Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/05628716EF5C11EEAD531674C4F9AE02.roa
File: 05628716EF5C11EEAD531674C4F9AE02.roa (raw, json)
Hash identifier: ob/CD1iAOwHtx+B0nhPcaEcJToBbEj31dQ5Ot5Nc1Ks=
Subject key identifier: F6:4E:C6:C7:C3:BF:DE:49:A2:CE:28:60:B9:9B:3D:4E:44:3C:33:75
Certificate issuer: /CN=A918C661/serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Certificate serial: 0975
Authority key identifier: 1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/05628716EF5C11EEAD531674C4F9AE02.roa
Signing time: Sun 31 Mar 2024 12:45:49 +0000
ROA not before: Sun 31 Mar 2024 12:45:49 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 152194
IP address blocks: 1.32.192.0/18 maxlen: 24
14.128.32.0/19 maxlen: 24
27.50.55.0/24 maxlen: 24
27.50.57.0/24 maxlen: 24
27.50.58.0/24 maxlen: 24
27.50.60.0/24 maxlen: 24
27.124.36.0/22 maxlen: 24
27.124.62.0/23 maxlen: 24
118.107.0.0/18 maxlen: 24
180.222.204.0/22 maxlen: 24
182.173.68.0/22 maxlen: 24
202.36.48.0/20 maxlen: 24
202.61.128.0/21 maxlen: 24
202.61.136.0/21 maxlen: 24
202.61.144.0/20 maxlen: 24
202.61.160.0/20 maxlen: 24
202.61.176.0/21 maxlen: 24
202.61.184.0/22 maxlen: 24
202.61.188.0/22 maxlen: 24
202.79.160.0/20 maxlen: 24
202.95.0.0/22 maxlen: 24
202.95.4.0/22 maxlen: 24
202.95.8.0/21 maxlen: 24
202.95.16.0/20 maxlen: 24
202.162.96.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2421 (0x975)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C661, serialNumber=1EC42C1B69E16F5F37C73D81BF9FAB1F4BA42329
Validity
Not Before: Mar 31 12:45:49 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66095afd-f609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2b:92:6c:e8:80:d2:17:4d:da:d7:b1:d2:e9:
d0:a6:94:ef:71:ce:e6:fc:3c:0e:da:8c:53:f4:18:
8a:24:92:3c:46:c6:0b:28:75:49:b7:ce:15:9b:db:
16:a8:8c:a5:9d:46:5b:78:2e:31:6a:9a:cc:df:b7:
f8:b8:1a:a7:93:bd:a4:e0:8c:74:66:5b:d3:5d:f9:
ff:5c:48:a6:7a:83:d4:a3:54:e3:07:77:dc:5b:d1:
c7:ef:d8:1e:61:f2:39:f2:90:82:85:1c:a2:be:24:
d0:31:de:a1:4b:bd:92:03:68:21:de:0e:7f:55:a0:
88:95:f4:13:0d:93:b9:23:d8:d0:6d:ba:90:51:d0:
b2:28:88:a6:4c:06:a8:a2:9a:1f:94:a1:6b:b4:c7:
b6:95:8f:45:32:7f:57:49:48:53:28:d7:5b:b7:eb:
eb:d2:c3:0b:45:eb:b9:74:8b:60:4a:d5:30:01:9f:
a6:f5:4e:3c:c0:8f:77:36:b6:c1:d9:c1:76:f4:99:
02:d3:74:ec:03:65:75:9e:24:75:aa:d0:b5:75:28:
0a:cb:e3:dd:f3:f1:e3:48:7e:f9:20:19:3e:8d:b3:
40:8b:1b:b6:b3:49:0e:0f:c7:27:b4:c3:3d:d4:58:
44:4a:80:d9:28:fb:08:20:fa:71:c1:e4:a0:7b:7d:
aa:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4E:C6:C7:C3:BF:DE:49:A2:CE:28:60:B9:9B:3D:4E:44:3C:33:75
X509v3 Authority Key Identifier:
keyid:1E:C4:2C:1B:69:E1:6F:5F:37:C7:3D:81:BF:9F:AB:1F:4B:A4:23:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/HsQsG2nhb183xz2Bv5-rH0ukIyk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HsQsG2nhb183xz2Bv5-rH0ukIyk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C661/0BBD9EA2836D11EAB4A2D76DC4F9AE02/05628716EF5C11EEAD531674C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.32.192.0/18
