Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/AF7C66D2C2E111EAB5F9A16DC4F9AE02.roa
File: AF7C66D2C2E111EAB5F9A16DC4F9AE02.roa (raw, json)
Hash identifier: RC8C25nw8u5h6DcQAm2R/jimZN9YVKgYdoKlZWibQZk=
Subject key identifier: 17:51:D9:B8:F3:16:BA:41:C2:92:53:43:EA:5E:29:24:67:AC:33:38
Certificate issuer: /CN=A91B5486/serialNumber=2E304A3D92499D9D7D338A3EA02F7C5348425B17
Certificate serial: 05C1
Authority key identifier: 2E:30:4A:3D:92:49:9D:9D:7D:33:8A:3E:A0:2F:7C:53:48:42:5B:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LjBKPZJJnZ19M4o-oC98U0hCWxc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/AF7C66D2C2E111EAB5F9A16DC4F9AE02.roa
Signing time: Thu 31 Mar 2022 11:09:19 +0000
ROA not before: Thu 31 Mar 2022 11:09:19 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 41095
IP address blocks: 45.248.200.0/22 maxlen: 22
103.6.128.0/22 maxlen: 23
103.6.130.0/23 maxlen: 24
103.23.168.0/22 maxlen: 22
103.23.168.0/24 maxlen: 24
103.23.169.0/24 maxlen: 24
103.23.170.0/24 maxlen: 24
103.23.171.0/24 maxlen: 24
103.217.160.0/22 maxlen: 22
103.217.160.0/24 maxlen: 24
103.217.161.0/24 maxlen: 24
103.217.162.0/24 maxlen: 24
103.217.163.0/24 maxlen: 24
103.242.72.0/22 maxlen: 23
103.242.74.0/23 maxlen: 24
220.158.132.0/22 maxlen: 24
2401:47c0::/32 maxlen: 32
2401:47c0:1000::/36 maxlen: 36
2401:47c0:1000::/40 maxlen: 40
2401:47c0:1100::/40 maxlen: 40
2401:47c0:1200::/40 maxlen: 40
2401:47c0:1300::/40 maxlen: 40
2401:47c0:1400::/40 maxlen: 40
2401:47c0:1500::/40 maxlen: 40
2401:47c0:1600::/40 maxlen: 40
2401:47c0:1700::/40 maxlen: 40
2401:47c0:1800::/40 maxlen: 40
2401:47c0:1a00::/40 maxlen: 40
2401:47c0:f000::/36 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1473 (0x5c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5486, serialNumber=2E304A3D92499D9D7D338A3EA02F7C5348425B17
Validity
Not Before: Mar 31 11:09:19 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=62458bde-82d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:68:2f:7d:02:05:4c:57:de:8b:30:9c:e5:b7:
f2:c4:fb:57:f1:db:f6:11:7c:74:cd:87:f5:ca:d0:
4f:c8:df:39:61:af:56:fa:aa:4f:bd:6e:8c:bf:04:
df:84:5a:35:57:e8:24:d0:0b:49:6e:5f:07:75:6e:
a9:0a:ed:a4:37:2b:80:13:10:31:c2:65:a9:6a:f8:
32:16:0b:cd:33:92:19:ad:1f:c4:25:4a:bc:45:fb:
05:08:ab:e0:5a:cd:e4:cd:1d:66:fc:9a:77:22:7f:
6f:a0:59:98:3a:bc:89:e9:03:0a:ef:06:42:c9:bd:
4a:1f:3e:82:9f:90:a9:68:4f:80:3e:62:6d:37:6e:
df:ae:97:ee:55:a2:15:8b:d1:1d:da:c3:5a:a8:c8:
c0:89:32:2c:62:6f:9b:9c:2e:f2:e6:f9:01:91:4a:
96:b7:58:63:da:9d:bc:4a:4c:78:84:25:ca:69:50:
f1:ea:5b:c0:72:60:2c:78:46:42:dc:47:72:0f:1c:
b2:89:ed:45:0b:44:4c:9d:61:35:02:a9:af:99:1b:
68:00:eb:15:fa:18:f2:d8:78:f6:8e:ae:1d:91:ad:
b7:ce:ad:19:48:1a:3b:8e:60:7e:f3:f7:48:e3:48:
07:45:01:b8:f3:54:f8:96:59:4c:f7:2a:64:58:54:
9f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:51:D9:B8:F3:16:BA:41:C2:92:53:43:EA:5E:29:24:67:AC:33:38
X509v3 Authority Key Identifier:
