Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/D475388CC91211EBA6226F45C4F9AE02.roa
File: D475388CC91211EBA6226F45C4F9AE02.roa (raw, json)
Hash identifier: Q8Q12FCGbHXZCOAM8KS+Di4NFKzVoHlLR50SjrDPMFw=
Subject key identifier: 18:3F:91:87:DC:A9:76:91:CC:42:35:18:36:7F:52:74:70:4D:D0:09
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 179D
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/D475388CC91211EBA6226F45C4F9AE02.roa
Signing time: Wed 29 Sep 2021 05:23:27 +0000
ROA not before: Wed 29 Sep 2021 05:23:27 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 132165
IP address blocks: 43.245.128.0/24 maxlen: 24
43.245.129.0/24 maxlen: 24
43.245.130.0/24 maxlen: 24
43.245.131.0/24 maxlen: 24
103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
111.119.160.0/24 maxlen: 24
111.119.161.0/24 maxlen: 24
111.119.162.0/24 maxlen: 24
111.119.163.0/24 maxlen: 24
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.193.0/24 maxlen: 24
113.203.194.0/24 maxlen: 24
113.203.195.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
113.203.204.0/24 maxlen: 24
113.203.205.0/24 maxlen: 24
113.203.207.0/24 maxlen: 24
115.42.64.0/24 maxlen: 24
115.42.65.0/24 maxlen: 24
115.42.66.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
118.103.233.0/24 maxlen: 24
118.103.234.0/24 maxlen: 24
118.103.235.0/24 maxlen: 24
118.103.236.0/24 maxlen: 24
118.103.237.0/24 maxlen: 24
118.103.238.0/24 maxlen: 24
118.103.239.0/24 maxlen: 24
2406:d00:2222::/48 maxlen: 48
2406:d00:5555::/48 maxlen: 48
2406:d00:aaaa::/48 maxlen: 48
2406:d00:bbbb::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6045 (0x179d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Sep 29 05:23:27 2021 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=6153f84f-d895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ef:d2:5c:d2:04:cd:8e:b4:a3:32:a2:8b:6e:
41:8c:3d:4a:e1:70:4f:2a:4b:44:2d:b1:f6:fb:c8:
ea:30:0d:88:e5:4d:d1:0d:2b:c9:02:75:ca:ac:9d:
d9:52:9e:7a:04:26:3c:a4:5d:48:f5:ca:19:03:44:
38:de:00:c0:0c:34:20:38:5f:92:87:8d:71:34:d1:
af:10:af:40:2d:b8:fc:48:3d:f7:27:ed:62:77:e2:
fc:c1:18:08:c6:58:25:7b:54:77:27:3e:5e:af:2b:
2b:f6:ce:62:f8:84:9e:f1:f0:39:03:a4:4e:a6:49:
2a:30:22:19:25:89:74:62:27:d9:ef:6f:98:c8:96:
c5:50:db:45:df:04:fa:50:00:5c:f2:94:0f:5f:a3:
b2:45:c1:c1:be:66:8e:9c:05:26:25:c3:ce:93:18:
d5:aa:62:ef:51:f7:c1:f9:24:56:07:ae:75:ed:ec:
14:ad:7f:a3:53:23:08:4b:a0:57:e8:a2:87:c7:2f:
c4:9e:d5:0a:a2:58:88:21:ce:a4:33:47:95:f4:ba:
b6:ff:b6:f4:c6:c7:ed:cc:cf:8d:63:30:5c:56:57:
6b:13:f6:e7:68:49:f1:9b:85:f2:b7:9d:e0:7a:53:
5f:2d:40:f6:46:94:36:48:1a:ce:11:50:fb:02:cd:
94:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3F:91:87:DC:A9:76:91:CC:42:35:18:36:7F:52:74:70:4D:D0:09
