Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/10D3EEB2FC9611EA8915D676C4F9AE02.roa
File: 10D3EEB2FC9611EA8915D676C4F9AE02.roa (raw, json)
Hash identifier: oabVYdoOkgR4VTCz2zpu+903rpeySWFMI5SJh0RBtv8=
Subject key identifier: 81:AE:9E:5F:70:B1:81:0B:83:40:1D:F5:E5:F5:69:7A:96:C3:5C:22
Certificate issuer: /CN=A91325FD/serialNumber=2E8DAF49E27E4FC12BE05EF7DF1A82BB287126A1
Certificate serial: 3343
Authority key identifier: 2E:8D:AF:49:E2:7E:4F:C1:2B:E0:5E:F7:DF:1A:82:BB:28:71:26:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/10D3EEB2FC9611EA8915D676C4F9AE02.roa
Signing time: Mon 20 Feb 2023 14:20:05 +0000
ROA not before: Mon 20 Feb 2023 14:20:05 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 19905
IP address blocks: 43.224.36.0/24 maxlen: 24
43.224.37.0/24 maxlen: 24
43.224.38.0/24 maxlen: 24
43.224.39.0/24 maxlen: 24
103.43.76.0/24 maxlen: 24
103.43.77.0/24 maxlen: 24
103.43.78.0/24 maxlen: 24
103.43.79.0/24 maxlen: 24
115.84.64.0/24 maxlen: 24
115.84.65.0/24 maxlen: 24
115.84.66.0/24 maxlen: 24
115.84.67.0/24 maxlen: 24
115.84.68.0/24 maxlen: 24
115.84.69.0/24 maxlen: 24
115.84.70.0/24 maxlen: 24
115.84.71.0/24 maxlen: 24
115.84.72.0/24 maxlen: 24
115.84.73.0/24 maxlen: 24
115.84.74.0/24 maxlen: 24
115.84.75.0/24 maxlen: 24
115.84.76.0/24 maxlen: 24
115.84.77.0/24 maxlen: 24
115.84.78.0/24 maxlen: 24
115.84.79.0/24 maxlen: 24
115.84.80.0/24 maxlen: 24
115.84.81.0/24 maxlen: 24
115.84.82.0/24 maxlen: 24
115.84.83.0/24 maxlen: 24
115.84.84.0/24 maxlen: 24
115.84.85.0/24 maxlen: 24
115.84.86.0/24 maxlen: 24
115.84.87.0/24 maxlen: 24
115.84.88.0/24 maxlen: 24
115.84.89.0/24 maxlen: 24
115.84.90.0/24 maxlen: 24
115.84.91.0/24 maxlen: 24
115.84.92.0/24 maxlen: 24
115.84.93.0/24 maxlen: 24
115.84.94.0/24 maxlen: 24
115.84.95.0/24 maxlen: 24
115.84.96.0/24 maxlen: 24
115.84.97.0/24 maxlen: 24
115.84.98.0/24 maxlen: 24
115.84.99.0/24 maxlen: 24
115.84.100.0/24 maxlen: 24
115.84.101.0/24 maxlen: 24
115.84.102.0/24 maxlen: 24
115.84.103.0/24 maxlen: 24
115.84.104.0/24 maxlen: 24
115.84.105.0/24 maxlen: 24
115.84.106.0/24 maxlen: 24
115.84.107.0/24 maxlen: 24
115.84.108.0/24 maxlen: 24
115.84.109.0/24 maxlen: 24
115.84.110.0/24 maxlen: 24
115.84.111.0/24 maxlen: 24
115.84.112.0/24 maxlen: 24
115.84.113.0/24 maxlen: 24
115.84.114.0/24 maxlen: 24
115.84.115.0/24 maxlen: 24
115.84.116.0/24 maxlen: 24
115.84.117.0/24 maxlen: 24
115.84.118.0/24 maxlen: 24
115.84.119.0/24 maxlen: 24
115.84.120.0/24 maxlen: 24
115.84.121.0/24 maxlen: 24
115.84.122.0/24 maxlen: 24
115.84.123.0/24 maxlen: 24
115.84.124.0/24 maxlen: 24
