Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/F62F9A6247E311ECBBF96F0AC4F9AE02.roa
File: F62F9A6247E311ECBBF96F0AC4F9AE02.roa (raw, json)
Hash identifier: 1Vr9Cx7RELgL5SwAqTfIaVHrZdezpltRzEJmnjPTyoE=
Subject key identifier: 87:81:07:C8:21:CA:5F:63:C2:23:1B:5E:88:B9:A6:9F:FA:DD:8D:71
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 2D35
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/F62F9A6247E311ECBBF96F0AC4F9AE02.roa
Signing time: Tue 03 May 2022 04:02:14 +0000
ROA not before: Tue 03 May 2022 04:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 43.241.40.0/22 maxlen: 22
43.241.40.0/24 maxlen: 24
43.241.41.0/24 maxlen: 24
103.16.252.0/22 maxlen: 22
116.0.64.0/19 maxlen: 19
116.0.68.0/24 maxlen: 24
116.0.70.0/24 maxlen: 24
116.0.76.0/24 maxlen: 24
116.0.82.0/24 maxlen: 24
116.0.93.0/24 maxlen: 24
120.29.192.0/19 maxlen: 19
120.29.195.0/24 maxlen: 24
120.29.216.0/24 maxlen: 24
120.29.219.0/24 maxlen: 24
180.87.0.0/17 maxlen: 17
180.87.11.0/24 maxlen: 24
180.87.26.0/24 maxlen: 24
180.87.31.0/24 maxlen: 24
180.87.35.0/24 maxlen: 24
180.87.65.0/24 maxlen: 24
180.87.88.0/21 maxlen: 21
180.87.88.0/24 maxlen: 24
180.87.90.0/24 maxlen: 24
180.87.112.0/24 maxlen: 24
180.87.128.0/18 maxlen: 18
180.87.128.0/24 maxlen: 24
180.87.129.0/24 maxlen: 24
180.87.130.0/24 maxlen: 24
180.87.131.0/24 maxlen: 24
180.87.132.0/24 maxlen: 24
180.87.133.0/24 maxlen: 24
180.87.134.0/24 maxlen: 24
180.87.135.0/24 maxlen: 24
180.87.136.0/24 maxlen: 24
180.87.137.0/24 maxlen: 24
180.87.138.0/24 maxlen: 24
180.87.139.0/24 maxlen: 24
180.87.140.0/24 maxlen: 24
180.87.141.0/24 maxlen: 24
180.87.142.0/24 maxlen: 24
180.87.143.0/24 maxlen: 24
180.87.144.0/24 maxlen: 24
180.87.145.0/24 maxlen: 24
180.87.146.0/24 maxlen: 24
180.87.147.0/24 maxlen: 24
180.87.148.0/24 maxlen: 24
180.87.149.0/24 maxlen: 24
180.87.150.0/24 maxlen: 24
180.87.151.0/24 maxlen: 24
180.87.152.0/24 maxlen: 24
180.87.153.0/24 maxlen: 24
180.87.154.0/24 maxlen: 24
180.87.155.0/24 maxlen: 24
180.87.156.0/24 maxlen: 24
180.87.157.0/24 maxlen: 24
180.87.158.0/24 maxlen: 24
180.87.159.0/24 maxlen: 24
180.87.160.0/24 maxlen: 24
180.87.161.0/24 maxlen: 24
180.87.162.0/24 maxlen: 24
180.87.163.0/24 maxlen: 24
180.87.164.0/24 maxlen: 24
180.87.165.0/24 maxlen: 24
180.87.166.0/24 maxlen: 24
180.87.167.0/24 maxlen: 24
180.87.168.0/24 maxlen: 24
180.87.169.0/24 maxlen: 24
180.87.170.0/24 maxlen: 24
180.87.171.0/24 maxlen: 24
180.87.172.0/24 maxlen: 24
180.87.173.0/24 maxlen: 24
180.87.174.0/24 maxlen: 24
180.87.175.0/24 maxlen: 24
180.87.176.0/24 maxlen: 24
180.87.177.0/24 maxlen: 24
180.87.178.0/24 maxlen: 24
180.87.179.0/24 maxlen: 24
180.87.180.0/24 maxlen: 24
180.87.181.0/24 maxlen: 24
180.87.182.0/24 maxlen: 24
180.87.183.0/24 maxlen: 24
180.87.184.0/24 maxlen: 24
180.87.185.0/24 maxlen: 24
180.87.186.0/24 maxlen: 24
180.87.187.0/24 maxlen: 24
180.87.188.0/24 maxlen: 24
180.87.189.0/24 maxlen: 24
180.87.190.0/24 maxlen: 24
180.87.191.0/24 maxlen: 24
202.183.64.0/20 maxlen: 24
2405:2000::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11573 (0x2d35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Validity
Not Before: May 3 04:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6270a946-4f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f1:72:85:49:1f:f2:42:c8:ce:43:df:15:a3:
1e:2c:1b:80:a6:e2:09:6c:94:d5:56:ca:ff:98:7a:
fa:c1:61:d4:20:a9:25:15:c6:3f:ad:d8:92:5b:d3:
67:3c:41:31:a0:87:53:f7:91:ca:a6:ff:59:6a:b4:
0a:3f:a8:a4:65:45:8e:c5:80:22:42:34:9d:0e:27:
60:31:78:d9:07:8b:4c:ca:65:4e:2c:5c:8a:9f:01:
43:c6:86:3c:18:33:4e:23:8d:d5:84:0c:3f:e9:eb:
be:a2:73:15:09:64:4d:3d:02:43:fd:4a:68:f9:e7:
42:9c:9a:f4:92:2f:d7:87:87:cd:cb:f8:8d:0a:b4:
3e:1a:b6:07:04:d4:3b:ad:6b:e9:5a:3c:91:49:9e:
1e:b8:9c:2a:41:aa:3f:79:ed:74:f9:69:72:ca:1a:
bc:6a:90:f7:ab:97:da:33:52:2e:66:3e:2a:1d:68:
b4:f4:c6:57:d5:0a:44:3c:32:68:f9:58:0f:16:cd:
14:84:df:a5:28:33:86:5b:ef:b8:8b:fd:f8:2b:49:
23:dc:8a:88:6f:8c:79:5c:f7:26:17:b0:00:14:ef:
2c:72:b8:73:a4:d9:df:7e:20:bf:d5:bf:13:45:f0:
62:33:f1:b1:9c:7d:4d:71:ae:76:80:df:d3:9f:b5:
2d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:81:07:C8:21:CA:5F:63:C2:23:1B:5E:88:B9:A6:9F:FA:DD:8D:71
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/F62F9A6247E311ECBBF96F0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.40.0/22
103.16.252.0/22
116.0.64.0/19
120.29.192.0/19
180.87.0.0-180.87.191.255
202.183.64.0/20
IPv6:
2405:2000::/32
Signature Algorithm: sha256WithRSAEncryption
5b:d0:38:52:48:e2:21:8c:a8:0d:f0:a5:3d:9a:2a:b6:b6:83:
64:4f:ec:5a:8c:6d:51:4a:69:d0:ce:e6:af:91:de:16:a3:5d:
fc:f1:42:eb:8f:b2:c4:6d:4b:ed:79:6f:0b:e4:65:51:3b:4c:
bd:89:82:14:80:2e:e3:39:78:cb:ed:43:e0:a6:0e:02:b5:9b:
9e:a4:9d:e2:8e:b3:f3:03:cb:0e:6a:39:43:b5:09:1b:63:6a:
d2:41:60:45:99:40:26:25:20:f8:e2:41:39:9d:41:91:42:76:
10:47:d8:ab:32:34:4e:63:35:9b:da:13:85:c7:c8:a1:ee:c4:
45:9b:fd:5a:2a:b7:d6:6e:7b:5d:2e:d7:47:94:6d:5f:3d:50:
dd:9d:76:c3:dc:f1:dd:3c:49:a8:3f:92:0e:18:b2:3e:7a:e8:
42:3e:6a:da:b4:f0:de:63:7b:8d:b2:aa:e2:bd:28:95:da:d4:
a7:ca:08:05:45:fe:15:1d:7e:e0:1d:85:5c:e8:fd:78:05:84:
b4:df:05:8e:03:68:a7:db:a3:0b:55:da:67:aa:f7:3a:43:57:
fc:37:5b:83:91:56:9f:bc:b7:d1:84:64:51:57:78:cc:00:da:
f4:f6:52:a0:6b:ee:3b:b5:d8:ce:f9:e2:99:21:26:ff:6c:3f:
95:65:16:f7
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICLTUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjIwNTAzMDQwMjE0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjcwYTk0Ni00ZjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqvFyhUkf8kLIzkPfFaMeLBuApuIJbJTVVsr/mHr6wWHUIKklFcY/rdiSW9Nn
PEExoIdT95HKpv9ZarQKP6ikZUWOxYAiQjSdDidgMXjZB4tMymVOLFyKnwFDxoY8
GDNOI43VhAw/6eu+onMVCWRNPQJD/Upo+edCnJr0ki/Xh4fNy/iNCrQ+GrYHBNQ7
rWvpWjyRSZ4euJwqQao/ee10+Wlyyhq8apD3q5faM1IuZj4qHWi09MZX1QpEPDJo
+VgPFs0UhN+lKDOGW++4i/34K0kj3IqIb4x5XPcmF7AAFO8scrhzpNnffiC/1b8T
RfBiM/GxnH1Nca52gN/Tn7UtpQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFIeBB8gh
yl9jwiMbXoi5pp/63Y1xMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvRjYyRjlBNjI0
N0UzMTFFQ0JCRjk2RjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMDEEAgABMCsDBAIr8SgDBAJnEPwDBAV0AEADBAV4HcAwCwMDALRXAwQGtFeA
AwQEyrdAMA0EAgACMAcDBQAkBSAAMA0GCSqGSIb3DQEBCwUAA4IBAQBb0DhSSOIh
jKgN8KU9miq2toNkT+xajG1RSmnQzuavkd4Wo1388ULrj7LEbUvteW8L5GVRO0y9
iYIUgC7jOXjL7UPgpg4CtZuepJ3ijrPzA8sOajlDtQkbY2rSQWBFmUAmJSD44kE5
nUGRQnYQR9irMjROYzWb2hOFx8ih7sRFm/1aKrfWbntdLtdHlG1fPVDdnXbD3PHd
PEmoP5IOGLI+euhCPmratPDeY3uNsqrivSiV2tSnyggFRf4VHX7gHYVc6P14BYS0
3wWOA2in26MLVdpnqvc6Q1f8N1uDkVafvLfRhGRRV3jMANr09lKga+47tdjO+eKZ
ISb/bD+VZRb3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-ams.rpki-client.org