Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/11740642AF4E11EC8CB13F3FC4F9AE02.roa
File: 11740642AF4E11EC8CB13F3FC4F9AE02.roa (raw, json)
Hash identifier: gVX0+/EF7xhYyrec8z8lVtWKrXW+c9xRFt6t92OiQbA=
Subject key identifier: 78:FC:70:CC:C4:16:16:79:73:31:98:1C:3E:52:C7:BE:BA:CE:DC:A8
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 0422
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/11740642AF4E11EC8CB13F3FC4F9AE02.roa
Signing time: Sat 02 Apr 2022 02:50:39 +0000
ROA not before: Sat 02 Apr 2022 02:50:39 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 132203
IP address blocks: 43.128.222.0/23 maxlen: 23
43.152.192.0/19 maxlen: 19
43.152.224.0/19 maxlen: 19
43.153.0.0/18 maxlen: 18
43.153.64.0/18 maxlen: 18
43.153.128.0/18 maxlen: 18
43.153.192.0/18 maxlen: 18
43.154.0.0/18 maxlen: 18
43.154.64.0/18 maxlen: 18
43.154.128.0/18 maxlen: 18
43.154.192.0/18 maxlen: 18
43.155.0.0/17 maxlen: 18
43.155.128.0/17 maxlen: 18
43.156.0.0/18 maxlen: 18
43.156.64.0/18 maxlen: 18
43.156.128.0/18 maxlen: 18
43.156.192.0/18 maxlen: 18
43.157.0.0/17 maxlen: 24
43.157.128.0/18 maxlen: 24
43.157.192.0/18 maxlen: 24
43.158.0.0/16 maxlen: 16
43.158.0.0/17 maxlen: 24
43.158.128.0/17 maxlen: 18
43.159.0.0/16 maxlen: 16
43.159.0.0/20 maxlen: 24
43.159.16.0/20 maxlen: 24
43.159.32.0/19 maxlen: 24
43.159.128.0/18 maxlen: 24
43.159.192.0/18 maxlen: 24
240d:c000::/24 maxlen: 32
240d:c000:1000::/36 maxlen: 36
240d:c000:2000::/36 maxlen: 36
240d:c000:3000::/36 maxlen: 36
240d:c010::/56 maxlen: 56
240d:c010:0:100::/56 maxlen: 56
240d:c010:10::/48 maxlen: 48
240d:c010:11::/48 maxlen: 48
240d:c010:12::/48 maxlen: 48
240d:c010:13::/48 maxlen: 48
240d:c010:14::/48 maxlen: 48
240d:c010:15::/48 maxlen: 48
240d:c010:16::/48 maxlen: 48
240d:c010:17::/48 maxlen: 48
240d:c010:1d::/48 maxlen: 48
240d:c010:1f::/48 maxlen: 48
240d:c010:20::/44 maxlen: 44
240d:c010:20::/56 maxlen: 56
240d:c010:20:100::/56 maxlen: 56
240d:c010:20:200::/56 maxlen: 56
240d:c010:30::/48 maxlen: 48
240d:c010:30::/56 maxlen: 56
240d:c010:30:100::/56 maxlen: 56
240d:c010:31::/48 maxlen: 48
240d:c010:50::/48 maxlen: 48
240d:c010:57::/48 maxlen: 48
240d:c010:58::/47 maxlen: 48
240d:c010:5b::/48 maxlen: 48
240d:c010:5c::/46 maxlen: 48
240d:c010:60::/48 maxlen: 48
240d:c010:66::/47 maxlen: 48
240d:c010:68::/48 maxlen: 48
240d:c010:6a::/48 maxlen: 48
240d:c010:6c::/47 maxlen: 48
240d:c010:6e::/48 maxlen: 48
240d:c040::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1058 (0x422)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Apr 2 02:50:39 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=6247b9ff-e9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:19:ff:a7:56:8c:df:c5:35:50:c7:32:69:ae:
85:03:10:25:0a:62:db:1f:94:f9:0e:a2:7e:1d:85:
eb:61:de:a3:dd:77:9b:1a:c7:a6:31:a4:95:98:7f:
42:f9:f7:1b:3f:e8:88:bb:be:1c:7e:fc:1d:3a:70:
4a:e6:0d:6e:40:3d:1a:4e:22:22:c4:65:9e:f6:57:
7b:0d:e8:5d:2b:c7:8f:df:e0:1e:64:14:0a:79:33:
05:1b:c9:e1:36:ca:f4:be:e8:c9:0b:f2:3d:1e:e5:
46:6b:c9:c4:af:21:91:2c:c2:89:98:ac:c7:a6:dd:
f5:95:02:65:0a:32:e4:cd:9d:6d:88:39:44:5f:f7:
f6:e9:88:aa:dc:78:29:7c:b7:fe:e7:99:a8:7a:66:
4d:29:26:45:04:6a:a9:a2:8b:09:c9:f2:e6:fd:c8:
ca:eb:57:54:06:a3:fb:6a:8e:75:bd:73:1e:7e:12:
92:89:57:41:1d:7d:7f:fc:04:e0:4a:76:73:b0:5a:
49:88:d5:d8:6a:d1:db:90:5c:79:2b:cf:75:d7:88:
45:7c:c1:e8:f0:0b:e3:ea:84:eb:bc:24:9e:2f:73:
ed:eb:0e:ab:c1:19:ca:ab:ac:29:11:fe:a7:94:f9:
f1:b1:b3:e5:88:bf:73:26:83:14:dd:9b:2c:88:be:
7d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FC:70:CC:C4:16:16:79:73:31:98:1C:3E:52:C7:BE:BA:CE:DC:A8
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/11740642AF4E11EC8CB13F3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.128.222.0/23
43.152.192.0-43.159.255.255
IPv6:
240d:c000::/24
Signature Algorithm: sha256WithRSAEncryption
99:33:32:38:88:04:30:8b:18:2d:8f:c7:c2:39:40:47:79:59:
27:b4:cd:97:9c:66:f4:4b:3a:d9:13:f1:77:ff:2a:11:ce:35:
a6:e4:7b:eb:01:c7:1e:70:dc:f4:ba:a6:7e:a7:65:c3:7c:60:
cc:50:57:11:16:1e:ee:f0:08:06:0e:fb:f4:c2:f8:60:35:1b:
1a:1b:73:1b:4d:16:c3:4f:04:4f:bf:13:37:96:c3:9b:93:bc:
25:d8:2b:15:9b:5e:00:15:d1:ec:35:d0:30:6c:75:05:f7:26:
d5:aa:07:7c:21:bc:20:fe:6a:c5:9e:08:63:75:00:d1:ca:ed:
38:36:cd:6d:b7:f1:ac:21:62:26:0b:dc:0d:59:e2:87:56:b3:
f6:91:eb:55:b2:0d:5a:51:09:4c:e8:2d:9a:80:d3:49:3e:38:
8d:d8:fe:3a:0d:7e:2d:0b:03:13:f9:dc:57:07:08:79:2b:ea:
58:97:5d:8c:95:5b:2f:78:8e:a0:40:d8:a3:c7:29:fe:9c:53:
8b:be:42:2b:50:9c:a9:38:90:5b:d0:3c:66:1a:b0:f7:77:38:
6e:c0:59:5f:4a:07:b6:67:6a:e5:09:bc:d8:6f:f3:7a:2a:12:
50:82:38:d5:6b:d7:91:a4:c1:d5:b6:cf:48:97:ff:09:eb:07:
d6:8f:1a:77
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICBCIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjIwNDAyMDI1MDM5WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQ3YjlmZi1lOWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwRn/p1aM38U1UMcyaa6FAxAlCmLbH5T5DqJ+HYXrYd6j3XebGsemMaSVmH9C
+fcbP+iIu74cfvwdOnBK5g1uQD0aTiIixGWe9ld7DehdK8eP3+AeZBQKeTMFG8nh
Nsr0vujJC/I9HuVGa8nEryGRLMKJmKzHpt31lQJlCjLkzZ1tiDlEX/f26Yiq3Hgp
fLf+55moemZNKSZFBGqpoosJyfLm/cjK61dUBqP7ao51vXMefhKSiVdBHX1//ATg
SnZzsFpJiNXYatHbkFx5K89114hFfMHo8Avj6oTrvCSeL3Pt6w6rwRnKq6wpEf6n
lPnxsbPliL9zJoMU3ZssiL59NwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFHj8cMzE
FhZ5czGYHD5Sx766ztyoMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvMTE3NDA2NDJB
RjRFMTFFQzhDQjEzRjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBkEAgABMBMDBAErgN4wCwMEBiuYwAMDBSuAMAwEAgACMAYDBAAkDcAwDQYJ
KoZIhvcNAQELBQADggEBAJkzMjiIBDCLGC2Px8I5QEd5WSe0zZecZvRLOtkT8Xf/
KhHONabke+sBxx5w3PS6pn6nZcN8YMxQVxEWHu7wCAYO+/TC+GA1GxobcxtNFsNP
BE+/EzeWw5uTvCXYKxWbXgAV0ew10DBsdQX3JtWqB3whvCD+asWeCGN1ANHK7Tg2
zW238awhYiYL3A1Z4odWs/aR61WyDVpRCUzoLZqA00k+OI3Y/joNfi0LAxP53FcH
CHkr6liXXYyVWy94jqBA2KPHKf6cU4u+QitQnKk4kFvQPGYasPd3OG7AWV9KB7Zn
auUJvNhv83oqElCCONVr15GkwdW2z0iX/wnrB9aPGnc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-fra.rpki-client.org