Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/AE7C955253C111EFBD15F70BC4F9AE02.roa
File: AE7C955253C111EFBD15F70BC4F9AE02.roa (raw, json)
Hash identifier: ungHHdJDMHOTD5u1dUgCEWFzwE1oVLy129JazXtrTX4=
Subject key identifier: 1B:52:F6:1E:72:ED:1E:29:10:4C:FD:1C:59:45:16:9F:72:73:56:2B
Certificate issuer: /CN=A917452D/serialNumber=E4AE80372A867987BB2A0ABBE110AB804370D5E3
Certificate serial: 0228
Authority key identifier: E4:AE:80:37:2A:86:79:87:BB:2A:0A:BB:E1:10:AB:80:43:70:D5:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5K6ANyqGeYe7Kgq74RCrgENw1eM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/AE7C955253C111EFBD15F70BC4F9AE02.roa
Signing time: Tue 06 Aug 2024 07:01:19 +0000
ROA not before: Tue 06 Aug 2024 07:01:19 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 3758
IP address blocks: 202.166.0.0/17 maxlen: 24
202.166.128.0/19 maxlen: 19
2400:d800::/30 maxlen: 30
2400:d800::/31 maxlen: 31
2400:d800::/32 maxlen: 32
2400:d800:10::/48 maxlen: 48
2400:d801::/32 maxlen: 32
2400:d801:3f00::/40 maxlen: 40
2400:d801:9000::/36 maxlen: 44
2400:d801:a000::/36 maxlen: 44
2400:d802::/31 maxlen: 31
2400:d802::/32 maxlen: 32
2400:d802:500::/40 maxlen: 44
2400:d802:800::/40 maxlen: 44
2400:d802:2100::/40 maxlen: 44
2400:d802:2300::/40 maxlen: 44
2400:d802:2410::/45 maxlen: 48
2400:d802:2418::/45 maxlen: 48
2400:d802:2480::/42 maxlen: 48
2400:d802:24c0::/42 maxlen: 48
2400:d802:2600::/40 maxlen: 44
2400:d802:2900::/40 maxlen: 44
2400:d802:2a00::/40 maxlen: 44
2400:d802:2d00::/40 maxlen: 44
2400:d802:3010::/44 maxlen: 44
2400:d802:3080::/41 maxlen: 41
2400:d802:3110::/44 maxlen: 44
2400:d802:3180::/41 maxlen: 41
2400:d802:3210::/44 maxlen: 44
2400:d802:3280::/41 maxlen: 41
2400:d802:3310::/44 maxlen: 44
2400:d802:3380::/41 maxlen: 41
2400:d802:3410::/44 maxlen: 44
2400:d802:3480::/41 maxlen: 41
2400:d802:3510::/44 maxlen: 44
2400:d802:3580::/41 maxlen: 41
2400:d802:3610::/44 maxlen: 44
2400:d802:3680::/41 maxlen: 41
2400:d802:3710::/44 maxlen: 44
2400:d802:3780::/41 maxlen: 41
2400:d802:3810::/44 maxlen: 44
2400:d802:3880::/41 maxlen: 41
2400:d802:3910::/44 maxlen: 44
2400:d802:3980::/41 maxlen: 41
2400:d802:3a10::/44 maxlen: 44
2400:d802:3a80::/41 maxlen: 41
2400:d802:3b10::/44 maxlen: 44
2400:d802:3b80::/41 maxlen: 41
2400:d802:3c10::/44 maxlen: 44
2400:d802:3c80::/41 maxlen: 41
2400:d802:3d10::/44 maxlen: 44
2400:d802:3d80::/41 maxlen: 41
2400:d802:3e10::/44 maxlen: 44
2400:d802:3e80::/41 maxlen: 41
2400:d802:3f10::/44 maxlen: 44
2400:d802:3f80::/41 maxlen: 41
2400:d802:4110::/44 maxlen: 44
2400:d802:4180::/41 maxlen: 41
