Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/1FC7598E0F7911ED97A48279C4F9AE02.roa
File: 1FC7598E0F7911ED97A48279C4F9AE02.roa (raw, json)
Hash identifier: BX7Jx7SOxMGJDsFb4UqaN0cVW6tWgW1kmIkCs3X8FKQ=
Subject key identifier: DD:BD:2D:A1:C5:EE:03:80:23:E1:60:B0:3C:ED:42:85:FE:98:CD:76
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3857
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/1FC7598E0F7911ED97A48279C4F9AE02.roa
Signing time: Fri 29 Jul 2022 20:00:42 +0000
ROA not before: Fri 29 Jul 2022 20:00:42 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 7643
IP address blocks: 103.171.92.0/24 maxlen: 24
103.171.93.0/24 maxlen: 24
123.30.70.0/23 maxlen: 24
123.30.72.0/23 maxlen: 24
123.30.94.0/23 maxlen: 24
123.30.104.0/23 maxlen: 24
123.30.108.0/23 maxlen: 24
123.30.127.0/24 maxlen: 24
123.30.128.0/23 maxlen: 24
123.30.132.0/22 maxlen: 24
123.30.136.0/22 maxlen: 24
123.30.140.0/24 maxlen: 24
123.30.142.0/23 maxlen: 24
123.30.160.0/23 maxlen: 24
123.30.163.0/24 maxlen: 24
123.30.164.0/23 maxlen: 24
123.30.230.0/24 maxlen: 24
123.30.244.0/24 maxlen: 24
123.30.250.0/24 maxlen: 24
123.30.253.0/24 maxlen: 24
203.162.2.0/24 maxlen: 24
203.162.36.0/23 maxlen: 23
203.162.36.0/24 maxlen: 24
203.162.37.0/24 maxlen: 24
203.162.49.0/24 maxlen: 24
203.162.51.0/24 maxlen: 24
203.162.53.0/24 maxlen: 24
203.162.55.0/24 maxlen: 24
203.162.56.0/24 maxlen: 24
203.162.59.0/24 maxlen: 24
203.162.68.0/23 maxlen: 23
203.162.68.0/24 maxlen: 24
203.162.69.0/24 maxlen: 24
203.162.76.0/23 maxlen: 24
203.162.78.0/23 maxlen: 24
203.162.80.0/23 maxlen: 24
203.162.96.0/24 maxlen: 24
203.162.100.0/24 maxlen: 24
203.162.101.0/24 maxlen: 24
203.162.102.0/23 maxlen: 24
203.162.153.0/24 maxlen: 24
203.162.155.0/24 maxlen: 24
203.162.163.0/24 maxlen: 24
222.255.102.0/23 maxlen: 24
222.255.121.0/24 maxlen: 24
222.255.122.0/24 maxlen: 24
222.255.210.0/24 maxlen: 24
222.255.211.0/24 maxlen: 24
222.255.234.0/23 maxlen: 24
222.255.237.0/24 maxlen: 24
222.255.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14423 (0x3857)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Jul 29 20:00:42 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=62e43c6a-0e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:fc:e4:9d:51:88:6f:14:42:64:8b:1b:67:36:
22:c2:bf:01:90:b6:0b:e2:b9:1a:af:ea:6d:02:fb:
2e:5e:dd:d1:7a:2d:5a:90:48:82:d8:57:e9:5b:e5:
d7:f5:75:5f:09:23:8f:96:13:be:ce:b8:f3:71:33:
75:5d:52:89:34:c1:a7:30:8c:3a:02:4a:b9:1a:e0:
0f:23:ec:45:5f:ca:a3:f1:b7:a1:ee:59:55:01:1f:
98:9e:02:23:b1:eb:dd:04:8f:8e:fe:4f:c1:3b:c9:
18:3f:1b:e0:b8:0c:d3:60:52:8c:e7:60:88:68:5c:
12:f4:12:47:a5:72:34:f4:98:ad:e6:dc:b5:0d:40:
fd:11:6f:66:62:a9:18:bc:25:79:bb:c8:00:21:71:
7a:66:2d:2f:7c:9e:29:c2:b3:81:19:27:d4:8d:ea:
12:b8:85:71:1a:e4:e3:ca:67:c4:c2:a6:37:45:ff:
43:44:5b:93:b4:15:79:e3:d1:f7:1b:b9:c0:bf:38:
df:b8:2e:0c:b2:74:e9:1d:ff:c9:7f:54:e7:48:0e:
43:8e:f0:b3:88:57:a7:3a:47:99:52:d1:87:b3:a2:
16:45:04:a1:69:84:f0:41:30:99:bc:85:a6:40:bf:
28:75:9d:b3:51:80:58:ec:7f:62:f0:a0:b8:98:49:
a3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BD:2D:A1:C5:EE:03:80:23:E1:60:B0:3C:ED:42:85:FE:98:CD:76
