Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/9F1C802C619111EEBB99750CC4F9AE02.roa
File: 9F1C802C619111EEBB99750CC4F9AE02.roa (raw, json)
Hash identifier: t9oNa6rd0xmbYE6kAMwNHIumUDSER7F+QgVXiBlBAv0=
Subject key identifier: A7:1B:09:D9:D0:EE:B5:64:0E:FD:C7:48:CA:B7:31:62:67:E1:64:E1
Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Certificate serial: 34D7
Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/9F1C802C619111EEBB99750CC4F9AE02.roa
Signing time: Tue 03 Oct 2023 02:08:48 +0000
ROA not before: Tue 03 Oct 2023 02:08:48 +0000
ROA not after: Wed 31 Jan 2024 00:00:00 +0000
asID: 131090
IP address blocks: 61.7.128.0/18 maxlen: 24
103.10.228.0/22 maxlen: 22
103.10.228.0/24 maxlen: 24
103.10.229.0/24 maxlen: 24
103.10.230.0/24 maxlen: 24
103.10.231.0/24 maxlen: 24
110.77.128.0/17 maxlen: 24
110.78.128.0/21 maxlen: 24
110.78.136.0/24 maxlen: 24
110.78.137.0/24 maxlen: 24
110.78.138.0/24 maxlen: 24
110.78.139.0/24 maxlen: 24
110.78.140.0/24 maxlen: 24
110.78.141.0/24 maxlen: 24
110.78.142.0/24 maxlen: 24
110.78.143.0/24 maxlen: 24
110.78.144.0/24 maxlen: 24
110.78.145.0/24 maxlen: 24
110.78.146.0/24 maxlen: 24
110.78.147.0/24 maxlen: 24
110.78.148.0/24 maxlen: 24
110.78.149.0/24 maxlen: 24
110.78.150.0/24 maxlen: 24
110.78.151.0/24 maxlen: 24
110.78.152.0/24 maxlen: 24
110.78.153.0/24 maxlen: 24
110.78.154.0/24 maxlen: 24
110.78.155.0/24 maxlen: 24
110.78.156.0/24 maxlen: 24
110.78.157.0/24 maxlen: 24
110.78.158.0/24 maxlen: 24
110.78.159.0/24 maxlen: 24
110.78.160.0/21 maxlen: 21
110.78.160.0/24 maxlen: 24
110.78.161.0/24 maxlen: 24
110.78.162.0/24 maxlen: 24
110.78.163.0/24 maxlen: 24
110.78.164.0/24 maxlen: 24
110.78.165.0/24 maxlen: 24
110.78.166.0/24 maxlen: 24
110.78.167.0/24 maxlen: 24
110.78.168.0/24 maxlen: 24
110.78.169.0/24 maxlen: 24
110.78.170.0/24 maxlen: 24
110.78.171.0/24 maxlen: 24
110.78.172.0/24 maxlen: 24
110.78.173.0/24 maxlen: 24
110.78.174.0/24 maxlen: 24
110.78.175.0/24 maxlen: 24
110.78.176.0/24 maxlen: 24
110.78.177.0/24 maxlen: 24
110.78.178.0/24 maxlen: 24
110.78.179.0/24 maxlen: 24
110.78.180.0/24 maxlen: 24
110.78.181.0/24 maxlen: 24
110.78.182.0/24 maxlen: 24
110.78.183.0/24 maxlen: 24
110.78.184.0/24 maxlen: 24
110.78.185.0/24 maxlen: 24
110.78.186.0/24 maxlen: 24
110.78.187.0/24 maxlen: 24
110.78.188.0/24 maxlen: 24
110.78.189.0/24 maxlen: 24
110.78.190.0/24 maxlen: 24
110.78.191.0/24 maxlen: 24
116.58.224.0/19 maxlen: 24
119.42.64.0/18 maxlen: 24
2001:c38:b000::/36 maxlen: 36
2001:c38:b010::/47 maxlen: 47
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13527 (0x34d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475, serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Validity
Not Before: Oct 3 02:08:48 2023 GMT
Not After : Jan 31 00:00:00 2024 GMT
Subject: CN=651b77b0-7593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a1:db:bb:96:57:8f:88:b7:8a:99:40:3c:75:
d4:c2:a9:68:b9:77:5b:bc:a2:8f:ee:03:c2:ea:e1:
24:e4:26:e2:40:d7:f3:c0:25:29:55:76:92:3b:b8:
94:89:8d:1e:54:07:5e:b2:3c:8c:a1:dd:8c:56:99:
fd:19:fa:ea:46:85:45:ca:f6:72:6f:8a:b5:9f:ae:
ab:1e:d6:2b:5e:4e:0e:b1:d3:00:78:30:7f:c9:ba:
