Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9C075956EB9E11EEB387FD36C4F9AE02.roa
File: 9C075956EB9E11EEB387FD36C4F9AE02.roa (raw, json)
Hash identifier: /Dl28crPfh72BtKqGnoA8xpiR5TSANwZIfgc8CeZQ4c=
Subject key identifier: 8E:B2:56:55:17:F9:C3:E7:F1:80:66:29:95:84:47:D9:EF:9D:99:C6
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 092B
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9C075956EB9E11EEB387FD36C4F9AE02.roa
Signing time: Tue 26 Mar 2024 18:28:15 +0000
ROA not before: Tue 26 Mar 2024 18:28:15 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2347 (0x92b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Mar 26 18:28:15 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=660313bf-77be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6f:d0:f1:d8:d3:d2:b8:a8:70:c0:3f:4c:96:
25:a6:83:37:13:48:23:4f:3f:75:c5:40:97:27:5f:
a4:02:9a:a1:a1:92:ca:97:b4:24:5a:6c:1b:8a:d8:
2b:34:a8:77:34:27:4f:98:cf:a3:4f:a8:1b:48:1b:
14:db:f5:97:2c:7a:f4:07:5e:3b:cc:82:d2:77:a1:
38:1d:bb:ab:ef:d2:a3:9b:49:ea:7d:07:b2:c4:46:
b9:fb:70:a6:83:ff:c4:57:3b:73:ee:5b:10:18:bf:
6e:00:ff:da:10:e9:96:a3:4f:fc:26:28:e2:5f:f0:
a7:1c:0e:db:37:8e:85:de:e6:26:98:be:5e:ca:92:
31:5a:33:0e:7a:3a:05:06:d6:40:5c:97:ef:68:b1:
8f:4f:44:81:61:52:1d:08:6e:c1:c9:74:14:17:c0:
5c:25:8b:4b:35:9a:86:e2:92:e0:6c:cd:72:ae:5a:
fc:33:05:de:73:fa:99:68:dd:af:c2:a4:eb:a4:9a:
5d:f5:b8:49:fe:1b:0f:d1:0b:91:aa:8a:db:cd:60:
19:0d:47:2c:6f:6e:e1:66:6b:cf:fe:cb:15:05:f3:
60:f8:36:7b:b6:40:41:ec:01:95:ea:f1:7c:31:ee:
f8:30:5f:bd:13:5d:fa:ff:09:0d:6b:d5:22:21:d2:
62:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B2:56:55:17:F9:C3:E7:F1:80:66:29:95:84:47:D9:EF:9D:99:C6
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/9C075956EB9E11EEB387FD36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/19
103.20.134.0/23
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
8b:41:41:d3:c9:7c:79:b1:49:3b:97:ba:2c:e7:09:8c:f1:37:
a5:90:6d:b0:ad:b1:c2:e3:6f:9a:72:77:9c:61:7b:6b:3c:c4:
c6:ae:4c:aa:91:6b:2b:1a:97:da:08:99:90:b3:cd:95:15:c4:
35:52:16:12:61:03:1f:28:ac:eb:71:e1:2b:e5:ed:d1:57:07:
41:66:49:7b:de:02:c4:ba:c6:fe:54:82:ca:c0:c8:22:a1:50:
ca:3d:85:3f:a5:7e:55:4e:c5:e7:13:c7:be:9f:5d:97:9d:94:
a5:95:41:d1:6f:6e:a6:22:5c:db:2d:f4:26:ff:82:4a:b7:da:
e7:c7:3e:aa:be:90:6c:d5:26:2d:4c:d5:ed:02:4b:4d:65:ee:
c8:8a:d2:98:2d:ee:f4:88:c7:e3:bf:aa:00:b5:5c:bf:be:5c:
72:99:c3:24:63:4d:e8:23:69:d6:63:8a:98:ae:58:db:8d:1e:
93:4e:e5:f9:5f:24:70:fa:6f:a9:c0:69:0b:3c:ab:79:a5:fc:
48:10:15:47:19:35:7b:cf:37:a9:3b:05:af:92:bc:5a:c8:ef:
7a:b9:28:9e:8f:13:6a:d6:b9:b7:9b:28:2c:f4:c4:b4:20:55:
7d:6f:15:c0:21:77:7f:a2:12:ab:6f:99:0c:64:c2:2a:80:7a:
c9:95:8c:7c
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCSswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjQwMzI2MTgyODE1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzMTNiZi03N2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy2/Q8djT0riocMA/TJYlpoM3E0gjTz91xUCXJ1+kApqhoZLKl7QkWmwbitgr
NKh3NCdPmM+jT6gbSBsU2/WXLHr0B147zILSd6E4Hbur79Kjm0nqfQeyxEa5+3Cm
g//EVztz7lsQGL9uAP/aEOmWo0/8JijiX/CnHA7bN46F3uYmmL5eypIxWjMOejoF
BtZAXJfvaLGPT0SBYVIdCG7ByXQUF8BcJYtLNZqG4pLgbM1yrlr8MwXec/qZaN2v
wqTrpJpd9bhJ/hsP0QuRqorbzWAZDUcsb27hZmvP/ssVBfNg+DZ7tkBB7AGV6vF8
Me74MF+9E136/wkNa9UiIdJiUwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI6yVlUX
+cPn8YBmKZWER9nvnZnGMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvOUMwNzU5NTZF
QjlFMTFFRUIzODdGRDM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAUOwIADBAFnFIYwDQQCAAIwBwMFACQDeYAwDQYJKoZIhvcN
AQELBQADggEBAItBQdPJfHmxSTuXuiznCYzxN6WQbbCtscLjb5pyd5xhe2s8xMau
TKqRaysal9oImZCzzZUVxDVSFhJhAx8orOtx4Svl7dFXB0FmSXveAsS6xv5UgsrA
yCKhUMo9hT+lflVOxecTx76fXZedlKWVQdFvbqYiXNst9Cb/gkq32ufHPqq+kGzV
Ji1M1e0CS01l7siK0pgt7vSIx+O/qgC1XL++XHKZwyRjTegjadZjipiuWNuNHpNO
5flfJHD6b6nAaQs8q3ml/EgQFUcZNXvPN6k7Ba+SvFrI73q5KJ6PE2rWubebKCz0
xLQgVX1vFcAhd3+iEqtvmQxkwiqAesmVjHw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:45 2025 by rpki-client