Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/10B99B9A326C11ECA77E8334C4F9AE02.roa
File: 10B99B9A326C11ECA77E8334C4F9AE02.roa (raw, json)
Hash identifier: DnRTNZPMwnYktiU5ZH9n3bIKR4q1FOd2lBBwVfkaP6E=
Subject key identifier: 25:15:B0:8E:D4:14:35:2D:89:A1:01:3C:C0:2A:8C:3F:59:2B:06:E3
Certificate issuer: /CN=A91E2454/serialNumber=AB6262BC7D02EC1AD48B71DA98B73D22A362DAF0
Certificate serial: 3119
Authority key identifier: AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/10B99B9A326C11ECA77E8334C4F9AE02.roa
Signing time: Tue 16 Nov 2021 02:40:33 +0000
ROA not before: Tue 16 Nov 2021 02:40:33 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 137226
IP address blocks: 111.125.108.0/22 maxlen: 22
111.125.108.0/24 maxlen: 24
111.125.109.0/24 maxlen: 24
111.125.110.0/24 maxlen: 24
111.125.111.0/24 maxlen: 24
111.125.120.0/22 maxlen: 22
111.125.120.0/24 maxlen: 24
111.125.121.0/24 maxlen: 24
111.125.122.0/24 maxlen: 24
111.125.123.0/24 maxlen: 24
120.29.67.0/24 maxlen: 24
120.29.70.0/24 maxlen: 24
120.29.71.0/24 maxlen: 24
120.29.81.0/24 maxlen: 24
120.29.83.0/24 maxlen: 24
120.29.93.0/24 maxlen: 24
120.29.104.0/22 maxlen: 22
120.29.104.0/24 maxlen: 24
120.29.105.0/24 maxlen: 24
120.29.106.0/24 maxlen: 24
120.29.107.0/24 maxlen: 24
120.29.112.0/24 maxlen: 24
120.29.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12569 (0x3119)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2454
Validity
Not Before: Nov 16 02:40:33 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61931a20-58b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bd:47:f9:3b:be:c5:1f:ab:03:fb:62:e3:5f:
43:4c:d8:9b:4a:f0:10:e6:3a:74:fa:bb:89:f0:63:
18:a7:81:26:02:3e:93:0e:22:bb:6f:aa:cd:14:52:
c5:18:5b:76:1c:50:a3:c4:33:0a:de:f5:d7:35:a9:
55:bb:69:43:c8:5e:19:37:2b:c9:6e:35:80:4b:1a:
10:a8:01:d3:7a:89:82:ae:50:50:71:d0:52:97:1a:
62:88:ff:bd:f1:36:2c:24:56:ee:eb:91:fa:bd:ac:
45:35:8a:10:39:2c:b6:c6:51:c9:26:a9:1a:36:ed:
8f:32:a8:33:1a:8e:33:13:14:90:fa:bf:1a:ef:c2:
b6:f6:3d:da:5a:2e:56:2b:51:73:75:b4:28:a6:17:
91:d6:f5:b1:f2:4f:98:bf:93:c9:29:ea:0c:cf:38:
a4:1e:0f:5e:66:c5:40:90:b0:ee:96:e4:29:41:84:
44:50:0a:0c:3a:3d:45:dd:40:88:59:3c:76:03:39:
9a:d5:09:eb:a8:a2:a6:2b:02:90:06:af:f0:3a:eb:
2d:ad:58:e6:dd:b7:5d:13:62:ff:96:97:a1:55:e7:
0f:e3:24:9f:ca:d9:aa:6a:e6:54:b1:b2:a3:d8:a3:
89:10:f0:3d:5e:93:79:c3:fa:b7:4c:d6:f9:3e:e7:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:15:B0:8E:D4:14:35:2D:89:A1:01:3C:C0:2A:8C:3F:59:2B:06:E3
X509v3 Authority Key Identifier:
keyid:AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/10B99B9A326C11ECA77E8334C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.125.108.0/22
111.125.120.0/22
120.29.67.0/24