115.84.125.0/24 maxlen: 24
115.84.126.0/24 maxlen: 24
115.84.127.0/24 maxlen: 24
202.137.128.0/24 maxlen: 24
202.137.129.0/24 maxlen: 24
202.137.130.0/24 maxlen: 24
202.137.131.0/24 maxlen: 24
202.137.132.0/24 maxlen: 24
202.137.133.0/24 maxlen: 24
202.137.134.0/24 maxlen: 24
202.137.135.0/24 maxlen: 24
202.137.136.0/24 maxlen: 24
202.137.137.0/24 maxlen: 24
202.137.138.0/24 maxlen: 24
202.137.139.0/24 maxlen: 24
202.137.140.0/24 maxlen: 24
202.137.141.0/24 maxlen: 24
202.137.142.0/24 maxlen: 24
202.137.143.0/24 maxlen: 24
202.137.144.0/24 maxlen: 24
202.137.145.0/24 maxlen: 24
202.137.146.0/24 maxlen: 24
202.137.147.0/24 maxlen: 24
202.137.148.0/24 maxlen: 24
202.137.149.0/24 maxlen: 24
202.137.150.0/24 maxlen: 24
202.137.151.0/24 maxlen: 24
202.137.152.0/24 maxlen: 24
202.137.153.0/24 maxlen: 24
202.137.154.0/24 maxlen: 24
202.137.155.0/24 maxlen: 24
202.137.156.0/24 maxlen: 24
202.137.157.0/24 maxlen: 24
202.137.158.0/24 maxlen: 24
202.137.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13123 (0x3343)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91325FD/serialNumber=2E8DAF49E27E4FC12BE05EF7DF1A82BB287126A1
Validity
Not Before: Feb 20 14:20:05 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=63f38195-0f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8d:9f:9b:6c:38:ce:57:79:c9:45:ae:ff:5e:
ef:d5:a7:2a:c4:30:82:e7:e5:6d:eb:cb:18:6d:fd:
e3:f5:05:41:7a:b7:50:7c:19:71:5a:a4:15:cf:33:
ed:d1:f4:a9:38:b5:ce:7b:b3:10:24:a3:ae:2f:c0:
a8:83:b2:b5:81:89:70:ce:36:eb:c3:c2:c6:4c:ad:
e8:16:d1:f3:21:d7:99:72:61:b3:d0:12:2c:82:fd:
26:45:4b:04:4c:72:d8:77:ce:a2:1c:e7:46:6d:93:
92:35:01:31:f6:37:dd:c3:a3:d2:70:af:ae:c3:9e:
cb:bb:05:f1:6c:7d:1c:cb:03:21:2d:75:b6:15:cd:
b3:b0:d0:8c:f6:16:8c:55:b0:fb:c9:84:55:ac:06:
03:3c:22:9b:62:8f:33:c5:d8:03:49:a1:78:15:2e:
9d:a2:a5:a6:b7:6a:e8:f9:b4:b0:ba:c6:cf:31:14:
61:48:fc:13:80:e2:26:89:af:e7:af:6c:7b:2c:64:
5f:5d:23:fc:4d:81:a0:a7:33:b1:05:66:93:c0:05:
bb:22:c5:53:3f:22:f7:65:39:6a:7b:8f:22:2a:ec:
55:97:1f:ce:41:9f:f1:aa:e8:65:2a:ef:3e:f0:b1:
59:bb:11:50:2a:2b:58:2b:76:a6:ba:b3:69:77:e0:
bb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AE:9E:5F:70:B1:81:0B:83:40:1D:F5:E5:F5:69:7A:96:C3:5C:22
X509v3 Authority Key Identifier:
keyid:2E:8D:AF:49:E2:7E:4F:C1:2B:E0:5E:F7:DF:1A:82:BB:28:71:26:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lo2vSeJ-T8Er4F733xqCuyhxJqE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91325FD/BCE4D10A1D6811E2AD6494A508B02CD2/10D3EEB2FC9611EA8915D676C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.36.0/22
