Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/435BCD7621AE11ECAB69874EC4F9AE02.roa
File: 435BCD7621AE11ECAB69874EC4F9AE02.roa (raw, json)
Hash identifier: xBEkVJphPljx1StFR1/b7CglR0OUQNrfBW8lQOLEj74=
Subject key identifier: 79:20:04:6C:71:52:CB:D2:C2:DD:1D:A2:D5:66:C8:A2:9D:36:8D:20
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6560
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/435BCD7621AE11ECAB69874EC4F9AE02.roa
Signing time: Tue 21 Feb 2023 09:21:41 +0000
ROA not before: Tue 21 Feb 2023 09:21:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140174
IP address blocks: 43.241.66.0/24 maxlen: 24
103.61.68.0/24 maxlen: 24
103.149.16.0/24 maxlen: 24
103.152.184.0/24 maxlen: 24
103.173.214.0/24 maxlen: 24
103.178.106.0/23 maxlen: 24
103.224.152.0/24 maxlen: 24
103.224.153.0/24 maxlen: 24
103.224.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25952 (0x6560)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 21 09:21:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63f48d25-766c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fb:5b:cd:57:57:bd:86:12:b0:d5:da:38:23:
3c:15:9d:35:5c:a5:d6:11:ed:e7:ed:75:e0:73:fd:
dc:87:d1:02:c1:13:3c:3e:76:98:c7:96:62:e1:e1:
ed:dc:61:a4:6e:65:88:a3:fc:01:f5:d1:87:a4:e7:
b0:23:49:20:52:04:73:84:8f:e6:9e:33:b9:f9:5c:
07:af:bc:41:bf:06:66:3e:e1:cc:bd:13:21:5a:40:
92:d2:3b:c3:1d:c8:7f:7a:8e:76:0e:b5:d8:13:e2:
63:a0:da:71:c5:53:f6:bc:53:d5:af:d0:96:aa:4d:
d2:b7:9b:32:a3:64:10:dd:b7:c4:05:1b:9d:7c:58:
68:db:d1:57:54:9a:65:9d:5e:17:4b:56:ce:93:d1:
74:8d:bb:d8:89:3d:f3:55:92:ee:84:08:f3:cf:6f:
27:32:a0:d6:1a:41:ba:3a:ad:8e:7d:b2:e2:c7:13:
e9:bd:f7:d6:19:8c:0d:aa:76:3a:b9:de:ad:5c:d8:
71:fb:1a:74:d9:94:c5:db:22:e5:12:57:49:26:6b:
fd:28:86:f1:68:70:dd:a0:d5:70:50:bc:5c:77:e3:
40:25:31:78:b4:78:30:f9:50:1f:7e:28:6c:ca:a0:
1c:95:25:b3:fe:c7:3c:46:45:c2:dd:28:37:e7:81:
d9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:20:04:6C:71:52:CB:D2:C2:DD:1D:A2:D5:66:C8:A2:9D:36:8D:20
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/435BCD7621AE11ECAB69874EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.66.0/24
103.61.68.0/24
103.149.16.0/24
103.152.184.0/24
103.173.214.0/24
103.178.106.0/23
103.224.152.0-103.224.154.255
Signature Algorithm: sha256WithRSAEncryption
3b:6a:c9:3f:e8:fa:ff:28:dc:c5:26:5a:19:e6:18:06:f3:e8:
5e:46:a5:35:19:58:1c:a9:9f:86:e1:6e:53:ac:57:6c:4e:f4:
09:f8:95:73:77:9f:60:ea:f0:f0:43:f4:6b:8e:59:9a:10:25:
29:f1:0c:c4:e7:fc:ba:09:fb:b2:15:c2:71:d1:33:1e:e2:21:
f0:82:50:15:57:aa:78:85:61:87:7d:a4:9c:8c:4b:0a:07:9b:
41:a1:b7:75:93:fd:69:e6:9b:4c:f4:6a:e0:d6:37:6e:74:c0:
04:ea:71:6b:1f:aa:80:75:2c:ab:9f:2d:62:cd:6a:85:94:74:
24:7c:96:28:11:fb:8d:2e:7e:1b:fa:ef:2c:74:8f:2c:01:e0:
13:66:88:9d:2b:cd:9a:58:c8:6a:54:e2:fd:1b:99:dd:dd:40:
80:0c:22:b9:e5:ae:5b:61:a1:51:76:f6:26:b3:70:c8:7f:cf:
64:92:fe:8a:90:2e:7c:ac:2f:21:36:d1:60:b8:dc:52:34:bf:
44:42:52:72:2f:c2:19:e8:db:c8:e6:2f:30:25:fa:a1:cc:25:
20:25:99:23:28:cd:ba:f3:9b:8f:fd:e2:07:c0:93:d0:14:40:
7e:f4:82:f9:fc:f0:0f:4b:dc:26:19:ba:5e:40:ea:11:61:5c:
01:62:34:0c
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICZWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjIxMDkyMTQxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Y0OGQyNS03NjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ftbzVdXvYYSsNXaOCM8FZ01XKXWEe3n7XXgc/3ch9ECwRM8PnaYx5Zi4eHt
3GGkbmWIo/wB9dGHpOewI0kgUgRzhI/mnjO5+VwHr7xBvwZmPuHMvRMhWkCS0jvD
Hch/eo52DrXYE+JjoNpxxVP2vFPVr9CWqk3St5syo2QQ3bfEBRudfFho29FXVJpl
nV4XS1bOk9F0jbvYiT3zVZLuhAjzz28nMqDWGkG6Oq2OfbLixxPpvffWGYwNqnY6
ud6tXNhx+xp02ZTF2yLlEldJJmv9KIbxaHDdoNVwULxcd+NAJTF4tHgw+VAffihs
yqAclSWz/sc8RkXC3Sg354HZSQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFHkgBGxx
UsvSwt0dotVmyKKdNo0gMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDM1QkNENzYy
MUFFMTFFQ0FCNjk4NzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgABMDIDBAAr8UIDBABnPUQDBABnlRADBABnmLgDBABnrdYDBAFnsmow
DAMEA2fgmAMEAGfgmjANBgkqhkiG9w0BAQsFAAOCAQEAO2rJP+j6/yjcxSZaGeYY
BvPoXkalNRlYHKmfhuFuU6xXbE70CfiVc3efYOrw8EP0a45ZmhAlKfEMxOf8ugn7
shXCcdEzHuIh8IJQFVeqeIVhh32knIxLCgebQaG3dZP9aeabTPRq4NY3bnTABOpx
ax+qgHUsq58tYs1qhZR0JHyWKBH7jS5+G/rvLHSPLAHgE2aInSvNmljIalTi/RuZ
3d1AgAwiueWuW2GhUXb2JrNwyH/PZJL+ipAufKwvITbRYLjcUjS/REJSci/CGejb
yOYvMCX6ocwlICWZIyjNuvObj/3iB8CT0BRAfvSC+fzwD0vcJhm6XkDqEWFcAWI0
DA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-ams.rpki-client.org