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/D475388CC91211EBA6226F45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.128.0/22
103.12.120.0/22
111.119.160.0/21
113.203.192.0/22
113.203.200.0-113.203.205.255
113.203.207.0/24
115.42.64.0/21
118.103.226.0-118.103.239.255
IPv6:
2406:d00:2222::/48
2406:d00:5555::/48
2406:d00:aaaa::/48
2406:d00:bbbb::/48
Signature Algorithm: sha256WithRSAEncryption
54:3b:3e:f5:8f:d8:fb:2d:79:02:9d:b4:68:a7:c0:bc:48:4a:
69:84:e6:5f:d6:86:44:f0:53:1e:18:08:6a:28:cb:51:6f:59:
7b:6d:a9:f2:57:31:36:0e:bd:15:f0:e2:f8:76:72:84:6c:40:
6f:6f:25:43:69:aa:40:d1:94:7f:fe:70:a2:db:58:61:35:b1:
ee:4e:1b:5c:af:c5:fb:05:f7:f6:c5:fb:c9:95:9d:3a:b7:a7:
c2:9f:e5:c4:ee:ca:3b:c6:7b:22:b4:4b:b2:cc:1a:38:2b:0b:
5f:8c:f5:4a:fe:0a:ce:96:bd:2e:32:3d:4e:6a:6c:06:cd:00:
c8:fa:90:50:91:35:8b:8e:aa:7b:46:6e:79:44:2b:3e:ee:94:
7a:48:00:03:cc:47:98:04:be:6c:e4:9b:ea:b6:40:27:33:d0:
1e:96:d9:20:ea:9f:ac:93:9a:7d:01:62:13:81:a2:62:bf:be:
21:9d:c1:8a:da:b8:dd:81:49:3b:e7:02:d0:b9:38:66:c5:89:
51:35:5d:1e:e5:73:c2:27:bd:b7:99:29:ab:9a:ef:d2:77:a0:
dc:55:a2:a3:69:1f:82:7f:71:f9:85:e7:bf:c0:21:bf:96:a3:
26:a3:3c:76:e4:41:4c:46:b3:07:78:82:47:0c:d5:3d:d0:56:
de:68:69:ed
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICF50wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjEwOTI5MDUyMzI3WhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTUzZjg0Zi1kODk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnO/SXNIEzY60ozKii25BjD1K4XBPKktELbH2+8jqMA2I5U3RDSvJAnXKrJ3Z
Up56BCY8pF1I9coZA0Q43gDADDQgOF+Sh41xNNGvEK9ALbj8SD33J+1id+L8wRgI
xlgle1R3Jz5erysr9s5i+ISe8fA5A6ROpkkqMCIZJYl0YifZ72+YyJbFUNtF3wT6
UABc8pQPX6OyRcHBvmaOnAUmJcPOkxjVqmLvUffB+SRWB6517ewUrX+jUyMIS6BX
6KKHxy/EntUKoliIIc6kM0eV9Lq2/7b0xsftzM+NYzBcVldrE/bnaEnxm4Xyt53g
elNfLUD2RpQ2SBrOEVD7As2UBQIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFBg/kYfc
qXaRzEI1GDZ/UnRwTdAJMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvRDQ3NTM4OEND
OTEyMTFFQkE2MjI2RjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDBGBAIAATBAAwQCK/WAAwQCZwx4AwQDb3egAwQCccvAMAwDBANxy8gDBAFx
y8wDBABxy88DBANzKkAwDAMEAXZn4gMEBHZn4DAqBAIAAjAkAwcAJAYNACIiAwcA
JAYNAFVVAwcAJAYNAKqqAwcAJAYNALu7MA0GCSqGSIb3DQEBCwUAA4IBAQBUOz71
j9j7LXkCnbRop8C8SEpphOZf1oZE8FMeGAhqKMtRb1l7banyVzE2Dr0V8OL4dnKE
bEBvbyVDaapA0ZR//nCi21hhNbHuThtcr8X7Bff2xfvJlZ06t6fCn+XE7so7xnsi
tEuyzBo4KwtfjPVK/grOlr0uMj1OamwGzQDI+pBQkTWLjqp7Rm55RCs+7pR6SAAD
zEeYBL5s5JvqtkAnM9Aeltkg6p+sk5p9AWITgaJiv74hncGK2rjdgUk75wLQuThm
xYlRNV0e5XPCJ723mSmrmu/Sd6DcVaKjaR+Cf3H5hee/wCG/lqMmozx25EFMRrMH
eIJHDNU90FbeaGnt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org