Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/AA5843EC406311EB9A4FD119C4F9AE02.roa
File: AA5843EC406311EB9A4FD119C4F9AE02.roa (raw, json)
Hash identifier: 2dgRNKqykT9+fT5MyFZ+F4n5nFagvKwFIOClX/V3dO0=
Subject key identifier: 08:19:3D:AA:3F:C0:7E:33:D7:65:3A:13:8E:35:C0:71:B1:85:4B:3E
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 32F0
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/AA5843EC406311EB9A4FD119C4F9AE02.roa
Signing time: Sun 03 Apr 2022 15:20:57 +0000
ROA not before: Sun 03 Apr 2022 15:20:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55714
IP address blocks: 39.62.0.0/19 maxlen: 24
39.62.32.0/21 maxlen: 24
39.62.40.0/21 maxlen: 24
39.62.48.0/20 maxlen: 24
59.103.16.0/22 maxlen: 24
59.103.32.0/19 maxlen: 24
59.103.64.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13040 (0x32f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832, serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Apr 3 15:20:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6249bb58-21f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:12:df:22:1a:8a:e0:cc:d9:fd:bd:75:08:fc:
a7:96:b8:c6:7b:a3:3e:12:4d:18:3b:ae:8e:6c:bd:
75:d8:03:73:c5:29:0e:09:be:b8:26:67:f6:21:e6:
0b:b8:57:a4:ce:4a:57:49:98:e2:57:7b:cc:89:11:
7e:40:41:8e:78:42:e2:84:10:f1:7b:1a:17:0b:6b:
3e:13:e3:73:8a:f3:c3:16:fd:9c:4f:64:db:05:47:
4a:b8:b3:e4:89:08:a7:84:19:37:b8:70:e9:c8:c1:
67:09:3c:58:17:d4:ff:97:d9:fb:23:2f:04:d0:c8:
a1:d0:9d:c0:fc:5e:a4:5e:2f:d7:63:b2:39:52:29:
1d:20:9b:c3:a6:21:4f:f9:6a:3e:39:dd:31:03:ef:
82:67:da:cb:20:ac:b2:c6:eb:a0:3f:3a:47:cb:0b:
d7:5e:a2:a0:f7:3a:81:fb:b5:13:a4:c6:05:e4:1a:
53:f0:f4:cb:08:84:dd:18:ad:5d:3a:6a:94:78:89:
b5:73:fe:64:8d:59:56:11:ff:fe:f3:d8:ac:84:41:
5f:1c:1a:8d:10:dc:c5:1a:3f:3a:b9:fd:22:aa:c0:
d7:35:ff:91:46:fb:b5:c1:84:09:99:f6:eb:52:59:
f5:e5:ce:e9:11:00:5e:d6:7f:f8:83:6c:88:04:e3:
94:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:19:3D:AA:3F:C0:7E:33:D7:65:3A:13:8E:35:C0:71:B1:85:4B:3E
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/AA5843EC406311EB9A4FD119C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.62.0.0/18
59.103.16.0/22
59.103.32.0-59.103.71.255
Signature Algorithm: sha256WithRSAEncryption
0c:d0:05:f3:23:dc:e0:32:ff:31:6a:6e:01:97:69:c0:67:66:
b3:ce:00:fe:72:0c:6e:77:c7:08:bf:1d:eb:18:8e:c5:d8:97:
3b:9a:fb:e6:8e:28:8e:ef:7d:47:b5:72:b5:4b:5c:b7:d6:00:
79:15:47:79:ad:75:6c:af:71:67:33:13:85:61:23:eb:04:3d:
b9:d2:09:7a:b8:cd:f7:3a:2a:d5:9a:7c:b4:47:0b:e6:88:e2:
f4:c2:af:c4:7d:92:d9:88:03:bf:8b:53:47:e8:31:fd:67:ed:
70:51:4a:03:fd:5c:8e:db:7a:ad:75:b7:da:39:5f:2b:df:03:
e3:ea:e4:9f:64:12:41:5b:39:1d:4a:e8:8a:1c:58:73:97:4a:
a5:7d:d9:8d:4f:a8:1f:34:16:e5:18:97:c6:c3:ce:8f:3e:b2:
25:12:17:a6:2f:18:3b:66:bd:8d:c9:55:32:12:65:38:9f:9f:
bd:1a:f9:ad:33:b8:b0:67:09:ca:fd:3e:f8:19:f9:42:3c:e9:
f6:ba:62:de:df:e9:bc:e9:a0:c3:c4:a3:aa:e2:45:4a:2e:31:
0f:16:82:c1:23:9b:60:b7:76:96:45:6b:5f:59:3c:53:c5:6c:
e5:0d:19:b4:8d:fc:5e:5c:20:47:7b:b7:8f:1d:83:be:bb:5d:
39:8f:f5:ae
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICMvAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjIwNDAzMTUyMDU3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQ5YmI1OC0yMWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqBLfIhqK4MzZ/b11CPynlrjGe6M+Ek0YO66ObL112ANzxSkOCb64Jmf2IeYL
uFekzkpXSZjiV3vMiRF+QEGOeELihBDxexoXC2s+E+NzivPDFv2cT2TbBUdKuLPk
iQinhBk3uHDpyMFnCTxYF9T/l9n7Iy8E0Mih0J3A/F6kXi/XY7I5UikdIJvDpiFP
+Wo+Od0xA++CZ9rLIKyyxuugPzpHywvXXqKg9zqB+7UTpMYF5BpT8PTLCITdGK1d
OmqUeIm1c/5kjVlWEf/+89ishEFfHBqNENzFGj86uf0iqsDXNf+RRvu1wYQJmfbr
Uln15c7pEQBe1n/4g2yIBOOU4QIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFAgZPao/
wH4z12U6E441wHGxhUs+MB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvQUE1ODQzRUM0
MDYzMTFFQjlBNEZEMTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAYnPgADBAI7ZxAwDAMEBTtnIAMEAztnQDANBgkqhkiG9w0B
AQsFAAOCAQEADNAF8yPc4DL/MWpuAZdpwGdms84A/nIMbnfHCL8d6xiOxdiXO5r7
5o4oju99R7VytUtct9YAeRVHea11bK9xZzMThWEj6wQ9udIJerjN9zoq1Zp8tEcL
5oji9MKvxH2S2YgDv4tTR+gx/WftcFFKA/1cjtt6rXW32jlfK98D4+rkn2QSQVs5
HUroihxYc5dKpX3ZjU+oHzQW5RiXxsPOjz6yJRIXpi8YO2a9jclVMhJlOJ+fvRr5
rTO4sGcJyv0++Bn5Qjzp9rpi3t/pvOmgw8SjquJFSi4xDxaCwSObYLd2lkVrX1k8
U8Vs5Q0ZtI38XlwgR3u3jx2DvrtdOY/1rg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:11:27 2025 by rpki-client