Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/9E9977E6D34E11EB8BCC4941C4F9AE02.roa
File: 9E9977E6D34E11EB8BCC4941C4F9AE02.roa (raw, json)
Hash identifier: /zgN9xp5rWAGk16cH20jVbQa0iwxpFDr8qnLE+pCbb0=
Subject key identifier: 46:5D:D8:FF:AB:AD:82:A1:10:E2:28:7C:C0:5D:4D:B8:98:8F:92:74
Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Certificate serial: 3403
Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/9E9977E6D34E11EB8BCC4941C4F9AE02.roa
Signing time: Tue 06 Dec 2022 14:40:41 +0000
ROA not before: Tue 06 Dec 2022 14:40:41 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 4651
IP address blocks: 61.19.0.0/24 maxlen: 24
61.19.1.0/24 maxlen: 24
61.19.2.0/24 maxlen: 24
61.19.4.0/24 maxlen: 24
61.19.7.0/24 maxlen: 24
61.19.9.0/24 maxlen: 24
61.19.14.0/24 maxlen: 24
122.155.224.0/24 maxlen: 24
122.155.225.0/24 maxlen: 24
122.155.226.0/24 maxlen: 24
122.155.228.0/24 maxlen: 24
122.155.228.40/30 maxlen: 30
122.155.230.0/24 maxlen: 24
122.155.232.0/24 maxlen: 24
122.155.236.0/24 maxlen: 24
122.155.237.0/24 maxlen: 24
122.155.238.0/24 maxlen: 24
122.155.244.0/22 maxlen: 22
202.47.253.0/24 maxlen: 24
2001:c38:5000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13315 (0x3403)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475
Validity
Not Before: Dec 6 14:40:41 2022 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=638f5469-db11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ca:a0:ef:b1:d2:5c:ff:c1:78:fa:20:65:6e:
7e:86:eb:68:ab:30:64:6c:88:3b:7a:2a:8e:d7:13:
45:ff:d0:28:a9:3a:7b:1f:f1:06:92:83:76:82:0c:
a3:27:59:fc:98:09:05:37:5a:18:80:34:38:db:d4:
b3:22:36:af:5c:22:3a:c1:f7:82:09:2a:3a:51:d9:
28:e6:d3:8d:a9:83:f7:b0:4e:59:17:50:9f:d9:95:
88:73:6b:33:c7:a0:cd:f2:10:91:07:55:f3:76:c4:
a3:7c:8d:3f:d9:a0:73:42:7c:07:d2:ac:79:f2:10:
8d:f9:33:b6:b0:1d:5a:e5:b0:76:ae:e8:62:fb:c9:
46:e0:75:ed:79:80:33:4d:02:44:fe:82:0d:b3:57:
cd:83:d9:2b:7e:fe:6b:13:03:5f:2f:04:08:8d:a8:
69:62:77:ac:b9:f2:b2:d1:94:e3:d6:b0:09:e0:39:
41:de:be:2b:e9:9e:f3:bf:bf:2a:32:c5:9f:de:7b:
d9:3a:7d:ee:f9:4a:3d:57:ac:81:ad:76:c3:b4:ec:
25:6c:ca:8d:22:bc:4c:1f:b9:94:c7:ca:bd:ae:71:
cc:b9:56:35:92:29:5b:44:9e:21:e3:22:25:bc:e9:
e7:de:d0:34:a8:93:b7:4c:ec:a4:7e:89:ec:f5:06:
07:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5D:D8:FF:AB:AD:82:A1:10:E2:28:7C:C0:5D:4D:B8:98:8F:92:74
X509v3 Authority Key Identifier:
keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/9E9977E6D34E11EB8BCC4941C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.19.0.0-61.19.2.255
61.19.4.0/24
61.19.7.0/24
