Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/64E25D5A97B611EDAE9D4381C4F9AE02.roa
File: 64E25D5A97B611EDAE9D4381C4F9AE02.roa (raw, json)
Hash identifier: /MWUK3xlAm3NRHWcoZuEdZKKXX74VRUEWeesQies1ys=
Subject key identifier: 96:6C:34:61:72:BC:01:80:F2:90:53:23:19:F8:D3:83:70:9C:88:BB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 64D7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/64E25D5A97B611EDAE9D4381C4F9AE02.roa
Signing time: Tue 14 Feb 2023 08:41:47 +0000
ROA not before: Tue 14 Feb 2023 08:41:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58678
IP address blocks: 43.241.28.0/22 maxlen: 24
43.241.128.0/22 maxlen: 24
43.241.132.0/22 maxlen: 24
43.242.208.0/24 maxlen: 24
43.242.209.0/24 maxlen: 24
43.242.210.0/24 maxlen: 24
43.242.211.0/24 maxlen: 24
43.242.224.0/22 maxlen: 24
43.242.228.0/22 maxlen: 24
45.64.84.0/22 maxlen: 24
45.114.192.0/22 maxlen: 24
45.117.0.0/22 maxlen: 23
45.117.0.0/23 maxlen: 24
45.117.3.0/24 maxlen: 24
45.127.120.0/22 maxlen: 24
45.250.248.0/24 maxlen: 24
45.250.249.0/24 maxlen: 24
45.250.250.0/24 maxlen: 24
103.14.232.0/22 maxlen: 24
103.26.52.0/22 maxlen: 22
103.26.52.0/24 maxlen: 24
103.26.53.0/24 maxlen: 24
103.26.54.0/24 maxlen: 24
103.26.55.0/24 maxlen: 24
103.26.56.0/22 maxlen: 24
103.42.160.0/22 maxlen: 24
103.48.56.0/23 maxlen: 24
103.48.58.0/24 maxlen: 24
103.48.59.0/24 maxlen: 24
103.48.100.0/22 maxlen: 24
103.59.188.0/22 maxlen: 24
103.59.212.0/22 maxlen: 24
103.66.80.0/24 maxlen: 24
103.66.81.0/24 maxlen: 24
103.66.82.0/24 maxlen: 24
103.66.83.0/24 maxlen: 24
103.74.236.0/22 maxlen: 24
103.77.152.0/22 maxlen: 23
103.77.152.0/23 maxlen: 24
103.77.154.0/24 maxlen: 24
103.89.40.0/22 maxlen: 24
103.111.132.0/22 maxlen: 24
103.112.32.0/24 maxlen: 24
103.112.33.0/24 maxlen: 24
103.112.34.0/24 maxlen: 24
103.112.35.0/24 maxlen: 24
103.137.152.0/22 maxlen: 24
103.148.207.0/24 maxlen: 24
103.153.151.0/24 maxlen: 24
103.155.170.0/24 maxlen: 24
103.162.190.0/23 maxlen: 24
103.163.188.0/24 maxlen: 24
103.163.189.0/24 maxlen: 24
103.168.62.0/24 maxlen: 24
103.168.63.0/24 maxlen: 24
103.173.208.0/23 maxlen: 24
103.174.38.0/24 maxlen: 24
103.177.180.0/24 maxlen: 24
103.177.181.0/24 maxlen: 24
103.178.212.0/23 maxlen: 24
103.181.209.0/24 maxlen: 24
103.185.174.0/23 maxlen: 24
103.204.119.0/24 maxlen: 24
103.209.18.0/24 maxlen: 24
103.209.19.0/24 maxlen: 24
103.216.144.0/22 maxlen: 24
103.218.100.0/22 maxlen: 24
103.219.164.0/24 maxlen: 24
103.219.165.0/24 maxlen: 24
103.219.166.0/24 maxlen: 24
103.219.167.0/24 maxlen: 24
103.220.80.0/22 maxlen: 24
103.220.212.0/22 maxlen: 24
103.226.0.0/22 maxlen: 24
