Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4E3F0E2497D211ED801D7E41C4F9AE02.roa
File: 4E3F0E2497D211ED801D7E41C4F9AE02.roa (raw, json)
Hash identifier: oamZUl9TnTXd+l/B8aIkQWvUMw6BGvJjsgHL8jO9zVA=
Subject key identifier: EC:14:FB:2C:A2:C7:5B:2B:60:A8:7F:E7:52:C5:DE:9D:EC:30:27:BC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 637B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4E3F0E2497D211ED801D7E41C4F9AE02.roa
Signing time: Thu 19 Jan 2023 08:21:43 +0000
ROA not before: Thu 19 Jan 2023 08:21:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45804
IP address blocks: 43.239.80.0/22 maxlen: 24
43.251.168.0/22 maxlen: 24
43.251.172.0/22 maxlen: 24
43.251.176.0/22 maxlen: 24
45.116.188.0/22 maxlen: 24
45.248.56.0/22 maxlen: 24
103.27.140.0/22 maxlen: 24
103.56.236.0/22 maxlen: 24
103.59.88.0/24 maxlen: 24
103.60.219.0/24 maxlen: 24
103.76.80.0/22 maxlen: 24
103.93.100.0/22 maxlen: 24
103.193.88.0/22 maxlen: 24
103.205.163.0/24 maxlen: 24
103.216.204.0/22 maxlen: 24
103.234.93.0/24 maxlen: 24
103.244.240.0/22 maxlen: 24
103.244.244.0/24 maxlen: 24
103.245.2.0/24 maxlen: 24
103.245.20.0/24 maxlen: 24
103.251.80.0/22 maxlen: 24
114.29.224.0/22 maxlen: 24
139.5.140.0/24 maxlen: 24
139.5.141.0/24 maxlen: 24
139.5.142.0/24 maxlen: 24
139.5.143.0/24 maxlen: 24
150.129.108.0/22 maxlen: 24
150.129.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25467 (0x637b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 19 08:21:43 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c8fd97-2c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f8:ef:90:c1:c3:30:1f:8c:fa:46:7e:ab:a2:
7b:8f:e7:d9:c5:43:69:8f:7f:0c:b8:d8:10:2b:b1:
99:04:c7:5d:31:78:ed:e6:ec:b3:a3:00:ad:c9:94:
5c:f2:1b:87:5b:fd:c4:c6:5b:8b:df:a3:75:b0:44:
28:28:df:4b:d0:57:a7:79:1f:33:b7:b3:45:c1:f3:
e5:be:c7:f1:23:7d:a2:7c:b8:5a:29:7c:cf:7f:8e:
f1:c6:eb:b9:87:c8:5e:aa:93:b9:29:d6:98:6a:c5:
0f:26:ad:5e:50:24:bc:85:d1:8e:a5:b3:d3:85:74:
3c:84:f7:d1:5f:48:40:bc:7e:25:af:1e:bd:1d:9f:
c0:fb:49:ab:f0:31:6f:ed:f5:e1:23:58:34:79:19:
d1:52:53:a9:f3:9f:54:14:41:04:3f:52:b2:c0:7f:
62:b4:3f:49:d9:39:15:f4:2b:6b:d7:62:69:86:75:
26:8c:22:57:9a:d7:9e:1c:30:55:80:09:73:44:81:
11:8d:a7:92:a8:46:60:36:7f:cb:d8:89:cd:8f:01:
3a:a0:c3:6b:71:01:e0:3f:cd:2d:5e:b4:63:38:9e:
5b:5e:f3:a8:bb:2a:1d:22:d4:c8:e5:6a:d8:f3:05:
10:db:e6:93:fc:7b:98:91:8b:70:2c:f1:32:fe:3a:
67:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:14:FB:2C:A2:C7:5B:2B:60:A8:7F:E7:52:C5:DE:9D:EC:30:27:BC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4E3F0E2497D211ED801D7E41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.80.0/22
43.251.168.0-43.251.179.255
45.116.188.0/22
