Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/B63B4A30997F11ECA6C7F481C4F9AE02.roa
File: B63B4A30997F11ECA6C7F481C4F9AE02.roa (raw, json)
Hash identifier: Vrv/FBx978ukuB2LOq/Txl6PX27vbpH2mpOg2I8EFGc=
Subject key identifier: 20:A0:CF:EA:A0:E5:AE:9B:6F:42:F4:E1:7C:DD:E5:03:07:81:70:43
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 0436
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/B63B4A30997F11ECA6C7F481C4F9AE02.roa
Signing time: Fri 08 Apr 2022 03:31:23 +0000
ROA not before: Fri 08 Apr 2022 03:31:23 +0000
ROA not after: Wed 31 Aug 2022 00:00:00 +0000
asID: 139341
IP address blocks: 43.132.64.0/23 maxlen: 24
43.132.69.0/24 maxlen: 24
43.132.70.0/23 maxlen: 24
43.132.72.0/23 maxlen: 23
43.132.74.0/24 maxlen: 24
43.132.75.0/24 maxlen: 24
43.132.76.0/22 maxlen: 24
43.132.80.0/23 maxlen: 24
43.132.82.0/24 maxlen: 24
43.132.85.0/24 maxlen: 24
43.132.86.0/24 maxlen: 24
43.132.87.0/24 maxlen: 24
43.132.88.0/24 maxlen: 24
43.132.89.0/24 maxlen: 24
43.132.90.0/23 maxlen: 24
43.132.92.0/24 maxlen: 24
43.132.93.0/24 maxlen: 24
43.152.0.0/24 maxlen: 24
43.152.1.0/24 maxlen: 24
43.152.2.0/24 maxlen: 24
43.152.3.0/24 maxlen: 24
43.152.4.0/24 maxlen: 24
43.152.5.0/24 maxlen: 24
43.152.6.0/24 maxlen: 24
43.152.7.0/24 maxlen: 24
43.152.8.0/24 maxlen: 24
43.152.9.0/24 maxlen: 24
43.152.10.0/24 maxlen: 24
43.152.11.0/24 maxlen: 24
43.152.12.0/24 maxlen: 24
43.152.13.0/24 maxlen: 24
43.152.14.0/23 maxlen: 24
43.152.16.0/23 maxlen: 24
43.152.18.0/24 maxlen: 24
43.152.19.0/24 maxlen: 24
43.152.20.0/24 maxlen: 24
43.152.21.0/24 maxlen: 24
43.152.22.0/24 maxlen: 24
43.152.23.0/24 maxlen: 24
43.152.24.0/23 maxlen: 24
43.152.26.0/23 maxlen: 24
43.152.28.0/23 maxlen: 24
43.152.30.0/23 maxlen: 24
43.152.32.0/22 maxlen: 24
43.152.36.0/23 maxlen: 24
43.152.38.0/23 maxlen: 24
43.152.40.0/24 maxlen: 24
43.152.41.0/24 maxlen: 24
43.152.42.0/23 maxlen: 23
43.152.44.0/23 maxlen: 24
43.152.46.0/24 maxlen: 24
43.152.47.0/24 maxlen: 24
43.152.48.0/24 maxlen: 24
43.152.49.0/24 maxlen: 24
43.152.50.0/24 maxlen: 24
43.152.51.0/24 maxlen: 24
43.152.52.0/24 maxlen: 24
43.152.53.0/24 maxlen: 24
43.152.54.0/24 maxlen: 24
43.152.55.0/24 maxlen: 24
43.152.56.0/24 maxlen: 24
43.152.57.0/24 maxlen: 24
43.152.58.0/23 maxlen: 23
43.152.60.0/24 maxlen: 24
43.152.61.0/24 maxlen: 24
43.152.62.0/24 maxlen: 24
43.152.63.0/24 maxlen: 24
43.152.128.0/18 maxlen: 18
43.152.128.0/23 maxlen: 23
43.152.130.0/23 maxlen: 23
43.152.132.0/23 maxlen: 23
