Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/202AAE9C3A7811EDB71F1023C4F9AE02.roa
File: 202AAE9C3A7811EDB71F1023C4F9AE02.roa (raw, json)
Hash identifier: 7ZDnfWzS8as8QQip30pq+yF8lxuA8Z3vmy3JUMG0TtM=
Subject key identifier: C1:35:CA:30:63:5F:C0:E6:3A:B0:70:39:F0:CF:9C:66:13:15:B1:47
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5D94
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/202AAE9C3A7811EDB71F1023C4F9AE02.roa
Signing time: Thu 22 Sep 2022 13:11:53 +0000
ROA not before: Thu 22 Sep 2022 13:11:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9830
IP address blocks: 103.60.198.0/24 maxlen: 24
103.60.199.0/24 maxlen: 24
103.147.128.0/24 maxlen: 24
103.163.126.0/23 maxlen: 24
103.170.20.0/24 maxlen: 24
103.216.172.0/24 maxlen: 24
103.216.173.0/24 maxlen: 24
103.216.174.0/24 maxlen: 24
103.216.175.0/24 maxlen: 24
202.91.64.0/24 maxlen: 24
202.91.65.0/24 maxlen: 24
202.91.66.0/24 maxlen: 24
202.91.67.0/24 maxlen: 24
202.91.68.0/24 maxlen: 24
202.91.69.0/24 maxlen: 24
202.91.70.0/24 maxlen: 24
202.91.71.0/24 maxlen: 24
202.91.72.0/24 maxlen: 24
202.91.73.0/24 maxlen: 24
202.91.74.0/24 maxlen: 24
202.91.75.0/24 maxlen: 24
202.91.76.0/24 maxlen: 24
202.91.77.0/24 maxlen: 24
202.91.78.0/24 maxlen: 24
202.91.79.0/24 maxlen: 24
202.91.80.0/24 maxlen: 24
202.91.81.0/24 maxlen: 24
202.91.82.0/24 maxlen: 24
202.91.83.0/24 maxlen: 24
202.91.84.0/24 maxlen: 24
202.91.85.0/24 maxlen: 24
202.91.86.0/24 maxlen: 24
202.91.87.0/24 maxlen: 24
202.91.88.0/24 maxlen: 24
202.91.89.0/24 maxlen: 24
202.91.90.0/24 maxlen: 24
202.91.91.0/24 maxlen: 24
202.91.92.0/24 maxlen: 24
202.91.93.0/24 maxlen: 24
202.91.94.0/24 maxlen: 24
202.91.95.0/24 maxlen: 24
2001:df0:cf80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23956 (0x5d94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 22 13:11:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=632c5f19-fa7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f3:5d:f5:9a:7e:5d:79:91:1b:c9:64:f3:d7:
22:d3:be:6e:49:7d:2b:dc:a2:65:9b:5c:11:af:90:
fe:dc:04:66:de:2f:01:8d:85:2f:bf:8c:e9:53:bd:
02:17:82:3b:fb:dd:55:86:f2:17:0f:2b:4e:42:df:
10:85:db:e3:ba:77:3d:79:fa:6e:88:38:e3:1a:f1:
47:1a:37:04:2a:c7:86:ce:1c:de:36:a4:dd:4c:b2:
6e:1e:49:20:91:82:46:a9:1d:58:2f:5a:17:9c:e3:
af:6d:5e:c8:0e:87:e1:9f:14:1e:17:47:4e:89:10:
9a:66:ad:51:d9:99:87:75:16:b2:18:25:5a:71:76:
46:81:a1:5d:1f:1e:b6:df:c4:a0:2e:d0:ff:a4:eb:
03:8b:78:72:49:a1:ec:e3:ac:c9:a9:4d:88:0a:df:
0b:b7:31:fb:03:14:68:5f:1d:f8:c6:f4:79:d5:d9:
47:a1:18:33:75:43:77:60:a8:cb:59:84:66:55:a9:
7a:8a:23:ed:04:eb:5d:58:be:ca:ce:df:43:5f:9c:
b7:df:4c:d4:1f:db:d9:41:ae:2d:58:86:ef:1c:61:
3d:68:ce:5d:c8:6e:ac:f8:2d:7c:da:13:85:c2:4e:
a5:2f:04:03:08:3b:8b:93:89:2c:93:8c:32:c3:59:
cf:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:35:CA:30:63:5F:C0:E6:3A:B0:70:39:F0:CF:9C:66:13:15:B1:47
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/202AAE9C3A7811EDB71F1023C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.60.198.0/23
103.147.128.0/24
103.163.126.0/23
103.170.20.0/24
103.216.172.0/22
202.91.64.0/19
IPv6:
2001:df0:cf80::/48
Signature Algorithm: sha256WithRSAEncryption
3d:55:62:3b:93:d2:02:44:ca:23:25:d4:4d:9e:b1:1c:16:1a:
67:17:d1:04:fd:e9:82:8a:be:56:64:63:56:d1:d1:05:16:d9:
cb:bf:1a:12:ed:db:db:7b:49:cb:f0:52:69:ef:33:0b:9a:cd:
7b:b1:e7:ef:68:17:34:83:ea:60:c4:17:73:e4:43:77:a8:6b:
ca:80:50:bc:13:a9:cc:b4:50:d4:52:e5:da:a4:f6:5c:c4:65:
2a:33:5f:b9:83:57:09:87:ff:d1:83:15:c7:55:00:6b:d4:f6:
1f:4c:19:1e:46:4d:3f:e9:65:b8:30:cd:a8:f5:e8:29:59:0e:
d6:5c:4c:d0:04:96:3b:62:ad:3b:ba:92:d9:a4:af:c7:d3:05:
f3:38:2b:3f:fd:dd:98:7c:41:d9:1b:5a:f5:55:de:b5:c9:35:
1b:d4:85:db:43:b5:cd:39:b0:07:dd:9e:93:ab:ea:04:e9:dc:
e6:86:3e:cd:e0:f1:aa:bc:1a:34:a4:73:ae:ef:4e:63:23:21:
d5:a1:88:6f:b8:72:c8:eb:7e:a0:10:91:0e:d0:39:b5:b1:4e:
5b:09:53:69:f4:65:33:66:6f:23:f8:7e:86:26:7e:05:ce:a1:
2f:47:83:43:aa:5b:69:c9:d4:98:33:fb:ac:16:1f:45:e0:ef:
84:00:a6:00
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICXZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwOTIyMTMxMTUzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJjNWYxOS1mYTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPNd9Zp+XXmRG8lk89ci075uSX0r3KJlm1wRr5D+3ARm3i8BjYUvv4zpU70C
F4I7+91VhvIXDytOQt8Qhdvjunc9efpuiDjjGvFHGjcEKseGzhzeNqTdTLJuHkkg
kYJGqR1YL1oXnOOvbV7IDofhnxQeF0dOiRCaZq1R2ZmHdRayGCVacXZGgaFdHx62
38SgLtD/pOsDi3hySaHs46zJqU2ICt8LtzH7AxRoXx34xvR51dlHoRgzdUN3YKjL
WYRmVal6iiPtBOtdWL7Kzt9DX5y330zUH9vZQa4tWIbvHGE9aM5dyG6s+C182hOF
wk6lLwQDCDuLk4ksk4wyw1nPmQIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFME1yjBj
X8DmOrBwOfDPnGYTFbFHMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMjAyQUFFOUMz
QTc4MTFFREI3MUYxMDIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MCoEAgABMCQDBAFnPMYDBABnk4ADBAFno34DBABnqhQDBAJn2KwDBAXKW0Aw
DwQCAAIwCQMHACABDfDPgDANBgkqhkiG9w0BAQsFAAOCAQEAPVViO5PSAkTKIyXU
TZ6xHBYaZxfRBP3pgoq+VmRjVtHRBRbZy78aEu3b23tJy/BSae8zC5rNe7Hn72gX
NIPqYMQXc+RDd6hryoBQvBOpzLRQ1FLl2qT2XMRlKjNfuYNXCYf/0YMVx1UAa9T2
H0wZHkZNP+lluDDNqPXoKVkO1lxM0ASWO2KtO7qS2aSvx9MF8zgrP/3dmHxB2Rta
9VXetck1G9SF20O1zTmwB92ek6vqBOnc5oY+zeDxqrwaNKRzru9OYyMh1aGIb7hy
yOt+oBCRDtA5tbFOWwlTafRlM2ZvI/h+hiZ+Bc6hL0eDQ6pbacnUmDP7rBYfReDv
hACmAA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-ams.rpki-client.org