Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/C22BC21886D711EBA06B0E64C4F9AE02.roa
File: C22BC21886D711EBA06B0E64C4F9AE02.roa (raw, json)
Hash identifier: eGXB74SKz5+4aEb5MscbR+y5CvDRmy494bw1QBAx1Zk=
Subject key identifier: 33:96:23:63:2E:A5:01:2C:EE:06:D9:B6:74:59:2B:EF:5D:2B:FA:EF
Certificate issuer: /CN=A9183BBC/serialNumber=06181849E2C5F9313EA60A3397DC61472AC11B0D
Certificate serial: 033A
Authority key identifier: 06:18:18:49:E2:C5:F9:31:3E:A6:0A:33:97:DC:61:47:2A:C1:1B:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BhgYSeLF-TE-pgozl9xhRyrBGw0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/C22BC21886D711EBA06B0E64C4F9AE02.roa
Signing time: Wed 04 May 2022 11:12:59 +0000
ROA not before: Wed 04 May 2022 11:12:58 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 4594
IP address blocks: 43.225.100.0/22 maxlen: 22
43.225.100.0/24 maxlen: 24
43.225.101.0/24 maxlen: 24
43.225.102.0/24 maxlen: 24
43.225.103.0/24 maxlen: 24
103.44.60.0/24 maxlen: 24
103.44.61.0/24 maxlen: 24
103.44.62.0/24 maxlen: 24
2407:880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 826 (0x33a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9183BBC/serialNumber=06181849E2C5F9313EA60A3397DC61472AC11B0D
Validity
Not Before: May 4 11:12:58 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=62725fba-f1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3b:ea:d7:91:e5:d1:af:07:bf:08:39:2b:68:
1f:29:41:34:6d:cd:ef:f1:cf:0b:43:d5:2f:91:26:
25:64:58:dc:2c:3c:2a:00:a0:73:bb:68:0f:81:76:
55:d4:a6:cc:c2:cb:5a:b2:96:e1:cc:c3:30:52:d4:
29:92:3a:af:33:d1:62:37:43:64:a7:6b:35:83:f9:
f5:b4:27:0f:ba:7b:fb:bc:10:74:d4:f0:9e:9c:2e:
7b:86:10:ba:db:78:ba:9c:3b:73:b0:3b:ec:22:44:
3a:6a:93:23:70:ff:71:31:2f:ae:26:d0:e4:54:fb:
23:e5:75:b5:5a:eb:48:73:4e:59:75:b2:24:a9:f3:
cf:32:a3:9d:4c:3d:a0:c0:9f:7a:f0:17:45:d7:ce:
92:47:21:59:f2:1d:8e:d5:74:5b:9f:2b:f9:5a:9c:
ca:3a:1e:8b:2c:e9:5b:46:b7:56:f8:47:41:22:95:
e9:ad:77:48:70:5a:08:8b:c4:ae:d7:7a:ef:24:4c:
0c:40:24:0d:ed:df:bb:21:b2:bd:d4:40:df:7d:f5:
47:4e:20:dc:e0:63:b7:65:e1:f2:3b:4c:53:51:2d:
8f:62:ee:97:3b:91:14:ab:46:c6:61:bd:b3:69:ee:
b2:bc:26:f5:47:07:ae:2a:36:5f:89:6d:b5:84:50:
f4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:96:23:63:2E:A5:01:2C:EE:06:D9:B6:74:59:2B:EF:5D:2B:FA:EF
X509v3 Authority Key Identifier:
keyid:06:18:18:49:E2:C5:F9:31:3E:A6:0A:33:97:DC:61:47:2A:C1:1B:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/BhgYSeLF-TE-pgozl9xhRyrBGw0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BhgYSeLF-TE-pgozl9xhRyrBGw0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183BBC/140C175686D611EBB7B39C62C4F9AE02/C22BC21886D711EBA06B0E64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.100.0/22