keyid:2E:30:4A:3D:92:49:9D:9D:7D:33:8A:3E:A0:2F:7C:53:48:42:5B:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/LjBKPZJJnZ19M4o-oC98U0hCWxc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LjBKPZJJnZ19M4o-oC98U0hCWxc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/AF7C66D2C2E111EAB5F9A16DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.200.0/22
103.6.128.0/22
103.23.168.0/22
103.217.160.0/22
103.242.72.0/22
220.158.132.0/22
IPv6:
2401:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:2d:78:25:f5:82:e6:99:51:d9:58:57:90:f7:a4:c6:6d:59:
2e:1b:e6:0e:4d:22:e7:6a:76:f4:6b:48:a7:30:c8:5a:9a:66:
7b:10:d9:76:69:ec:41:97:f0:d2:5a:07:ac:5a:5d:3e:90:57:
c4:ce:df:68:28:b2:3f:f1:55:ee:c0:11:45:15:68:52:91:61:
7b:b6:96:4f:7b:9d:74:70:d0:e7:d5:37:35:41:26:73:1a:49:
b3:1c:f4:25:ef:b0:d0:f8:e4:59:9e:2f:ca:b5:c7:3a:b5:45:
4c:53:85:9f:3e:e4:67:ab:c8:6f:70:c8:0e:e2:90:fe:66:ec:
42:30:8f:04:b2:fe:0f:10:d1:7b:00:89:c0:0a:88:87:67:91:
0e:b3:a8:a9:9f:36:20:52:72:50:6e:a2:0e:72:6b:26:a1:8b:
15:10:65:a2:58:f3:83:2d:2e:94:25:02:6b:ed:3e:2e:83:32:
d0:c8:e7:59:ab:4c:0c:76:a6:3d:93:5c:96:32:a3:50:ca:62:
b7:27:54:43:e0:16:ac:31:8a:f2:79:61:bf:a3:94:c6:4f:5e:
54:32:a0:1d:e1:7f:24:c4:34:d0:70:a3:ba:9c:2e:ff:c6:9b:
d7:05:e6:11:a0:c7:b5:34:50:82:e6:29:a8:25:bb:82:e6:93:
0c:e8:06:f4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBcEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU0ODYxMTAvBgNVBAUTKDJFMzA0QTNEOTI0OTlEOUQ3RDMzOEEzRUEwMkY3QzUz
NDg0MjVCMTcwHhcNMjIwMzMxMTEwOTE5WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQ1OGJkZS04MmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7GgvfQIFTFfeizCc5bfyxPtX8dv2EXx0zYf1ytBPyN85Ya9W+qpPvW6MvwTf
hFo1V+gk0AtJbl8HdW6pCu2kNyuAExAxwmWpavgyFgvNM5IZrR/EJUq8RfsFCKvg
Ws3kzR1m/Jp3In9voFmYOryJ6QMK7wZCyb1KHz6Cn5CpaE+APmJtN27frpfuVaIV
i9Ed2sNaqMjAiTIsYm+bnC7y5vkBkUqWt1hj2p28Skx4hCXKaVDx6lvAcmAseEZC
3EdyDxyyie1FC0RMnWE1AqmvmRtoAOsV+hjy2Hj2jq4dka23zq0ZSBo7jmB+8/dI
40gHRQG481T4lllM9ypkWFSfTQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFBdR2bjz
FrpBwpJTQ+peKSRnrDM4MB8GA1UdIwQYMBaAFC4wSj2SSZ2dfTOKPqAvfFNIQlsX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTQ4Ni84NTZBMjQ5Q0E5
ODIxMUVBOTMyREVDNTRDNEY5QUUwMi9MakJLUFpKSm5aMTlNNG8tb0M5OFUwaENX
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xqQktQWkpKbloxOU00by1vQzk4VTBoQ1d4Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU0ODYvODU2QTI0OUNBOTgyMTFFQTkzMkRFQzU0QzRGOUFFMDIvQUY3QzY2RDJD
MkUxMTFFQUI1RjlBMTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAIt+MgDBAJnBoADBAJnF6gDBAJn2aADBAJn8kgDBALcnoQw
DQQCAAIwBwMFACQBR8AwDQYJKoZIhvcNAQELBQADggEBAKwteCX1guaZUdlYV5D3
pMZtWS4b5g5NIudqdvRrSKcwyFqaZnsQ2XZp7EGX8NJaB6xaXT6QV8TO32gosj/x
Ve7AEUUVaFKRYXu2lk97nXRw0OfVNzVBJnMaSbMc9CXvsND45FmeL8q1xzq1RUxT
hZ8+5GeryG9wyA7ikP5m7EIwjwSy/g8Q0XsAicAKiIdnkQ6zqKmfNiBSclBuog5y
ayahixUQZaJY84MtLpQlAmvtPi6DMtDI51mrTAx2pj2TXJYyo1DKYrcnVEPgFqwx
ivJ5Yb+jlMZPXlQyoB3hfyTENNBwo7qcLv/Gm9cF5hGgx7U0UILmKaglu4Lmkwzo
BvQ=
-----END CERTIFICATE-----
Generated at Wed May 14 17:14:11 2025 by rpki-client