120.29.70.0/23
120.29.81.0/24
120.29.83.0/24
120.29.93.0/24
120.29.104.0/22
120.29.112.0/24
120.29.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4c:b0:46:70:af:95:50:99:3e:4d:c1:a0:17:96:ee:30:f7:
66:ba:38:fa:24:6d:27:36:d1:b7:ac:3b:06:34:5a:8b:45:64:
09:15:88:09:b0:80:69:0c:e4:c9:14:42:c7:1a:68:24:1e:2c:
05:32:49:e8:9f:23:81:4e:44:f0:58:35:2b:0d:2b:03:a7:2e:
c9:97:d5:74:6d:32:c6:67:a3:92:fc:b3:66:32:b4:90:ff:91:
bd:31:9b:6f:73:33:1c:c3:6d:ae:5b:c8:bc:c9:3e:b2:ec:4c:
c3:ef:99:9d:be:8d:b1:84:9e:dd:00:3a:25:8a:4b:57:35:fb:
46:e1:e9:45:5a:aa:9a:72:83:d2:31:6f:9b:dc:b0:a7:38:96:
09:77:f8:00:17:2e:72:ac:b4:a9:dd:9b:24:8a:de:86:75:4e:
98:1d:fa:03:d4:f6:b3:c6:bb:93:5f:bf:56:38:96:11:2f:30:
cf:1e:f0:03:dc:dc:e2:3e:06:96:fe:7a:1f:bb:32:e0:39:36:
5e:8a:e4:2e:ba:af:9a:e2:0c:0c:22:b2:36:a9:91:33:c1:11:
d1:a4:9a:7b:c9:ee:30:e7:39:9a:67:30:f7:0d:7b:9c:23:d7:
83:ce:f4:cb:c8:18:f7:aa:f3:ee:91:49:b7:c2:40:9b:8f:e5:
81:34:fa:69
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICMRkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI0NTQxMTAvBgNVBAUTKEFCNjI2MkJDN0QwMkVDMUFENDhCNzFEQTk4QjczRDIy
QTM2MkRBRjAwHhcNMjExMTE2MDI0MDMzWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTkzMWEyMC01OGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv71H+Tu+xR+rA/ti419DTNibSvAQ5jp0+ruJ8GMYp4EmAj6TDiK7b6rNFFLF
GFt2HFCjxDMK3vXXNalVu2lDyF4ZNyvJbjWASxoQqAHTeomCrlBQcdBSlxpiiP+9
8TYsJFbu65H6vaxFNYoQOSy2xlHJJqkaNu2PMqgzGo4zExSQ+r8a78K29j3aWi5W
K1FzdbQopheR1vWx8k+Yv5PJKeoMzzikHg9eZsVAkLDuluQpQYREUAoMOj1F3UCI
WTx2Azma1QnrqKKmKwKQBq/wOustrVjm3bddE2L/lpehVecP4ySfytmqauZUsbKj
2KOJEPA9XpN5w/q3TNb5PufThQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFCUVsI7U
FDUtiaEBPMAqjD9ZKwbjMB8GA1UdIwQYMBaAFKtiYrx9Auwa1Itx2pi3PSKjYtrw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjQ1NC9ENEMzMEI0MjFE
ODcxMUUyQTE5ODIyRTAwOEIwMkNEMi9xMkppdkgwQzdCclVpM0hhbUxjOUlxTmky
dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3EySml2SDBDN0JyVWkzSGFtTGM5SXFOaTJ2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI0NTQvRDRDMzBCNDIxRDg3MTFFMkExOTgyMkUwMDhCMDJDRDIvMTBCOTlCOUEz
MjZDMTFFQ0E3N0U4MzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAJvfWwDBAJvfXgDBAB4HUMDBAF4HUYDBAB4HVEDBAB4HVMD
BAB4HV0DBAJ4HWgDBAB4HXADBAB4HXUwDQYJKoZIhvcNAQELBQADggEBAExMsEZw
r5VQmT5NwaAXlu4w92a6OPokbSc20besOwY0WotFZAkViAmwgGkM5MkUQscaaCQe
LAUySeifI4FORPBYNSsNKwOnLsmX1XRtMsZno5L8s2YytJD/kb0xm29zMxzDba5b
yLzJPrLsTMPvmZ2+jbGEnt0AOiWKS1c1+0bh6UVaqppyg9Ixb5vcsKc4lgl3+AAX
LnKstKndmySK3oZ1Tpgd+gPU9rPGu5Nfv1Y4lhEvMM8e8APc3OI+Bpb+eh+7MuA5
Nl6K5C66r5riDAwisjapkTPBEdGkmnvJ7jDnOZpnMPcNe5wj14PO9MvIGPeq8+6R
SbfCQJuP5YE0+mk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:49 2025 by rpki-client