2400:d802:4210::/44 maxlen: 44
2400:d802:4280::/41 maxlen: 41
2400:d802:4310::/44 maxlen: 44
2400:d802:4380::/41 maxlen: 41
2400:d802:4410::/44 maxlen: 44
2400:d802:4480::/41 maxlen: 41
2400:d802:4510::/44 maxlen: 44
2400:d802:4580::/41 maxlen: 41
2400:d802:4610::/44 maxlen: 44
2400:d802:4680::/41 maxlen: 41
2400:d802:4710::/44 maxlen: 44
2400:d802:4780::/41 maxlen: 41
2400:d802:4810::/44 maxlen: 44
2400:d802:4880::/41 maxlen: 41
2400:d802:4910::/44 maxlen: 44
2400:d802:4980::/41 maxlen: 41
2400:d802:4a10::/44 maxlen: 44
2400:d802:4a80::/41 maxlen: 41
2400:d802:4b10::/44 maxlen: 44
2400:d802:4b80::/41 maxlen: 41
2400:d802:4c10::/44 maxlen: 44
2400:d802:4c80::/41 maxlen: 41
2400:d802:4d10::/44 maxlen: 44
2400:d802:4d80::/41 maxlen: 41
2400:d802:4e10::/44 maxlen: 44
2400:d802:4e80::/41 maxlen: 41
2400:d802:4f10::/44 maxlen: 44
2400:d802:4f80::/41 maxlen: 41
2400:d802:9d00::/40 maxlen: 44
2400:d802:9f00::/40 maxlen: 44
2400:d802:a000::/36 maxlen: 44
2400:d803::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 552 (0x228)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917452D, serialNumber=E4AE80372A867987BB2A0ABBE110AB804370D5E3
Validity
Not Before: Aug 6 07:01:19 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66b1ca3f-d09a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ed:e6:0d:96:03:3a:19:9b:97:fa:89:2c:77:
87:db:2d:15:51:78:d2:49:8c:92:fc:48:df:90:16:
42:13:4e:5e:77:7f:62:d9:96:ef:6b:8f:1b:ed:6c:
6c:49:5e:e5:46:eb:96:8d:0b:54:dd:41:2f:10:da:
64:b8:69:b8:ab:3d:33:9f:44:f9:70:94:28:11:2e:
67:ad:66:1e:79:b8:a5:c3:50:72:e0:c7:d2:7c:61:
59:df:b0:02:b0:2d:30:8b:1f:cb:3d:a0:e9:54:60:
48:9c:3c:a2:ad:ec:26:13:98:e0:63:15:8f:e4:ab:
71:d3:ed:b9:ff:26:43:de:c3:37:ec:48:d6:d1:08:
5e:08:53:2d:94:f2:2f:0c:2c:2c:1c:0b:2a:67:8e:
82:94:04:9b:8d:8c:7b:c7:53:c8:f4:04:ea:f4:1f:
ce:27:3e:a7:6f:ff:ea:72:21:18:ad:e5:4d:b7:43:
9e:99:5d:4f:12:af:31:a6:f0:8c:ef:55:77:0d:cf:
8b:00:04:dd:6a:c3:66:e0:bf:e6:05:6b:57:49:8f:
e8:a1:8f:95:c6:2d:e0:5c:05:c5:84:d2:05:41:66:
8d:e3:c3:73:ac:5b:ce:80:8c:3b:b0:65:a2:bb:48:
ee:21:e5:d1:05:45:1d:33:0c:e6:72:bc:5e:c6:6e:
0c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:52:F6:1E:72:ED:1E:29:10:4C:FD:1C:59:45:16:9F:72:73:56:2B
X509v3 Authority Key Identifier:
keyid:E4:AE:80:37:2A:86:79:87:BB:2A:0A:BB:E1:10:AB:80:43:70:D5:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/5K6ANyqGeYe7Kgq74RCrgENw1eM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5K6ANyqGeYe7Kgq74RCrgENw1eM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917452D/AA42171E276811ED9A221730C4F9AE02/AE7C955253C111EFBD15F70BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.166.0.0-202.166.159.255
