Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/C4DFC25ACC0811EF89B82F24C4F9AE02.roa
File: C4DFC25ACC0811EF89B82F24C4F9AE02.roa (raw, json)
Hash identifier: hsERdaE7rz2YiyRfcK7VXHv9JaHUOA4y2gU+qlRkUI8=
Subject key identifier: B9:43:F8:E2:74:39:C6:90:87:EB:0B:68:B1:08:77:40:D4:10:91:62
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 182C
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/C4DFC25ACC0811EF89B82F24C4F9AE02.roa
Signing time: Wed 29 Jan 2025 07:03:53 +0000
ROA not before: Wed 29 Jan 2025 07:03:53 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 17911
IP address blocks: 122.129.64.0/24 maxlen: 24
122.129.66.0/24 maxlen: 24
122.129.69.0/24 maxlen: 24
122.129.72.0/24 maxlen: 24
122.129.73.0/24 maxlen: 24
122.129.74.0/24 maxlen: 24
122.129.75.0/24 maxlen: 24
122.129.76.0/24 maxlen: 24
122.129.77.0/24 maxlen: 24
122.129.78.0/24 maxlen: 24
122.129.79.0/24 maxlen: 24
122.129.80.0/24 maxlen: 24
122.129.81.0/24 maxlen: 24
122.129.82.0/24 maxlen: 24
122.129.84.0/24 maxlen: 24
122.129.85.0/24 maxlen: 24
122.129.89.0/24 maxlen: 24
122.129.90.0/24 maxlen: 24
122.129.91.0/24 maxlen: 24
122.129.92.0/24 maxlen: 24
122.129.93.0/24 maxlen: 24
122.129.94.0/24 maxlen: 24
203.128.0.0/24 maxlen: 24
203.128.1.0/24 maxlen: 24
203.128.3.0/24 maxlen: 24
203.128.4.0/24 maxlen: 24
203.128.5.0/24 maxlen: 24
203.128.6.0/24 maxlen: 24
203.128.7.0/24 maxlen: 24
203.128.8.0/24 maxlen: 24
203.128.9.0/24 maxlen: 24
203.128.10.0/24 maxlen: 24
203.128.11.0/24 maxlen: 24
203.128.12.0/24 maxlen: 24
203.128.13.0/24 maxlen: 24
203.128.14.0/24 maxlen: 24
203.128.15.0/24 maxlen: 24
203.128.16.0/24 maxlen: 24
203.128.17.0/24 maxlen: 24
203.128.18.0/24 maxlen: 24
203.128.19.0/24 maxlen: 24
203.128.21.0/24 maxlen: 24
203.128.22.0/24 maxlen: 24
203.128.25.0/24 maxlen: 24
203.128.26.0/24 maxlen: 24
203.128.27.0/24 maxlen: 24
203.128.28.0/24 maxlen: 24
203.128.29.0/24 maxlen: 24
203.128.30.0/24 maxlen: 24
203.128.31.0/24 maxlen: 24
2400:4f00::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6188 (0x182c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49, serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: Jan 29 07:03:53 2025 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=6799d2d8-8892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4c:3b:98:28:0e:5d:c6:fa:51:6b:3d:ed:02:
f7:ea:2e:16:6f:f8:03:fb:18:28:a3:d3:70:be:b1:
ef:c3:1e:f1:c7:76:ac:6c:b1:80:37:f6:f8:99:e7:
8b:d4:ba:9c:7d:f3:b2:64:10:c4:f4:14:f5:24:fd:
4a:d4:04:c7:7e:d0:02:55:c7:33:4c:e8:1d:ef:8f:
6b:ea:ce:bd:63:06:26:bc:0d:d8:71:3b:63:65:0c:
57:aa:52:02:e4:9c:94:2b:57:45:01:38:a5:c1:9d:
85:0c:39:f7:31:f6:51:0f:bb:f7:a9:8b:5d:8f:ff:
38:22:f2:05:5e:cb:66:fe:75:09:9c:e9:de:6e:2a:
cc:aa:c6:13:e2:d4:58:3a:e5:62:ef:1c:61:7a:34:
00:6c:78:46:c2:dc:3d:dc:fe:fd:19:44:fa:cd:50:
66:95:16:26:d4:9b:f2:95:bb:07:b2:07:d3:32:79:
ae:ef:65:9f:c3:d5:34:c9:b1:3f:20:fc:9d:3b:aa:
45:af:b4:6a:e4:b8:39:e6:1f:a4:4d:37:be:7c:ec:
