Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/CD92D55E1FD911EEB1CFDF56C4F9AE02.roa
File: CD92D55E1FD911EEB1CFDF56C4F9AE02.roa (raw, json)
Hash identifier: 0QrfP5Jnbmthh9pfZoo51s9RB8cZQyEfkFZynih35yg=
Subject key identifier: B9:06:06:F7:F7:0A:C3:F3:54:54:59:19:79:40:6A:3C:42:0C:48:9E
Certificate issuer: /CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Certificate serial: 0725
Authority key identifier: 6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/CD92D55E1FD911EEB1CFDF56C4F9AE02.roa
Signing time: Thu 02 Nov 2023 06:05:02 +0000
ROA not before: Thu 02 Nov 2023 06:05:02 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 9738
IP address blocks: 61.14.96.0/19 maxlen: 19
61.14.96.0/23 maxlen: 23
61.14.98.0/23 maxlen: 24
61.14.100.0/24 maxlen: 24
61.14.101.0/24 maxlen: 24
61.14.102.0/23 maxlen: 24
61.14.104.0/24 maxlen: 24
61.14.105.0/24 maxlen: 24
61.14.106.0/24 maxlen: 24
61.14.107.0/24 maxlen: 24
61.14.108.0/24 maxlen: 24
61.14.109.0/24 maxlen: 24
61.14.112.0/24 maxlen: 24
61.14.113.0/24 maxlen: 24
61.14.114.0/24 maxlen: 24
61.14.115.0/24 maxlen: 24
61.14.116.0/24 maxlen: 24
61.14.117.0/24 maxlen: 24
61.14.118.0/24 maxlen: 24
61.14.119.0/24 maxlen: 24
61.14.121.0/24 maxlen: 24
61.14.123.0/24 maxlen: 24
61.14.127.0/24 maxlen: 24
103.28.196.0/23 maxlen: 23
103.28.198.0/23 maxlen: 23
202.148.224.0/21 maxlen: 21
202.148.232.0/24 maxlen: 24
202.148.233.0/24 maxlen: 24
202.148.234.0/23 maxlen: 23
202.148.236.0/22 maxlen: 22
202.148.236.0/23 maxlen: 24
202.148.238.0/24 maxlen: 24
202.148.239.0/24 maxlen: 24
203.19.157.0/24 maxlen: 24
210.18.192.0/22 maxlen: 24
210.18.196.0/24 maxlen: 24
210.18.197.0/24 maxlen: 24
210.18.198.0/24 maxlen: 24
210.18.199.0/24 maxlen: 24
210.18.200.0/24 maxlen: 24
210.18.201.0/24 maxlen: 24
210.18.202.0/23 maxlen: 23
210.18.202.0/24 maxlen: 24
210.18.203.0/24 maxlen: 24
210.18.204.0/22 maxlen: 22
210.18.208.0/20 maxlen: 21
210.18.208.0/23 maxlen: 24
210.18.210.0/23 maxlen: 24
210.18.212.0/23 maxlen: 24
210.18.214.0/23 maxlen: 24
210.18.216.0/21 maxlen: 24
210.18.224.0/20 maxlen: 20
210.18.224.0/21 maxlen: 21
210.18.232.0/24 maxlen: 24
210.18.233.0/24 maxlen: 24
210.18.234.0/23 maxlen: 23
210.18.236.0/22 maxlen: 22
210.18.236.0/24 maxlen: 24
210.18.237.0/24 maxlen: 24
210.18.240.0/24 maxlen: 24
210.18.241.0/24 maxlen: 24
210.18.242.0/24 maxlen: 24
210.18.243.0/24 maxlen: 24
210.18.244.0/22 maxlen: 22
210.18.248.0/23 maxlen: 23
210.18.250.0/23 maxlen: 23
210.18.251.0/24 maxlen: 24
210.18.252.0/24 maxlen: 24
210.18.253.0/24 maxlen: 24
210.18.254.0/24 maxlen: 24
210.18.255.0/24 maxlen: 24
2403:c800::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1829 (0x725)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C627, serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Validity
Not Before: Nov 2 06:05:02 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=65433c0e-671f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c5:7f:90:32:bc:38:05:99:fd:d0:74:42:3e:
48:0b:11:55:b5:47:45:05:de:1e:c0:df:13:6e:49:
96:d3:b0:d1:e6:ff:d6:68:de:24:63:a5:0e:62:ba:
81:a4:8b:3c:53:e3:8e:3d:09:d5:77:3a:4f:32:0d:
a0:dd:e4:33:50:4c:62:60:70:e9:62:f1:35:01:fd:
e0:b1:a0:d5:a0:67:33:59:cd:52:cb:07:9f:cf:4a:
ee:d0:4d:80:7e:f0:e8:04:66:28:91:bd:3f:8d:69:
e5:1e:bc:72:02:32:33:a2:05:ec:d1:b8:3b:cf:84:
91:df:91:97:08:ac:6b:b0:20:ce:95:db:45:9f:21:
18:36:65:70:a5:b1:73:92:eb:a0:18:82:92:ed:f5:
8f:9c:20:58:ae:f3:4a:27:45:a4:c8:d3:ee:f4:67:
44:7c:b7:34:ba:fa:d5:f7:1a:a3:ab:09:50:85:92:
a7:68:39:4f:c1:a9:f7:1a:71:1c:be:a8:85:42:ef:
77:62:c6:de:0a:99:3e:6b:a8:0e:8b:e6:34:f4:01:
e3:c3:29:f5:b7:c5:a1:a0:12:a1:17:c0:a2:04:38:
e4:f5:f9:d7:fd:86:fb:bb:77:ed:bd:dd:84:df:79:
15:04:ec:33:86:1e:48:ca:2b:ae:93:87:27:bc:50:
8f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:06:06:F7:F7:0A:C3:F3:54:54:59:19:79:40:6A:3C:42:0C:48:9E
X509v3 Authority Key Identifier:
keyid:6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/CD92D55E1FD911EEB1CFDF56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.14.96.0/19
103.28.196.0/22
202.148.224.0/20
203.19.157.0/24
210.18.192.0/18
IPv6:
2403:c800::/32
Signature Algorithm: sha256WithRSAEncryption
8a:27:b1:26:29:60:5a:d4:5d:7f:15:8c:34:e6:30:8a:7c:77:
5c:cd:06:f6:80:27:0d:65:7c:eb:66:36:9b:27:ba:b5:b3:42:
4f:73:cf:d5:05:0d:bd:f7:6e:ff:3c:7a:43:91:73:47:03:42:
12:e6:71:dd:03:c6:d1:14:f3:95:0f:b9:10:af:e5:35:84:c5:
08:34:ab:c9:67:f1:d9:1d:ec:99:8e:e4:9e:76:b2:2a:9e:c6:
81:df:eb:70:4c:88:4e:7d:41:14:d2:0d:2d:12:f7:fa:87:33:
e5:b0:b6:59:66:f4:f1:92:9c:dc:2c:8c:2f:08:a2:d5:f0:e5:
ef:c8:dc:48:76:c9:08:58:3e:44:ad:72:0a:20:ef:08:26:27:
36:80:4f:ae:a4:13:76:74:40:23:9a:57:d8:d1:20:83:ba:5a:
1a:2c:88:24:b3:78:04:06:05:bd:99:b8:bf:95:5f:8c:ae:2c:
ee:bc:f5:0d:8d:47:31:b1:27:3c:77:50:11:35:d0:63:80:62:
77:58:ba:9a:92:c2:b2:59:42:e4:70:c9:65:02:30:10:ab:ae:
df:ba:5d:50:74:8c:ad:24:7a:f5:0f:9a:f0:b5:72:00:b2:6d:
63:ca:5a:48:86:39:13:da:9f:af:1d:14:8c:f6:da:2e:37:96:
3e:09:a8:19
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICByUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M2MjcxMTAvBgNVBAUTKDZGRkE1REIxNTlENDBBM0ExNzJEQkM3NEY1QzMyQjU1
NTE3OTc5QUYwHhcNMjMxMTAyMDYwNTAyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQzM2MwZS02NzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtcV/kDK8OAWZ/dB0Qj5ICxFVtUdFBd4ewN8TbkmW07DR5v/WaN4kY6UOYrqB
pIs8U+OOPQnVdzpPMg2g3eQzUExiYHDpYvE1Af3gsaDVoGczWc1Sywefz0ru0E2A
fvDoBGYokb0/jWnlHrxyAjIzogXs0bg7z4SR35GXCKxrsCDOldtFnyEYNmVwpbFz
kuugGIKS7fWPnCBYrvNKJ0WkyNPu9GdEfLc0uvrV9xqjqwlQhZKnaDlPwan3GnEc
vqiFQu93YsbeCpk+a6gOi+Y09AHjwyn1t8WhoBKhF8CiBDjk9fnX/Yb7u3ftvd2E
33kVBOwzhh5Iyiuuk4cnvFCPiwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFLkGBvf3
CsPzVFRZGXlAajxCDEieMB8GA1UdIwQYMBaAFG/6XbFZ1Ao6Fy28dPXDK1VReXmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzYyNy9DMjY1QzFBNEQw
N0QxMUVBODYwMDk4NkRDNEY5QUUwMi9iX3Bkc1ZuVUNqb1hMYngwOWNNclZWRjVl
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfcGRzVm5VQ2pvWExieDA5Y01yVlZGNWVhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M2MjcvQzI2NUMxQTREMDdEMTFFQTg2MDA5ODZEQzRGOUFFMDIvQ0Q5MkQ1NUUx
RkQ5MTFFRUIxQ0ZERjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAU9DmADBAJnHMQDBATKlOADBADLE50DBAbSEsAwDQQCAAIw
BwMFACQDyAAwDQYJKoZIhvcNAQELBQADggEBAIonsSYpYFrUXX8VjDTmMIp8d1zN
BvaAJw1lfOtmNpsnurWzQk9zz9UFDb33bv88ekORc0cDQhLmcd0DxtEU85UPuRCv
5TWExQg0q8ln8dkd7JmO5J52siqexoHf63BMiE59QRTSDS0S9/qHM+Wwtllm9PGS
nNwsjC8IotXw5e/I3Eh2yQhYPkStcgog7wgmJzaAT66kE3Z0QCOaV9jRIIO6Whos
iCSzeAQGBb2ZuL+VX4yuLO689Q2NRzGxJzx3UBE10GOAYndYupqSwrJZQuRwyWUC
MBCrrt+6XVB0jK0kevUPmvC1cgCybWPKWkiGORPan68dFIz22i43lj4JqBk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:08:36 2025 by rpki-client