IPv6:
2400:d800::/30
Signature Algorithm: sha256WithRSAEncryption
4b:2c:e4:38:a5:5f:95:ae:a3:c0:1c:e3:04:f6:2a:fb:8e:c5:
67:d9:9a:d7:d1:86:5e:e0:e2:b3:d1:f1:27:c2:47:d1:52:4f:
78:61:b1:ae:77:a6:c7:00:71:d8:ad:05:00:6a:db:45:7d:37:
8a:06:2f:67:28:88:57:a7:64:c1:33:6c:06:97:7f:80:ed:b4:
ca:91:53:59:ad:30:f1:93:15:03:c5:5d:6a:95:6b:fb:a8:af:
f4:ff:8b:35:06:34:e6:f3:a1:b8:33:e2:ce:68:38:4d:63:22:
6e:3a:a7:01:18:07:60:c6:cb:d9:3a:00:b6:f1:eb:5f:88:46:
16:80:f8:67:72:7c:c9:96:b2:02:e9:2e:55:80:fc:fd:c5:02:
a4:ee:ae:0f:6c:19:81:bd:4c:3d:71:00:92:e9:b5:cd:ea:a7:
57:05:ac:08:b6:57:43:c0:83:54:ee:08:08:51:4d:1c:a2:28:
75:bd:3a:ad:de:f0:e3:5a:81:ef:a0:b0:39:aa:e2:c3:c2:3c:
ed:f0:26:d5:11:e3:98:a6:a7:79:8d:81:f2:7f:c4:af:30:a0:
89:c4:35:c7:4d:67:65:15:f7:21:4f:43:38:1b:16:8d:da:ec:
6e:59:0c:94:14:a7:1a:95:98:c2:eb:1b:c2:08:55:7f:fa:6f:
68:18:66:a2
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ1MkQxMTAvBgNVBAUTKEU0QUU4MDM3MkE4Njc5ODdCQjJBMEFCQkUxMTBBQjgw
NDM3MEQ1RTMwHhcNMjQwODA2MDcwMTE5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIxY2EzZi1kMDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzO3mDZYDOhmbl/qJLHeH2y0VUXjSSYyS/EjfkBZCE05ed39i2Zbva48b7Wxs
SV7lRuuWjQtU3UEvENpkuGm4qz0zn0T5cJQoES5nrWYeebilw1By4MfSfGFZ37AC
sC0wix/LPaDpVGBInDyirewmE5jgYxWP5Ktx0+25/yZD3sM37EjW0QheCFMtlPIv
DCwsHAsqZ46ClASbjYx7x1PI9ATq9B/OJz6nb//qciEYreVNt0OemV1PEq8xpvCM
71V3Dc+LAATdasNm4L/mBWtXSY/ooY+Vxi3gXAXFhNIFQWaN48NzrFvOgIw7sGWi
u0juIeXRBUUdMwzmcrxexm4M1QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFBtS9h5y
7R4pEEz9HFlFFp9yc1YrMB8GA1UdIwQYMBaAFOSugDcqhnmHuyoKu+EQq4BDcNXj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDUyRC9BQTQyMTcxRTI3
NjgxMUVEOUEyMjE3MzBDNEY5QUUwMi81SzZBTnlxR2VZZTdLZ3E3NFJDcmdFTncx
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVLNkFOeXFHZVllN0tncTc0UkNyZ0VOdzFlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ1MkQvQUE0MjE3MUUyNzY4MTFFRDlBMjIxNzMwQzRGOUFFMDIvQUU3Qzk1NTI1
M0MxMTFFRkJEMTVGNzBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBMEAgABMA0wCwMDAcqmAwQFyqaAMA0EAgACMAcDBQIkANgAMA0GCSqGSIb3
DQEBCwUAA4IBAQBLLOQ4pV+VrqPAHOME9ir7jsVn2ZrX0YZe4OKz0fEnwkfRUk94
YbGud6bHAHHYrQUAattFfTeKBi9nKIhXp2TBM2wGl3+A7bTKkVNZrTDxkxUDxV1q
lWv7qK/0/4s1BjTm86G4M+LOaDhNYyJuOqcBGAdgxsvZOgC28etfiEYWgPhncnzJ
lrIC6S5VgPz9xQKk7q4PbBmBvUw9cQCS6bXN6qdXBawItldDwINU7ggIUU0coih1
vTqt3vDjWoHvoLA5quLDwjzt8CbVEeOYpqd5jYHyf8SvMKCJxDXHTWdlFfchT0M4
GxaN2uxuWQyUFKcalZjC6xvCCFV/+m9oGGai
-----END CERTIFICATE-----
Generated at Fri Jun 20 08:18:40 2025 by rpki-client