Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/10D6A14ECB6A11EC9CC1A586C4F9AE02.roa
File: 10D6A14ECB6A11EC9CC1A586C4F9AE02.roa (raw, json)
Hash identifier: I2du2CFweBhDEurOlkSptMfuJbLoA2r4p3YF45y3is8=
Subject key identifier: 1C:01:5E:B2:8C:22:FD:9E:FF:DE:45:68:45:F8:87:A2:1E:0D:0A:5A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5A3D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/10D6A14ECB6A11EC9CC1A586C4F9AE02.roa
Signing time: Thu 28 Jul 2022 06:01:49 +0000
ROA not before: Thu 28 Jul 2022 06:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132116
IP address blocks: 27.123.240.0/22 maxlen: 24
43.247.40.0/24 maxlen: 24
43.247.41.0/24 maxlen: 24
43.247.42.0/24 maxlen: 24
43.247.43.0/24 maxlen: 24
43.248.152.0/22 maxlen: 24
43.248.240.0/24 maxlen: 24
43.248.241.0/24 maxlen: 24
43.248.242.0/24 maxlen: 24
43.248.243.0/24 maxlen: 24
45.248.172.0/24 maxlen: 24
45.248.173.0/24 maxlen: 24
45.248.174.0/24 maxlen: 24
45.248.175.0/24 maxlen: 24
103.16.28.0/24 maxlen: 24
103.16.29.0/24 maxlen: 24
103.16.30.0/24 maxlen: 24
103.16.31.0/24 maxlen: 24
103.28.252.0/22 maxlen: 24
103.40.200.0/22 maxlen: 24
103.54.24.0/22 maxlen: 24
103.69.24.0/24 maxlen: 24
103.69.25.0/24 maxlen: 24
103.69.26.0/24 maxlen: 24
103.69.27.0/24 maxlen: 24
103.70.80.0/24 maxlen: 24
103.70.81.0/24 maxlen: 24
103.70.82.0/24 maxlen: 24
103.70.83.0/24 maxlen: 24
103.94.83.0/24 maxlen: 24
103.100.4.0/22 maxlen: 24
103.105.96.0/23 maxlen: 24
103.153.12.0/24 maxlen: 24
103.155.208.0/23 maxlen: 24
103.160.64.0/23 maxlen: 24
103.160.186.0/23 maxlen: 24
103.164.141.0/24 maxlen: 24
103.165.102.0/23 maxlen: 24
103.183.86.0/23 maxlen: 24
103.183.233.0/24 maxlen: 24
103.190.8.0/24 maxlen: 24
103.190.9.0/24 maxlen: 24
103.198.172.0/22 maxlen: 24
103.217.132.0/22 maxlen: 24
103.224.144.0/22 maxlen: 24
163.53.84.0/22 maxlen: 24
180.149.225.0/24 maxlen: 24
180.149.226.0/24 maxlen: 24
180.149.227.0/24 maxlen: 24
2001:df5:c680::/48 maxlen: 48
2405:e100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23101 (0x5a3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 28 06:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62e2264d-38a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:70:72:2d:19:30:1a:22:89:bf:11:e0:17:79:
32:f2:80:74:8e:43:7f:a6:d6:21:24:b4:26:ce:28:
40:59:a5:19:b0:32:bd:b0:ac:c7:12:74:31:d6:4a:
41:05:ee:d2:83:64:6e:a4:47:c6:72:20:62:c0:cc:
e7:af:1e:80:f8:03:0d:b1:eb:3f:90:fd:81:85:f5:
ce:8f:87:c2:fa:94:d4:67:f2:35:2e:58:39:91:1b:
95:e8:2d:b8:6c:75:67:9d:a0:f5:13:69:00:5a:3b:
d2:b2:a3:eb:5f:30:7d:53:2d:f9:41:1f:f0:a7:51:
db:51:d6:ab:73:b0:2a:bb:f9:ac:7d:8a:a1:4c:ce:
33:c8:fd:fe:eb:f7:c6:8c:ef:c4:1f:bf:8a:fa:21:
bd:f2:5c:95:98:47:6a:96:79:c7:89:54:6d:78:7e:
d7:38:04:85:28:16:b4:48:b0:69:24:79:c8:ee:1f:
de:6a:b7:da:35:6e:ea:3d:7e:93:a6:f2:a8:e7:32:
22:7c:7d:f5:b6:74:65:b7:42:c9:00:03:d8:36:fd:
65:54:f7:7a:7d:5b:10:b4:4c:7d:7e:b4:53:31:cf:
16:58:96:1e:d1:dc:bf:81:68:89:2a:f6:30:c3:6c:
1b:69:eb:c6:a5:9b:47:fc:8d:cf:60:28:b8:a0:ce:
