Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56BE18C8B70F11EC9893B179C4F9AE02.roa
File: 56BE18C8B70F11EC9893B179C4F9AE02.roa (raw, json)
Hash identifier: 3GmJWrRrpGVeylsP8JWA0sLUsUEWr7fnryfL9Qthhrc=
Subject key identifier: C9:A2:CA:C1:1C:15:03:58:E3:11:07:31:9E:80:AA:00:FD:4B:43:96
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4D5A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56BE18C8B70F11EC9893B179C4F9AE02.roa
Signing time: Mon 02 May 2022 12:01:44 +0000
ROA not before: Mon 02 May 2022 12:01:44 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 132116
IP address blocks: 27.123.240.0/22 maxlen: 24
43.247.40.0/24 maxlen: 24
43.247.41.0/24 maxlen: 24
43.247.42.0/24 maxlen: 24
43.247.43.0/24 maxlen: 24
43.248.152.0/22 maxlen: 24
45.248.172.0/24 maxlen: 24
45.248.173.0/24 maxlen: 24
45.248.174.0/24 maxlen: 24
45.248.175.0/24 maxlen: 24
103.16.28.0/24 maxlen: 24
103.16.29.0/24 maxlen: 24
103.16.30.0/24 maxlen: 24
103.16.31.0/24 maxlen: 24
103.28.252.0/22 maxlen: 24
103.69.24.0/24 maxlen: 24
103.69.25.0/24 maxlen: 24
103.69.26.0/24 maxlen: 24
103.70.80.0/24 maxlen: 24
103.70.81.0/24 maxlen: 24
103.70.82.0/24 maxlen: 24
103.70.83.0/24 maxlen: 24
103.94.83.0/24 maxlen: 24
103.100.4.0/22 maxlen: 24
103.155.208.0/24 maxlen: 24
103.155.209.0/24 maxlen: 24
103.160.64.0/23 maxlen: 24
103.164.141.0/24 maxlen: 24
103.183.233.0/24 maxlen: 24
103.198.172.0/22 maxlen: 24
103.217.132.0/22 maxlen: 24
103.224.144.0/22 maxlen: 24
163.53.84.0/22 maxlen: 24
180.149.225.0/24 maxlen: 24
180.149.226.0/24 maxlen: 24
180.149.227.0/24 maxlen: 24
2405:e100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19802 (0x4d5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 2 12:01:44 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=626fc828-9337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c0:dd:7b:7f:f8:42:1f:4e:bd:1f:30:a5:4d:
d4:62:15:fc:8a:b4:7d:65:90:bb:d4:3b:53:ab:eb:
b5:7c:c2:33:70:b2:07:da:48:25:d1:ae:61:fa:c0:
f5:e8:ba:b9:2c:06:68:bb:23:ea:12:d6:06:0c:f1:
0a:93:28:c3:ec:ba:a1:a0:a0:5b:1f:d0:24:ee:7a:
9c:de:b8:c8:95:ea:82:6e:0e:3c:2f:d4:52:de:26:
a4:22:29:49:7b:45:09:32:5b:c8:fd:41:89:69:9a:
0b:5c:32:0a:70:68:ed:65:b8:5c:3d:27:71:2e:87:
41:d2:0d:91:53:ac:b7:8f:d0:c5:ca:d6:21:5e:c8:
6a:ff:2f:04:be:ed:8b:ce:01:c2:d0:15:91:5c:44:
94:73:96:c3:16:14:52:b5:33:cd:5f:52:a0:38:03:
fc:7a:48:00:bf:3b:51:14:0b:b7:4f:73:24:46:c9:
e6:3c:54:28:99:29:34:59:87:41:c2:7a:68:b5:56:
9e:b7:76:3a:39:99:8c:a6:dc:3d:25:71:eb:dd:cf:
84:09:41:f9:e4:eb:98:7d:b4:4b:43:20:81:c1:d6:
ca:22:d4:4e:87:e3:a6:e3:c0:a6:3c:2c:07:78:e0:
fa:04:eb:d8:5c:e4:59:a0:40:66:6b:c9:6c:da:74:
7a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A2:CA:C1:1C:15:03:58:E3:11:07:31:9E:80:AA:00:FD:4B:43:96
