Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0ABFDACE5AFE11EBB0EEC477C4F9AE02.roa
File: 0ABFDACE5AFE11EBB0EEC477C4F9AE02.roa (raw, json)
Hash identifier: Mk0xCofcj+8jUJxiWRsSkYKjCzb13SYs6KsBbPWLQo4=
Subject key identifier: 10:65:D0:91:4A:DE:3B:4F:3A:AE:14:50:C4:70:F7:F9:99:0A:59:31
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 572B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0ABFDACE5AFE11EBB0EEC477C4F9AE02.roa
Signing time: Mon 13 Jun 2022 15:51:45 +0000
ROA not before: Mon 13 Jun 2022 15:51:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138754
IP address blocks: 43.229.88.0/22 maxlen: 24
103.42.196.0/22 maxlen: 24
103.70.196.0/22 maxlen: 24
103.99.204.0/22 maxlen: 24
103.140.16.0/23 maxlen: 24
103.146.174.0/23 maxlen: 24
103.147.208.0/23 maxlen: 24
103.148.20.0/23 maxlen: 24
103.149.158.0/23 maxlen: 24
103.151.188.0/23 maxlen: 24
103.153.92.0/23 maxlen: 24
103.153.104.0/23 maxlen: 24
103.154.37.0/24 maxlen: 24
103.154.54.0/23 maxlen: 24
103.155.222.0/23 maxlen: 24
103.157.104.0/23 maxlen: 24
103.160.194.0/23 maxlen: 24
103.160.232.0/23 maxlen: 24
103.161.54.0/23 maxlen: 24
103.161.144.0/23 maxlen: 24
103.165.166.0/23 maxlen: 24
103.166.244.0/23 maxlen: 24
103.168.200.0/23 maxlen: 24
103.169.214.0/23 maxlen: 24
103.170.54.0/23 maxlen: 24
103.171.224.0/23 maxlen: 24
103.175.2.0/23 maxlen: 24
103.175.88.0/23 maxlen: 24
103.175.136.0/23 maxlen: 24
103.176.184.0/23 maxlen: 24
103.177.26.0/23 maxlen: 24
103.177.252.0/23 maxlen: 24
103.178.204.0/23 maxlen: 24
103.179.196.0/23 maxlen: 24
103.179.230.0/23 maxlen: 24
103.181.40.0/23 maxlen: 24
103.182.166.0/23 maxlen: 24
103.183.82.0/23 maxlen: 24
103.184.238.0/23 maxlen: 24
103.189.142.0/23 maxlen: 24
103.199.160.0/22 maxlen: 24
137.59.84.0/22 maxlen: 24
2001:df5:2380::/48 maxlen: 48
2001:df5:d380::/48 maxlen: 48
2001:df7:480::/48 maxlen: 48
2001:df7:d80::/48 maxlen: 48
2001:df7:1380::/48 maxlen: 48
2001:df7:4b80::/48 maxlen: 48
2001:df7:4d80::/48 maxlen: 48
2001:df7:4e80::/48 maxlen: 48
2001:df7:4f80::/48 maxlen: 48
2001:df7:5280::/48 maxlen: 48
2001:df7:6980::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22315 (0x572b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 13 15:51:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62a75d11-baf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d1:87:82:8c:82:b8:e3:60:57:e3:c1:0e:31:
