Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A6B0779A64E711EEA7FD6E45C4F9AE02.roa
File: A6B0779A64E711EEA7FD6E45C4F9AE02.roa (raw, json)
Hash identifier: uTefK8VUs8/W+d5QXJ3KlV/7Ar3YXOj3e7YEUpOyCDM=
Subject key identifier: 3F:E4:08:03:81:43:80:99:8A:B8:0C:C7:80:5C:01:1B:48:08:F1:42
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 08B0
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A6B0779A64E711EEA7FD6E45C4F9AE02.roa
Signing time: Sat 07 Oct 2023 08:08:40 +0000
ROA not before: Sat 07 Oct 2023 08:08:40 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.130.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.134.0/24 maxlen: 24
14.192.135.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.137.0/24 maxlen: 24
14.192.138.0/24 maxlen: 24
14.192.139.0/24 maxlen: 24
14.192.140.0/24 maxlen: 24
14.192.141.0/24 maxlen: 24
14.192.142.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.152.0/24 maxlen: 24
14.192.153.0/24 maxlen: 24
14.192.154.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/24 maxlen: 24
111.92.129.0/24 maxlen: 24
111.92.130.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.135.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.140.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
111.92.152.0/24 maxlen: 24
111.92.153.0/24 maxlen: 24
111.92.154.0/24 maxlen: 24
111.92.155.0/24 maxlen: 24
111.92.156.0/24 maxlen: 24
111.92.157.0/24 maxlen: 24
111.92.158.0/24 maxlen: 24
111.92.159.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2224 (0x8b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Oct 7 08:08:40 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65211208-315d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:54:65:2b:cd:56:b9:72:27:26:91:e0:50:28:
11:b3:fa:2c:09:38:c2:0a:2c:71:b0:40:39:9a:a2:
ff:61:31:77:90:6a:cc:d1:ea:e2:61:fe:9c:35:ce:
b7:91:e5:db:97:c7:3d:59:e1:ce:fe:d4:5a:f4:41:
71:63:18:90:52:7f:74:24:0c:2b:ee:c0:02:71:18:
a3:d3:81:98:2e:ac:88:27:e9:7d:73:30:59:a1:b7:
44:64:2e:23:7a:98:7c:a0:ea:09:a0:84:d8:23:8f:
4d:ea:81:f5:bd:de:23:9d:fa:73:23:00:80:2a:c7:
71:d7:c6:c0:e2:a1:65:db:8f:f0:78:13:d7:fd:47:
c3:bf:7a:f8:1c:41:f5:5a:dc:13:37:bb:ba:22:79:
dc:d7:a0:47:34:57:ce:9e:93:84:a1:20:28:35:c6:
89:38:ca:c0:b1:83:0f:96:8a:d7:ec:f6:9c:7a:c5:
44:8a:fd:1b:6d:6f:c6:34:04:cf:9c:af:44:70:33:
47:22:c2:a3:41:6e:b5:c7:d7:77:b9:b7:ef:ab:be:
99:3f:26:33:7f:ea:7a:0d:e6:df:7e:bb:11:c8:b7:
24:e0:f4:0d:7a:41:8c:eb:4d:63:ca:04:4b:82:60:
2d:b7:81:93:46:79:6d:78:df:bb:f2:81:a1:61:51:
21:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E4:08:03:81:43:80:99:8A:B8:0C:C7:80:5C:01:1B:48:08:F1:42
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/A6B0779A64E711EEA7FD6E45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/19
43.247.120.0/22
103.20.132.0/22
111.92.128.0/19
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
72:1e:cc:4c:6a:84:d7:94:81:4e:77:ac:d7:d3:04:6d:0a:4a:
06:4c:ef:4f:28:60:01:ad:30:20:6c:fc:7b:2e:8b:52:5c:70:
c0:d1:a0:8f:58:87:8a:9e:a3:92:92:23:fa:c6:79:8f:f9:e6:
55:9e:8f:25:db:23:96:57:01:56:0a:24:95:25:20:a8:ef:64:
f7:ec:c7:94:ee:17:4c:8b:c8:0d:c9:2d:97:eb:48:8f:1c:84:
74:6a:37:e4:6f:69:ef:6c:3b:04:f6:0a:be:c3:d1:be:f5:0d:
da:83:e3:e0:2c:0b:f3:9e:f0:94:86:9d:c1:24:42:12:66:d4:
c3:92:64:76:7b:ad:ad:24:81:c9:99:0e:01:41:ad:89:58:d8:
79:a4:a2:3e:3f:7c:71:22:72:91:87:e6:8b:de:79:76:54:56:
db:f3:6e:36:ee:8c:7a:46:91:7e:c1:a5:58:c3:a9:33:47:e6:
9c:58:67:9d:ba:8b:5b:7c:50:ea:5d:ee:f0:c9:d9:96:7d:0e:
80:51:07:8f:0a:d0:2b:ed:99:22:29:ea:15:ec:58:fd:de:3f:
d7:9f:fb:c5:7c:d2:42:78:ad:25:46:93:0b:b1:ea:ea:2b:b6:
bd:6c:8c:2d:72:16:3e:b3:af:aa:01:03:74:ff:ff:51:25:5b:
71:c8:4a:21
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjMxMDA3MDgwODQwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTIxMTIwOC0zMTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxVRlK81WuXInJpHgUCgRs/osCTjCCixxsEA5mqL/YTF3kGrM0eriYf6cNc63
keXbl8c9WeHO/tRa9EFxYxiQUn90JAwr7sACcRij04GYLqyIJ+l9czBZobdEZC4j
eph8oOoJoITYI49N6oH1vd4jnfpzIwCAKsdx18bA4qFl24/weBPX/UfDv3r4HEH1
WtwTN7u6Innc16BHNFfOnpOEoSAoNcaJOMrAsYMPlorX7PacesVEiv0bbW/GNATP
nK9EcDNHIsKjQW61x9d3ubfvq76ZPyYzf+p6DebffrsRyLck4PQNekGM601jygRL
gmAtt4GTRnlteN+78oGhYVEhTQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFD/kCAOB
Q4CZirgMx4BcARtICPFCMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQTZCMDc3OUE2
NEU3MTFFRUE3RkQ2RTQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAUOwIADBAIr93gDBAJnFIQDBAVvXIAwDQQCAAIwBwMFACQD
eYAwDQYJKoZIhvcNAQELBQADggEBAHIezExqhNeUgU53rNfTBG0KSgZM708oYAGt
MCBs/Hsui1JccMDRoI9Yh4qeo5KSI/rGeY/55lWejyXbI5ZXAVYKJJUlIKjvZPfs
x5TuF0yLyA3JLZfrSI8chHRqN+Rvae9sOwT2Cr7D0b71DdqD4+AsC/Oe8JSGncEk
QhJm1MOSZHZ7ra0kgcmZDgFBrYlY2Hmkoj4/fHEicpGH5oveeXZUVtvzbjbujHpG
kX7BpVjDqTNH5pxYZ526i1t8UOpd7vDJ2ZZ9DoBRB48K0CvtmSIp6hXsWP3eP9ef
+8V80kJ4rSVGkwux6uortr1sjC1yFj6zr6oBA3T//1ElW3HISiE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:26 2025 by rpki-client