103.226.4.0/22 maxlen: 24
103.226.28.0/22 maxlen: 24
103.232.24.0/22 maxlen: 24
124.108.16.0/22 maxlen: 24
2404:bd00::/48 maxlen: 48
2404:bd00:1::/48 maxlen: 48
2404:bd00:2::/48 maxlen: 48
2404:bd00:3::/48 maxlen: 48
2404:bd00:4::/48 maxlen: 48
2404:bd00:5::/48 maxlen: 48
2404:bd00:6::/48 maxlen: 48
2404:bd00:7::/48 maxlen: 48
2404:bd00:8::/48 maxlen: 48
2404:bd00:a::/48 maxlen: 48
2404:bd00:b::/48 maxlen: 48
2404:bd00:c::/48 maxlen: 48
2404:bd00:d::/48 maxlen: 48
2404:bd00:e::/48 maxlen: 48
2404:bd00:f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25815 (0x64d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 14 08:41:47 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63eb494b-95ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:83:54:9f:53:f4:54:cc:d2:14:00:fb:c8:9d:
66:55:e0:0b:68:13:2d:66:9b:23:1b:de:ea:5d:a6:
16:4c:46:a5:2c:c2:85:63:e1:6d:4d:c9:2a:8c:d7:
62:25:cd:25:86:90:bb:ed:22:39:69:b3:fe:60:0a:
c0:46:a2:76:c6:10:95:c6:11:41:96:bf:ff:72:79:
46:fd:d1:dd:64:bc:7c:d2:97:9c:21:8c:b4:55:4e:
ca:3e:9d:c9:b1:b0:f6:cf:fd:c7:40:95:93:07:ee:
f2:eb:e5:f5:65:57:f0:33:81:7c:a3:42:0f:2b:0e:
65:b6:a7:65:72:27:b3:1a:bc:87:39:f5:9d:48:c8:
b1:e1:a0:2a:10:da:7a:b9:ba:73:9f:a8:2d:c7:18:
4c:74:56:e9:63:d8:b4:0f:89:7d:3d:56:c9:80:d8:
f9:8a:21:d2:e0:0e:c4:57:ab:6a:ed:7c:0b:8d:0d:
71:ca:f3:d0:69:c6:6d:0a:b4:9d:72:20:b5:a9:00:
bc:ac:30:61:14:f7:7e:81:50:43:77:fd:88:93:ba:
4e:db:24:21:cc:89:4e:8a:f8:85:a9:e0:fb:84:41:
69:7f:f6:7e:11:47:48:c8:34:d3:cc:38:c8:29:f1:
f1:4b:4f:35:1d:2c:46:e5:ac:56:c7:ea:ad:5c:14:
34:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6C:34:61:72:BC:01:80:F2:90:53:23:19:F8:D3:83:70:9C:88:BB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/64E25D5A97B611EDAE9D4381C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.28.0/22
43.241.128.0/21
43.242.208.0/22
43.242.224.0/21
45.64.84.0/22
45.114.192.0/22
45.117.0.0/22
45.127.120.0/22
45.250.248.0-45.250.250.255
103.14.232.0/22
103.26.52.0-103.26.59.255
103.42.160.0/22
103.48.56.0/22
103.48.100.0/22
103.59.188.0/22
103.59.212.0/22
103.66.80.0/22
103.74.236.0/22
103.77.152.0/22
103.89.40.0/22
103.111.132.0/22
103.112.32.0/22
103.137.152.0/22
103.148.207.0/24
103.153.151.0/24
103.155.170.0/24
103.162.190.0/23
103.163.188.0/23
103.168.62.0/23
103.173.208.0/23
103.174.38.0/24
103.177.180.0/23
103.178.212.0/23
103.181.209.0/24
103.185.174.0/23
103.204.119.0/24
103.209.18.0/23
103.216.144.0/22
103.218.100.0/22
103.219.164.0/22
103.220.80.0/22
103.220.212.0/22
103.226.0.0/21
103.226.28.0/22
103.232.24.0/22
124.108.16.0/22
IPv6:
2404:bd00::-2404:bd00:8:ffff:ffff:ffff:ffff:ffff