103.43.76.0/22
115.84.64.0/18
202.137.128.0/19
Signature Algorithm: sha256WithRSAEncryption
c8:ac:90:89:94:3e:63:2f:a7:f0:e3:85:4f:24:ec:16:48:5d:
3f:06:12:4c:e2:a3:68:be:b3:60:23:c5:c2:d8:12:c9:ba:1b:
95:40:77:51:8e:cf:92:43:73:11:47:b7:f4:65:63:98:b1:bb:
8e:61:08:69:e2:17:04:ed:f9:91:ee:43:5a:c7:71:5a:96:89:
42:6c:d5:ff:c8:38:4d:94:32:3e:4b:c8:26:b7:88:c6:0c:be:
ba:c9:4c:f0:4c:94:98:0f:9f:88:41:e0:fd:8b:75:c4:66:d1:
66:d4:a8:9c:ee:e2:ff:0f:23:b7:90:cc:e7:4b:4b:af:9b:75:
12:7e:79:a6:6e:8a:f5:eb:8b:f0:a0:bb:58:c5:f4:0a:15:38:
c1:3a:20:fb:3b:96:c9:84:d6:39:41:64:12:ca:79:d3:12:97:
aa:a3:8f:42:ae:56:1e:75:17:c7:67:d9:eb:da:02:bc:17:9e:
b7:98:18:60:c7:34:12:8e:d9:52:20:18:08:af:41:e7:7b:d2:
4a:5e:f2:90:2d:f8:c9:a0:f2:e9:2b:92:47:20:ca:80:ae:78:
98:1f:07:2e:91:f7:2c:e8:df:39:01:52:8e:34:c3:c4:2d:b2:
c2:51:7d:df:e1:e3:6c:ee:c3:8b:94:d5:be:e6:8c:58:f0:0a:
8f:42:e5:ec
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICM0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI1RkQxMTAvBgNVBAUTKDJFOERBRjQ5RTI3RTRGQzEyQkUwNUVGN0RGMUE4MkJC
Mjg3MTI2QTEwHhcNMjMwMjIwMTQyMDA1WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2YzODE5NS0wZjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Y2fm2w4zld5yUWu/17v1acqxDCC5+Vt68sYbf3j9QVBerdQfBlxWqQVzzPt
0fSpOLXOe7MQJKOuL8Cog7K1gYlwzjbrw8LGTK3oFtHzIdeZcmGz0BIsgv0mRUsE
THLYd86iHOdGbZOSNQEx9jfdw6PScK+uw57LuwXxbH0cywMhLXW2Fc2zsNCM9haM
VbD7yYRVrAYDPCKbYo8zxdgDSaF4FS6doqWmt2ro+bSwusbPMRRhSPwTgOImia/n
r2x7LGRfXSP8TYGgpzOxBWaTwAW7IsVTPyL3ZTlqe48iKuxVlx/OQZ/xquhlKu8+
8LFZuxFQKitYK3amurNpd+C7swIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFIGunl9w
sYELg0Ad9eX1aXqWw1wiMB8GA1UdIwQYMBaAFC6Nr0nifk/BK+Be998agrsocSah
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjVGRC9CQ0U0RDEwQTFE
NjgxMUUyQUQ2NDk0QTUwOEIwMkNEMi9MbzJ2U2VKLVQ4RXI0RjczM3hxQ3V5aHhK
cUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xvMnZTZUotVDhFcjRGNzMzeHFDdXloeEpxRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI1RkQvQkNFNEQxMEExRDY4MTFFMkFENjQ5NEE1MDhCMDJDRDIvMTBEM0VFQjJG
Qzk2MTFFQTg5MTVENjc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAIr4CQDBAJnK0wDBAZzVEADBAXKiYAwDQYJKoZIhvcNAQEL
BQADggEBAMiskImUPmMvp/DjhU8k7BZIXT8GEkzio2i+s2AjxcLYEsm6G5VAd1GO
z5JDcxFHt/RlY5ixu45hCGniFwTt+ZHuQ1rHcVqWiUJs1f/IOE2UMj5LyCa3iMYM
vrrJTPBMlJgPn4hB4P2LdcRm0WbUqJzu4v8PI7eQzOdLS6+bdRJ+eaZuivXri/Cg
u1jF9AoVOME6IPs7lsmE1jlBZBLKedMSl6qjj0KuVh51F8dn2evaArwXnreYGGDH
NBKO2VIgGAivQed70kpe8pAt+Mmg8ukrkkcgyoCueJgfBy6R9yzo3zkBUo40w8Qt
ssJRfd/h42zuw4uU1b7mjFjwCo9C5ew=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org