9e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:01:5E:B2:8C:22:FD:9E:FF:DE:45:68:45:F8:87:A2:1E:0D:0A:5A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/10D6A14ECB6A11EC9CC1A586C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/22
43.247.40.0/22
43.248.152.0/22
43.248.240.0/22
45.248.172.0/22
103.16.28.0/22
103.28.252.0/22
103.40.200.0/22
103.54.24.0/22
103.69.24.0/22
103.70.80.0/22
103.94.83.0/24
103.100.4.0/22
103.105.96.0/23
103.153.12.0/24
103.155.208.0/23
103.160.64.0/23
103.160.186.0/23
103.164.141.0/24
103.165.102.0/23
103.183.86.0/23
103.183.233.0/24
103.190.8.0/23
103.198.172.0/22
103.217.132.0/22
103.224.144.0/22
163.53.84.0/22
180.149.225.0-180.149.227.255
IPv6:
2001:df5:c680::/48
2405:e100::/48
Signature Algorithm: sha256WithRSAEncryption
78:f8:91:90:34:55:ef:b4:cb:45:af:8a:06:85:fd:52:a8:a6:
30:e4:ad:60:1e:05:ee:f7:51:71:4e:43:06:39:7d:67:8f:dc:
c5:c8:e0:d2:1e:55:86:da:2f:4d:3f:c5:04:7f:77:c9:8e:25:
36:48:16:4c:54:6a:cb:b0:f1:ec:16:87:b8:e4:2e:50:cd:23:
2b:f5:11:cd:b5:ca:aa:02:59:ea:f5:2e:4b:d6:dd:58:d4:43:
60:f0:4f:33:f0:aa:a1:40:10:30:75:5b:40:a3:93:b4:b4:ce:
5b:4c:eb:ea:7f:b4:11:49:2a:a3:6c:e2:65:2d:d9:5a:bf:66:
b4:fb:27:6f:ff:dd:23:88:6d:ec:ec:6e:9b:cb:aa:56:28:df:
c4:b1:02:a4:82:a9:0f:c0:cc:3c:7f:ca:00:e8:73:83:68:04:
94:52:97:66:0f:f6:b8:8d:83:ed:50:a7:78:a1:82:ba:fb:d1:
73:69:ab:a8:81:c6:4e:72:f3:85:d7:72:17:c2:d4:87:39:15:
47:3a:b2:ee:f6:a1:43:b9:cf:32:64:fa:77:62:ea:e9:40:f3:
10:ce:5f:dd:61:51:31:6f:16:28:1f:09:19:c9:ae:16:45:c8:
5a:b9:6c:1d:98:be:8f:fa:0a:82:2a:fa:61:12:91:ae:62:65:
73:c2:c6:08
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgICWj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNzI4MDYwMTQ5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmUyMjY0ZC0zOGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA53ByLRkwGiKJvxHgF3ky8oB0jkN/ptYhJLQmzihAWaUZsDK9sKzHEnQx1kpB
Be7Sg2RupEfGciBiwMznrx6A+AMNses/kP2BhfXOj4fC+pTUZ/I1Llg5kRuV6C24
bHVnnaD1E2kAWjvSsqPrXzB9Uy35QR/wp1HbUdarc7Aqu/msfYqhTM4zyP3+6/fG
jO/EH7+K+iG98lyVmEdqlnnHiVRteH7XOASFKBa0SLBpJHnI7h/earfaNW7qPX6T
pvKo5zIifH31tnRlt0LJAAPYNv1lVPd6fVsQtEx9frRTMc8WWJYe0dy/gWiJKvYw
w2wbaevGpZtH/I3PYCi4oM6eWwIDAQABo4IDXjCCA1owHQYDVR0OBBYEFBwBXrKM
Iv2e/95FaEX4h6IeDQpaMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMTBENkExNEVD
QjZBMTFFQzlDQzFBNTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgecGCCsGAQUFBwEHAQH/
BIHXMIHUMIG3BAIAATCBsAMEAht78AMEAiv3KAMEAiv4mAMEAiv48AMEAi34rAME
AmcQHAMEAmcc/AMEAmcoyAMEAmc2GAMEAmdFGAMEAmdGUAMEAGdeUwMEAmdkBAME
AWdpYAMEAGeZDAMEAWeb0AMEAWegQAMEAWegugMEAGekjQMEAWelZgMEAWe3VgME
AGe36QMEAWe+CAMEAmfGrAMEAmfZhAMEAmfgkAMEAqM1VDAMAwQAtJXhAwQCtJXg
MBgEAgACMBIDBwAgAQ31xoADBwAkBeEAAAAwDQYJKoZIhvcNAQELBQADggEBAHj4
kZA0Ve+0y0WvigaF/VKopjDkrWAeBe73UXFOQwY5fWeP3MXI4NIeVYbaL00/xQR/
d8mOJTZIFkxUasuw8ewWh7jkLlDNIyv1Ec21yqoCWer1LkvW3VjUQ2DwTzPwqqFA
EDB1W0Cjk7S0zltM6+p/tBFJKqNs4mUt2Vq/ZrT7J2//3SOIbezsbpvLqlYo38Sx
AqSCqQ/AzDx/ygDoc4NoBJRSl2YP9riNg+1Qp3ihgrr70XNpq6iBxk5y84XXchfC
1Ic5FUc6su72oUO5zzJk+ndi6ulA8xDOX91hUTFvFigfCRnJrhZFyFq5bB2Yvo/6
CoIq+mESka5iZXPCxgg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-fra.rpki-client.org