Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/C45DCB1ABA1311ECAB52C96EC4F9AE02.roa
File: C45DCB1ABA1311ECAB52C96EC4F9AE02.roa (raw, json)
Hash identifier: YlIZmNbZ5oFqAT3JkLlOji8CKL8WuOB+d3oggLfCjUw=
Subject key identifier: 7F:3F:84:F2:0A:B0:69:1C:08:B3:88:3E:80:31:FA:04:0C:B1:BD:0A
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 04D1
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/C45DCB1ABA1311ECAB52C96EC4F9AE02.roa
Signing time: Fri 20 May 2022 04:16:57 +0000
ROA not before: Fri 20 May 2022 04:16:57 +0000
ROA not after: Thu 31 Aug 2023 00:00:00 +0000
asID: 139341
IP address blocks: 43.132.64.0/23 maxlen: 24
43.132.69.0/24 maxlen: 24
43.132.70.0/23 maxlen: 24
43.132.72.0/23 maxlen: 23
43.132.74.0/24 maxlen: 24
43.132.75.0/24 maxlen: 24
43.132.76.0/22 maxlen: 24
43.132.80.0/23 maxlen: 24
43.132.82.0/24 maxlen: 24
43.132.85.0/24 maxlen: 24
43.132.86.0/24 maxlen: 24
43.132.87.0/24 maxlen: 24
43.132.88.0/24 maxlen: 24
43.132.89.0/24 maxlen: 24
43.132.90.0/23 maxlen: 24
43.132.92.0/24 maxlen: 24
43.132.93.0/24 maxlen: 24
43.152.0.0/24 maxlen: 24
43.152.1.0/24 maxlen: 24
43.152.2.0/24 maxlen: 24
43.152.3.0/24 maxlen: 24
43.152.4.0/24 maxlen: 24
43.152.5.0/24 maxlen: 24
43.152.6.0/24 maxlen: 24
43.152.7.0/24 maxlen: 24
43.152.8.0/24 maxlen: 24
43.152.9.0/24 maxlen: 24
43.152.10.0/24 maxlen: 24
43.152.11.0/24 maxlen: 24
43.152.12.0/24 maxlen: 24
43.152.13.0/24 maxlen: 24
43.152.14.0/23 maxlen: 24
43.152.16.0/23 maxlen: 24
43.152.18.0/24 maxlen: 24
43.152.19.0/24 maxlen: 24
43.152.20.0/24 maxlen: 24
43.152.21.0/24 maxlen: 24
43.152.22.0/24 maxlen: 24
43.152.23.0/24 maxlen: 24
43.152.24.0/23 maxlen: 24
43.152.26.0/23 maxlen: 24
43.152.28.0/23 maxlen: 24
43.152.30.0/23 maxlen: 24
43.152.32.0/22 maxlen: 24
43.152.36.0/23 maxlen: 24
43.152.38.0/23 maxlen: 24
43.152.40.0/24 maxlen: 24
43.152.41.0/24 maxlen: 24
43.152.42.0/23 maxlen: 23
43.152.44.0/23 maxlen: 24
43.152.46.0/24 maxlen: 24
43.152.47.0/24 maxlen: 24
43.152.48.0/24 maxlen: 24
43.152.49.0/24 maxlen: 24
43.152.50.0/24 maxlen: 24
43.152.51.0/24 maxlen: 24
43.152.52.0/24 maxlen: 24
43.152.53.0/24 maxlen: 24
43.152.54.0/24 maxlen: 24
43.152.55.0/24 maxlen: 24
43.152.56.0/24 maxlen: 24
43.152.57.0/24 maxlen: 24
43.152.58.0/23 maxlen: 23
43.152.60.0/24 maxlen: 24
43.152.61.0/24 maxlen: 24
43.152.62.0/24 maxlen: 24
43.152.63.0/24 maxlen: 24
43.152.128.0/18 maxlen: 18
43.152.128.0/23 maxlen: 23
43.152.130.0/23 maxlen: 23
43.152.132.0/23 maxlen: 23
43.152.134.0/23 maxlen: 23
43.152.136.0/23 maxlen: 23
