Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/CB7265EA9A2611EBA0D24E4AC4F9AE02.roa
File: CB7265EA9A2611EBA0D24E4AC4F9AE02.roa (raw, json)
Hash identifier: 1WrwL9elQqZq6ihCGjaWN+2ic+Ktd1zvtgmZdkrOCWU=
Subject key identifier: 0E:2D:4E:8E:49:21:B0:19:78:2E:DB:19:35:5F:AE:9B:9E:E4:0F:FE
Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial: 05F9
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/CB7265EA9A2611EBA0D24E4AC4F9AE02.roa
Signing time: Mon 15 Jul 2024 17:18:22 +0000
ROA not before: Mon 15 Jul 2024 17:18:22 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 134540
IP address blocks: 14.96.64.0/20 maxlen: 24
14.96.80.0/20 maxlen: 24
14.96.96.0/20 maxlen: 20
14.96.96.0/20 maxlen: 24
14.96.112.0/20 maxlen: 24
2406:e00::/48 maxlen: 51
2406:e00:1::/48 maxlen: 51
2406:e00:2::/48 maxlen: 51
2406:e00:3::/48 maxlen: 51
2406:e00:4::/48 maxlen: 51
2406:e00:5::/48 maxlen: 51
2406:e00:6::/48 maxlen: 51
2406:e00:7::/48 maxlen: 51
2406:e00:8::/48 maxlen: 51
2406:e00:a::/48 maxlen: 51
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1529 (0x5f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DEA4, serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Validity
Not Before: Jul 15 17:18:22 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=669559de-7816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5b:fb:0f:4e:7c:8d:ab:0c:79:44:be:70:f6:
d2:ee:7c:bd:61:bd:62:dd:2d:8e:65:02:5c:e8:5e:
d1:1e:70:8c:4c:53:21:fc:a0:56:ac:32:6b:35:3a:
80:9f:24:1f:37:f7:ed:d9:c8:06:df:28:fe:41:a4:
9a:ff:15:f0:0c:8f:84:22:d3:f8:4a:94:31:26:4e:
38:3d:80:42:66:ff:bf:5a:93:9d:3f:d0:97:60:df:
c3:a8:d0:01:a7:04:98:52:90:cb:35:47:2e:f2:b6:
1b:2c:4e:ca:9c:b4:db:b8:65:85:2d:2f:93:7e:c7:
f7:88:98:72:60:52:cf:b8:08:e5:12:56:bb:b7:91:
1c:fc:26:33:bd:ff:8b:75:75:6d:8e:cb:fa:64:91:
67:41:bd:f1:73:29:2c:32:ff:9d:68:66:d4:10:3a:
db:e9:47:32:9a:a7:ac:7b:54:cd:5f:fc:e0:62:f3:
b9:e0:de:66:6b:85:79:b3:57:27:6d:e2:8a:a1:c5:
ca:49:3f:03:7f:eb:43:37:8b:ae:ad:1a:f8:f3:05:
bb:29:68:aa:19:40:c8:79:95:cd:bb:87:92:ab:74:
39:66:73:97:1e:79:e4:0a:47:cb:2b:b0:02:9c:fc:
f5:8b:6e:4a:f5:ec:a8:f8:2e:63:4a:c4:7e:48:e5:
2b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2D:4E:8E:49:21:B0:19:78:2E:DB:19:35:5F:AE:9B:9E:E4:0F:FE
X509v3 Authority Key Identifier:
keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/CB7265EA9A2611EBA0D24E4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.96.64.0/18
IPv6:
2406:e00::-2406:e00:8:ffff:ffff:ffff:ffff:ffff
2406:e00:a::/48
Signature Algorithm: sha256WithRSAEncryption
59:61:a2:51:59:30:25:6e:23:a6:ab:4c:9e:f2:1d:fc:a4:5e:
ee:32:72:2b:98:51:d2:7e:b8:79:44:37:e2:18:3f:db:55:39:
d0:7b:f0:f4:1f:c1:33:5b:2c:21:4c:c0:df:89:72:4c:37:76:
2f:b8:e0:29:3c:30:76:bb:75:ed:fe:08:01:fd:4d:d7:23:d6:
55:f6:d9:31:1a:ee:44:43:c8:b5:3c:84:f4:5d:b0:b7:70:27:
69:0e:55:2d:f1:a7:83:c1:91:69:29:20:cf:dd:08:be:07:24:
8d:3a:e2:a1:83:f1:27:e6:79:78:1f:7e:a8:c0:85:b4:84:de:
77:c3:a9:fd:02:c1:c9:7a:c4:51:fc:d1:46:8d:6c:27:ef:70:
ff:d8:de:56:5a:69:ff:55:c7:36:b1:8d:fc:16:c6:bf:b1:ec:
c6:76:17:a9:6f:2f:19:ae:62:63:ab:5f:f6:fd:00:21:2e:20:
f5:e9:50:71:dc:b0:b7:c3:69:e8:cc:08:b9:b6:e7:aa:ee:62:
3e:e8:f8:87:4e:e8:ea:4c:34:7d:41:60:93:47:96:ec:34:f8:
d8:89:46:67:e4:d0:84:35:29:b5:5c:e2:0b:fd:c8:d9:14:be:
4b:e0:dc:ab:3b:5e:09:66:f4:ba:53:ef:1f:05:c3:ed:dd:e7:
fd:bb:20:04
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICBfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjQwNzE1MTcxODIyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk1NTlkZS03ODE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxVv7D058jasMeUS+cPbS7ny9Yb1i3S2OZQJc6F7RHnCMTFMh/KBWrDJrNTqA
nyQfN/ft2cgG3yj+QaSa/xXwDI+EItP4SpQxJk44PYBCZv+/WpOdP9CXYN/DqNAB
pwSYUpDLNUcu8rYbLE7KnLTbuGWFLS+Tfsf3iJhyYFLPuAjlEla7t5Ec/CYzvf+L
dXVtjsv6ZJFnQb3xcyksMv+daGbUEDrb6Ucymqese1TNX/zgYvO54N5ma4V5s1cn
beKKocXKST8Df+tDN4uurRr48wW7KWiqGUDIeZXNu4eSq3Q5ZnOXHnnkCkfLK7AC
nPz1i25K9eyo+C5jSsR+SOUr3QIDAQABo4ICtzCCArMwHQYDVR0OBBYEFA4tTo5J
IbAZeC7bGTVfrpue5A/+MB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvQ0I3MjY1RUE5
QTI2MTFFQkEwRDI0RTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMAwEAgABMAYDBAYOYEAwIAQCAAIwGjAPAwQBJAYOAwcAJAYOAAAIAwcAJAYO
AAAKMA0GCSqGSIb3DQEBCwUAA4IBAQBZYaJRWTAlbiOmq0ye8h38pF7uMnIrmFHS
frh5RDfiGD/bVTnQe/D0H8EzWywhTMDfiXJMN3YvuOApPDB2u3Xt/ggB/U3XI9ZV
9tkxGu5EQ8i1PIT0XbC3cCdpDlUt8aeDwZFpKSDP3Qi+BySNOuKhg/En5nl4H36o
wIW0hN53w6n9AsHJesRR/NFGjWwn73D/2N5WWmn/Vcc2sY38Fsa/sezGdhepby8Z
rmJjq1/2/QAhLiD16VBx3LC3w2nozAi5tueq7mI+6PiHTujqTDR9QWCTR5bsNPjY
iUZn5NCENSm1XOIL/cjZFL5L4NyrO14JZvS6U+8fBcPt3ef9uyAE
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:17:23 2025 by rpki-client