Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4114ED0A6F0911ED8A7BD268C4F9AE02.roa
File: 4114ED0A6F0911ED8A7BD268C4F9AE02.roa (raw, json)
Hash identifier: ZiY6WjDrcb/JAqJSakj7rrsr1cDrFWCRH+ZpJWEyYSU=
Subject key identifier: 7C:9A:AF:51:58:01:5E:41:41:E2:74:2F:F6:87:C7:E2:91:11:26:8C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 63CE
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4114ED0A6F0911ED8A7BD268C4F9AE02.roa
Signing time: Fri 27 Jan 2023 05:21:38 +0000
ROA not before: Fri 27 Jan 2023 05:21:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150102
IP address blocks: 43.255.56.0/24 maxlen: 24
103.194.119.0/24 maxlen: 24
103.212.132.0/24 maxlen: 24
103.212.133.0/24 maxlen: 24
103.217.80.0/23 maxlen: 24
103.225.180.0/24 maxlen: 24
103.225.181.0/24 maxlen: 24
103.229.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25550 (0x63ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 27 05:21:38 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63d35f62-7a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b8:9b:96:5b:94:8c:d0:7f:e3:b9:cf:89:bf:
87:e7:b3:b5:02:67:ef:04:c3:5a:90:c9:43:79:9b:
c9:a4:62:17:7a:e7:70:d8:e7:5d:95:a4:d8:72:92:
84:0a:a7:90:d1:cd:ac:b4:1d:f8:b1:1f:2c:d8:98:
ec:c7:ff:ad:91:c1:0d:6f:36:c4:6f:cf:f6:62:15:
46:d2:dc:0a:88:ee:12:9d:8e:cb:81:f0:11:91:0e:
10:8b:e3:00:56:f0:ad:fe:37:4d:0d:2c:e9:ce:3b:
75:d5:23:07:45:39:1a:83:2b:15:a5:d3:5b:5b:68:
65:72:fc:6c:0d:8b:a7:88:3f:aa:a9:9f:ed:e8:f4:
ef:22:e8:27:c5:4f:b4:10:d5:7b:ea:53:15:1d:e1:
b4:d0:80:0b:13:34:86:20:76:62:e2:30:aa:3f:56:
f1:9a:c9:a4:08:1f:1f:8d:3b:d9:37:15:62:ba:bf:
5a:d9:6a:41:1d:7a:66:f2:a3:da:ad:41:4e:70:b7:
73:9d:14:fb:a3:87:53:ef:09:e0:6d:e2:23:e6:62:
de:f0:92:94:c3:ff:15:6c:ba:c1:c5:f8:d3:b8:b9:
fe:12:3e:a3:af:10:55:41:ef:e9:37:31:6d:21:68:
5f:95:31:a8:88:cf:dd:1d:6e:09:60:72:02:64:11:
33:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:9A:AF:51:58:01:5E:41:41:E2:74:2F:F6:87:C7:E2:91:11:26:8C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4114ED0A6F0911ED8A7BD268C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.56.0/24
103.194.119.0/24
103.212.132.0/23
103.217.80.0/23
103.225.180.0/23
103.229.209.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ff:8e:b3:c2:e4:59:27:be:19:7f:af:f6:cb:32:97:84:34:
3b:a2:e8:2f:24:a3:a8:23:ff:4e:0e:62:22:8e:8d:f3:e7:6d:
7d:32:90:0e:d9:d4:43:5b:4b:cd:01:27:53:76:b6:b3:67:36:
4e:79:08:e2:4c:79:fa:1d:a1:4e:a8:d6:6a:f7:f9:b1:0f:2d:
a4:44:3b:92:a3:c6:b0:41:88:d0:ea:81:3d:4d:ba:23:14:45:
62:08:a9:b5:83:f6:14:c5:39:fc:9d:d9:f0:06:87:21:b5:36:
78:06:b0:f8:17:86:2c:61:78:6d:bc:e7:0c:76:94:af:d8:18:
87:df:de:67:c9:7a:bf:2f:c4:0b:d7:2d:07:c4:b7:ee:dc:5d:
b0:08:34:ba:7a:df:75:0c:06:37:57:9c:2f:ee:1f:7c:83:fe:
23:6e:f4:a6:fa:87:bf:ea:af:df:4b:f4:e1:76:f7:b1:6e:90:
ac:c6:3b:a8:d3:6d:96:59:b4:37:85:c5:26:7c:84:c1:6e:19:
c2:8d:ae:f3:9a:42:d8:47:ba:79:85:c9:f2:27:2c:f0:c5:54:
f0:44:f0:50:6f:38:72:88:37:c2:43:e0:a4:7d:97:dc:08:0c:
77:5b:57:a5:0a:9a:a1:db:23:dd:ff:46:6e:b3:a2:b6:55:30:
c7:5f:3b:80
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICY84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTI3MDUyMTM4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QzNWY2Mi03YTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApbiblluUjNB/47nPib+H57O1AmfvBMNakMlDeZvJpGIXeudw2OddlaTYcpKE
CqeQ0c2stB34sR8s2Jjsx/+tkcENbzbEb8/2YhVG0twKiO4SnY7LgfARkQ4Qi+MA
VvCt/jdNDSzpzjt11SMHRTkagysVpdNbW2hlcvxsDYuniD+qqZ/t6PTvIugnxU+0
ENV76lMVHeG00IALEzSGIHZi4jCqP1bxmsmkCB8fjTvZNxViur9a2WpBHXpm8qPa
rUFOcLdznRT7o4dT7wngbeIj5mLe8JKUw/8VbLrBxfjTuLn+Ej6jrxBVQe/pNzFt
IWhflTGoiM/dHW4JYHICZBEzWwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFHyar1FY
AV5BQeJ0L/aHx+KRESaMMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDExNEVEMEE2
RjA5MTFFRDhBN0JEMjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAr/zgDBABnwncDBAFn1IQDBAFn2VADBAFn4bQDBABn5dEw
DQYJKoZIhvcNAQELBQADggEBAGr/jrPC5Fknvhl/r/bLMpeENDui6C8ko6gj/04O
YiKOjfPnbX0ykA7Z1ENbS80BJ1N2trNnNk55COJMefodoU6o1mr3+bEPLaREO5Kj
xrBBiNDqgT1NuiMURWIIqbWD9hTFOfyd2fAGhyG1NngGsPgXhixheG285wx2lK/Y
GIff3mfJer8vxAvXLQfEt+7cXbAINLp633UMBjdXnC/uH3yD/iNu9Kb6h7/qr99L
9OF297FukKzGO6jTbZZZtDeFxSZ8hMFuGcKNrvOaQthHunmFyfInLPDFVPBE8FBv
OHKIN8JD4KR9l9wIDHdbV6UKmqHbI93/Rm6zorZVMMdfO4A=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-ams.rpki-client.org