Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B528B92665911ED9EC75179C4F9AE02.roa
File: 3B528B92665911ED9EC75179C4F9AE02.roa (raw, json)
Hash identifier: P9BivVCQmAYX9OWbaOpavWhfhLVxo1PC0XXxcgzPI2M=
Subject key identifier: 8E:94:DF:2F:EE:A9:78:F8:98:50:30:82:6D:95:2C:BE:DB:EE:24:B6
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 671F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B528B92665911ED9EC75179C4F9AE02.roa
Signing time: Thu 23 Mar 2023 06:41:46 +0000
ROA not before: Thu 23 Mar 2023 06:41:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133275
IP address blocks: 43.228.220.0/22 maxlen: 24
43.248.236.0/22 maxlen: 24
43.249.52.0/22 maxlen: 23
45.115.4.0/22 maxlen: 24
45.119.136.0/22 maxlen: 24
45.119.140.0/22 maxlen: 24
45.125.60.0/22 maxlen: 24
103.13.104.0/22 maxlen: 24
103.36.124.0/22 maxlen: 24
103.46.192.0/23 maxlen: 24
103.46.194.0/23 maxlen: 24
103.47.168.0/22 maxlen: 24
103.47.236.0/22 maxlen: 24
103.59.192.0/22 maxlen: 24
103.59.196.0/22 maxlen: 24
103.73.92.0/22 maxlen: 24
103.86.40.0/22 maxlen: 24
103.95.120.0/22 maxlen: 24
103.193.196.0/22 maxlen: 24
103.196.52.0/22 maxlen: 24
103.208.200.0/22 maxlen: 24
103.248.116.0/22 maxlen: 24
116.204.188.0/22 maxlen: 24
137.59.240.0/22 maxlen: 24
157.119.124.0/22 maxlen: 24
157.119.216.0/24 maxlen: 24
157.119.217.0/24 maxlen: 24
157.119.218.0/24 maxlen: 24
157.119.219.0/24 maxlen: 24
2404:4340::/32 maxlen: 32
2404:4340::/33 maxlen: 33
2404:4340::/48 maxlen: 48
2404:4340:1::/48 maxlen: 48
2404:4340:2::/48 maxlen: 48
2404:4340:3::/48 maxlen: 48
2404:4340:4::/48 maxlen: 48
2404:4340:5::/48 maxlen: 48
2404:4340:6::/48 maxlen: 48
2404:4340:7::/48 maxlen: 48
2404:4340:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26399 (0x671f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 23 06:41:46 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=641bf4a9-3bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a5:b6:60:ae:11:e4:98:50:c6:93:05:be:9a:
d0:2f:4e:d6:49:cd:50:db:44:d6:cf:b3:cf:68:91:
60:82:f0:63:98:83:40:7a:65:f7:8b:81:4e:cc:de:
bc:3c:5a:4c:8f:7d:10:6e:0f:c1:d4:fa:d4:40:da:
28:8b:b8:c3:28:f5:fc:f6:ad:72:16:56:98:01:eb:
29:4a:95:df:cb:b4:d4:69:f5:2e:1b:03:bb:92:26:
96:0f:f7:a4:84:da:2c:ad:2d:4b:1a:97:68:c5:da:
2e:81:96:26:42:e8:27:03:54:6e:d1:e8:c7:8a:40:
8d:0d:90:a8:d5:05:3b:e6:de:88:13:b9:a3:9e:84:
a1:8d:c7:8b:b0:63:21:0f:e2:47:1a:d6:f9:cc:43:
9b:4c:27:3c:40:e0:64:d6:f7:7f:09:40:49:35:56:
a5:75:b9:4d:74:a1:f0:1d:46:61:1f:c6:8b:df:fb:
b9:c9:6f:6c:20:92:c0:0b:94:e9:8a:c6:32:35:f1:
20:db:73:9e:94:07:87:78:c5:74:af:4b:8f:31:ba:
d5:ad:e3:43:40:be:d9:94:24:38:cd:de:30:82:bb:
c0:d6:2a:ef:96:89:5d:4c:4f:f5:5d:a0:22:3a:09:
9e:d0:84:91:4b:6f:13:3e:31:f8:c8:d0:7b:91:c3:
f3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:94:DF:2F:EE:A9:78:F8:98:50:30:82:6D:95:2C:BE:DB:EE:24:B6
