Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/FF0E1AA0DE2011EB95EBE879C4F9AE02.roa
File: FF0E1AA0DE2011EB95EBE879C4F9AE02.roa (raw, json)
Hash identifier: WOcupWa3PGrsVMWvpTitYRlNkwsa6ILND0bikrR9/DU=
Subject key identifier: A8:3B:BF:E9:28:23:AE:94:A8:B7:AF:D0:E9:9A:9C:55:7F:65:E6:C7
Certificate issuer: /CN=A91DF863/serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348
Certificate serial: 31FD
Authority key identifier: 39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/FF0E1AA0DE2011EB95EBE879C4F9AE02.roa
Signing time: Thu 14 Dec 2023 15:44:37 +0000
ROA not before: Thu 14 Dec 2023 15:44:37 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 24482
IP address blocks: 49.213.16.0/20 maxlen: 21
49.213.20.0/24 maxlen: 24
49.213.28.0/22 maxlen: 22
103.14.244.0/22 maxlen: 24
116.251.208.0/20 maxlen: 22
116.251.208.0/24 maxlen: 24
116.251.209.0/24 maxlen: 24
116.251.210.0/24 maxlen: 24
116.251.211.0/24 maxlen: 24
116.251.212.0/24 maxlen: 24
116.251.213.0/24 maxlen: 24
116.251.214.0/24 maxlen: 24
116.251.215.0/24 maxlen: 24
116.251.216.0/24 maxlen: 24
116.251.217.0/24 maxlen: 24
116.251.218.0/24 maxlen: 24
116.251.219.0/24 maxlen: 24
116.251.220.0/24 maxlen: 24
116.251.221.0/24 maxlen: 24
116.251.222.0/24 maxlen: 24
116.251.223.0/24 maxlen: 24
124.6.32.0/20 maxlen: 20
124.6.32.0/20 maxlen: 24
124.6.32.0/22 maxlen: 22
124.6.32.0/24 maxlen: 24
124.6.33.0/24 maxlen: 24
124.6.34.0/24 maxlen: 24
124.6.35.0/24 maxlen: 24
124.6.36.0/22 maxlen: 22
124.6.36.0/24 maxlen: 24
124.6.37.0/24 maxlen: 24
124.6.38.0/24 maxlen: 24
124.6.39.0/24 maxlen: 24
124.6.40.0/22 maxlen: 22
124.6.40.0/24 maxlen: 24
124.6.41.0/24 maxlen: 24
124.6.42.0/24 maxlen: 24
124.6.43.0/24 maxlen: 24
124.6.44.0/22 maxlen: 22
124.6.44.0/24 maxlen: 24
124.6.45.0/24 maxlen: 24
124.6.46.0/24 maxlen: 24
124.6.47.0/24 maxlen: 24
124.6.48.0/21 maxlen: 24
163.47.176.0/22 maxlen: 24
203.175.160.0/20 maxlen: 21
203.175.160.0/20 maxlen: 24
203.175.160.0/24 maxlen: 24
203.175.161.0/24 maxlen: 24
203.175.162.0/24 maxlen: 24
203.175.163.0/24 maxlen: 24
203.175.164.0/24 maxlen: 24
203.175.165.0/24 maxlen: 24
203.175.166.0/24 maxlen: 24
203.175.167.0/24 maxlen: 24
203.175.168.0/24 maxlen: 24
203.175.169.0/24 maxlen: 24
203.175.170.0/24 maxlen: 24
203.175.171.0/24 maxlen: 24
203.175.172.0/24 maxlen: 24
203.175.173.0/24 maxlen: 24
203.175.174.0/24 maxlen: 24
203.175.175.0/24 maxlen: 24
2405:4200::/32 maxlen: 32
2405:4200::/32 maxlen: 48
2405:4200:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12797 (0x31fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF863
Validity
Not Before: Dec 14 15:44:37 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=657b22e5-7f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:b1:72:0c:9c:a9:78:dd:b8:37:b2:ad:58:20:
ed:fb:9b:02:38:d6:4c:16:e0:42:8b:91:1f:3e:16:
c9:d9:54:4b:38:d7:17:9f:36:3a:74:eb:34:ec:62:
6d:07:cb:3a:de:64:e4:19:96:80:56:0c:2b:a1:9f:
27:83:a1:f3:5b:f4:ca:63:23:3b:8b:6a:07:73:a7:
3a:c1:a0:19:fd:be:04:7a:41:35:cc:a5:eb:6c:7e:
24:4c:0d:b1:ef:e8:5e:09:e4:db:08:64:01:9f:51:
be:e1:ef:2d:89:ac:da:da:1a:68:54:8d:ef:34:f0:
3a:6a:c3:85:be:22:9d:8b:bf:44:13:45:20:e3:f5:
2c:ce:cc:e2:d9:c3:67:8c:92:af:ec:65:82:81:bd:
b8:d9:43:ff:2f:45:8b:b1:b8:77:9e:4f:f5:fa:c4:
e6:bd:de:9a:29:a9:4b:80:36:fd:e5:6d:2d:4d:cb:
fd:6c:b1:60:ca:c2:7e:ea:d6:fc:93:0b:e7:80:d8:
f8:69:3f:e0:0c:1b:57:2a:9e:da:41:2c:69:e3:80:
a0:c5:ee:c7:a4:33:b7:51:32:55:02:cf:2d:1f:0d:
ff:73:ff:8e:90:27:c4:f6:f1:7d:f0:01:4e:0a:1b:
19:8b:86:b3:98:22:f3:01:14:d8:09:b2:c7:d3:e8:
f4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:3B:BF:E9:28:23:AE:94:A8:B7:AF:D0:E9:9A:9C:55:7F:65:E6:C7
X509v3 Authority Key Identifier:
keyid:39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/FF0E1AA0DE2011EB95EBE879C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.213.16.0/20
103.14.244.0/22
116.251.208.0/20
124.6.32.0-124.6.55.255
163.47.176.0/22
203.175.160.0/20
IPv6:
2405:4200::/32
Signature Algorithm: sha256WithRSAEncryption
0a:8e:85:8b:9d:ff:fe:2d:29:7f:ff:2a:c1:19:f1:0f:b2:a0:
eb:63:1a:35:ce:d4:8f:a5:9d:30:47:8f:e4:68:38:18:86:a2:
f5:eb:d4:f5:98:85:88:96:4a:1f:40:19:78:a0:60:a3:5c:1d:
70:8c:aa:59:ed:6f:e0:44:34:55:ac:47:1b:9f:ad:bc:a7:ed:
14:0a:1f:c2:e3:73:ed:1c:6a:11:fb:7e:f8:f0:52:07:43:15:
dc:84:3a:63:c9:f3:60:52:fc:c5:f1:a6:0a:81:59:7b:17:e5:
3b:32:ad:02:1d:7a:55:02:32:6c:cd:b5:61:0f:b0:9e:6c:06:
cb:6e:d0:ca:0d:6c:34:27:a3:53:f0:db:c3:53:46:03:40:26:
bb:5b:5a:9d:11:5e:0f:18:43:bc:dd:30:4f:db:99:80:cc:2e:
38:d3:bd:9b:e5:66:ec:e6:23:a8:df:8c:55:92:9f:e3:1f:ac:
7c:a7:cc:21:ae:8d:86:0a:13:bd:ef:da:05:50:88:3e:61:36:
59:94:4a:5a:92:28:ae:eb:6a:bc:5b:6b:14:3e:04:c0:34:97:
7b:0f:0d:6b:93:b0:f4:57:4d:bf:89:90:5c:ee:d0:65:4b:c2:
67:92:59:cf:f3:ea:21:43:5a:0f:df:82:f6:48:1a:f8:07:1f:
98:79:d1:9e
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICMf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY4NjMxMTAvBgNVBAUTKDM5Q0UxNURCMzY3MzlBMjJDQUVFNjRFMENGOEJBMzFG
NUE2QjkzNDgwHhcNMjMxMjE0MTU0NDM3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTdiMjJlNS03ZjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+LFyDJypeN24N7KtWCDt+5sCONZMFuBCi5EfPhbJ2VRLONcXnzY6dOs07GJt
B8s63mTkGZaAVgwroZ8ng6HzW/TKYyM7i2oHc6c6waAZ/b4EekE1zKXrbH4kTA2x
7+heCeTbCGQBn1G+4e8tiaza2hpoVI3vNPA6asOFviKdi79EE0Ug4/Uszszi2cNn
jJKv7GWCgb242UP/L0WLsbh3nk/1+sTmvd6aKalLgDb95W0tTcv9bLFgysJ+6tb8
kwvngNj4aT/gDBtXKp7aQSxp44Cgxe7HpDO3UTJVAs8tHw3/c/+OkCfE9vF98AFO
ChsZi4azmCLzARTYCbLH0+j0pQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFKg7v+ko
I66UqLev0OmanFV/ZebHMB8GA1UdIwQYMBaAFDnOFds2c5oiyu5k4M+Lox9aa5NI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjg2My9CRkU1NEE2ODgx
NUIxMUUyOUI1OEE3M0IzMjkyQjVFOC9PYzRWMnpaem1pTEs3bVRnejR1akgxcHJr
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jNFYyelp6bWlMSzdtVGd6NHVqSDFwcmswZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY4NjMvQkZFNTRBNjg4MTVCMTFFMjlCNThBNzNCMzI5MkI1RTgvRkYwRTFBQTBE
RTIwMTFFQjk1RUJFODc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E
RTBDMDIEAgABMCwDBAQx1RADBAJnDvQDBAR0+9AwDAMEBXwGIAMEA3wGMAMEAqMv
sAMEBMuvoDANBAIAAjAHAwUAJAVCADANBgkqhkiG9w0BAQsFAAOCAQEACo6Fi53/
/i0pf/8qwRnxD7Kg62MaNc7Uj6WdMEeP5Gg4GIai9evU9ZiFiJZKH0AZeKBgo1wd
cIyqWe1v4EQ0VaxHG5+tvKftFAofwuNz7RxqEft++PBSB0MV3IQ6Y8nzYFL8xfGm
CoFZexflOzKtAh16VQIybM21YQ+wnmwGy27Qyg1sNCejU/Dbw1NGA0Amu1tanRFe
DxhDvN0wT9uZgMwuONO9m+Vm7OYjqN+MVZKf4x+sfKfMIa6NhgoTve/aBVCIPmE2
WZRKWpIorutqvFtrFD4EwDSXew8Na5Ow9FdNv4mQXO7QZUvCZ5JZz/PqIUNaD9+C
9kga+AcfmHnRng==
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:09:27 2025 by rpki-client