43.152.134.0/23 maxlen: 23
43.152.136.0/23 maxlen: 23
43.152.138.0/24 maxlen: 24
43.152.139.0/24 maxlen: 24
43.152.140.0/23 maxlen: 24
43.159.64.0/18 maxlen: 24
101.33.6.0/23 maxlen: 23
240d:c010:18::/48 maxlen: 48
240d:c010:19::/48 maxlen: 48
240d:c010:1a::/48 maxlen: 48
240d:c010:1c::/48 maxlen: 48
240d:c010:41::/48 maxlen: 48
240d:c010:42::/48 maxlen: 48
240d:c010:54::/47 maxlen: 48
240d:c010:56::/48 maxlen: 48
240d:c010:5a::/48 maxlen: 48
240d:c010:61::/48 maxlen: 48
240d:c010:62::/47 maxlen: 48
240d:c010:64::/47 maxlen: 48
240d:c010:69::/48 maxlen: 48
240d:c010:6b::/48 maxlen: 48
240d:c010:6f::/48 maxlen: 48
240d:c010:70::/44 maxlen: 48
240d:c010:80::/44 maxlen: 48
240d:c010:cf::/48 maxlen: 48
240d:c010:fb::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1078 (0x436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Apr 8 03:31:23 2022 GMT
Not After : Aug 31 00:00:00 2022 GMT
Subject: CN=624fac8a-bdd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c8:2d:40:e7:79:bd:36:d5:dd:46:22:02:6b:
28:fc:fc:67:34:90:83:7c:8d:60:67:66:e9:60:07:
10:63:93:0a:a0:2b:fa:0f:84:6b:dc:9b:16:d2:c5:
5d:d8:12:b8:20:da:9e:08:28:84:02:f4:ec:75:b8:
5e:82:a9:31:ae:b1:3c:73:ed:c5:dd:10:30:3d:09:
59:fa:f1:ee:dc:ac:7d:a1:87:81:82:77:52:55:37:
7a:db:c0:bc:f3:d8:b8:1f:aa:e8:7b:b9:6d:c3:03:
74:8e:b7:61:24:53:23:51:3f:ff:99:85:bd:55:3b:
5e:b3:26:86:6d:5b:60:7f:25:5b:b5:e4:3a:b7:55:
0a:46:66:64:01:10:7a:d2:8f:b0:e6:ec:f8:c6:8d:
5d:b4:4d:73:fc:97:1f:85:8e:24:7a:a5:29:2d:5d:
9d:2a:6f:fe:6a:df:6e:49:00:c5:cf:08:12:f4:61:
52:b3:d1:e3:ff:68:9a:a5:81:73:ea:e3:f0:17:54:
36:40:b9:60:b9:18:77:ac:d8:a4:4e:f8:37:c0:b8:
b3:4f:96:ad:12:47:ab:5d:70:bf:5d:5b:08:83:8b:
cb:fe:c8:bd:a4:04:f6:6d:83:0b:fe:d1:62:de:47:
04:72:24:b9:c6:a2:ea:45:9d:bc:6c:b5:05:21:91:
0f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A0:CF:EA:A0:E5:AE:9B:6F:42:F4:E1:7C:DD:E5:03:07:81:70:43
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/B63B4A30997F11ECA6C7F481C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.132.64.0/23
43.132.69.0-43.132.82.255
43.132.85.0-43.132.93.255
43.152.0.0/18
43.152.128.0/18
43.159.64.0/18
101.33.6.0/23
IPv6:
240d:c010:18::-240d:c010:1a:ffff:ffff:ffff:ffff:ffff
240d:c010:1c::/48
240d:c010:41::-240d:c010:42:ffff:ffff:ffff:ffff:ffff
240d:c010:54::-240d:c010:56:ffff:ffff:ffff:ffff:ffff
240d:c010:5a::/48
240d:c010:61::-240d:c010:65:ffff:ffff:ffff:ffff:ffff
240d:c010:69::/48
240d:c010:6b::/48
240d:c010:6f::-240d:c010:8f:ffff:ffff:ffff:ffff:ffff
240d:c010:cf::/48
