Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/5B6D5FA8A4CE11EC9FAD9B4BC4F9AE02.roa
File: 5B6D5FA8A4CE11EC9FAD9B4BC4F9AE02.roa (raw, json)
Hash identifier: dxgBzuZgGrhZqq/FqJYXsU0A7sVDfZAef2kxV+JhME8=
Subject key identifier: 6D:73:7B:6C:AA:6D:2E:14:22:BC:FF:BF:C4:0B:93:AC:0E:B9:79:01
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 03EE
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/5B6D5FA8A4CE11EC9FAD9B4BC4F9AE02.roa
Signing time: Wed 16 Mar 2022 02:50:26 +0000
ROA not before: Wed 16 Mar 2022 02:50:26 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 132203
IP address blocks: 43.128.222.0/23 maxlen: 23
43.152.192.0/19 maxlen: 19
43.152.224.0/19 maxlen: 19
43.153.0.0/18 maxlen: 18
43.153.64.0/18 maxlen: 18
43.153.128.0/18 maxlen: 18
43.153.192.0/18 maxlen: 18
43.154.0.0/18 maxlen: 18
43.154.64.0/18 maxlen: 18
43.154.128.0/18 maxlen: 18
43.154.192.0/18 maxlen: 18
43.155.0.0/17 maxlen: 18
43.155.128.0/17 maxlen: 18
43.156.0.0/18 maxlen: 18
43.156.64.0/18 maxlen: 18
43.156.128.0/18 maxlen: 18
43.156.192.0/18 maxlen: 18
43.157.0.0/17 maxlen: 24
43.157.128.0/18 maxlen: 24
43.157.192.0/18 maxlen: 24
43.158.0.0/16 maxlen: 16
43.158.0.0/17 maxlen: 18
43.158.128.0/17 maxlen: 18
43.159.0.0/16 maxlen: 16
43.159.0.0/19 maxlen: 20
240d:c000::/24 maxlen: 32
240d:c000:1000::/36 maxlen: 36
240d:c000:2000::/36 maxlen: 36
240d:c000:3000::/36 maxlen: 36
240d:c010::/56 maxlen: 56
240d:c010:0:100::/56 maxlen: 56
240d:c010:10::/48 maxlen: 48
240d:c010:11::/48 maxlen: 48
240d:c010:12::/48 maxlen: 48
240d:c010:13::/48 maxlen: 48
240d:c010:14::/48 maxlen: 48
240d:c010:15::/48 maxlen: 48
240d:c010:16::/48 maxlen: 48
240d:c010:17::/48 maxlen: 48
240d:c010:1d::/48 maxlen: 48
240d:c010:1f::/48 maxlen: 48
240d:c010:20::/44 maxlen: 44
240d:c010:20::/56 maxlen: 56
240d:c010:20:100::/56 maxlen: 56
240d:c010:20:200::/56 maxlen: 56
240d:c010:30::/48 maxlen: 48
240d:c010:30::/56 maxlen: 56
240d:c010:30:100::/56 maxlen: 56
240d:c010:31::/48 maxlen: 48
240d:c010:50::/48 maxlen: 48
240d:c010:57::/48 maxlen: 48
240d:c010:58::/47 maxlen: 48
240d:c010:5b::/48 maxlen: 48
240d:c010:5c::/46 maxlen: 48
240d:c010:60::/48 maxlen: 48
240d:c010:66::/47 maxlen: 48
240d:c010:68::/48 maxlen: 48
240d:c010:6a::/48 maxlen: 48
240d:c010:6c::/47 maxlen: 48
240d:c010:6e::/48 maxlen: 48
240d:c040::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1006 (0x3ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Mar 16 02:50:26 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=62315071-96fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d1:40:9d:57:bc:12:3b:32:40:6f:50:51:20:
42:85:18:71:72:8d:7c:09:eb:db:30:8a:62:9b:47:
13:1f:08:36:46:88:25:86:8d:e0:d2:14:30:00:10:
5e:92:a0:28:99:d2:84:c8:fd:89:1f:fa:5d:5a:83:
1d:6b:7b:08:b3:06:dd:3c:f6:e0:9e:10:7e:c0:fb:
88:fe:15:f0:b3:b9:29:f5:52:60:d0:a4:e6:95:24:
2c:df:49:c7:6c:b9:86:6f:bc:7e:07:b6:ff:2a:19:
