Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/25ABE77A05A511EEA86A0C2BC4F9AE02.roa
File: 25ABE77A05A511EEA86A0C2BC4F9AE02.roa (raw, json)
Hash identifier: 84/bAz+u14hs4otQnjv1dl1d622jQrfjvLZLdiA0Psg=
Subject key identifier: 60:87:1E:FA:3B:14:D9:C0:46:AA:22:C3:2B:FA:0F:65:8E:52:43:88
Certificate issuer: /CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Certificate serial: 198C
Authority key identifier: CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/25ABE77A05A511EEA86A0C2BC4F9AE02.roa
Signing time: Thu 08 Jun 2023 02:35:36 +0000
ROA not before: Thu 08 Jun 2023 02:35:36 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 4837
IP address blocks: 113.9.3.0/24 maxlen: 24
113.9.4.0/24 maxlen: 24
113.9.6.0/24 maxlen: 24
116.112.80.0/20 maxlen: 20
116.113.128.0/19 maxlen: 19
116.113.160.0/21 maxlen: 21
116.115.40.0/21 maxlen: 21
116.115.48.0/20 maxlen: 20
116.115.64.0/19 maxlen: 19
119.248.0.0/14 maxlen: 14
120.0.0.0/12 maxlen: 12
122.97.172.0/22 maxlen: 22
122.97.176.0/22 maxlen: 22
122.136.96.0/19 maxlen: 19
124.67.92.0/22 maxlen: 22
124.67.96.0/20 maxlen: 20
124.93.0.0/16 maxlen: 16
124.93.212.0/22 maxlen: 22
125.35.128.0/20 maxlen: 20
125.211.0.0/16 maxlen: 16
180.129.128.0/17 maxlen: 17
202.99.237.0/24 maxlen: 24
202.99.242.0/24 maxlen: 24
203.93.144.0/20 maxlen: 20
203.93.160.0/20 maxlen: 20
210.5.128.0/20 maxlen: 20
210.22.48.0/20 maxlen: 20
210.51.212.0/22 maxlen: 22
218.21.248.0/22 maxlen: 22
218.21.252.0/23 maxlen: 23
218.21.254.0/24 maxlen: 24
218.24.160.0/20 maxlen: 20
218.26.80.0/21 maxlen: 21
218.61.146.0/24 maxlen: 24
218.62.33.0/24 maxlen: 24
218.67.240.0/24 maxlen: 24
218.67.241.0/24 maxlen: 24
218.67.242.0/24 maxlen: 24
218.69.89.0/24 maxlen: 24
218.69.93.0/24 maxlen: 24
218.69.95.0/24 maxlen: 24
218.69.96.0/24 maxlen: 24
218.69.250.0/24 maxlen: 24
218.104.64.0/20 maxlen: 20
218.104.144.0/20 maxlen: 20
218.106.80.0/20 maxlen: 20
219.158.64.0/20 maxlen: 20
219.158.80.0/20 maxlen: 20
219.158.96.0/20 maxlen: 20
219.158.112.0/20 maxlen: 20
219.159.20.0/22 maxlen: 22
219.159.59.0/24 maxlen: 24
219.159.60.0/23 maxlen: 23
220.248.160.0/19 maxlen: 19
221.3.128.0/17 maxlen: 17
221.8.12.0/24 maxlen: 24
221.10.25.0/24 maxlen: 24
221.13.64.0/19 maxlen: 19
221.192.166.0/23 maxlen: 23
221.199.204.0/22 maxlen: 22
221.203.244.0/22 maxlen: 22
221.203.248.0/21 maxlen: 21
221.208.150.0/24 maxlen: 24
221.208.160.0/22 maxlen: 22
221.208.255.0/24 maxlen: 24
221.212.0.0/16 maxlen: 16
221.212.126.0/24 maxlen: 24
221.213.0.0/16 maxlen: 16
222.161.0.0/22 maxlen: 22
222.161.2.0/23 maxlen: 23
222.161.4.0/22 maxlen: 22
2408:8000:5004::/48 maxlen: 48
2408:822a:9200::/39 maxlen: 39
2408:822a:9400::/38 maxlen: 38
2408:822a:9800::/37 maxlen: 37
2408:822a:a000::/37 maxlen: 37
2408:862a:9200::/39 maxlen: 39
2408:862a:9400::/38 maxlen: 38
2408:862a:9800::/37 maxlen: 37
2408:862a:a000::/37 maxlen: 37