240d:c010:fb::/48
Signature Algorithm: sha256WithRSAEncryption
61:d6:5a:9e:1d:7c:ba:48:52:95:51:ac:5b:6d:40:34:9d:5d:
21:2a:69:9c:df:3d:5c:bf:2a:6b:eb:8b:a1:44:f5:48:cd:5b:
3c:b6:3d:13:d3:f6:3e:0a:57:2b:b0:95:df:34:e9:72:ca:be:
d4:f0:22:50:de:c4:9f:f9:2f:d0:e2:8a:3a:65:44:04:c3:60:
f6:b9:14:0c:4b:33:1b:85:81:ba:62:5d:21:bb:f4:54:75:88:
b4:d1:c1:4c:83:32:7e:a8:fd:8d:32:1d:f0:8b:4a:b8:95:3c:
81:90:2c:b9:4c:a4:f5:64:e9:da:98:57:29:75:ad:b7:24:ea:
99:f4:c9:f4:a0:d0:4c:11:06:ca:18:d0:8a:62:f9:1f:6f:13:
1f:fe:ad:41:8b:2d:f3:95:a0:e8:a8:b7:e2:ff:af:3b:b3:7c:
6f:32:0e:c9:48:df:95:04:9f:a9:3d:d1:db:3f:d5:95:32:83:
57:64:d8:e8:a6:13:2e:3e:d3:01:78:b0:4d:d4:17:26:99:cb:
1e:17:d3:46:ad:cb:ff:4f:2a:1d:f0:bf:bb:71:78:49:48:4a:
41:ce:e0:10:56:d8:c7:3f:ff:2e:dd:fd:6d:4d:61:2c:e7:90:
b5:eb:01:ea:d8:09:0a:f4:ec:4d:d5:31:4a:ed:92:43:2b:0d:
da:8e:a2:3a
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgICBDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjIwNDA4MDMzMTIzWhcNMjIwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRmYWM4YS1iZGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx8gtQOd5vTbV3UYiAmso/PxnNJCDfI1gZ2bpYAcQY5MKoCv6D4Rr3JsW0sVd
2BK4INqeCCiEAvTsdbhegqkxrrE8c+3F3RAwPQlZ+vHu3Kx9oYeBgndSVTd628C8
89i4H6roe7ltwwN0jrdhJFMjUT//mYW9VTtesyaGbVtgfyVbteQ6t1UKRmZkARB6
0o+w5uz4xo1dtE1z/JcfhY4keqUpLV2dKm/+at9uSQDFzwgS9GFSs9Hj/2iapYFz
6uPwF1Q2QLlguRh3rNikTvg3wLizT5atEkerXXC/XVsIg4vL/si9pAT2bYML/tFi
3kcEciS5xqLqRZ28bLUFIZEPJwIDAQABo4IDcDCCA2wwHQYDVR0OBBYEFCCgz+qg
5a6bb0L04Xzd5QMHgXBDMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvQjYzQjRBMzA5
OTdGMTFFQ0E2QzdGNDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfkGCCsGAQUFBwEHAQH/
BIHpMIHmMEAEAgABMDoDBAErhEAwDAMEACuERQMEACuEUjAMAwQAK4RVAwQBK4Rc
AwQGK5gAAwQGK5iAAwQGK59AAwQBZSEGMIGhBAIAAjCBmjASAwcDJA3AEAAYAwcA
JA3AEAAaAwcAJA3AEAAcMBIDBwAkDcAQAEEDBwAkDcAQAEIwEgMHAiQNwBAAVAMH
ACQNwBAAVgMHACQNwBAAWjASAwcAJA3AEABhAwcBJA3AEABkAwcAJA3AEABpAwcA
JA3AEABrMBIDBwAkDcAQAG8DBwQkDcAQAIADBwAkDcAQAM8DBwAkDcAQAPswDQYJ
KoZIhvcNAQELBQADggEBAGHWWp4dfLpIUpVRrFttQDSdXSEqaZzfPVy/Kmvri6FE
9UjNWzy2PRPT9j4KVyuwld806XLKvtTwIlDexJ/5L9DiijplRATDYPa5FAxLMxuF
gbpiXSG79FR1iLTRwUyDMn6o/Y0yHfCLSriVPIGQLLlMpPVk6dqYVyl1rbck6pn0
yfSg0EwRBsoY0Ipi+R9vEx/+rUGLLfOVoOiot+L/rzuzfG8yDslI35UEn6k90ds/
1ZUyg1dk2OimEy4+0wF4sE3UFyaZyx4X00aty/9PKh3wv7txeElISkHO4BBW2Mc/
/y7d/W1NYSznkLXrAerYCQr07E3VMUrtkkMrDdqOojo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:42 2023 by rpki-client on console-fra.rpki-client.org