Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/866A71B014C111ED84A61037C4F9AE02.roa
File: 866A71B014C111ED84A61037C4F9AE02.roa (raw, json)
Hash identifier: TXllCv7lg6/4xHiqP6j8jdkxD30Im6RjUqNBXmog1s8=
Subject key identifier: 66:81:C1:AC:41:3C:F3:7B:CE:4E:DF:01:00:AA:C0:A4:B3:36:AD:BB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5AEA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/866A71B014C111ED84A61037C4F9AE02.roa
Signing time: Fri 05 Aug 2022 13:41:32 +0000
ROA not before: Fri 05 Aug 2022 13:41:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140125
IP address blocks: 103.163.14.0/23 maxlen: 23
103.163.15.0/24 maxlen: 24
103.167.212.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 23
103.167.239.0/24 maxlen: 24
103.168.0.0/23 maxlen: 24
103.168.23.0/24 maxlen: 24
103.168.32.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.171.108.0/23 maxlen: 24
103.171.110.0/23 maxlen: 24
103.171.174.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.98.0/23 maxlen: 24
103.177.226.0/23 maxlen: 23
103.177.227.0/24 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.96.0/23 maxlen: 24
103.179.100.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.179.121.0/24 maxlen: 24
103.179.224.0/23 maxlen: 24
103.179.226.0/23 maxlen: 24
103.180.110.0/23 maxlen: 24
103.180.168.0/23 maxlen: 24
103.180.172.0/23 maxlen: 24
103.180.174.0/23 maxlen: 24
103.180.176.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.64.0/23 maxlen: 24
103.181.84.0/23 maxlen: 23
103.181.85.0/24 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.114.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.154.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.181.198.0/23 maxlen: 24
103.182.58.0/23 maxlen: 24
103.183.216.0/23 maxlen: 24
103.189.82.0/23 maxlen: 24
103.229.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23274 (0x5aea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 5 13:41:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62ed1e0c-4bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9f:c8:eb:8f:31:73:f8:92:2c:11:27:a5:25:
ac:97:38:b9:bd:3a:cd:3e:c2:5d:2a:20:6c:f2:9a:
01:b1:34:66:27:f4:f9:21:66:46:75:6c:fb:59:e0:
c5:1f:80:ba:ff:dc:60:04:9c:7a:24:16:c1:76:33:
a0:e3:46:04:b4:b7:0e:3d:d2:a6:81:e7:1e:91:44:
59:20:8c:bb:5f:64:89:c6:68:d8:68:65:d7:19:d1:
76:72:8d:38:dc:a7:0d:c0:2e:40:9d:22:d6:93:ad:
f8:74:ff:23:8a:d0:f5:77:8c:fa:18:cc:ab:1c:9b:
36:e5:fa:7e:8e:17:92:3c:da:5a:73:0b:7f:ad:3e:
25:6f:a8:ba:b9:48:d1:16:04:2d:3a:13:3b:c1:9f:
58:0f:f5:1d:fb:08:4e:85:1e:79:f0:9c:85:51:c4:
c2:88:d9:3d:f4:ce:b9:33:a0:cd:c5:30:21:6f:18:
1d:12:9a:35:5d:58:27:64:38:a4:a7:41:fd:41:5b:
fd:53:eb:a7:74:90:73:20:2b:18:73:1e:7d:1d:99:
ac:73:c8:a8:bb:8d:36:81:ad:09:6a:3a:d5:92:05:
ba:0f:08:ec:82:31:99:e9:69:c0:29:18:98:2c:14:
c4:47:e4:c1:1d:e7:21:8a:51:25:93:52:57:8d:90:
fa:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:81:C1:AC:41:3C:F3:7B:CE:4E:DF:01:00:AA:C0:A4:B3:36:AD:BB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/866A71B014C111ED84A61037C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.14.0/23