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56BE18C8B70F11EC9893B179C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/22
43.247.40.0/22
43.248.152.0/22
45.248.172.0/22
103.16.28.0/22
103.28.252.0/22
103.69.24.0-103.69.26.255
103.70.80.0/22
103.94.83.0/24
103.100.4.0/22
103.155.208.0/23
103.160.64.0/23
103.164.141.0/24
103.183.233.0/24
103.198.172.0/22
103.217.132.0/22
103.224.144.0/22
163.53.84.0/22
180.149.225.0-180.149.227.255
IPv6:
2405:e100::/48
Signature Algorithm: sha256WithRSAEncryption
a3:ae:d3:01:c4:ea:f5:8b:5b:9a:64:5b:5e:1e:0a:24:4e:dd:
7b:62:d9:81:58:f0:74:06:b3:f8:be:0f:ba:c7:f9:a2:b8:e0:
b2:a3:ef:3c:84:f7:c1:b5:58:af:13:ee:f5:52:e4:e0:79:92:
9a:4e:64:b1:64:c8:1d:74:c0:85:ca:24:88:30:06:7d:63:9f:
01:ee:26:8b:24:91:af:b0:33:c5:6c:5b:73:1c:6d:ac:dd:07:
4a:c4:18:43:5b:6c:89:ae:d9:3d:75:f8:c5:b8:79:63:f7:b4:
ae:3b:42:32:e2:70:06:c0:7c:09:c6:e6:f9:64:15:df:98:99:
eb:24:86:08:a3:c8:5c:69:af:0d:6c:54:21:fa:c2:be:f1:9d:
38:a2:bd:0d:35:97:22:a8:60:e7:9b:db:fe:aa:4f:18:d5:20:
e1:1b:dc:7a:1c:6c:9d:7d:54:0f:73:fb:84:41:c1:14:57:a0:
f8:58:cf:26:71:00:40:cb:f6:3b:5c:91:ce:1b:2f:e3:92:12:
2b:7b:17:be:a5:12:33:f7:fa:90:e9:1a:31:f5:1e:5c:8a:43:
a6:9a:94:68:2f:90:89:12:47:09:87:6a:54:8a:bd:b1:56:29:
b3:8c:09:23:de:13:c3:98:4d:b6:77:3e:fd:5e:5c:3b:e4:31:
14:c2:38:58
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICTVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTAyMTIwMTQ0WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZmYzgyOC05MzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxMDde3/4Qh9OvR8wpU3UYhX8irR9ZZC71DtTq+u1fMIzcLIH2kgl0a5h+sD1
6Lq5LAZouyPqEtYGDPEKkyjD7LqhoKBbH9Ak7nqc3rjIleqCbg48L9RS3iakIilJ
e0UJMlvI/UGJaZoLXDIKcGjtZbhcPSdxLodB0g2RU6y3j9DFytYhXshq/y8Evu2L
zgHC0BWRXESUc5bDFhRStTPNX1KgOAP8ekgAvztRFAu3T3MkRsnmPFQomSk0WYdB
wnpotVaet3Y6OZmMptw9JXHr3c+ECUH55OuYfbRLQyCBwdbKItROh+Om48CmPCwH
eOD6BOvYXORZoEBma8ls2nR6fQIDAQABo4IDJzCCAyMwHQYDVR0OBBYEFMmiysEc
FQNY4xEHMZ6AqgD9S0OWMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTZCRTE4QzhC
NzBGMTFFQzk4OTNCMTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbAGCCsGAQUFBwEHAQH/
BIGgMIGdMIGJBAIAATCBggMEAht78AMEAiv3KAMEAiv4mAMEAi34rAMEAmcQHAME
Amcc/DAMAwQDZ0UYAwQAZ0UaAwQCZ0ZQAwQAZ15TAwQCZ2QEAwQBZ5vQAwQBZ6BA
AwQAZ6SNAwQAZ7fpAwQCZ8asAwQCZ9mEAwQCZ+CQAwQCozVUMAwDBAC0leEDBAK0
leAwDwQCAAIwCQMHACQF4QAAADANBgkqhkiG9w0BAQsFAAOCAQEAo67TAcTq9Ytb
mmRbXh4KJE7de2LZgVjwdAaz+L4Pusf5orjgsqPvPIT3wbVYrxPu9VLk4HmSmk5k
sWTIHXTAhcokiDAGfWOfAe4miySRr7AzxWxbcxxtrN0HSsQYQ1tsia7ZPXX4xbh5
Y/e0rjtCMuJwBsB8Ccbm+WQV35iZ6ySGCKPIXGmvDWxUIfrCvvGdOKK9DTWXIqhg
55vb/qpPGNUg4RvcehxsnX1UD3P7hEHBFFeg+FjPJnEAQMv2O1yRzhsv45ISK3sX
vqUSM/f6kOkaMfUeXIpDppqUaC+QiRJHCYdqVIq9sVYps4wJI94Tw5hNtnc+/V5c
O+QxFMI4WA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org