43.152.138.0/24 maxlen: 24
43.152.139.0/24 maxlen: 24
43.152.140.0/23 maxlen: 24
43.152.142.0/23 maxlen: 24
43.152.144.0/24 maxlen: 24
43.152.145.0/24 maxlen: 24
43.152.146.0/24 maxlen: 24
43.152.147.0/24 maxlen: 24
43.152.148.0/24 maxlen: 24
43.152.149.0/24 maxlen: 24
43.159.64.0/18 maxlen: 24
101.33.6.0/23 maxlen: 24
240d:c010:18::/48 maxlen: 48
240d:c010:19::/48 maxlen: 48
240d:c010:1a::/48 maxlen: 48
240d:c010:1c::/48 maxlen: 48
240d:c010:41::/48 maxlen: 48
240d:c010:42::/48 maxlen: 48
240d:c010:54::/47 maxlen: 48
240d:c010:56::/48 maxlen: 48
240d:c010:5a::/48 maxlen: 48
240d:c010:61::/48 maxlen: 48
240d:c010:62::/47 maxlen: 48
240d:c010:64::/47 maxlen: 48
240d:c010:69::/48 maxlen: 48
240d:c010:6b::/48 maxlen: 48
240d:c010:6f::/48 maxlen: 48
240d:c010:70::/44 maxlen: 48
240d:c010:80::/44 maxlen: 48
240d:c010:cf::/48 maxlen: 48
240d:c010:fb::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1233 (0x4d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: May 20 04:16:57 2022 GMT
Not After : Aug 31 00:00:00 2023 GMT
Subject: CN=62871639-5ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:15:7c:92:35:55:1e:ff:cf:4c:be:72:c2:b2:
72:30:be:95:fe:0b:70:ea:1a:e4:f6:6b:72:f4:d5:
aa:ab:62:47:89:f2:4f:98:93:96:fb:4b:98:10:81:
4c:4f:0e:0b:8e:2a:c9:3b:1a:46:6e:c6:6e:98:69:
f5:a7:cc:8c:ed:cf:a5:5d:82:e9:1f:b8:4c:87:3c:
01:f3:4e:97:2c:44:b5:70:be:a2:e6:1e:c3:8a:0b:
7f:ef:8d:cc:ec:b2:98:f5:e2:c2:b6:24:3d:b7:30:
53:65:d2:44:43:7b:63:fd:9b:cf:ff:15:87:e4:27:
08:3c:d8:9e:77:85:d8:d2:33:8c:12:52:8f:3e:9b:
1e:f9:b9:df:7e:61:47:78:f6:ea:af:7c:cd:73:a3:
c2:64:f4:04:cd:e6:cd:e8:62:a3:7e:e9:bd:26:bc:
36:00:9b:fe:5d:d8:c3:f1:ab:e7:b1:fb:e9:af:ad:
0f:22:4a:30:fc:54:cf:6d:1b:34:40:bc:91:58:21:
9c:88:70:5e:38:71:fd:f1:c0:31:17:d8:c4:56:8c:
a5:aa:b5:fd:c0:aa:12:ae:db:a6:ce:6a:c7:07:c8:
54:f6:a3:f7:39:8b:11:e5:fd:6e:4b:30:fb:1f:b7:
b1:c5:07:25:03:f3:6d:42:25:8b:ab:76:4d:44:d7:
78:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:3F:84:F2:0A:B0:69:1C:08:B3:88:3E:80:31:FA:04:0C:B1:BD:0A
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/C45DCB1ABA1311ECAB52C96EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.132.64.0/23
43.132.69.0-43.132.82.255
43.132.85.0-43.132.93.255
43.152.0.0/18
43.152.128.0/18
43.159.64.0/18
101.33.6.0/23
IPv6:
240d:c010:18::-240d:c010:1a:ffff:ffff:ffff:ffff:ffff
240d:c010:1c::/48
240d:c010:41::-240d:c010:42:ffff:ffff:ffff:ffff:ffff
240d:c010:54::-240d:c010:56:ffff:ffff:ffff:ffff:ffff
240d:c010:5a::/48
240d:c010:61::-240d:c010:65:ffff:ffff:ffff:ffff:ffff
