Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65FAE742DA7F11ECA3AC855CC4F9AE02.roa
File: 65FAE742DA7F11ECA3AC855CC4F9AE02.roa (raw, json)
Hash identifier: 55BjEejbSpZ3h+Oz/0IRm0ckNbdZoVAdxTLVUaKL8PE=
Subject key identifier: 3A:79:63:35:F3:41:31:9D:6A:AB:9E:25:F3:E0:F8:84:E3:DC:9B:CD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6285
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65FAE742DA7F11ECA3AC855CC4F9AE02.roa
Signing time: Wed 04 Jan 2023 08:31:56 +0000
ROA not before: Wed 04 Jan 2023 08:31:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55352
IP address blocks: 43.231.132.0/22 maxlen: 24
43.231.212.0/22 maxlen: 24
43.231.236.0/22 maxlen: 24
43.231.252.0/22 maxlen: 24
43.247.136.0/22 maxlen: 24
45.112.8.0/22 maxlen: 24
45.112.56.0/22 maxlen: 24
45.115.56.0/24 maxlen: 24
45.115.57.0/24 maxlen: 24
45.115.58.0/24 maxlen: 24
45.115.59.0/24 maxlen: 24
45.251.12.0/24 maxlen: 24
45.251.13.0/24 maxlen: 24
45.251.14.0/24 maxlen: 24
45.251.15.0/24 maxlen: 24
59.152.56.0/22 maxlen: 24
59.153.0.0/22 maxlen: 24
59.153.120.0/22 maxlen: 24
103.8.164.0/22 maxlen: 24
103.29.156.0/22 maxlen: 24
103.102.92.0/22 maxlen: 24
103.111.112.0/22 maxlen: 24
103.114.2.0/23 maxlen: 24
103.119.188.0/22 maxlen: 24
103.156.212.0/23 maxlen: 24
103.176.240.0/23 maxlen: 24
103.197.224.0/22 maxlen: 24
103.198.164.0/22 maxlen: 24
103.200.104.0/22 maxlen: 24
103.204.160.0/22 maxlen: 24
103.205.172.0/22 maxlen: 24
103.220.40.0/22 maxlen: 24
103.221.248.0/22 maxlen: 24
103.226.140.0/22 maxlen: 24
103.226.144.0/22 maxlen: 24
103.226.188.0/22 maxlen: 24
103.226.204.0/22 maxlen: 24
103.226.236.0/22 maxlen: 24
103.226.240.0/22 maxlen: 24
103.239.171.0/24 maxlen: 24
103.249.132.0/22 maxlen: 24
111.125.217.0/24 maxlen: 24
111.125.218.0/23 maxlen: 24
111.125.224.0/24 maxlen: 24
111.125.226.0/24 maxlen: 24
111.125.228.0/24 maxlen: 24
111.125.233.0/24 maxlen: 24
111.125.252.0/22 maxlen: 24
124.66.172.0/22 maxlen: 24
175.100.176.0/20 maxlen: 24
202.168.144.0/22 maxlen: 24
2406:9e00:20::/48 maxlen: 48
2406:9e00:21::/48 maxlen: 48
2406:9e00:22::/48 maxlen: 48
2406:9e00:23::/48 maxlen: 48
2406:9e00:24::/48 maxlen: 48
2406:9e00:25::/48 maxlen: 48
2406:9e00:26::/48 maxlen: 48
2406:9e00:27::/48 maxlen: 48
2406:9e00:28::/48 maxlen: 48
2406:9e00:29::/48 maxlen: 48
2406:9e00:2a::/48 maxlen: 48
2406:9e00:2b::/48 maxlen: 48
2406:9e00:2c::/48 maxlen: 48
2406:9e00:2d::/48 maxlen: 48
2406:9e00:2e::/48 maxlen: 48
2406:9e00:2f::/48 maxlen: 48