d1:f7:29:20:af:a1:d1:91:d7:fe:fa:fe:fd:15:ff:
45:a5:b6:33:6f:8c:57:3d:24:84:23:6f:c9:6a:9c:
a9:ed:5b:4b:dc:0c:b7:fb:95:d0:71:61:07:30:4b:
e1:9a:7b:c8:3e:22:92:71:6f:6e:a4:05:d7:02:0f:
23:27:c9:93:d0:ca:41:90:c7:b2:36:60:8b:c1:69:
04:ac:a6:0d:0a:0d:7d:b2:78:57:b8:e1:5f:70:c0:
99:eb:24:9c:53:f9:3e:cc:6a:a9:e7:1c:63:b1:7f:
27:24:22:87:7d:04:fc:3e:46:3f:3c:64:c1:f9:45:
8c:4f:0e:02:73:4c:38:62:6e:ce:1d:5d:35:78:90:
8d:e3:00:74:ed:0a:17:34:13:34:b6:c3:09:39:b4:
0b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:73:7B:6C:AA:6D:2E:14:22:BC:FF:BF:C4:0B:93:AC:0E:B9:79:01
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/5B6D5FA8A4CE11EC9FAD9B4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.128.222.0/23
43.152.192.0-43.159.255.255
IPv6:
240d:c000::/24
Signature Algorithm: sha256WithRSAEncryption
db:f4:ee:20:73:7f:10:78:81:bb:26:28:5c:ca:68:4d:36:a5:
33:e6:12:7b:80:f6:14:93:4e:3e:bc:8c:6f:98:8b:04:10:2d:
e8:da:c9:a1:32:8a:49:4f:b3:5d:bc:23:08:07:8c:04:64:a1:
ea:b4:fd:bc:a5:29:54:45:db:5e:0a:0b:1d:17:59:bd:5d:16:
18:56:5e:62:c3:03:46:50:2e:b5:45:c8:bd:f8:40:7a:4b:99:
6a:db:ed:ea:7b:93:8f:d6:fc:2c:ae:4a:40:06:60:ee:b2:1c:
7e:5f:9a:f1:ac:ce:59:43:81:e7:8d:56:11:e0:79:27:97:b5:
14:48:4e:16:88:2c:f7:b2:e6:1c:5d:0a:3a:53:0a:31:16:13:
94:71:83:98:1b:55:aa:23:d7:6c:8f:af:18:c8:d9:fa:b1:b1:
75:1f:a8:03:1b:46:73:51:1d:c0:3e:ca:56:5f:9e:17:2d:13:
12:46:e3:7c:7a:0c:84:2a:2c:95:57:3f:17:53:13:59:ca:22:
a5:1e:b8:dd:01:06:6d:38:8d:98:25:01:29:26:6f:05:13:0b:
9f:a6:17:50:13:86:1d:9e:57:df:bb:ea:b3:94:1b:bf:01:a5:
ac:7f:95:ea:d5:e4:ed:50:22:9d:3c:49:3a:a0:a9:6d:79:1c:
c3:70:ef:0f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICA+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjIwMzE2MDI1MDI2WhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjMxNTA3MS05NmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5dFAnVe8EjsyQG9QUSBChRhxco18CevbMIpim0cTHwg2Roglho3g0hQwABBe
kqAomdKEyP2JH/pdWoMda3sIswbdPPbgnhB+wPuI/hXws7kp9VJg0KTmlSQs30nH
bLmGb7x+B7b/KhnR9ykgr6HRkdf++v79Ff9FpbYzb4xXPSSEI2/Japyp7VtL3Ay3
+5XQcWEHMEvhmnvIPiKScW9upAXXAg8jJ8mT0MpBkMeyNmCLwWkErKYNCg19snhX
uOFfcMCZ6yScU/k+zGqp5xxjsX8nJCKHfQT8PkY/PGTB+UWMTw4Cc0w4Ym7OHV01
eJCN4wB07QoXNBM0tsMJObQL3wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFG1ze2yq
bS4UIrz/v8QLk6wOuXkBMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvNUI2RDVGQThB
NENFMTFFQzlGQUQ5QjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBkEAgABMBMDBAErgN4wCwMEBiuYwAMDBSuAMAwEAgACMAYDBAAkDcAwDQYJ
KoZIhvcNAQELBQADggEBANv07iBzfxB4gbsmKFzKaE02pTPmEnuA9hSTTj68jG+Y
iwQQLejayaEyiklPs128IwgHjARkoeq0/bylKVRF214KCx0XWb1dFhhWXmLDA0ZQ
LrVFyL34QHpLmWrb7ep7k4/W/CyuSkAGYO6yHH5fmvGszllDgeeNVhHgeSeXtRRI
ThaILPey5hxdCjpTCjEWE5Rxg5gbVaoj12yPrxjI2fqxsXUfqAMbRnNRHcA+ylZf
nhctExJG43x6DIQqLJVXPxdTE1nKIqUeuN0BBm04jZglASkmbwUTC5+mF1AThh2e
V9+76rOUG78Bpax/lerV5O1QIp08STqgqW15HMNw7w8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org