240d:c010:69::/48
240d:c010:6b::/48
240d:c010:6f::-240d:c010:8f:ffff:ffff:ffff:ffff:ffff
240d:c010:cf::/48
240d:c010:fb::/48
Signature Algorithm: sha256WithRSAEncryption
ad:96:8a:a7:ed:4f:9f:ca:5d:b4:92:39:3a:a2:19:37:af:eb:
72:a8:af:57:93:44:b6:ae:d7:6b:ed:e7:36:23:32:a6:9d:49:
2a:6d:89:2c:7d:b7:9f:6b:d6:1c:2c:b3:5d:7b:0d:8a:12:f5:
69:4c:7e:70:ff:3a:42:a9:54:2f:65:58:80:ac:27:e3:e8:2b:
43:6f:91:0b:e4:9b:33:f9:1e:ee:93:49:53:e8:ab:04:aa:c8:
cc:7e:0c:75:1e:d5:d0:c0:8b:8a:89:c8:33:b3:15:1e:67:b5:
14:ba:72:a7:7c:98:ee:1e:db:fc:b4:68:2f:a0:ea:2d:be:e6:
3c:d7:fd:da:67:69:d1:a4:ea:3b:3a:ed:9c:4c:cb:a4:c8:a8:
bb:b8:83:ed:4e:1b:59:fe:03:58:2b:e3:98:8d:74:97:15:62:
5a:c7:c8:fc:81:86:d6:ef:cf:b9:6a:fc:08:5c:81:01:1a:7c:
71:c4:e0:5d:01:46:7c:75:07:68:f0:ea:bb:f8:d5:09:df:af:
1e:98:2b:21:01:bc:d3:aa:90:66:68:fb:23:0e:9b:8f:60:e7:
ce:2c:59:88:7a:19:a6:5a:eb:95:5a:da:b6:d5:1e:41:a0:50:
86:82:9d:8d:06:14:b3:27:7c:15:08:aa:ea:7d:60:4a:78:a7:
1a:52:86:de
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgICBNEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjIwNTIwMDQxNjU3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg3MTYzOS01YWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBV8kjVVHv/PTL5ywrJyML6V/gtw6hrk9mty9NWqq2JHifJPmJOW+0uYEIFM
Tw4LjirJOxpGbsZumGn1p8yM7c+lXYLpH7hMhzwB806XLES1cL6i5h7Digt/743M
7LKY9eLCtiQ9tzBTZdJEQ3tj/ZvP/xWH5CcIPNied4XY0jOMElKPPpse+bnffmFH
ePbqr3zNc6PCZPQEzebN6GKjfum9Jrw2AJv+XdjD8avnsfvpr60PIkow/FTPbRs0
QLyRWCGciHBeOHH98cAxF9jEVoylqrX9wKoSrtumzmrHB8hU9qP3OYsR5f1uSzD7
H7exxQclA/NtQiWLq3ZNRNd4FwIDAQABo4IDcDCCA2wwHQYDVR0OBBYEFH8/hPIK
sGkcCLOIPoAx+gQMsb0KMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvQzQ1RENCMUFC
QTEzMTFFQ0FCNTJDOTZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfkGCCsGAQUFBwEHAQH/
BIHpMIHmMEAEAgABMDoDBAErhEAwDAMEACuERQMEACuEUjAMAwQAK4RVAwQBK4Rc
AwQGK5gAAwQGK5iAAwQGK59AAwQBZSEGMIGhBAIAAjCBmjASAwcDJA3AEAAYAwcA
JA3AEAAaAwcAJA3AEAAcMBIDBwAkDcAQAEEDBwAkDcAQAEIwEgMHAiQNwBAAVAMH
ACQNwBAAVgMHACQNwBAAWjASAwcAJA3AEABhAwcBJA3AEABkAwcAJA3AEABpAwcA
JA3AEABrMBIDBwAkDcAQAG8DBwQkDcAQAIADBwAkDcAQAM8DBwAkDcAQAPswDQYJ
KoZIhvcNAQELBQADggEBAK2WiqftT5/KXbSSOTqiGTev63Kor1eTRLau12vt5zYj
MqadSSptiSx9t59r1hwss117DYoS9WlMfnD/OkKpVC9lWICsJ+PoK0NvkQvkmzP5
Hu6TSVPoqwSqyMx+DHUe1dDAi4qJyDOzFR5ntRS6cqd8mO4e2/y0aC+g6i2+5jzX
/dpnadGk6js67ZxMy6TIqLu4g+1OG1n+A1gr45iNdJcVYlrHyPyBhtbvz7lq/Ahc
gQEafHHE4F0BRnx1B2jw6rv41Qnfrx6YKyEBvNOqkGZo+yMOm49g584sWYh6GaZa
65Va2rbVHkGgUIaCnY0GFLMnfBUIqup9YEp4pxpSht4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org