103.167.212.0/23
103.167.224.0/23
103.167.238.0/23
103.168.0.0/23
103.168.23.0/24
103.168.32.0/23
103.170.36.0/23
103.171.108.0/22
103.171.174.0/23
103.173.14.0/23
103.173.98.0/23
103.177.226.0/23
103.179.94.0-103.179.97.255
103.179.100.0/23
103.179.118.0/23
103.179.121.0/24
103.179.224.0/22
103.180.110.0/23
103.180.168.0/23
103.180.172.0-103.180.177.255
103.180.212.0/22
103.180.238.0/23
103.181.64.0/23
103.181.84.0/23
103.181.110.0/23
103.181.114.0/23
103.181.152.0/22
103.181.174.0/23
103.181.198.0/23
103.182.58.0/23
103.183.216.0/23
103.189.82.0/23
103.229.209.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:9f:73:fb:d5:fa:a7:54:a1:d4:be:98:87:e2:1b:9e:18:00:
cc:6b:04:d1:6d:bc:54:27:48:24:3b:de:fa:22:7d:60:e5:a1:
91:97:f5:d4:f6:5d:ed:c6:83:c1:89:1d:84:19:94:2b:63:fe:
fb:5f:53:73:9a:8f:ff:3f:d2:3c:78:62:ce:d4:13:f4:1b:81:
cd:62:ed:3a:2d:2e:da:79:f4:63:7d:ba:6d:ea:dc:0c:73:fe:
d0:23:8e:ae:65:88:ad:84:24:46:75:ba:9f:df:17:22:e6:f5:
35:a1:95:a8:e7:71:5e:b4:f1:59:9c:34:fa:97:00:ca:e4:1c:
2e:28:91:9d:b7:42:9e:99:87:96:54:6b:b8:fc:0e:43:64:94:
1b:88:de:18:ca:c6:bf:de:4e:3f:06:74:07:10:3e:44:ba:0a:
16:7d:6e:c3:b9:c5:bb:d6:67:18:a8:d6:62:6e:e7:2b:35:5f:
1b:b5:99:f6:8b:83:44:48:90:5e:82:85:fc:fc:4b:80:a6:f4:
8c:ad:7d:1f:04:f3:53:2e:8d:c0:f8:91:25:e7:42:52:d5:e2:
30:82:e9:46:2a:8d:a0:8d:f1:f6:13:2a:8e:65:49:d1:26:a8:
36:e0:41:3e:ee:88:c2:61:cf:30:5c:d5:2a:a2:1a:73:44:e8:
10:c4:bd:c1
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgICWuowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODA1MTM0MTMyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVkMWUwYy00YmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZ/I648xc/iSLBEnpSWslzi5vTrNPsJdKiBs8poBsTRmJ/T5IWZGdWz7WeDF
H4C6/9xgBJx6JBbBdjOg40YEtLcOPdKmgecekURZIIy7X2SJxmjYaGXXGdF2co04
3KcNwC5AnSLWk634dP8jitD1d4z6GMyrHJs25fp+jheSPNpacwt/rT4lb6i6uUjR
FgQtOhM7wZ9YD/Ud+whOhR558JyFUcTCiNk99M65M6DNxTAhbxgdEpo1XVgnZDik
p0H9QVv9U+undJBzICsYcx59HZmsc8iou402ga0JajrVkgW6DwjsgjGZ6WnAKRiY
LBTER+TBHechilElk1JXjZD6NQIDAQABo4IDcDCCA2wwHQYDVR0OBBYEFGaBwaxB
PPN7zk7fAQCqwKSzNq27MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvODY2QTcxQjAx
NEMxMTFFRDg0QTYxMDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfkGCCsGAQUFBwEHAQH/
BIHpMIHmMIHjBAIAATCB3AMEAWejDgMEAWen1AMEAWen4AMEAWen7gMEAWeoAAME
AGeoFwMEAWeoIAMEAWeqJAMEAmerbAMEAWerrgMEAWetDgMEAWetYgMEAWex4jAM
AwQBZ7NeAwQBZ7NgAwQBZ7NkAwQBZ7N2AwQAZ7N5AwQCZ7PgAwQBZ7RuAwQBZ7So
MAwDBAJntKwDBAFntLADBAJntNQDBAFntO4DBAFntUADBAFntVQDBAFntW4DBAFn
tXIDBAJntZgDBAFnta4DBAFntcYDBAFntjoDBAFnt9gDBAFnvVIDBABn5dEwDQYJ
KoZIhvcNAQELBQADggEBAJqfc/vV+qdUodS+mIfiG54YAMxrBNFtvFQnSCQ73voi
fWDloZGX9dT2Xe3Gg8GJHYQZlCtj/vtfU3Oaj/8/0jx4Ys7UE/Qbgc1i7TotLtp5
9GN9um3q3Axz/tAjjq5liK2EJEZ1up/fFyLm9TWhlajncV608VmcNPqXAMrkHC4o
kZ23Qp6Zh5ZUa7j8DkNklBuI3hjKxr/eTj8GdAcQPkS6ChZ9bsO5xbvWZxio1mJu
5ys1Xxu1mfaLg0RIkF6Chfz8S4Cm9IytfR8E81MujcD4kSXnQlLV4jCC6UYqjaCN
8fYTKo5lSdEmqDbgQT7uiMJhzzBc1SqiGnNE6BDEvcE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:53 2023 by rpki-client on console-ams.rpki-client.org