Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/E909EACC31EC11EA83F8FE62C4F9AE02.roa
File: E909EACC31EC11EA83F8FE62C4F9AE02.roa (raw, json)
Hash identifier: N9SFHPjnOHS9U9xxT8nxgDZe034vIKWcX9FKu1RKaD4=
Subject key identifier: 85:EF:3C:99:A6:87:3D:C4:A2:0E:B1:B5:CD:10:41:10:A2:3B:35:9D
Certificate issuer: /CN=A91D92FB/serialNumber=4C36F812E76D827ECE6E59BD1560585C51ECD992
Certificate serial: 3256
Authority key identifier: 4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/E909EACC31EC11EA83F8FE62C4F9AE02.roa
Signing time: Tue 09 Aug 2022 08:00:31 +0000
ROA not before: Tue 09 Aug 2022 08:00:31 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 17408
IP address blocks: 202.133.224.0/19 maxlen: 22
202.133.224.0/20 maxlen: 23
202.133.224.0/24 maxlen: 24
202.133.226.0/23 maxlen: 24
202.133.228.0/22 maxlen: 24
202.133.232.0/21 maxlen: 24
202.133.240.0/21 maxlen: 24
202.133.248.0/22 maxlen: 24
202.133.252.0/23 maxlen: 24
2405:7e00:17::/48 maxlen: 48
2405:7e00:1000::/36 maxlen: 36
2405:7e00:1000::/48 maxlen: 48
2405:7e00:1002::/64 maxlen: 64
2405:7e00:1003::/48 maxlen: 48
2405:7e00:100a::/48 maxlen: 48
2405:7e00:100b::/48 maxlen: 48
2405:7e00:100c::/48 maxlen: 48
2405:7e00:100d::/48 maxlen: 48
2405:7e00:100e::/48 maxlen: 48
2405:7e00:100f::/48 maxlen: 48
2405:7e00:1011::/48 maxlen: 48
2405:7e00:1012::/48 maxlen: 48
2405:7e00:1013::/48 maxlen: 48
2405:7e00:1014::/48 maxlen: 48
2405:7e00:1015::/48 maxlen: 48
2405:7e00:1016::/48 maxlen: 48
2405:7e00:101a::/48 maxlen: 48
2405:7e00:101b::/48 maxlen: 48
2405:7e00:1020::/48 maxlen: 48
2405:7e00:4000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12886 (0x3256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D92FB
Validity
Not Before: Aug 9 08:00:31 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=62f2141e-af3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:60:3c:1c:d6:c6:2e:9d:fb:7a:35:e2:65:05:
5a:e9:93:e1:c2:95:b6:31:47:8d:c7:26:8d:d2:67:
6f:a2:b6:e7:c9:0a:9e:fc:19:05:a4:85:12:2c:8f:
e8:83:f9:86:14:d5:ce:ab:59:50:03:5e:c4:16:94:
98:26:08:24:76:3a:c2:5c:7a:b1:f5:3d:0d:4e:b4:
d8:aa:12:f8:6c:46:75:11:01:39:7d:a0:20:97:63:
f0:23:c7:d8:06:eb:56:d7:c4:e4:ab:05:46:0b:da:
7d:1f:9b:42:74:de:ed:dd:a4:bb:6d:cb:1f:84:7d:
9a:08:e8:48:fc:7e:0e:38:52:e1:6d:5e:f1:91:45:
10:3c:75:ed:c0:c4:0e:20:84:be:a1:8c:91:04:a8:
9f:0d:b9:13:8b:13:2e:fa:f3:91:f5:99:23:6b:f3:
9c:4c:e4:40:88:d2:08:27:66:48:ec:fa:dd:78:4c:
3f:29:05:f1:37:36:d6:96:af:f0:b5:0a:ff:e9:42:
75:07:d6:04:b4:c6:47:93:71:43:e2:41:1a:f1:68:
b6:00:bc:8a:f1:e3:08:d9:fc:d9:a9:86:79:3f:b9:
c1:78:dc:8d:44:e5:d6:9d:12:9d:af:10:99:50:8d:
d1:93:41:f2:c5:2e:36:15:47:39:44:41:17:96:9e:
e9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EF:3C:99:A6:87:3D:C4:A2:0E:B1:B5:CD:10:41:10:A2:3B:35:9D
X509v3 Authority Key Identifier:
keyid:4C:36:F8:12:E7:6D:82:7E:CE:6E:59:BD:15:60:58:5C:51:EC:D9:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDb4Eudtgn7Oblm9FWBYXFHs2ZI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D92FB/327FC6B21D8811E298F3A3E008B02CD2/E909EACC31EC11EA83F8FE62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.133.224.0/19
IPv6:
2405:7e00:17::/48
2405:7e00:1000::/36
2405:7e00:4000::/36
Signature Algorithm: sha256WithRSAEncryption
19:b0:36:a7:7c:da:ff:bc:13:60:fb:66:b1:1c:c3:5f:29:c6:
7d:64:56:0e:ef:e7:05:1c:02:4a:6b:2c:84:33:a0:98:f3:d2:
41:c5:53:74:35:d7:a9:5d:b3:8c:68:21:17:b8:14:d4:eb:1b:
db:4c:3e:20:93:8a:d7:83:d3:c7:32:37:50:a8:88:9a:03:e5:
b5:2b:c5:6a:51:0e:f9:76:5b:51:1f:b1:fc:09:84:49:9a:c5:
75:47:70:47:53:98:92:40:da:61:05:39:4f:40:b6:82:f0:0d:
e2:b1:f0:9b:53:5c:67:e2:18:23:8e:3a:8c:60:0a:4e:40:50:
c5:17:bc:3a:51:10:2d:60:6c:87:47:01:6a:d7:ec:b2:09:b1:
a1:26:3a:9e:8b:64:ea:87:15:5c:f0:f1:c3:06:98:5f:cf:67:
d5:1f:88:e2:75:6e:83:6a:d5:a3:d4:ed:41:4f:2b:b7:06:c7:
09:fb:aa:1b:cc:60:34:a6:a6:17:12:1e:f8:40:c2:7b:3d:ee:
6c:28:84:96:04:7f:1a:dd:d8:05:e5:35:be:2b:53:28:e4:22:
d8:30:a4:7c:ea:2b:44:0f:19:86:ac:65:c0:e7:f6:cb:e7:9a:
d7:30:f0:37:dd:82:f4:09:6d:47:1b:2b:9e:f9:4f:b4:42:ac:
41:1d:cf:6d
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICMlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDkyRkIxMTAvBgNVBAUTKDRDMzZGODEyRTc2RDgyN0VDRTZFNTlCRDE1NjA1ODVD
NTFFQ0Q5OTIwHhcNMjIwODA5MDgwMDMxWhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmYyMTQxZS1hZjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwmA8HNbGLp37ejXiZQVa6ZPhwpW2MUeNxyaN0mdvorbnyQqe/BkFpIUSLI/o
g/mGFNXOq1lQA17EFpSYJggkdjrCXHqx9T0NTrTYqhL4bEZ1EQE5faAgl2PwI8fY
ButW18TkqwVGC9p9H5tCdN7t3aS7bcsfhH2aCOhI/H4OOFLhbV7xkUUQPHXtwMQO
IIS+oYyRBKifDbkTixMu+vOR9Zkja/OcTORAiNIIJ2ZI7PrdeEw/KQXxNzbWlq/w
tQr/6UJ1B9YEtMZHk3FD4kEa8Wi2ALyK8eMI2fzZqYZ5P7nBeNyNROXWnRKdrxCZ
UI3Rk0HyxS42FUc5REEXlp7pQQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIXvPJmm
hz3Eog6xtc0QQRCiOzWdMB8GA1UdIwQYMBaAFEw2+BLnbYJ+zm5ZvRVgWFxR7NmS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTJGQi8zMjdGQzZCMjFE
ODgxMUUyOThGM0EzRTAwOEIwMkNEMi9URGI0RXVkdGduN09ibG05RldCWVhGSHMy
WkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1REYjRFdWR0Z243T2JsbTlGV0JZWEZIczJaSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDkyRkIvMzI3RkM2QjIxRDg4MTFFMjk4RjNBM0UwMDhCMDJDRDIvRTkwOUVBQ0Mz
MUVDMTFFQTgzRjhGRTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMAwEAgABMAYDBAXKheAwHwQCAAIwGQMHACQFfgAAFwMGBCQFfgAQAwYEJAV+
AEAwDQYJKoZIhvcNAQELBQADggEBABmwNqd82v+8E2D7ZrEcw18pxn1kVg7v5wUc
AkprLIQzoJjz0kHFU3Q116lds4xoIRe4FNTrG9tMPiCTiteD08cyN1CoiJoD5bUr
xWpRDvl2W1EfsfwJhEmaxXVHcEdTmJJA2mEFOU9AtoLwDeKx8JtTXGfiGCOOOoxg
Ck5AUMUXvDpREC1gbIdHAWrX7LIJsaEmOp6LZOqHFVzw8cMGmF/PZ9UfiOJ1boNq
1aPU7UFPK7cGxwn7qhvMYDSmphcSHvhAwns97mwohJYEfxrd2AXlNb4rUyjkItgw
pHzqK0QPGYasZcDn9svnmtcw8DfdgvQJbUcbK575T7RCrEEdz20=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:49:53 2025 by rpki-client