103.44.60.0-103.44.62.255
IPv6:
2407:880::/32
Signature Algorithm: sha256WithRSAEncryption
85:66:87:f0:c5:8b:b0:83:29:03:59:b3:79:3f:59:e3:f3:b0:
d4:89:dd:34:25:83:25:c0:47:2f:0e:ea:6a:c1:97:c8:c0:4a:
38:e2:70:46:34:e4:5d:54:d7:c1:88:6a:7f:1d:4c:9a:86:7f:
76:0f:9d:79:60:9e:9e:41:3e:97:41:21:72:84:bb:58:79:0f:
27:29:d3:3f:3c:d5:d3:66:9b:56:05:47:17:09:05:36:d1:e7:
e7:2a:8d:54:84:04:04:f0:46:5f:94:3b:c5:e9:d0:7c:f8:01:
54:05:50:00:3a:e3:85:60:d1:2d:bd:bf:5b:f2:9a:6e:ab:4b:
32:40:73:12:ed:fa:24:40:3b:e2:53:b1:a3:1b:6b:9c:91:a4:
05:ae:ba:88:e0:e7:1e:5d:62:58:80:24:c7:15:38:44:8f:2b:
95:cd:ee:a7:1b:25:33:83:2c:7b:3a:e5:59:05:8b:3c:1f:8e:
4d:3e:5d:1c:2f:94:95:fe:7e:74:76:2e:1e:90:fe:a4:52:85:
d8:ec:eb:79:2c:1d:d0:df:8f:09:80:fb:b9:8a:ea:5a:f3:15:
df:c5:9d:37:c3:46:ce:69:38:67:fa:20:d4:e4:5a:98:62:6b:
39:e6:11:c1:bb:cf:6a:ec:6b:1a:ea:db:d4:d5:5b:3d:24:2a:
30:72:6a:26
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICAzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODNCQkMxMTAvBgNVBAUTKDA2MTgxODQ5RTJDNUY5MzEzRUE2MEEzMzk3REM2MTQ3
MkFDMTFCMEQwHhcNMjIwNTA0MTExMjU4WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjcyNWZiYS1mMWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Tvq15Hl0a8Hvwg5K2gfKUE0bc3v8c8LQ9UvkSYlZFjcLDwqAKBzu2gPgXZV
1KbMwstaspbhzMMwUtQpkjqvM9FiN0Nkp2s1g/n1tCcPunv7vBB01PCenC57hhC6
23i6nDtzsDvsIkQ6apMjcP9xMS+uJtDkVPsj5XW1WutIc05ZdbIkqfPPMqOdTD2g
wJ968BdF186SRyFZ8h2O1XRbnyv5WpzKOh6LLOlbRrdW+EdBIpXprXdIcFoIi8Su
13rvJEwMQCQN7d+7IbK91EDfffVHTiDc4GO3ZeHyO0xTUS2PYu6XO5EUq0bGYb2z
ae6yvCb1RweuKjZfiW21hFD04wIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFDOWI2Mu
pQEs7gbZtnRZK+9dK/rvMB8GA1UdIwQYMBaAFAYYGEnixfkxPqYKM5fcYUcqwRsN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4M0JCQy8xNDBDMTc1Njg2
RDYxMUVCQjdCMzlDNjJDNEY5QUUwMi9CaGdZU2VMRi1URS1wZ296bDl4aFJ5ckJH
dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JoZ1lTZUxGLVRFLXBnb3psOXhoUnlyQkd3MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODNCQkMvMTQwQzE3NTY4NkQ2MTFFQkI3QjM5QzYyQzRGOUFFMDIvQzIyQkMyMTg4
NkQ3MTFFQkEwNkIwRTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBoEAgABMBQDBAIr4WQwDAMEAmcsPAMEAGcsPjANBAIAAjAHAwUAJAcIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAhWaH8MWLsIMpA1mzeT9Z4/Ow1IndNCWDJcBHLw7q
asGXyMBKOOJwRjTkXVTXwYhqfx1MmoZ/dg+deWCenkE+l0EhcoS7WHkPJynTPzzV
02abVgVHFwkFNtHn5yqNVIQEBPBGX5Q7xenQfPgBVAVQADrjhWDRLb2/W/KabqtL
MkBzEu36JEA74lOxoxtrnJGkBa66iODnHl1iWIAkxxU4RI8rlc3upxslM4Msezrl
WQWLPB+OTT5dHC+Ulf5+dHYuHpD+pFKF2OzreSwd0N+PCYD7uYrqWvMV38WdN8NG
zmk4Z/og1ORamGJrOeYRwbvPauxrGurb1NVbPSQqMHJqJg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-ams.rpki-client.org