Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/876B92F211EA11EE80A41B7FC4F9AE02.roa
File: 876B92F211EA11EE80A41B7FC4F9AE02.roa (raw, json)
Hash identifier: goOwQaUfLeM5Z9ZgNd1IEpvGDHP55/40DXeu7SaZ5js=
Subject key identifier: EA:78:0B:7C:1F:C9:92:1B:2D:3F:EA:43:B0:A6:E0:BB:2F:A2:7E:D3
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 088C
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/876B92F211EA11EE80A41B7FC4F9AE02.roa
Signing time: Wed 16 Aug 2023 11:35:43 +0000
ROA not before: Wed 16 Aug 2023 11:35:43 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/24 maxlen: 24
111.92.129.0/24 maxlen: 24
111.92.130.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.135.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.140.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
111.92.152.0/24 maxlen: 24
111.92.153.0/24 maxlen: 24
111.92.154.0/24 maxlen: 24
111.92.155.0/24 maxlen: 24
111.92.156.0/24 maxlen: 24
111.92.157.0/24 maxlen: 24
111.92.158.0/24 maxlen: 24
111.92.159.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2188 (0x88c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Aug 16 11:35:43 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64dcb48f-4d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:45:bf:b6:8c:fc:13:71:ed:49:73:91:f2:04:
1e:6e:2f:a9:e1:4b:10:a1:da:82:ba:8a:8b:a1:19:
28:42:61:15:39:84:51:2b:9f:35:28:91:a7:5c:a0:
64:fe:4a:a3:ea:09:19:8a:ca:3a:eb:db:4b:fc:54:
42:7b:77:98:8b:43:b9:4f:2a:e6:83:a7:57:a4:1c:
44:c7:62:f8:6a:87:f2:e9:6d:8c:da:e2:f4:49:f2:
c1:d0:dd:7e:01:f8:f2:46:8e:41:b6:3f:92:5c:ce:
43:8e:e6:4b:4a:e5:a4:8e:f3:d2:2a:a4:9c:5d:12:
ef:f9:99:fc:20:46:8c:af:de:57:f8:fa:55:bc:30:
4e:c4:44:2f:1f:6b:ba:fd:e3:ad:c4:2b:0d:ac:87:
61:74:91:fd:e2:7b:b9:95:fc:a5:66:1d:b7:f4:bb:
9a:e5:bb:8a:e7:74:00:c5:79:64:79:59:39:6f:e9:
f9:3d:88:8a:03:8e:a9:b7:f3:63:34:7d:59:e3:72:
53:11:1a:c0:2e:12:a8:56:02:8c:4f:bf:d1:5e:93:
94:eb:08:1e:12:5a:ca:c8:33:d5:1d:0a:3a:65:a9:
65:f9:05:65:fd:47:3f:e1:6b:8a:b0:56:b3:e3:6e:
71:c7:83:e5:2b:e5:7b:98:10:b2:c9:77:27:1c:63:
7c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:78:0B:7C:1F:C9:92:1B:2D:3F:EA:43:B0:A6:E0:BB:2F:A2:7E:D3
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/876B92F211EA11EE80A41B7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/19
43.247.120.0/22
103.20.132.0/22
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
83:62:cc:4a:bb:94:62:d8:91:b6:5f:72:77:6f:db:51:3a:23:
3b:84:bb:18:ed:4b:6f:fe:6e:21:05:4a:1e:c9:f3:c9:ad:86:
be:9b:9e:e9:e4:93:ec:27:13:09:e9:67:14:bc:cc:52:4b:ba:
d0:26:46:37:21:03:f8:54:24:c1:98:52:8e:70:36:f8:75:e7:
91:fa:7a:f7:ed:d1:52:78:02:7b:ec:94:02:27:21:f3:fb:40:
30:b9:2a:8e:3c:1d:e8:06:a8:84:11:f6:d1:2b:d7:a8:d3:6b:
7d:7d:1b:c5:e3:bc:b1:48:a9:09:78:55:70:e0:d4:5f:73:29:
94:06:81:5a:62:3e:29:e2:99:96:57:5f:58:08:93:ba:5a:73:
3a:d9:91:10:07:f7:24:c5:2c:db:1c:6b:88:b0:29:a1:74:0a:
0c:81:d4:51:77:69:2e:df:bc:38:06:c2:cb:1f:fc:2e:73:15:
ca:02:ec:9b:29:99:58:71:bc:f4:dc:01:c0:79:36:f2:d3:2f:
b5:fe:8f:a6:8c:8a:e9:27:e4:5a:89:bc:f0:f7:97:32:32:ca:
be:9c:d9:83:64:fb:ff:90:8c:f7:c7:fc:6b:e6:32:9d:2a:aa:
31:76:7b:b4:2a:47:47:18:d0:53:25:8a:aa:f3:ac:c9:d8:db:
9c:6e:0b:39
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjMwODE2MTEzNTQzWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRjYjQ4Zi00ZDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApEW/toz8E3HtSXOR8gQebi+p4UsQodqCuoqLoRkoQmEVOYRRK581KJGnXKBk
/kqj6gkZiso669tL/FRCe3eYi0O5Tyrmg6dXpBxEx2L4aofy6W2M2uL0SfLB0N1+
AfjyRo5Btj+SXM5DjuZLSuWkjvPSKqScXRLv+Zn8IEaMr95X+PpVvDBOxEQvH2u6
/eOtxCsNrIdhdJH94nu5lfylZh239Lua5buK53QAxXlkeVk5b+n5PYiKA46pt/Nj
NH1Z43JTERrALhKoVgKMT7/RXpOU6wgeElrKyDPVHQo6Zall+QVl/Uc/4WuKsFaz
425xx4PlK+V7mBCyyXcnHGN8VQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFOp4C3wf
yZIbLT/qQ7Cm4Lsvon7TMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvODc2QjkyRjIx
MUVBMTFFRTgwQTQxQjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAUOwIADBAIr93gDBAJnFIQDBAVvXIAwDQQCAAIwBwMFACQD
eYAwDQYJKoZIhvcNAQELBQADggEBAINizEq7lGLYkbZfcndv21E6IzuEuxjtS2/+
biEFSh7J88mthr6bnunkk+wnEwnpZxS8zFJLutAmRjchA/hUJMGYUo5wNvh155H6
evft0VJ4AnvslAInIfP7QDC5Ko48HegGqIQR9tEr16jTa319G8XjvLFIqQl4VXDg
1F9zKZQGgVpiPinimZZXX1gIk7paczrZkRAH9yTFLNsca4iwKaF0CgyB1FF3aS7f
vDgGwssf/C5zFcoC7JspmVhxvPTcAcB5NvLTL7X+j6aMiukn5FqJvPD3lzIyyr6c
2YNk+/+QjPfH/GvmMp0qqjF2e7QqR0cY0FMliqrzrMnY25xuCzk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:07 2025 by rpki-client