:80:
c7:32:01:3a:45:0c:18:f1:61:48:2c:4f:7d:cc:ff:39:ea:94:
8f:e8:78:cf:94:7b:ef:1f:f5:71:3c:23:67:26:3e:d3:0e:2b:
0c:76:d2:68
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICO/QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMwMjEwMTY0MDMzWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2U2NzM4MS1hN2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0tgfaPCd9IXESPvU+7D3gRPgtlHPfHqJzQbQVQ93WDrctoB0wsLRj87+3SIQ
BF5bRdPjSkykWXFY7FbWT5XWrbwhVYSY0nO4NryTLS8LCVCDb4URXiP6tJ1/i78y
Uo0W7tm3PvUDWFoQAcxnkgUYtMy9lnUqOn0Gs4/F9RCSjY6Z9NrwKQhVgFkCfqyf
WaDoX8qGiWGvpd0DE6TRrW1ipIxaSqwLaRp9g4p6KQVT6IzrOnCJYam3pBt3Aj76
rVxjMK+l9PfcRh6wtFj//Ju0zXtvDu9EsCuO7XsZz+bjKNmwu90VPfsPBT8BIjiu
RSQZVdUzeqjs400BSeQGgJkHfwIDAQABo4IDOjCCAzYwHQYDVR0OBBYEFIozAepu
Qm7qRhPSzbran5f0BWljMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQTJFNTI0Q0NB
OTYxMTFFRDhDRUYyQTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcMGCCsGAQUFBwEHAQH/
BIGzMIGwMIGtBAIAATCBpjAKAwMGG0ADAwEbRDALAwMBG04DBAIbTggDBAJzSEgD
BAJzScgDBANzTDgDBAN96uADBAF96w4DBAN96zgDBAR963AwDAMEAX3rggMEBH3r
gAMEBH3rsAMEBH3r0AMEBKv00AMEA6v2CDAMAwQCq/yEAwQCq/yQMAsDAwCr/QME
BKv9IDAMAwQHq/2AAwQCq/3gAwQGq/6AMAwDBAar/0ADBASr/6AwDQYJKoZIhvcN
AQELBQADggEBAFAEGeIGTa3YkprPqL2ddDtuOG/In6OwwiecUpZ7QaTgHSSK2X6a
7GW7YE1js3/UTYQ0sso4pRjzkdxjVLppoHUASv55t083awDu1WTROcy5B5HLMiVC
zOzCtphFh91tEnVkVldXyFGHT+K1SUgwT7HfxQcDpTP2zo9q3rpIH/KV6SXWZA9+
k/eBW7jKCDjKLFkks0t+ymJ1hFeXxdyv1VCZIVChZaaCZe/opG2thqsXLd3XAaL4
y0ABIEp9hl77Kd1p6WRVqacRCkIiUhKBFmpcg8O1XmaqgMcyATpFDBjxYUgsT33M
/znqlI/oeM+Ue+8f9XE8I2cmPtMOKwx20mg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:33:23 2025 by rpki-client