2408:872b:400::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6540 (0x198c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB3/serialNumber=CBA197C04CAA9BD295F5788472A6A10AA3FBEF70
Validity
Not Before: Jun 8 02:35:36 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=64813e77-0d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7a:99:b9:32:63:e9:58:46:ed:be:3d:94:98:
98:5e:ec:14:5c:68:c6:66:a0:a7:e8:24:85:6c:1c:
77:ef:50:7b:b7:7a:11:1c:17:21:3a:66:9c:64:ce:
62:f3:72:a9:f8:42:6b:09:9e:df:af:10:c1:e3:ea:
fc:c7:93:57:a7:4a:43:86:c9:e1:43:54:a4:c1:10:
61:35:40:d1:06:6a:75:44:d2:78:56:35:2c:a1:81:
40:87:6d:40:50:ee:b9:d0:25:07:f5:af:05:30:ad:
7c:56:51:dc:46:a1:22:21:c7:b4:23:e4:eb:f0:cb:
1c:7a:a3:4c:84:2d:53:44:5a:4f:55:ee:46:33:bf:
6d:4c:f0:af:50:45:22:27:b5:50:bd:50:bc:d4:de:
b7:60:8b:f9:56:3f:4e:60:2b:7d:d8:cb:6f:99:c9:
8d:0c:0e:b3:f5:42:e5:e5:f2:d4:45:96:fc:bf:f2:
75:ab:23:54:04:a0:1f:65:2c:59:3e:78:91:fe:25:
56:55:d3:29:89:f6:37:8c:3c:c4:68:08:34:82:ab:
4d:d2:08:70:69:55:1c:11:1d:3e:ee:73:79:42:93:
f9:23:3e:9b:33:54:a0:4c:5f:ee:43:98:d0:0a:07:
6a:fd:5d:3c:cf:72:ba:79:21:c0:24:f7:25:4e:37:
5b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:87:1E:FA:3B:14:D9:C0:46:AA:22:C3:2B:FA:0F:65:8E:52:43:88
X509v3 Authority Key Identifier:
keyid:CB:A1:97:C0:4C:AA:9B:D2:95:F5:78:84:72:A6:A1:0A:A3:FB:EF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/y6GXwEyqm9KV9XiEcqahCqP773A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y6GXwEyqm9KV9XiEcqahCqP773A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1DB7983C259D11E785D3250AC4F9AE02/25ABE77A05A511EEA86A0C2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.9.3.0-113.9.4.255
113.9.6.0/24
116.112.80.0/20
116.113.128.0-116.113.167.255
116.115.40.0-116.115.95.255
119.248.0.0/14
120.0.0.0/12
122.97.172.0-122.97.179.255
122.136.96.0/19
124.67.92.0-124.67.111.255
124.93.0.0/16
125.35.128.0/20
125.211.0.0/16
180.129.128.0/17
202.99.237.0/24
202.99.242.0/24
203.93.144.0-203.93.175.255
210.5.128.0/20
210.22.48.0/20
210.51.212.0/22
218.21.248.0-218.21.254.255
218.24.160.0/20
218.26.80.0/21
218.61.146.0/24
218.62.33.0/24
218.67.240.0-218.67.242.255
218.69.89.0/24
218.69.93.0/24
218.69.95.0-218.69.96.255
218.69.250.0/24
218.104.64.0/20
218.104.144.0/20
218.106.80.0/20
219.158.64.0/18
219.159.20.0/22
219.159.59.0-219.159.61.255
220.248.160.0/19
221.3.128.0/17
221.8.12.0/24
221.10.25.0/24
221.13.64.0/19
221.192.166.0/23
221.199.204.0/22
221.203.244.0-221.203.255.255
221.208.150.0/24
221.208.160.0/22
221.208.255.0/24
221.212.0.0/15
222.161.0.0/21
IPv6:
2408:8000:5004::/48
2408:822a:9200::-2408:822a:a7ff:ffff:ffff:ffff:ffff:ffff
2408:862a:9200::-2408:862a:a7ff:ffff:ffff:ffff:ffff:ffff
2408:872b:400::/40
Signature Algorithm: sha256WithRSAEncryption
2a:0c:8c:ec:34:1b:ba:82:6f:0d:b2:72:03:2e:b5:c8:28:5b:
73:f2:24:4f:53:b3:81:49:0e:ed:1c:e6:b0:b9:b4:f3:73:32:
86:ed:60:aa:49:22:3c:49:94:95:2e:f4:c6:de:28:98:cd:1c:
67:8a:53:8f:40:9d:24:7f:08:5d:93:2e:69:0e:ac:67:71:3e:
e0:06:fe:5b:ab:60:7c:d1:11:94:6f:d4:4c:46:00:af:20:c6:
58:82:5f:c5:ad:09:a4:3d:6e:dc:3e:c7:15:3b:94:e8:70:0a:
01:43:97:2a:16:14:dd:0e:b5:13:6c:d9:c7:be:ab:88:7d:19:
40:e8:60:ec:6e:bc:45:3d:05:1d:df:68:cf:67:93:7f:c5:38:
80:54:48:e7:b2:13:07:c5:f9:bb:86:a8:06:c1:e2:52:38:4c:
9f:b1:ca:4c:ee:93:b3:b4:be:c1:f9:1f:13:d8:a7:e9:89:83:
00:18:7e:39:45:4d:75:f3:55:a2:a5:c7:e2:aa:7b:ed:f8:50:
97:dd:db:5c:ef:19:7c:89:30:ae:08:f9:6e:2c:84:2a:7a:e6:
fe:5c:74:af:83:a6:65:33:83:4e:10:d9:a5:cd:9b:f3:c8:1d:
61:5d:a5:93:f3:73:4d:0f:c0:bb:25:cb:3e:5c:b4:57:14:05:
9e:ba:5f:e6
-----BEGIN CERTIFICATE-----
MIIHKjCCBhKgAwIBAgICGYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNDQjMxMTAvBgNVBAUTKENCQTE5N0MwNENBQTlCRDI5NUY1Nzg4NDcyQTZBMTBB
QTNGQkVGNzAwHhcNMjMwNjA4MDIzNTM2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxM2U3Ny0wZDNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsnqZuTJj6VhG7b49lJiYXuwUXGjGZqCn6CSFbBx371B7t3oRHBchOmacZM5i
83Kp+EJrCZ7frxDB4+r8x5NXp0pDhsnhQ1SkwRBhNUDRBmp1RNJ4VjUsoYFAh21A
UO650CUH9a8FMK18VlHcRqEiIce0I+Tr8MsceqNMhC1TRFpPVe5GM79tTPCvUEUi
J7VQvVC81N63YIv5Vj9OYCt92MtvmcmNDA6z9ULl5fLURZb8v/J1qyNUBKAfZSxZ
PniR/iVWVdMpifY3jDzEaAg0gqtN0ghwaVUcER0+7nN5QpP5Iz6bM1SgTF/uQ5jQ
Cgdq/V08z3K6eSHAJPclTjdbAwIDAQABo4IETjCCBEowHQYDVR0OBBYEFGCHHvo7
FNnARqoiwyv6D2WOUkOIMB8GA1UdIwQYMBaAFMuhl8BMqpvSlfV4hHKmoQqj++9w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xREI3OTgzQzI1
OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi95NkdYd0V5cW05S1Y5WGlFY3FhaENxUDc3
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k2R1h3RXlxbTlLVjlYaUVjcWFoQ3FQNzczQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNDQjMvMURCNzk4M0MyNTlEMTFFNzg1RDMyNTBBQzRGOUFFMDIvMjVBQkU3N0Ew
NUE1MTFFRUE4NkEwQzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggHWBggrBgEFBQcBBwEB
/wSCAcUwggHBMIIBgAQCAAEwggF4MAwDBABxCQMDBABxCQQDBABxCQYDBAR0cFAw
DAMEB3RxgAMEA3RxoDAMAwQDdHMoAwQFdHNAAwMCd/gDAwR4ADAMAwQCemGsAwQC
emGwAwQFeohgMAwDBAJ8Q1wDBAR8Q2ADAwB8XQMEBH0jgAMDAH3TAwQHtIGAAwQA
ymPtAwQAymPyMAwDBATLXZADBATLXaADBATSBYADBATSFjADBALSM9QwDAMEA9oV
+AMEANoV/gMEBNoYoAMEA9oaUAMEANo9kgMEANo+ITAMAwQE2kPwAwQA2kPyAwQA
2kVZAwQA2kVdMAwDBADaRV8DBADaRWADBADaRfoDBATaaEADBATaaJADBATaalAD
BAbbnkADBALbnxQwDAMEANufOwMEAdufPAMEBdz4oAMEB90DgAMEAN0IDAMEAN0K
GQMEBd0NQAMEAd3ApgMEAt3HzDALAwQC3cv0AwMC3cgDBADd0JYDBALd0KADBADd
0P8DAwHd1AMEA96hADA7BAIAAjA1AwcAJAiAAFAEMBADBgEkCIIqkgMGAyQIgiqg
MBADBgEkCIYqkgMGAyQIhiqgAwYAJAiHKwQwDQYJKoZIhvcNAQELBQADggEBACoM
jOw0G7qCbw2ycgMutcgoW3PyJE9Ts4FJDu0c5rC5tPNzMobtYKpJIjxJlJUu9Mbe
KJjNHGeKU49AnSR/CF2TLmkOrGdxPuAG/lurYHzREZRv1ExGAK8gxliCX8WtCaQ9
btw+xxU7lOhwCgFDlyoWFN0OtRNs2ce+q4h9GUDoYOxuvEU9BR3faM9nk3/FOIBU
SOeyEwfF+buGqAbB4lI4TJ+xykzuk7O0vsH5HxPYp+mJgwAYfjlFTXXzVaKlx+Kq
e+34UJfd21zvGXyJMK4I+W4shCp65v5cdK+DpmUzg04Q2aXNm/PIHWFdpZPzc00P
wLslyz5ctFcUBZ66X+Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org