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3B528B92665911ED9EC75179C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.220.0/22
43.248.236.0/22
43.249.52.0/22
45.115.4.0/22
45.119.136.0/21
45.125.60.0/22
103.13.104.0/22
103.36.124.0/22
103.46.192.0/22
103.47.168.0/22
103.47.236.0/22
103.59.192.0/21
103.73.92.0/22
103.86.40.0/22
103.95.120.0/22
103.193.196.0/22
103.196.52.0/22
103.208.200.0/22
103.248.116.0/22
116.204.188.0/22
137.59.240.0/22
157.119.124.0/22
157.119.216.0/22
IPv6:
2404:4340::/32
Signature Algorithm: sha256WithRSAEncryption
aa:22:57:ce:0e:05:75:84:18:e5:89:fe:56:3d:0b:c8:8a:11:
bb:30:73:73:5e:a1:96:47:51:3f:15:c5:67:ef:f2:20:07:12:
a3:3c:a6:b7:f3:2b:75:77:a9:31:74:cc:c7:77:04:49:fb:80:
50:f5:00:30:b1:66:95:fd:56:8e:cf:8c:b3:e5:25:54:b2:eb:
84:b9:df:d1:6e:7c:4c:93:34:e7:4c:2c:e4:dd:a2:ad:93:60:
2b:b3:af:f7:5e:78:2a:33:f0:d4:04:67:de:cc:7d:c1:4d:28:
24:3f:c5:e9:6f:bb:87:ba:43:88:32:35:a1:75:4d:0a:b5:f7:
e2:f7:0b:d5:6a:14:01:a8:d5:18:87:20:e0:7e:9e:2f:2a:b6:
50:d4:af:3c:b2:d1:10:68:48:bd:6a:6c:4e:53:79:c7:04:16:
5d:32:a1:cf:b8:ae:90:f4:7a:72:c8:c4:de:73:f8:f3:6d:10:
fb:1e:20:d8:17:73:4c:1b:21:6b:3f:7f:85:3c:9f:3c:71:bf:
d3:f3:10:c9:11:ad:ca:3a:c2:51:a9:72:4c:16:88:0f:84:76:
e0:88:e4:4b:99:51:35:14:42:13:8d:b3:02:3b:ef:33:d3:ab:
ff:29:8c:2f:8b:83:d5:72:c5:ef:62:16:41:59:72:d7:72:8c:
5a:a4:cc:d5
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICZx8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMzIzMDY0MTQ2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDFiZjRhOS0zYmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8qW2YK4R5JhQxpMFvprQL07WSc1Q20TWz7PPaJFggvBjmINAemX3i4FOzN68
PFpMj30Qbg/B1PrUQNooi7jDKPX89q1yFlaYAespSpXfy7TUafUuGwO7kiaWD/ek
hNosrS1LGpdoxdougZYmQugnA1Ru0ejHikCNDZCo1QU75t6IE7mjnoShjceLsGMh
D+JHGtb5zEObTCc8QOBk1vd/CUBJNValdblNdKHwHUZhH8aL3/u5yW9sIJLAC5Tp
isYyNfEg23OelAeHeMV0r0uPMbrVreNDQL7ZlCQ4zd4wgrvA1irvloldTE/1XaAi
Ogme0ISRS28TPjH4yNB7kcPzMQIDAQABo4IDLTCCAykwHQYDVR0OBBYEFI6U3y/u
qXj4mFAwgm2VLL7b7iS2MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0I1MjhCOTI2
NjU5MTFFRDlFQzc1MTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbYGCCsGAQUFBwEHAQH/
BIGmMIGjMIGRBAIAATCBigMEAivk3AMEAiv47AMEAiv5NAMEAi1zBAMEAy13iAME
Ai19PAMEAmcNaAMEAmckfAMEAmcuwAMEAmcvqAMEAmcv7AMEA2c7wAMEAmdJXAME
AmdWKAMEAmdfeAMEAmfBxAMEAmfENAMEAmfQyAMEAmf4dAMEAnTMvAMEAok78AME
Ap13fAMEAp132DANBAIAAjAHAwUAJARDQDANBgkqhkiG9w0BAQsFAAOCAQEAqiJX
zg4FdYQY5Yn+Vj0LyIoRuzBzc16hlkdRPxXFZ+/yIAcSozymt/MrdXepMXTMx3cE
SfuAUPUAMLFmlf1Wjs+Ms+UlVLLrhLnf0W58TJM050ws5N2irZNgK7Ov9154KjPw
1ARn3sx9wU0oJD/F6W+7h7pDiDI1oXVNCrX34vcL1WoUAajVGIcg4H6eLyq2UNSv
PLLREGhIvWpsTlN5xwQWXTKhz7iukPR6csjE3nP4820Q+x4g2BdzTBshaz9/hTyf
PHG/0/MQyRGtyjrCUalyTBaID4R24IjkS5lRNRRCE42zAjvvM9Or/ymML4uD1XLF
72IWQVly13KMWqTM1Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-fra.rpki-client.org