Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5232CA5CB4E311ECBB08ED5AC4F9AE02.roa
File: 5232CA5CB4E311ECBB08ED5AC4F9AE02.roa (raw, json)
Hash identifier: Z8Qx9wPUc+wfkiqn4PE95QG+ZGHQH+t7UiBQ51+N9Xk=
Subject key identifier: 51:AF:BC:21:C5:3C:F3:A3:4A:B4:A6:78:15:D3:CD:8F:DB:D7:42:D9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4B88
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5232CA5CB4E311ECBB08ED5AC4F9AE02.roa
Signing time: Tue 05 Apr 2022 13:21:37 +0000
ROA not before: Tue 05 Apr 2022 13:21:37 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 45954
IP address blocks: 43.254.176.0/22 maxlen: 24
103.7.80.0/22 maxlen: 24
103.235.68.0/24 maxlen: 24
103.235.69.0/24 maxlen: 24
103.235.70.0/24 maxlen: 24
103.235.71.0/24 maxlen: 24
150.107.100.0/22 maxlen: 24
180.150.240.0/22 maxlen: 24
223.255.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19336 (0x4b88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 5 13:21:37 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=624c4261-64e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9d:ac:fa:e7:85:a4:45:9f:e9:67:8f:a4:55:
36:0d:c9:88:15:10:26:ab:9a:44:00:87:56:52:dd:
28:82:90:10:e2:ac:d8:19:62:d8:cc:15:a4:71:9b:
ec:48:b0:3c:6c:cf:8d:34:fd:dc:53:72:dd:68:de:
dd:7a:ab:2c:ea:97:e1:85:d2:ba:20:39:be:30:10:
63:0c:10:4e:8a:83:33:f7:57:b2:33:c2:3a:93:84:
ac:ea:f1:38:04:3a:f5:ab:64:ac:26:d3:5b:62:cd:
ca:37:e5:c0:5c:fe:79:24:7c:99:b4:d7:34:0f:0d:
fa:1d:68:8f:76:58:78:10:d8:e7:bc:12:35:5b:06:
d3:97:e2:a1:13:b2:1e:fa:c7:d7:f3:cd:aa:38:01:
95:86:52:54:99:ea:23:b8:bb:e3:a3:7a:bd:07:3d:
30:94:1e:77:a9:da:e3:c6:71:94:f8:07:96:d2:d1:
38:d2:01:20:90:3d:1c:2e:9d:f3:48:7a:56:e6:81:
20:87:2a:bf:a0:ce:14:01:9a:6c:db:95:b5:b2:d1:
c7:a3:e1:07:3d:a8:5c:dc:44:ca:9d:51:a5:5c:b7:
66:b7:32:48:33:01:1b:cc:1a:a6:c1:c3:88:b7:d3:
6d:32:b3:77:5d:d6:18:66:6a:39:eb:d5:6b:ae:f2:
da:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AF:BC:21:C5:3C:F3:A3:4A:B4:A6:78:15:D3:CD:8F:DB:D7:42:D9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5232CA5CB4E311ECBB08ED5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.176.0/22
103.7.80.0/22
103.235.68.0/22
150.107.100.0/22
180.150.240.0/22
223.255.244.0/22
Signature Algorithm: sha256WithRSAEncryption
43:fd:9f:ba:a0:01:f3:5d:38:3e:27:fd:64:b6:e6:73:bc:a7:
b2:d0:b1:36:d1:5b:68:4d:f9:83:6d:5b:28:45:c4:a1:6d:17:
2c:93:5f:4c:12:7c:e9:22:85:36:10:2b:56:0e:4b:27:46:01:
0f:8e:9c:e7:d2:b3:89:33:42:3b:42:7d:27:77:1d:34:c2:26:
1e:7b:76:61:65:fc:d3:22:af:79:e6:36:d9:41:7f:3f:cd:2a:
6f:58:57:b7:71:5d:d2:ba:a6:02:eb:df:4a:47:fa:4f:66:b2:
3e:4d:86:7a:4b:ef:4d:ce:43:fa:d4:9a:cf:50:d6:cc:2a:c3:
6e:fd:12:9b:ca:24:e1:24:85:ec:92:bb:d4:ce:a9:88:55:bb:
34:25:22:6e:a7:c3:7a:ef:92:05:ea:44:1b:ea:23:c3:d0:9a:
65:80:d8:a4:3e:80:b5:07:c3:de:63:f2:85:9b:bc:60:a0:ee:
66:ca:69:d5:f6:63:a0:0f:4b:ce:bb:26:fa:bb:86:f5:7c:a9:
be:75:05:36:b3:4e:20:57:32:a1:05:d4:92:56:8b:6c:eb:25:
da:fe:3b:8d:c3:37:5c:97:11:f9:36:52:73:70:d9:9b:c9:35:
3f:8a:38:c9:38:b4:f4:c4:12:cc:98:e5:22:ad:10:c7:29:6f:
63:d4:b5:af
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICS4gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNDA1MTMyMTM3WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjRjNDI2MS02NGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyJ2s+ueFpEWf6WePpFU2DcmIFRAmq5pEAIdWUt0ogpAQ4qzYGWLYzBWkcZvs
SLA8bM+NNP3cU3LdaN7deqss6pfhhdK6IDm+MBBjDBBOioMz91eyM8I6k4Ss6vE4
BDr1q2SsJtNbYs3KN+XAXP55JHyZtNc0Dw36HWiPdlh4ENjnvBI1WwbTl+KhE7Ie
+sfX882qOAGVhlJUmeojuLvjo3q9Bz0wlB53qdrjxnGU+AeW0tE40gEgkD0cLp3z
SHpW5oEghyq/oM4UAZps25W1stHHo+EHPahc3ETKnVGlXLdmtzJIMwEbzBqmwcOI
t9NtMrN3XdYYZmo569VrrvLaWwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFGvvCHF
PPOjSrSmeBXTzY/b10LZMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTIzMkNBNUNC
NEUzMTFFQ0JCMDhFRDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAIr/rADBAJnB1ADBAJn60QDBAKWa2QDBAK0lvADBALf//Qw
DQYJKoZIhvcNAQELBQADggEBAEP9n7qgAfNdOD4n/WS25nO8p7LQsTbRW2hN+YNt
WyhFxKFtFyyTX0wSfOkihTYQK1YOSydGAQ+OnOfSs4kzQjtCfSd3HTTCJh57dmFl
/NMir3nmNtlBfz/NKm9YV7dxXdK6pgLr30pH+k9msj5NhnpL703OQ/rUms9Q1swq
w279EpvKJOEkheySu9TOqYhVuzQlIm6nw3rvkgXqRBvqI8PQmmWA2KQ+gLUHw95j
8oWbvGCg7mbKadX2Y6APS867Jvq7hvV8qb51BTazTiBXMqEF1JJWi2zrJdr+O43D
N1yXEfk2UnNw2ZvJNT+KOMk4tPTEEsyY5SKtEMcpb2PUta8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org