2404:bd00:a::-2404:bd00:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:3a:13:11:ce:f8:41:4d:32:f4:fc:d0:2b:76:af:ee:24:b5:
45:67:13:d6:4c:e6:e2:95:e0:35:5f:5c:a9:1c:4f:16:92:da:
71:1e:10:1f:c9:32:00:13:86:ca:8f:1b:17:9a:af:bb:c0:9d:
78:87:aa:9c:18:e6:ae:fe:83:48:81:1e:87:5b:c7:90:8a:26:
ac:fe:7d:43:d5:93:50:b4:b9:18:56:89:2e:6c:97:2c:8e:a6:
96:f8:7a:b6:26:a8:e9:5f:f2:5d:a0:b4:4f:35:2e:44:92:01:
44:e5:1d:a2:5c:ca:c2:e7:4f:b8:fc:36:2f:3d:3b:22:4f:19:
bc:05:a3:b5:96:7b:7d:bf:f9:3d:74:0f:02:50:e4:8b:f5:e2:
67:d3:12:f5:d6:72:2b:f1:c7:46:11:4b:28:ea:6b:45:54:5d:
b1:6a:97:dc:ad:0f:26:e4:f3:9e:cf:a0:91:aa:f0:c2:86:bd:
bb:2b:ac:a6:7e:07:ba:c3:b1:21:6b:ad:c3:da:92:69:c6:43:
ef:47:07:45:47:17:6a:38:8a:74:a6:89:03:d0:8e:b7:8d:7e:
91:d6:6f:68:b9:24:dd:5f:cb:e8:97:31:de:0d:d7:d4:00:a6:
88:11:7b:28:b5:b0:7e:b0:9f:17:64:3f:55:cd:09:43:96:0e:
5a:c8:21:3b
-----BEGIN CERTIFICATE-----
MIIGxjCCBa6gAwIBAgICZNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjE0MDg0MTQ3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ViNDk0Yi05NWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq4NUn1P0VMzSFAD7yJ1mVeALaBMtZpsjG97qXaYWTEalLMKFY+FtTckqjNdi
Jc0lhpC77SI5abP+YArARqJ2xhCVxhFBlr//cnlG/dHdZLx80pecIYy0VU7KPp3J
sbD2z/3HQJWTB+7y6+X1ZVfwM4F8o0IPKw5ltqdlciezGryHOfWdSMix4aAqENp6
ubpzn6gtxxhMdFbpY9i0D4l9PVbJgNj5iiHS4A7EV6tq7XwLjQ1xyvPQacZtCrSd
ciC1qQC8rDBhFPd+gVBDd/2Ik7pO2yQhzIlOiviFqeD7hEFpf/Z+EUdIyDTTzDjI
KfHxS081HSxG5axWx+qtXBQ0OQIDAQABo4ID6jCCA+YwHQYDVR0OBBYEFJZsNGFy
vAGA8pBTIxn404NwnIi7MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjRFMjVENUE5
N0I2MTFFREFFOUQ0MzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFyBggrBgEFBQcBBwEB
/wSCAWEwggFdMIIBLAQCAAEwggEkAwQCK/EcAwQDK/GAAwQCK/LQAwQDK/LgAwQC
LUBUAwQCLXLAAwQCLXUAAwQCLX94MAwDBAMt+vgDBAAt+voDBAJnDugwDAMEAmca
NAMEAmcaOAMEAmcqoAMEAmcwOAMEAmcwZAMEAmc7vAMEAmc71AMEAmdCUAMEAmdK
7AMEAmdNmAMEAmdZKAMEAmdvhAMEAmdwIAMEAmeJmAMEAGeUzwMEAGeZlwMEAGeb
qgMEAWeivgMEAWejvAMEAWeoPgMEAWet0AMEAGeuJgMEAWextAMEAWey1AMEAGe1
0QMEAWe5rgMEAGfMdwMEAWfREgMEAmfYkAMEAmfaZAMEAmfbpAMEAmfcUAMEAmfc
1AMEA2fiAAMEAmfiHAMEAmfoGAMEAnxsEDArBAIAAjAlMA8DBAAkBL0DBwAkBL0A
AAgwEgMHASQEvQAACgMHBCQEvQAAADANBgkqhkiG9w0BAQsFAAOCAQEATzoTEc74
QU0y9PzQK3av7iS1RWcT1kzm4pXgNV9cqRxPFpLacR4QH8kyABOGyo8bF5qvu8Cd
eIeqnBjmrv6DSIEeh1vHkIomrP59Q9WTULS5GFaJLmyXLI6mlvh6tiao6V/yXaC0
TzUuRJIBROUdolzKwudPuPw2Lz07Ik8ZvAWjtZZ7fb/5PXQPAlDki/XiZ9MS9dZy
K/HHRhFLKOprRVRdsWqX3K0PJuTzns+gkarwwoa9uyuspn4HusOxIWutw9qSacZD
70cHRUcXajiKdKaJA9COt41+kdZvaLkk3V/L6Jcx3g3X1ACmiBF7KLWwfrCfF2Q/
Vc0JQ5YOWsghOw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org