2406:9e00:30::/48 maxlen: 48
2406:9e00:31::/48 maxlen: 48
2406:9e00:32::/48 maxlen: 48
2406:9e00:33::/48 maxlen: 48
2406:9e00:34::/48 maxlen: 48
2406:9e00:35::/48 maxlen: 48
2406:9e00:36::/48 maxlen: 48
2406:9e00:37::/48 maxlen: 48
2406:9e00:38::/48 maxlen: 48
2406:9e00:39::/48 maxlen: 48
2406:9e00:3a::/48 maxlen: 48
2406:9e00:3b::/48 maxlen: 48
2406:9e00:3c::/48 maxlen: 48
2406:9e00:3d::/48 maxlen: 48
2406:9e00:3e::/48 maxlen: 48
2406:9e00:3f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25221 (0x6285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 4 08:31:56 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63b5397c-a52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:44:79:d5:6c:5e:25:7e:e1:e5:6b:f2:3a:c4:
c2:f7:6d:63:8e:8c:cb:d5:e0:3c:05:f4:8e:e3:80:
1c:b7:3c:c7:e1:e6:64:f1:43:ec:a9:37:ac:23:32:
e9:bd:1e:1c:1c:db:c2:e0:00:08:7a:8b:13:23:78:
63:ef:5e:bc:c4:41:cb:d3:b0:2a:f4:ed:c7:2f:d2:
2c:20:8e:47:fe:9e:21:6c:ef:5f:7c:ea:f2:70:d5:
72:cb:08:f6:91:1c:0f:f6:0b:3b:09:ec:8f:70:1c:
97:a8:00:3b:2a:13:c4:50:2c:14:9f:81:ab:dd:2a:
ca:23:41:7e:2c:16:37:7e:8d:77:dc:84:f3:af:c5:
cc:cc:e2:97:85:62:d1:fe:45:55:54:89:72:e6:07:
5a:e6:27:c6:c7:51:c4:2c:e2:a0:96:2f:32:28:85:
aa:20:ae:ec:2d:ac:8c:bc:c7:49:05:6c:22:28:8f:
95:a2:85:a7:ca:04:a2:b5:98:61:12:69:5d:92:a3:
e9:24:7b:2e:9e:0d:4f:f7:9a:9f:e6:83:43:38:13:
4a:58:ef:c6:66:a6:db:c7:63:9e:db:a2:4f:13:e7:
70:bc:3a:06:b7:20:99:62:41:7b:65:90:f8:4b:18:
91:39:23:97:c9:f8:84:f9:58:e8:ac:04:45:5c:05:
b3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:79:63:35:F3:41:31:9D:6A:AB:9E:25:F3:E0:F8:84:E3:DC:9B:CD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/65FAE742DA7F11ECA3AC855CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.132.0/22
43.231.212.0/22
43.231.236.0/22
43.231.252.0/22
43.247.136.0/22
45.112.8.0/22
45.112.56.0/22
45.115.56.0/22
45.251.12.0/22
59.152.56.0/22
59.153.0.0/22
59.153.120.0/22
103.8.164.0/22
103.29.156.0/22
103.102.92.0/22
103.111.112.0/22
103.114.2.0/23
103.119.188.0/22
103.156.212.0/23
103.176.240.0/23
103.197.224.0/22
103.198.164.0/22
103.200.104.0/22
103.204.160.0/22
103.205.172.0/22
103.220.40.0/22
103.221.248.0/22
103.226.140.0-103.226.147.255
103.226.188.0/22
103.226.204.0/22
103.226.236.0-103.226.243.255
103.239.171.0/24
103.249.132.0/22
111.125.217.0-111.125.219.255
111.125.224.0/24
111.125.226.0/24
111.125.228.0/24
111.125.233.0/24
111.125.252.0/22
124.66.172.0/22
175.100.176.0/20
202.168.144.0/22
IPv6:
2406:9e00:20::/43