55:78:41:9a:9d:ac:fe:2b:f8:18:92:21:cf:43:db:
4c:34:73:53:5d:53:66:1e:fd:30:74:b5:90:50:a1:
d9:a8:05:9c:9b:19:0a:60:7b:da:24:f8:5a:db:63:
06:e7:c2:e9:aa:3f:16:cf:97:f2:76:27:94:a5:5a:
35:b4:aa:94:10:cf:6a:e0:c8:c8:ac:c2:d4:9d:31:
ca:36:9b:1a:ee:59:4a:2d:ba:5e:0e:8c:21:87:82:
89:19:80:e1:d3:7f:82:0d:18:70:e3:ab:0f:23:7d:
72:11:80:08:e5:1a:7e:9f:d9:23:27:40:5a:7d:ed:
e8:ba:ac:f7:37:bd:c2:8c:ca:73:39:50:c8:d6:03:
64:6a:df:77:df:23:15:97:85:dd:c7:7f:c2:a8:dc:
a7:db:40:e1:bb:fc:04:fd:e7:8a:be:bd:96:d8:db:
25:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:1B:09:D9:D0:EE:B5:64:0E:FD:C7:48:CA:B7:31:62:67:E1:64:E1
X509v3 Authority Key Identifier:
keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/9F1C802C619111EEBB99750CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.7.128.0/18
103.10.228.0/22
110.77.128.0/17
110.78.128.0/18
116.58.224.0/19
119.42.64.0/18
IPv6:
2001:c38:b000::/36
Signature Algorithm: sha256WithRSAEncryption
21:c3:5d:78:13:13:6e:a2:f7:fc:e1:a3:35:bc:cb:7e:a9:18:
a7:d8:96:2f:78:5a:11:37:25:75:b2:3a:c4:12:2e:82:6d:a1:
46:34:04:8a:44:f8:93:01:a9:45:ef:00:75:6f:8c:5a:8a:33:
52:28:d6:22:0f:30:7f:f6:99:bb:c2:3f:16:4f:a5:40:ee:df:
57:62:53:ec:49:49:01:60:05:2b:aa:d1:76:52:e6:86:c4:f0:
2f:8a:e2:63:2b:47:4c:a9:da:66:0e:1b:0f:f0:12:df:9b:2d:
33:a5:df:f2:3a:aa:c1:ab:ed:89:88:17:7a:df:19:0b:a3:59:
3c:76:79:de:df:8e:64:cb:55:e8:4c:e0:54:71:cb:b7:e4:d5:
b1:c7:a1:1d:10:04:49:e2:3f:32:ed:0c:7b:0a:34:70:0e:ac:
75:1a:f0:1c:da:d4:33:56:9e:70:c3:58:47:3d:1a:f5:72:5f:
9d:3a:b1:66:1c:ed:e5:8f:84:40:70:2f:da:79:4b:9b:c9:25:
5c:18:e3:93:91:14:26:b5:21:3f:42:8d:04:f4:1c:51:4a:45:
fd:26:fb:49:5f:34:42:ad:49:4c:60:7c:b1:25:56:5d:49:2d:
85:05:b0:53:af:00:d8:c6:d9:06:e0:04:b8:53:47:6f:0e:f4:
f8:98:34:22
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICNNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz
M0E4ODc1MEUwHhcNMjMxMDAzMDIwODQ4WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFiNzdiMC03NTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuaHbu5ZXj4i3iplAPHXUwqlouXdbvKKP7gPC6uEk5CbiQNfzwCUpVXaSO7iU
iY0eVAdesjyMod2MVpn9GfrqRoVFyvZyb4q1n66rHtYrXk4OsdMAeDB/ybpVeEGa
naz+K/gYkiHPQ9tMNHNTXVNmHv0wdLWQUKHZqAWcmxkKYHvaJPha22MG58Lpqj8W
z5fydieUpVo1tKqUEM9q4MjIrMLUnTHKNpsa7llKLbpeDowhh4KJGYDh03+CDRhw
46sPI31yEYAI5Rp+n9kjJ0Bafe3ouqz3N73CjMpzOVDI1gNkat933yMVl4Xdx3/C
qNyn20Dhu/wE/eeKvr2W2NslvwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFKcbCdnQ
7rVkDv3HSMq3MWJn4WThMB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE
NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvOUYxQzgwMkM2
MTkxMTFFRUJCOTk3NTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MCoEAgABMCQDBAY9B4ADBAJnCuQDBAduTYADBAZuToADBAV0OuADBAZ3KkAw
DgQCAAIwCAMGBCABDDiwMA0GCSqGSIb3DQEBCwUAA4IBAQAhw114ExNuovf84aM1
vMt+qRin2JYveFoRNyV1sjrEEi6CbaFGNASKRPiTAalF7wB1b4xaijNSKNYiDzB/
9pm7wj8WT6VA7t9XYlPsSUkBYAUrqtF2UuaGxPAviuJjK0dMqdpmDhsP8BLfmy0z
pd/yOqrBq+2JiBd63xkLo1k8dnne345ky1XoTOBUccu35NWxx6EdEARJ4j8y7Qx7
CjRwDqx1GvAc2tQzVp5ww1hHPRr1cl+dOrFmHO3lj4RAcC/aeUubySVcGOOTkRQm
tSE/Qo0E9BxRSkX9JvtJXzRCrUlMYHyxJVZdSS2FBbBTrwDYxtkG4AS4U0dvDvT4
mDQi
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:11:04 2025 by rpki-client