61.19.9.0/24
61.19.14.0/24
122.155.224.0-122.155.226.255
122.155.228.0/24
122.155.230.0/24
122.155.232.0/24
122.155.236.0-122.155.238.255
122.155.244.0/22
202.47.253.0/24
IPv6:
2001:c38:5000::/48
Signature Algorithm: sha256WithRSAEncryption
9b:1d:7b:fe:e0:9c:b6:ca:ff:df:c0:7a:a0:33:cb:93:b3:9b:
72:c3:f2:44:77:66:fd:50:d3:27:98:3b:11:4f:14:06:2e:fe:
9e:b0:0e:61:8e:c1:39:51:39:65:20:35:0b:fb:c9:17:13:20:
38:b6:85:92:8d:ae:3d:91:33:f2:5d:a2:c6:f8:30:ed:de:8d:
4c:cf:b5:49:c4:cf:86:f6:3d:1f:3b:87:5a:fb:e2:5b:e4:65:
53:0f:ab:1d:b1:99:d1:71:6d:8a:27:d9:e8:c2:4e:2d:b4:40:
3b:4c:28:e6:99:66:f9:dc:8e:26:c7:b5:b8:93:ad:3c:c9:84:
5c:67:25:98:32:23:e2:96:ab:76:ef:86:e3:cf:b6:ff:8e:2b:
9b:cc:f8:52:89:b7:b8:24:68:c3:65:71:ed:1e:4d:6a:5a:ae:
e2:a4:49:91:7e:b1:4f:60:20:fd:42:80:5f:a2:23:dd:43:52:
67:81:61:3d:33:b3:1b:27:b1:6f:a6:19:b0:06:06:4a:63:10:
e1:29:68:14:d3:74:4f:f1:79:39:17:23:0d:3c:4b:92:e2:b0:
d8:5c:ae:d2:06:80:19:aa:f1:0f:25:d7:4b:86:f7:ea:f2:07:
0e:e9:53:73:e4:f9:47:52:23:e3:5f:91:f0:0f:45:47:d0:91:
98:41:ee:4c
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICNAMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz
M0E4ODc1MEUwHhcNMjIxMjA2MTQ0MDQxWhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhmNTQ2OS1kYjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucqg77HSXP/BePogZW5+hutoqzBkbIg7eiqO1xNF/9AoqTp7H/EGkoN2ggyj
J1n8mAkFN1oYgDQ429SzIjavXCI6wfeCCSo6Udko5tONqYP3sE5ZF1Cf2ZWIc2sz
x6DN8hCRB1XzdsSjfI0/2aBzQnwH0qx58hCN+TO2sB1a5bB2ruhi+8lG4HXteYAz
TQJE/oINs1fNg9krfv5rEwNfLwQIjahpYnesufKy0ZTj1rAJ4DlB3r4r6Z7zv78q
MsWf3nvZOn3u+Uo9V6yBrXbDtOwlbMqNIrxMH7mUx8q9rnHMuVY1kilbRJ4h4yIl
vOnn3tA0qJO3TOykfons9QYHMwIDAQABo4IDADCCAvwwHQYDVR0OBBYEFEZd2P+r
rYKhEOIofMBdTbiYj5J0MB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE
NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvOUU5OTc3RTZE
MzRFMTFFQjhCQ0M0OTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYkGCCsGAQUFBwEHAQH/
BHoweDBlBAIAATBfMAsDAwA9EwMEAD0TAgMEAD0TBAMEAD0TBwMEAD0TCQMEAD0T
DjAMAwQFepvgAwQAepviAwQAepvkAwQAepvmAwQAepvoMAwDBAJ6m+wDBAB6m+4D
BAJ6m/QDBADKL/0wDwQCAAIwCQMHACABDDhQADANBgkqhkiG9w0BAQsFAAOCAQEA
mx17/uCctsr/38B6oDPLk7ObcsPyRHdm/VDTJ5g7EU8UBi7+nrAOYY7BOVE5ZSA1
C/vJFxMgOLaFko2uPZEz8l2ixvgw7d6NTM+1ScTPhvY9HzuHWvviW+RlUw+rHbGZ
0XFtiifZ6MJOLbRAO0wo5plm+dyOJse1uJOtPMmEXGclmDIj4pardu+G48+2/44r
m8z4Uom3uCRow2Vx7R5Nalqu4qRJkX6xT2Ag/UKAX6Ij3UNSZ4FhPTOzGyexb6YZ
sAYGSmMQ4SloFNN0T/F5ORcjDTxLkuKw2Fyu0gaAGarxDyXXS4b36vIHDulTc+T5
R1Ij41+R8A9FR9CRmEHuTA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:51 2025 by rpki-client