Signature Algorithm: sha256WithRSAEncryption
4e:74:8d:20:50:bb:91:a7:ee:ca:b9:81:21:07:56:ad:e4:0f:
f9:16:da:34:93:22:5c:20:4b:81:b9:25:22:ef:ef:28:75:02:
23:47:48:d8:5f:b4:f1:f6:f9:9f:b6:1e:02:bb:ca:6d:40:5c:
3e:c8:18:7c:07:19:d6:cb:b8:a3:82:87:ed:f1:82:4d:c9:30:
1b:9e:3b:8c:b7:49:60:13:27:6b:ab:63:31:2a:85:5a:0f:96:
11:87:0b:f4:ff:4d:c2:81:03:a5:5a:ab:b6:16:0f:56:94:ba:
cf:2d:40:cf:b3:ea:b4:4a:d2:ba:18:bb:4d:b4:f4:58:b6:a2:
d2:cf:25:f2:16:9c:29:5b:61:d1:4d:92:2f:ac:53:2f:b4:0a:
f5:a2:48:09:42:56:8d:9a:cf:df:64:4a:9c:eb:30:98:9c:4c:
90:54:03:d8:aa:aa:9e:9f:8a:5c:90:cc:5e:0e:88:03:29:c0:
b4:36:a6:56:b1:d7:eb:22:a4:cc:04:c3:c9:88:22:2c:ce:1a:
78:4c:98:1f:7d:3a:ad:cc:dc:80:b8:5d:4f:96:1f:e0:8e:dd:
91:64:b6:49:fd:d1:78:92:98:af:d1:e0:4e:4e:82:3d:d7:f5:
5b:53:ca:22:ff:ad:63:6d:7c:23:59:cd:17:56:e9:95:ca:31:
dc:7a:0f:29
-----BEGIN CERTIFICATE-----
MIIGmjCCBYKgAwIBAgICYoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTA0MDgzMTU2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I1Mzk3Yy1hNTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu0R51WxeJX7h5WvyOsTC921jjozL1eA8BfSO44ActzzH4eZk8UPsqTesIzLp
vR4cHNvC4AAIeosTI3hj7168xEHL07Aq9O3HL9IsII5H/p4hbO9ffOrycNVyywj2
kRwP9gs7CeyPcByXqAA7KhPEUCwUn4Gr3SrKI0F+LBY3fo133ITzr8XMzOKXhWLR
/kVVVIly5gda5ifGx1HELOKgli8yKIWqIK7sLayMvMdJBWwiKI+VooWnygSitZhh
EmldkqPpJHsung1P95qf5oNDOBNKWO/GZqbbx2Oe26JPE+dwvDoGtyCZYkF7ZZD4
SxiROSOXyfiE+VjorARFXAWzDQIDAQABo4IDvjCCA7owHQYDVR0OBBYEFDp5YzXz
QTGdaqueJfPg+ITj3JvNMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjVGQUU3NDJE
QTdGMTFFQ0EzQUM4NTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFGBggrBgEFBQcBBwEB
/wSCATUwggExMIIBHAQCAAEwggEUAwQCK+eEAwQCK+fUAwQCK+fsAwQCK+f8AwQC
K/eIAwQCLXAIAwQCLXA4AwQCLXM4AwQCLfsMAwQCO5g4AwQCO5kAAwQCO5l4AwQC
ZwikAwQCZx2cAwQCZ2ZcAwQCZ29wAwQBZ3ICAwQCZ3e8AwQBZ5zUAwQBZ7DwAwQC
Z8XgAwQCZ8akAwQCZ8hoAwQCZ8ygAwQCZ82sAwQCZ9woAwQCZ934MAwDBAJn4owD
BAJn4pADBAJn4rwDBAJn4swwDAMEAmfi7AMEAmfi8AMEAGfvqwMEAmf5hDAMAwQA
b33ZAwQCb33YAwQAb33gAwQAb33iAwQAb33kAwQAb33pAwQCb338AwQCfEKsAwQE
r2SwAwQCyqiQMA8EAgACMAkDBwUkBp4AACAwDQYJKoZIhvcNAQELBQADggEBAE50
jSBQu5Gn7sq5gSEHVq3kD/kW2jSTIlwgS4G5JSLv7yh1AiNHSNhftPH2+Z+2HgK7
ym1AXD7IGHwHGdbLuKOCh+3xgk3JMBueO4y3SWATJ2urYzEqhVoPlhGHC/T/TcKB
A6Vaq7YWD1aUus8tQM+z6rRK0roYu0209Fi2otLPJfIWnClbYdFNki+sUy+0CvWi
SAlCVo2az99kSpzrMJicTJBUA9iqqp6filyQzF4OiAMpwLQ2plax1+sipMwEw8mI
IizOGnhMmB99Oq3M3IC4XU+WH+CO3ZFktkn90XiSmK/R4E5Ogj3X9VtTyiL/rWNt
fCNZzRdW6ZXKMdx6Dyk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org