Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EEA848E131E11EDA50DC329C4F9AE02.roa
File: 6EEA848E131E11EDA50DC329C4F9AE02.roa (raw, json)
Hash identifier: LGdYjncOMBuHNWlRKwJEouFiLx81OLLKQUjY9Elv0vw=
Subject key identifier: 27:2F:28:C7:BF:4A:D7:98:79:D2:60:38:B6:F2:5B:A0:7D:0D:B8:AD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5ABA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EEA848E131E11EDA50DC329C4F9AE02.roa
Signing time: Wed 03 Aug 2022 11:21:35 +0000
ROA not before: Wed 03 Aug 2022 11:21:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140125
IP address blocks: 103.163.14.0/23 maxlen: 24
103.167.212.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.168.0.0/23 maxlen: 24
103.168.32.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.148.0/23 maxlen: 24
103.171.108.0/23 maxlen: 24
103.171.110.0/23 maxlen: 24
103.171.174.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.98.0/23 maxlen: 24
103.177.226.0/23 maxlen: 24
103.178.166.0/23 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.96.0/23 maxlen: 24
103.179.100.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.179.120.0/23 maxlen: 24
103.179.224.0/23 maxlen: 24
103.179.226.0/23 maxlen: 24
103.180.110.0/23 maxlen: 24
103.180.168.0/23 maxlen: 24
103.180.172.0/23 maxlen: 24
103.180.174.0/23 maxlen: 24
103.180.176.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.236.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.64.0/23 maxlen: 24
103.181.84.0/23 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.114.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.154.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.181.198.0/23 maxlen: 24
103.182.58.0/23 maxlen: 24
103.183.216.0/23 maxlen: 24
103.187.92.0/23 maxlen: 24
103.189.82.0/23 maxlen: 24
103.229.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23226 (0x5aba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 3 11:21:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62ea5a3f-d6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bf:ba:85:98:e6:db:b9:83:96:37:aa:36:fd:
e6:2a:b7:94:2e:4d:42:cd:db:d6:dc:bc:7d:73:ae:
50:32:60:dc:f6:63:f3:e1:15:63:17:88:05:5d:83:
35:55:f4:fa:8c:ec:a4:68:e4:9c:99:f5:b0:84:0e:
9e:6f:00:d9:27:0c:fa:6c:40:f3:50:9e:cd:8d:94:
51:d1:5d:03:b1:80:b0:92:9e:f8:69:91:e8:73:58:
26:00:af:e9:e8:82:30:d6:99:a1:a1:4d:15:4b:84:
8e:46:0b:ee:d0:a5:a9:2c:c4:c5:eb:a8:35:33:1a:
1c:b4:7c:fb:2b:93:98:aa:0a:18:50:ae:b3:ab:97:
5c:e1:45:1b:ce:cb:bb:ce:12:b5:28:ed:3a:c3:74:
d9:dd:7d:97:23:c4:c1:2a:e7:1f:57:d7:43:d7:6f:
30:b7:bc:bc:e4:58:b0:a4:d0:a9:af:ad:0b:77:03:
77:17:ea:df:17:e9:57:db:46:d8:41:c5:ac:77:07:
db:74:c8:a0:8d:05:1d:1c:db:6b:19:a6:4d:06:2d:
87:70:e5:16:98:d1:8f:7c:6e:14:21:9a:fa:93:6a:
d4:09:c0:91:a5:7b:3d:85:8c:d2:65:4a:d0:4b:2e:
50:ed:24:41:53:41:db:73:bb:ba:22:94:9b:9d:fe:
0c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:2F:28:C7:BF:4A:D7:98:79:D2:60:38:B6:F2:5B:A0:7D:0D:B8:AD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6EEA848E131E11EDA50DC329C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.14.0/23