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/1FC7598E0F7911ED97A48279C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.92.0/23
123.30.70.0-123.30.73.255
123.30.94.0/23
123.30.104.0/23
123.30.108.0/23
123.30.127.0-123.30.129.255
123.30.132.0-123.30.140.255
123.30.142.0/23
123.30.160.0/23
123.30.163.0-123.30.165.255
123.30.230.0/24
123.30.244.0/24
123.30.250.0/24
123.30.253.0/24
203.162.2.0/24
203.162.36.0/23
203.162.49.0/24
203.162.51.0/24
203.162.53.0/24
203.162.55.0-203.162.56.255
203.162.59.0/24
203.162.68.0/23
203.162.76.0-203.162.81.255
203.162.96.0/24
203.162.100.0/22
203.162.153.0/24
203.162.155.0/24
203.162.163.0/24
222.255.102.0/23
222.255.121.0-222.255.122.255
222.255.210.0/23
222.255.234.0/23
222.255.237.0/24
222.255.239.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:58:2a:47:af:7c:df:56:94:ea:b7:6b:19:6d:4a:a4:6b:f1:
22:ae:7e:c3:92:25:28:9b:7f:cc:d1:71:31:56:74:bb:e7:74:
1c:43:b6:71:2c:f4:f2:2e:ae:52:2f:8e:fe:54:ab:e7:bd:79:
85:9b:e0:e6:39:c0:7b:fb:2e:fe:a7:c2:49:d6:44:1b:da:f7:
eb:ab:d3:cb:02:ea:55:6f:2a:e5:01:0a:5e:6c:92:dd:db:36:
d5:1c:fa:b6:74:d6:60:10:8c:14:1a:88:aa:91:25:07:98:1e:
1f:99:4a:0a:6d:d8:fb:15:24:54:9a:d6:85:5b:1d:7a:89:f1:
3f:f2:05:30:9e:75:ab:76:2b:3c:7d:e8:00:b3:0c:ad:8f:19:
8c:0f:89:ee:d7:dc:8c:44:08:d7:2b:57:1f:5b:35:be:b0:fd:
23:0a:76:4c:99:92:dd:d0:94:42:d6:22:db:44:65:8f:4a:1b:
a2:57:61:5f:0f:fd:3f:60:40:51:25:e1:12:f9:50:6a:05:82:
57:be:b5:2b:62:b1:f1:a9:b5:ad:b3:56:eb:71:f5:84:73:91:
92:98:0b:48:2c:dc:4b:81:ee:7f:1f:03:96:85:0f:aa:76:ee:
26:89:6c:04:29:53:cf:be:8c:11:35:9b:6b:22:19:8c:c3:f2:
d7:b8:5a:75
-----BEGIN CERTIFICATE-----
MIIGeTCCBWGgAwIBAgICOFcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIwNzI5MjAwMDQyWhcNMjIxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU0M2M2YS0wZTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4PzknVGIbxRCZIsbZzYiwr8BkLYL4rkar+ptAvsuXt3Rei1akEiC2FfpW+XX
9XVfCSOPlhO+zrjzcTN1XVKJNMGnMIw6Akq5GuAPI+xFX8qj8beh7llVAR+YngIj
sevdBI+O/k/BO8kYPxvguAzTYFKM52CIaFwS9BJHpXI09Jit5ty1DUD9EW9mYqkY
vCV5u8gAIXF6Zi0vfJ4pwrOBGSfUjeoSuIVxGuTjymfEwqY3Rf9DRFuTtBV549H3
G7nAvzjfuC4MsnTpHf/Jf1TnSA5DjvCziFenOkeZUtGHs6IWRQShaYTwQTCZvIWm
QL8odZ2zUYBY7H9i8KC4mEmjpwIDAQABo4IDnTCCA5kwHQYDVR0OBBYEFN29LaHF
7gOAI+FgsDztQoX+mM12MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMUZDNzU5OEUw
Rjc5MTFFRDk3QTQ4Mjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggElBggrBgEFBQcBBwEB
/wSCARQwggEQMIIBDAQCAAEwggEEAwQBZ6tcMAwDBAF7HkYDBAF7HkgDBAF7Hl4D
BAF7HmgDBAF7HmwwDAMEAHsefwMEAXsegDAMAwQCex6EAwQAex6MAwQBex6OAwQB
ex6gMAwDBAB7HqMDBAF7HqQDBAB7HuYDBAB7HvQDBAB7HvoDBAB7Hv0DBADLogID
BAHLoiQDBADLojEDBADLojMDBADLojUwDAMEAMuiNwMEAMuiOAMEAMuiOwMEAcui
RDAMAwQCy6JMAwQBy6JQAwQAy6JgAwQCy6JkAwQAy6KZAwQAy6KbAwQAy6KjAwQB
3v9mMAwDBADe/3kDBADe/3oDBAHe/9IDBAHe/+oDBADe/+0DBADe/+8wDQYJKoZI
hvcNAQELBQADggEBAH1YKkevfN9WlOq3axltSqRr8SKufsOSJSibf8zRcTFWdLvn
dBxDtnEs9PIurlIvjv5Uq+e9eYWb4OY5wHv7Lv6nwknWRBva9+ur08sC6lVvKuUB
Cl5skt3bNtUc+rZ01mAQjBQaiKqRJQeYHh+ZSgpt2PsVJFSa1oVbHXqJ8T/yBTCe
dat2Kzx96ACzDK2PGYwPie7X3IxECNcrVx9bNb6w/SMKdkyZkt3QlELWIttEZY9K
G6JXYV8P/T9gQFEl4RL5UGoFgle+tStisfGpta2zVutx9YRzkZKYC0gs3EuB7n8f
A5aFD6p27iaJbAQpU8++jBE1m2siGYzD8te4WnU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-fra.rpki-client.org