ca:4d:a5:a8:48:3c:0a:bf:45:bf:64:f5:05:e3:fc:
a8:20:d4:24:a9:f6:f5:24:32:85:67:94:69:38:4f:
90:35:2d:7f:4a:74:b4:c2:52:b9:24:9c:f2:13:30:
44:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:43:F8:E2:74:39:C6:90:87:EB:0B:68:B1:08:77:40:D4:10:91:62
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/C4DFC25ACC0811EF89B82F24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.129.64.0/24
122.129.66.0/24
122.129.69.0/24
122.129.72.0-122.129.82.255
122.129.84.0/23
122.129.89.0-122.129.94.255
203.128.0.0/23
203.128.3.0-203.128.19.255
203.128.21.0-203.128.22.255
203.128.25.0-203.128.31.255
IPv6:
2400:4f00::/36
Signature Algorithm: sha256WithRSAEncryption
10:14:f4:a5:d9:69:b9:78:88:c3:a7:57:7c:b9:cf:64:cb:bc:
fd:31:27:4c:bb:9c:0c:d7:9c:df:91:f8:cd:9d:e1:0d:39:5b:
62:4c:c7:4f:08:8a:58:ee:d2:b6:bf:ae:09:6f:62:67:1d:8a:
50:f9:ba:8c:dc:8c:12:f1:e1:7b:89:d9:5e:12:47:90:c4:bd:
07:a1:30:22:5d:ac:64:54:07:57:39:24:54:92:74:47:ac:63:
48:ba:f7:bc:b6:c4:5c:46:48:b6:f3:41:8f:63:47:6a:a1:63:
f3:7e:01:5c:2b:a9:03:db:63:e7:ff:9c:5a:36:6d:12:58:ef:
33:9a:a9:08:6a:2a:6e:3e:f6:81:f2:1d:52:1a:8a:26:85:b0:
03:4d:f9:af:2f:f5:f3:62:53:5c:66:30:d5:09:ad:a7:a1:96:
f4:a1:7a:64:6e:d7:36:2b:a2:50:34:de:dd:db:bd:5b:8a:fe:
0b:4e:d0:6f:9a:2b:36:d4:bd:a5:a6:50:03:be:27:8a:0a:2b:
a7:cc:52:33:2f:88:7a:22:cb:2c:30:4e:3e:b6:13:ec:6e:62:
7e:ec:37:9e:a3:73:7d:61:32:6f:eb:53:a3:72:e6:40:a4:23:
7f:dc:b2:f1:6a:f7:6c:69:f9:4a:66:eb:38:95:45:f5:b6:40:
a5:15:de:8a
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgICGCwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjUwMTI5MDcwMzUzWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5ZDJkOC04ODkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Uw7mCgOXcb6UWs97QL36i4Wb/gD+xgoo9NwvrHvwx7xx3asbLGAN/b4meeL
1LqcffOyZBDE9BT1JP1K1ATHftACVcczTOgd749r6s69YwYmvA3YcTtjZQxXqlIC
5JyUK1dFATilwZ2FDDn3MfZRD7v3qYtdj/84IvIFXstm/nUJnOnebirMqsYT4tRY
OuVi7xxhejQAbHhGwtw93P79GUT6zVBmlRYm1JvylbsHsgfTMnmu72Wfw9U0ybE/
IPydO6pFr7Rq5Lg55h+kTTe+fOzKTaWoSDwKv0W/ZPUF4/yoINQkqfb1JDKFZ5Rp
OE+QNS1/SnS0wlK5JJzyEzBEWQIDAQABo4IDBDCCAwAwHQYDVR0OBBYEFLlD+OJ0
OcaQh+sLaLEId0DUEJFiMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvQzRERkMyNUFD
QzA4MTFFRjg5QjgyRjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY0GCCsGAQUFBwEHAQH/
BH4wfDBqBAIAATBkAwQAeoFAAwQAeoFCAwQAeoFFMAwDBAN6gUgDBAB6gVIDBAF6
gVQwDAMEAHqBWQMEAHqBXgMEAcuAADAMAwQAy4ADAwQCy4AQMAwDBADLgBUDBADL
gBYwDAMEAMuAGQMEBcuAADAOBAIAAjAIAwYEJABPAAAwDQYJKoZIhvcNAQELBQAD
ggEBABAU9KXZabl4iMOnV3y5z2TLvP0xJ0y7nAzXnN+R+M2d4Q05W2JMx08Iilju
0ra/rglvYmcdilD5uozcjBLx4XuJ2V4SR5DEvQehMCJdrGRUB1c5JFSSdEesY0i6
97y2xFxGSLbzQY9jR2qhY/N+AVwrqQPbY+f/nFo2bRJY7zOaqQhqKm4+9oHyHVIa
iiaFsANN+a8v9fNiU1xmMNUJraehlvShemRu1zYrolA03t3bvVuK/gtO0G+aKzbU
vaWmUAO+J4oKK6fMUjMviHoiyywwTj62E+xuYn7sN56jc31hMm/rU6Ny5kCkI3/c
svFq92xp+Upm6ziVRfW2QKUV3oo=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:41:40 2025 by rpki-client