14.128.32.0/19
27.50.55.0/24
27.50.57.0-27.50.58.255
27.50.60.0/24
27.124.36.0/22
27.124.62.0/23
118.107.0.0/18
180.222.204.0/22
182.173.68.0/22
202.36.48.0/20
202.61.128.0/18
202.79.160.0/20
202.95.0.0/19
202.162.96.0/20
Signature Algorithm: sha256WithRSAEncryption
c3:09:59:ef:86:15:b9:d8:94:93:cd:f7:1d:fd:c1:bc:dc:6a:
c9:50:4e:e4:18:71:61:d9:d5:86:1c:a2:1c:33:44:ea:f2:5f:
49:ca:d4:82:f9:c2:4e:c4:73:69:02:a4:fa:d4:9b:07:0f:d8:
b0:85:58:05:2e:58:da:15:37:63:7e:12:e1:c4:92:3b:c6:a4:
0a:b0:b0:5f:df:7e:1f:4c:9d:e6:e4:fa:bb:ff:65:c7:a8:cb:
bf:d7:56:c4:7e:33:68:0b:f3:f6:8a:5d:f2:d2:d5:de:d0:46:
76:ba:fe:22:d0:38:d3:b6:56:f1:e5:97:95:fe:ac:81:cc:c3:
4c:ff:6a:e3:ab:f8:6e:07:ee:ee:72:46:ab:7f:2a:af:b3:ac:
bc:79:b8:82:93:82:77:2e:3b:33:bc:ba:ef:77:98:db:86:f9:
89:8d:a1:e1:a9:65:5e:ef:24:d2:72:09:d5:7b:fb:46:c2:af:
e6:40:22:c9:eb:01:1c:65:38:5b:ed:df:ee:9a:8e:5f:7a:29:
db:0f:d8:ea:64:59:fe:4b:b1:59:b6:b4:95:da:20:62:01:ac:
a8:84:bd:5b:cd:f0:da:b4:b0:32:54:7b:f2:8f:80:aa:bc:80:
6e:a2:e3:fb:dc:9b:df:e8:bd:15:dc:d5:58:89:9d:7d:f9:c9:
17:75:21:85
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICCXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEM2NjExMTAvBgNVBAUTKDFFQzQyQzFCNjlFMTZGNUYzN0M3M0Q4MUJGOUZBQjFG
NEJBNDIzMjkwHhcNMjQwMzMxMTI0NTQ5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA5NWFmZC1mNjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1CuSbOiA0hdN2tex0unQppTvcc7m/DwO2oxT9BiKJJI8RsYLKHVJt84Vm9sW
qIylnUZbeC4xaprM37f4uBqnk72k4Ix0ZlvTXfn/XEimeoPUo1TjB3fcW9HH79ge
YfI58pCChRyiviTQMd6hS72SA2gh3g5/VaCIlfQTDZO5I9jQbbqQUdCyKIimTAao
opoflKFrtMe2lY9FMn9XSUhTKNdbt+vr0sMLReu5dItgStUwAZ+m9U48wI93NrbB
2cF29JkC03TsA2V1niR1qtC1dSgKy+Pd8/HjSH75IBk+jbNAixu2s0kOD8cntMM9
1FhESoDZKPsIIPpxweSge32q6QIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFPZOxsfD
v95Jos4oYLmbPU5EPDN1MB8GA1UdIwQYMBaAFB7ELBtp4W9fN8c9gb+fqx9LpCMp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzY2MS8wQkJEOUVBMjgz
NkQxMUVBQjRBMkQ3NkRDNEY5QUUwMi9Ic1FzRzJuaGIxODN4ejJCdjUtckgwdWtJ
eWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hzUXNHMm5oYjE4M3h6MkJ2NS1ySDB1a0l5ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEM2NjEvMEJCRDlFQTI4MzZEMTFFQUI0QTJENzZEQzRGOUFFMDIvMDU2Mjg3MTZF
RjVDMTFFRUFENTMxNjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E
bDBqMGgEAgABMGIDBAYBIMADBAUOgCADBAAbMjcwDAMEABsyOQMEABsyOgMEABsy
PAMEAht8JAMEARt8PgMEBnZrAAMEArTezAMEAratRAMEBMokMAMEBso9gAMEBMpP
oAMEBcpfAAMEBMqiYDANBgkqhkiG9w0BAQsFAAOCAQEAwwlZ74YVudiUk833Hf3B
vNxqyVBO5BhxYdnVhhyiHDNE6vJfScrUgvnCTsRzaQKk+tSbBw/YsIVYBS5Y2hU3
Y34S4cSSO8akCrCwX99+H0yd5uT6u/9lx6jLv9dWxH4zaAvz9opd8tLV3tBGdrr+
ItA407ZW8eWXlf6sgczDTP9q46v4bgfu7nJGq38qr7OsvHm4gpOCdy47M7y673eY
24b5iY2h4allXu8k0nIJ1Xv7RsKv5kAiyesBHGU4W+3f7pqOX3op2w/Y6mRZ/kux
Wba0ldogYgGsqIS9W83w2rSwMlR78o+AqryAbqLj+9yb3+i9FdzVWImdffnJF3Uh
hQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:07:51 2025 by rpki-client