dd:3e:eb:c9:79:59:e6:8b:cd:1f:b4:ae:09:fd:d8:
5f:a5:bf:53:d6:5c:51:5c:8d:1d:c5:ef:bf:60:19:
11:82:8f:e7:0e:df:2b:e0:09:75:04:2b:7b:41:c6:
24:3e:32:4b:6c:3a:68:06:00:0c:7f:a3:ef:a0:51:
0f:30:d6:04:c8:26:a7:e3:1a:5b:39:97:f0:40:2c:
48:a5:2c:0f:1a:dd:5b:7e:f7:73:79:0c:07:8c:5e:
0a:79:52:cf:5e:57:cb:4d:6e:a6:67:96:56:0d:32:
3e:bc:17:08:70:75:6b:bc:10:1e:06:45:07:36:e4:
19:73:2f:81:5a:c6:49:77:de:ba:91:2f:31:46:cd:
76:94:f8:a5:63:fc:e4:e5:4a:10:a5:d9:2a:26:47:
0d:87:60:5d:7b:10:88:59:48:8e:92:04:61:3d:bb:
3c:db:f0:23:ad:55:21:f0:6e:60:26:da:15:e0:4f:
6b:e0:20:62:63:a7:7a:c8:11:09:e6:6a:d8:47:c4:
db:54:e7:14:fc:50:46:f8:84:6d:5b:70:ef:b7:8c:
59:9f:fa:80:43:b4:b4:8e:24:c1:ac:12:94:9a:b0:
51:f6:9a:94:ab:6f:30:89:5f:ee:1a:f8:d3:3f:95:
93:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:65:D0:91:4A:DE:3B:4F:3A:AE:14:50:C4:70:F7:F9:99:0A:59:31
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0ABFDACE5AFE11EBB0EEC477C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.88.0/22
103.42.196.0/22
103.70.196.0/22
103.99.204.0/22
103.140.16.0/23
103.146.174.0/23
103.147.208.0/23
103.148.20.0/23
103.149.158.0/23
103.151.188.0/23
103.153.92.0/23
103.153.104.0/23
103.154.37.0/24
103.154.54.0/23
103.155.222.0/23
103.157.104.0/23
103.160.194.0/23
103.160.232.0/23
103.161.54.0/23
103.161.144.0/23
103.165.166.0/23
103.166.244.0/23
103.168.200.0/23
103.169.214.0/23
103.170.54.0/23
103.171.224.0/23
103.175.2.0/23
103.175.88.0/23
103.175.136.0/23
103.176.184.0/23
103.177.26.0/23
103.177.252.0/23
103.178.204.0/23
103.179.196.0/23
103.179.230.0/23
103.181.40.0/23
103.182.166.0/23
103.183.82.0/23
103.184.238.0/23
103.189.142.0/23
103.199.160.0/22
137.59.84.0/22
IPv6:
2001:df5:2380::/48
2001:df5:d380::/48
2001:df7:480::/48
2001:df7:d80::/48
2001:df7:1380::/48
2001:df7:4b80::/48
2001:df7:4d80::/48
2001:df7:4e80::/48
2001:df7:4f80::/48
2001:df7:5280::/48
2001:df7:6980::/48
Signature Algorithm: sha256WithRSAEncryption
5c:dc:42:dc:96:df:22:c6:9c:f1:79:9a:86:20:9c:1d:81:53:
91:92:a1:e1:33:d2:30:26:8a:05:8d:3a:8f:9b:cd:1a:a1:78:
80:e4:93:06:16:ce:fd:ef:2c:ab:ce:ed:17:3d:91:fe:96:4d:
37:d2:9b:85:e5:e3:9d:0a:6c:03:e2:af:7f:74:48:67:ba:82:
96:ec:71:a3:cd:b2:7f:c0:94:b6:30:e0:db:41:86:bf:18:21:
40:65:d9:78:60:e5:d4:55:84:23:de:1b:72:aa:48:82:2f:40:
02:13:50:ae:a0:a0:44:98:32:f0:d6:dc:56:6a:05:e5:15:c2:
c9:31:86:07:b8:bb:f6:fd:41:da:8f:d4:0d:3f:a0:3a:c6:47:
0e:4d:d7:d9:f0:a2:78:0b:dc:53:a2:5f:bf:53:2e:8c:87:6d:
9a:28:70:6d:6c:54:5f:99:f7:b0:f4:86:74:8c:60:df:0b:b5:
30:41:26:3d:22:4d:f4:7c:48:60:39:9d:3c:63:66:52:fa:ba:
49:31:d8:b6:d6:5b:77:8b:a1:fd:86:1d:38:64:3b:4a:59:e6:
51:13:ea:1b:32:0b:13:40:6d:0f:5c:70:52:65:84:8e:2e:20:
81:f2:12:ee:63:7a:ca:dc:06:34:3d:a6:ee:23:78:61:00:7d:
6f:70:6b:69
-----BEGIN CERTIFICATE-----
MIIG2zCCBcOgAwIBAgICVyswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNjEzMTU1MTQ1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmE3NWQxMS1iYWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA89GHgoyCuONgV+PBDjHdPuvJeVnmi80ftK4J/dhfpb9T1lxRXI0dxe+/YBkR
go/nDt8r4Al1BCt7QcYkPjJLbDpoBgAMf6PvoFEPMNYEyCan4xpbOZfwQCxIpSwP
Gt1bfvdzeQwHjF4KeVLPXlfLTW6mZ5ZWDTI+vBcIcHVrvBAeBkUHNuQZcy+BWsZJ
d966kS8xRs12lPilY/zk5UoQpdkqJkcNh2BdexCIWUiOkgRhPbs82/AjrVUh8G5g
JtoV4E9r4CBiY6d6yBEJ5mrYR8TbVOcU/FBG+IRtW3Dvt4xZn/qAQ7S0jiTBrBKU
mrBR9pqUq28wiV/uGvjTP5WT7wIDAQABo4ID/zCCA/swHQYDVR0OBBYEFBBl0JFK
3jtPOq4UUMRw9/mZClkxMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMEFCRkRBQ0U1
QUZFMTFFQkIwRUVDNDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGHBggrBgEFBQcBBwEB
/wSCAXYwggFyMIIBAwQCAAEwgfwDBAIr5VgDBAJnKsQDBAJnRsQDBAJnY8wDBAFn
jBADBAFnkq4DBAFnk9ADBAFnlBQDBAFnlZ4DBAFnl7wDBAFnmVwDBAFnmWgDBABn
miUDBAFnmjYDBAFnm94DBAFnnWgDBAFnoMIDBAFnoOgDBAFnoTYDBAFnoZADBAFn
paYDBAFnpvQDBAFnqMgDBAFnqdYDBAFnqjYDBAFnq+ADBAFnrwIDBAFnr1gDBAFn
r4gDBAFnsLgDBAFnsRoDBAFnsfwDBAFnsswDBAFns8QDBAFns+YDBAFntSgDBAFn
tqYDBAFnt1IDBAFnuO4DBAFnvY4DBAJnx6ADBAKJO1QwaQQCAAIwYwMHACABDfUj
gAMHACABDfXTgAMHACABDfcEgAMHACABDfcNgAMHACABDfcTgAMHACABDfdLgAMH
ACABDfdNgAMHACABDfdOgAMHACABDfdPgAMHACABDfdSgAMHACABDfdpgDANBgkq
hkiG9w0BAQsFAAOCAQEAXNxC3JbfIsac8XmahiCcHYFTkZKh4TPSMCaKBY06j5vN
GqF4gOSTBhbO/e8sq87tFz2R/pZNN9KbheXjnQpsA+Kvf3RIZ7qCluxxo82yf8CU
tjDg20GGvxghQGXZeGDl1FWEI94bcqpIgi9AAhNQrqCgRJgy8NbcVmoF5RXCyTGG
B7i79v1B2o/UDT+gOsZHDk3X2fCieAvcU6Jfv1MujIdtmihwbWxUX5n3sPSGdIxg
3wu1MEEmPSJN9HxIYDmdPGNmUvq6STHYttZbd4uh/YYdOGQ7SlnmURPqGzILE0Bt
D1xwUmWEji4ggfIS7mN6ytwGND2m7iN4YQB9b3BraQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:47 2023 by rpki-client on console-ams.rpki-client.org