Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/E0002522E65311EC8BCB3B14C4F9AE02.roa
File: E0002522E65311EC8BCB3B14C4F9AE02.roa (raw, json)
Hash identifier: gdBF6TZUTLd0r7HBrYQzp5XF21i2EJ4Sr9vGBRI+F08=
Subject key identifier: 78:E7:A4:94:E7:00:30:D2:3C:E0:BC:73:D2:D9:E4:AD:B1:82:68:43
Certificate issuer: /CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Certificate serial: 21AA
Authority key identifier: 11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/E0002522E65311EC8BCB3B14C4F9AE02.roa
Signing time: Tue 07 Jun 2022 11:20:46 +0000
ROA not before: Tue 07 Jun 2022 11:20:46 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 13335
IP address blocks: 96.9.64.0/24 maxlen: 24
96.9.65.0/24 maxlen: 24
96.9.66.0/24 maxlen: 24
96.9.67.0/24 maxlen: 24
96.9.68.0/24 maxlen: 24
96.9.69.0/24 maxlen: 24
96.9.70.0/24 maxlen: 24
96.9.71.0/24 maxlen: 24
96.9.72.0/24 maxlen: 24
96.9.73.0/24 maxlen: 24
96.9.74.0/24 maxlen: 24
96.9.75.0/24 maxlen: 24
96.9.76.0/24 maxlen: 24
96.9.77.0/24 maxlen: 24
96.9.78.0/24 maxlen: 24
96.9.79.0/24 maxlen: 24
96.9.80.0/24 maxlen: 24
96.9.81.0/24 maxlen: 24
96.9.82.0/24 maxlen: 24
96.9.83.0/24 maxlen: 24
96.9.84.0/24 maxlen: 24
96.9.85.0/24 maxlen: 24
96.9.86.0/24 maxlen: 24
96.9.87.0/24 maxlen: 24
96.9.88.0/24 maxlen: 24
96.9.89.0/24 maxlen: 24
96.9.90.0/24 maxlen: 24
96.9.91.0/24 maxlen: 24
96.9.92.0/24 maxlen: 24
96.9.93.0/24 maxlen: 24
96.9.94.0/24 maxlen: 24
96.9.95.0/24 maxlen: 24
136.228.128.0/24 maxlen: 24
136.228.129.0/24 maxlen: 24
136.228.130.0/24 maxlen: 24
136.228.131.0/24 maxlen: 24
136.228.132.0/24 maxlen: 24
136.228.134.0/24 maxlen: 24
136.228.136.0/24 maxlen: 24
136.228.140.0/24 maxlen: 24
136.228.141.0/24 maxlen: 24
136.228.142.0/24 maxlen: 24
136.228.145.0/24 maxlen: 24
136.228.146.0/24 maxlen: 24
136.228.147.0/24 maxlen: 24
136.228.148.0/24 maxlen: 24
136.228.149.0/24 maxlen: 24
136.228.150.0/24 maxlen: 24
136.228.151.0/24 maxlen: 24
136.228.156.0/24 maxlen: 24
136.228.157.0/24 maxlen: 24
136.228.158.0/24 maxlen: 24
136.228.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8618 (0x21aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958
Validity
Not Before: Jun 7 11:20:46 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=629f348d-99b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:05:da:6b:25:9a:59:7f:8e:60:e2:0c:91:59:
59:24:f2:8d:d5:fd:0c:db:29:56:f7:37:9b:40:1c:
e9:6a:05:d5:59:2c:b3:83:e6:57:ed:27:29:aa:74:
fa:82:e1:b2:e8:d5:17:59:54:e5:71:d3:8e:7f:b3:
1a:c5:46:65:ac:34:ce:3e:49:56:69:9a:11:88:d6:
bb:88:17:b1:e1:92:44:d0:35:fd:50:1b:6e:70:d4:
ef:5a:fc:11:c7:78:b1:65:47:9d:71:41:ab:39:92:
5b:d4:15:d9:46:b4:c3:dd:e2:47:08:1d:a4:b4:32:
4b:11:c2:d4:17:48:91:14:42:d3:54:f5:9f:37:83:
27:00:8e:29:81:f8:56:86:e6:21:c7:ab:52:e9:ad:
15:64:7c:13:ff:a8:18:ca:0e:94:74:31:46:dc:8c:
28:b3:33:6e:c7:d4:13:91:b6:62:d1:22:fb:38:62:
4a:a4:f5:11:97:a5:dc:2f:d4:22:6a:cd:6b:63:a9:
00:95:3c:98:73:da:84:d6:d8:eb:43:e7:a0:4b:ff:
1c:a2:95:32:fd:1e:71:da:94:d6:37:4f:ee:8c:c6:
a1:30:1f:15:25:46:f5:32:12:78:31:1b:48:71:28:
92:a7:3e:29:ec:aa:42:27:3f:ad:6f:fe:2e:b2:6c:
e3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E7:A4:94:E7:00:30:D2:3C:E0:BC:73:D2:D9:E4:AD:B1:82:68:43
X509v3 Authority Key Identifier:
keyid:11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/E0002522E65311EC8BCB3B14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
96.9.64.0/19
136.228.128.0-136.228.132.255
136.228.134.0/24
136.228.136.0/24
136.228.140.0-136.228.142.255
136.228.145.0-136.228.151.255
136.228.156.0/22
Signature Algorithm: sha256WithRSAEncryption
70:66:3e:73:aa:ac:8e:a2:49:30:e1:32:cf:d7:8f:e1:28:ad:
2a:ce:a8:38:b3:d0:a1:d7:c8:66:67:cf:b5:2e:41:73:0b:7f:
c0:63:5e:33:ec:c1:a5:5f:54:c5:6c:d0:42:55:22:f6:6c:4b:
53:5e:eb:f8:78:aa:7c:95:e3:7c:51:3a:97:1d:33:8f:4e:2f:
65:bf:65:e5:af:26:1e:f0:7f:fb:9f:76:7a:c1:59:40:45:b1:
f7:32:2b:f8:e7:fa:ea:49:9d:2d:cd:d9:1a:c4:82:73:03:06:
98:31:6d:98:1a:5e:41:7d:ce:8c:8b:88:21:1d:15:03:57:34:
fd:ed:0c:fa:59:89:3a:42:28:46:fe:af:c9:22:3c:d0:03:99:
43:f6:24:84:e3:33:96:35:00:2f:fb:18:90:4c:cc:50:aa:20:
ac:09:63:7f:71:a9:57:69:07:ed:4a:12:27:68:1a:bf:35:06:
2a:4b:37:81:c0:3f:88:9d:f9:1e:9a:29:49:1a:55:22:3f:36:
68:c9:8e:9b:7e:d5:d9:fe:fe:2b:42:6b:a3:9e:cb:8f:cd:a7:
7f:56:b9:69:6e:c0:fa:77:8e:e2:bd:e3:52:8b:60:2f:45:3c:
11:c7:92:42:40:1f:b9:df:91:cf:ca:5c:d1:ce:d2:05:5e:5d:
f7:11:9e:b0
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgICIaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKDExMTAzMTBFMEY4MDQ2NzcwM0Q4NDc3RkIzRUUyNUYx
RDg4ODhFOUUwHhcNMjIwNjA3MTEyMDQ2WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjlmMzQ4ZC05OWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtAXaayWaWX+OYOIMkVlZJPKN1f0M2ylW9zebQBzpagXVWSyzg+ZX7ScpqnT6
guGy6NUXWVTlcdOOf7MaxUZlrDTOPklWaZoRiNa7iBex4ZJE0DX9UBtucNTvWvwR
x3ixZUedcUGrOZJb1BXZRrTD3eJHCB2ktDJLEcLUF0iRFELTVPWfN4MnAI4pgfhW
huYhx6tS6a0VZHwT/6gYyg6UdDFG3IwoszNux9QTkbZi0SL7OGJKpPURl6XcL9Qi
as1rY6kAlTyYc9qE1tjrQ+egS/8copUy/R5x2pTWN0/ujMahMB8VJUb1MhJ4MRtI
cSiSpz4p7KpCJz+tb/4usmzjAQIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFHjnpJTn
ADDSPOC8c9LZ5K2xgmhDMB8GA1UdIwQYMBaAFBEQMQ4PgEZ3A9hHf7PuJfHYiI6e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC9GREVGRDczNjRC
RDYxMUU1QTdDQTMwMzNDNEY5QUUwMi9FUkF4RGctQVJuY0QyRWRfcy00bDhkaUlq
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VSQXhEZy1BUm5jRDJFZF9zLTRsOGRpSWpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvRkRFRkQ3MzY0QkQ2MTFFNUE3Q0EzMDMzQzRGOUFFMDIvRTAwMDI1MjJF
NjUzMTFFQzhCQ0IzQjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E
TDBKMEgEAgABMEIDBAVgCUAwDAMEB4jkgAMEAIjkhAMEAIjkhgMEAIjkiDAMAwQC
iOSMAwQAiOSOMAwDBACI5JEDBAOI5JADBAKI5JwwDQYJKoZIhvcNAQELBQADggEB
AHBmPnOqrI6iSTDhMs/Xj+EorSrOqDiz0KHXyGZnz7UuQXMLf8BjXjPswaVfVMVs
0EJVIvZsS1Ne6/h4qnyV43xROpcdM49OL2W/ZeWvJh7wf/ufdnrBWUBFsfcyK/jn
+upJnS3N2RrEgnMDBpgxbZgaXkF9zoyLiCEdFQNXNP3tDPpZiTpCKEb+r8kiPNAD
mUP2JITjM5Y1AC/7GJBMzFCqIKwJY39xqVdpB+1KEidoGr81BipLN4HAP4id+R6a
KUkaVSI/NmjJjpt+1dn+/itCa6Oey4/Np39WuWluwPp3juK941KLYC9FPBHHkkJA
H7nfkc/KXNHO0gVeXfcRnrA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:50:25 2025 by rpki-client