45.248.56.0/22
103.27.140.0/22
103.56.236.0/22
103.59.88.0/24
103.60.219.0/24
103.76.80.0/22
103.93.100.0/22
103.193.88.0/22
103.205.163.0/24
103.216.204.0/22
103.234.93.0/24
103.244.240.0-103.244.244.255
103.245.2.0/24
103.245.20.0/24
103.251.80.0/22
114.29.224.0/22
139.5.140.0/22
150.129.108.0/22
150.129.132.0/22
Signature Algorithm: sha256WithRSAEncryption
71:3b:da:4f:56:8f:5f:58:0b:9d:e9:05:5e:f7:de:a0:4d:47:
95:5c:5c:cf:ee:53:9d:83:87:34:d3:1d:36:de:5f:46:15:90:
5a:8f:a1:27:96:89:d1:76:68:20:43:92:8e:92:c4:25:b0:06:
cb:7c:23:fa:86:f1:a5:f5:8f:47:24:4e:50:c0:04:d4:38:7c:
e6:24:01:93:75:de:96:7d:e4:72:85:ae:89:f1:22:ad:f3:5a:
5f:ee:87:5a:cc:96:88:e0:40:e2:00:1c:f0:7f:d8:ce:06:57:
5b:f5:90:9d:df:4c:3b:10:65:d7:e4:9f:d3:fe:bd:1a:bc:87:
3a:27:32:34:84:d7:ec:3d:7a:53:17:89:1f:6a:1a:33:98:3c:
90:21:07:b3:f3:51:ad:7f:1d:e8:52:ba:18:b6:27:ed:21:8f:
a3:51:d1:e0:4c:2c:94:26:3c:03:c9:b4:b6:5f:fc:8c:50:34:
28:3a:90:87:a4:5b:cf:aa:d4:04:62:11:2f:92:5f:c3:4e:8d:
f9:55:7c:39:47:20:9c:8c:08:78:4b:37:a1:2a:ba:6a:89:12:
c6:f4:4a:f2:26:b5:cb:9b:68:cb:14:e1:4a:8b:2e:78:eb:37:
ce:ef:d9:13:3a:f4:5e:31:9e:19:96:08:2c:b7:26:21:69:55:
e2:12:1d:49
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICY3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTE5MDgyMTQzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M4ZmQ5Ny0yYzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvvjvkMHDMB+M+kZ+q6J7j+fZxUNpj38MuNgQK7GZBMddMXjt5uyzowCtyZRc
8huHW/3ExluL36N1sEQoKN9L0FeneR8zt7NFwfPlvsfxI32ifLhaKXzPf47xxuu5
h8heqpO5KdaYasUPJq1eUCS8hdGOpbPThXQ8hPfRX0hAvH4lrx69HZ/A+0mr8DFv
7fXhI1g0eRnRUlOp859UFEEEP1KywH9itD9J2TkV9Ctr12JphnUmjCJXmteeHDBV
gAlzRIERjaeSqEZgNn/L2InNjwE6oMNrcQHgP80tXrRjOJ5bXvOouyodItTI5WrY
8wUQ2+aT/HuYkYtwLPEy/jpniwIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFOwU+yyi
x1srYKh/51LF3p3sMCe8MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNEUzRjBFMjQ5
N0QyMTFFRDgwMUQ3RTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbEGCCsGAQUFBwEHAQH/
BIGhMIGeMIGbBAIAATCBlAMEAivvUDAMAwQDK/uoAwQCK/uwAwQCLXS8AwQCLfg4
AwQCZxuMAwQCZzjsAwQAZztYAwQAZzzbAwQCZ0xQAwQCZ11kAwQCZ8FYAwQAZ82j
AwQCZ9jMAwQAZ+pdMAwDBARn9PADBABn9PQDBABn9QIDBABn9RQDBAJn+1ADBAJy
HeADBAKLBYwDBAKWgWwDBAKWgYQwDQYJKoZIhvcNAQELBQADggEBAHE72k9Wj19Y
C53pBV733qBNR5VcXM/uU52DhzTTHTbeX0YVkFqPoSeWidF2aCBDko6SxCWwBst8
I/qG8aX1j0ckTlDABNQ4fOYkAZN13pZ95HKFronxIq3zWl/uh1rMlojgQOIAHPB/
2M4GV1v1kJ3fTDsQZdfkn9P+vRq8hzonMjSE1+w9elMXiR9qGjOYPJAhB7PzUa1/
HehSuhi2J+0hj6NR0eBMLJQmPAPJtLZf/IxQNCg6kIekW8+q1ARiES+SX8NOjflV
fDlHIJyMCHhLN6EqumqJEsb0SvImtcubaMsU4UqLLnjrN87v2RM69F4xnhmWCCy3
JiFpVeISHUk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:17:34 2025 by rpki-client