103.167.212.0/23
103.167.224.0/23
103.167.238.0/23
103.168.0.0/23
103.168.32.0/23
103.170.36.0/23
103.170.148.0/23
103.171.108.0/22
103.171.174.0/23
103.173.14.0/23
103.173.98.0/23
103.177.226.0/23
103.178.166.0/23
103.179.94.0-103.179.97.255
103.179.100.0/23
103.179.118.0-103.179.121.255
103.179.224.0/22
103.180.110.0/23
103.180.168.0/23
103.180.172.0-103.180.177.255
103.180.212.0/22
103.180.236.0/22
103.181.64.0/23
103.181.84.0/23
103.181.110.0/23
103.181.114.0/23
103.181.152.0/22
103.181.174.0/23
103.181.198.0/23
103.182.58.0/23
103.183.216.0/23
103.187.92.0/23
103.189.82.0/23
103.229.209.0/24
Signature Algorithm: sha256WithRSAEncryption
58:7a:52:fe:eb:fb:6f:af:90:db:94:c9:1b:54:d3:9e:f4:6d:
7a:5d:e0:c5:bf:57:ee:51:44:63:e0:3e:11:91:a6:00:a5:a5:
de:14:6d:be:1d:49:1b:56:90:83:78:c1:4a:31:cf:b5:72:5e:
5d:4e:f7:c3:b5:75:c3:a9:ba:13:88:62:d9:80:a8:b7:9b:6f:
60:f6:b1:f2:c8:0b:27:22:ba:10:3b:f6:5e:d4:7a:10:f0:b2:
f9:ba:7b:f8:61:e6:62:64:ce:93:ca:ee:d8:b4:00:f6:e3:1c:
1c:59:22:d4:b4:5d:f7:41:8d:3d:fe:b1:c0:a3:5a:e6:28:47:
10:e1:c9:c3:23:d3:a9:a5:52:6b:2d:48:92:f1:92:2c:2e:19:
4f:91:ef:01:02:b5:45:a5:ec:84:a6:ea:4a:b7:56:71:f1:61:
41:4b:2d:d6:a8:03:65:5b:6e:ce:c4:03:f6:7a:bc:ca:fe:f0:
c2:40:cd:0d:10:b1:86:02:8a:21:eb:63:40:43:07:c2:dd:66:
df:24:cc:35:96:0d:5f:4a:31:77:31:98:f3:4e:e5:3f:7f:e6:
3f:10:d1:22:99:19:70:b9:19:49:95:01:ef:b9:7d:c0:51:cc:
b6:da:ce:32:6d:33:ee:8c:97:f9:f6:80:85:7c:c6:a6:a6:e2:
eb:1a:7d:d4
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgICWrowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODAzMTEyMTM1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhNWEzZi1kNmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4b+6hZjm27mDljeqNv3mKreULk1CzdvW3Lx9c65QMmDc9mPz4RVjF4gFXYM1
VfT6jOykaOScmfWwhA6ebwDZJwz6bEDzUJ7NjZRR0V0DsYCwkp74aZHoc1gmAK/p
6IIw1pmhoU0VS4SORgvu0KWpLMTF66g1MxoctHz7K5OYqgoYUK6zq5dc4UUbzsu7
zhK1KO06w3TZ3X2XI8TBKucfV9dD128wt7y85FiwpNCpr60LdwN3F+rfF+lX20bY
QcWsdwfbdMigjQUdHNtrGaZNBi2HcOUWmNGPfG4UIZr6k2rUCcCRpXs9hYzSZUrQ
Sy5Q7SRBU0Hbc7u6IpSbnf4MpQIDAQABo4IDfzCCA3swHQYDVR0OBBYEFCcvKMe/
SteYedJgOLbyW6B9DbitMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkVFQTg0OEUx
MzFFMTFFREE1MERDMzI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEHBggrBgEFBQcBBwEB
/wSB9zCB9DCB8QQCAAEwgeoDBAFnow4DBAFnp9QDBAFnp+ADBAFnp+4DBAFnqAAD
BAFnqCADBAFnqiQDBAFnqpQDBAJnq2wDBAFnq64DBAFnrQ4DBAFnrWIDBAFnseID
BAFnsqYwDAMEAWezXgMEAWezYAMEAWezZDAMAwQBZ7N2AwQBZ7N4AwQCZ7PgAwQB
Z7RuAwQBZ7SoMAwDBAJntKwDBAFntLADBAJntNQDBAJntOwDBAFntUADBAFntVQD
BAFntW4DBAFntXIDBAJntZgDBAFnta4DBAFntcYDBAFntjoDBAFnt9gDBAFnu1wD
BAFnvVIDBABn5dEwDQYJKoZIhvcNAQELBQADggEBAFh6Uv7r+2+vkNuUyRtU0570
bXpd4MW/V+5RRGPgPhGRpgClpd4Ubb4dSRtWkIN4wUoxz7VyXl1O98O1dcOpuhOI
YtmAqLebb2D2sfLICyciuhA79l7UehDwsvm6e/hh5mJkzpPK7ti0APbjHBxZItS0
XfdBjT3+scCjWuYoRxDhycMj06mlUmstSJLxkiwuGU+R7wECtUWl7ISm6kq3VnHx
YUFLLdaoA2Vbbs7EA/Z6vMr+8MJAzQ0QsYYCiiHrY0BDB8LdZt8kzDWWDV9KMXcx
mPNO5T9/5j8Q0SKZGXC5GUmVAe+5fcBRzLbazjJtM+6Ml/n2gIV8xqam4usafdQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org