Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/86F2AF402E7911EDBEEB2F86C4F9AE02.roa
File: 86F2AF402E7911EDBEEB2F86C4F9AE02.roa (raw, json)
Hash identifier: 5otC1WEsA4RMkoxPLS7TJV0VG2yI/VQ1HEXNp1fCs5Q=
Subject key identifier: 15:4E:3B:9A:B6:07:0F:70:C5:48:F0:97:67:4E:62:9A:AE:7F:C2:0E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6418
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/86F2AF402E7911EDBEEB2F86C4F9AE02.roa
Signing time: Tue 31 Jan 2023 10:41:50 +0000
ROA not before: Tue 31 Jan 2023 10:41:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133676
IP address blocks: 43.230.196.0/22 maxlen: 24
43.240.4.0/24 maxlen: 24
43.240.6.0/24 maxlen: 24
43.240.7.0/24 maxlen: 24
45.64.8.0/24 maxlen: 24
45.64.10.0/24 maxlen: 24
45.64.11.0/24 maxlen: 24
45.248.24.0/24 maxlen: 24
45.248.26.0/23 maxlen: 24
103.42.88.0/22 maxlen: 24
103.47.12.0/23 maxlen: 24
103.47.15.0/24 maxlen: 24
103.47.72.0/23 maxlen: 24
103.47.74.0/23 maxlen: 24
103.47.172.0/23 maxlen: 24
103.47.174.0/23 maxlen: 24
103.49.232.0/23 maxlen: 24
103.80.34.0/23 maxlen: 24
103.101.116.0/24 maxlen: 24
103.101.118.0/23 maxlen: 24
103.114.188.0/23 maxlen: 24
103.173.218.0/24 maxlen: 24
103.177.202.0/23 maxlen: 24
103.178.58.0/23 maxlen: 24
103.181.90.0/23 maxlen: 24
103.189.147.0/24 maxlen: 24
103.191.182.0/23 maxlen: 24
103.191.234.0/23 maxlen: 24
103.204.168.0/22 maxlen: 24
103.212.136.0/22 maxlen: 24
103.225.205.0/24 maxlen: 24
103.225.206.0/23 maxlen: 24
103.248.121.0/24 maxlen: 24
139.5.16.0/23 maxlen: 24
139.5.18.0/23 maxlen: 24
2405:5540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25624 (0x6418)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 31 10:41:50 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63d8f06d-56fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:de:9f:a3:9d:d4:cc:3f:44:de:5d:ce:6e:b1:
25:95:d0:2c:02:b0:55:58:98:b5:e6:42:3e:05:01:
a4:22:52:2d:c6:3b:02:18:e5:d1:23:67:39:29:d5:
fa:c7:2d:81:ce:0e:a8:f0:cf:20:57:53:db:a8:8b:
6b:17:50:3a:44:22:13:8b:00:7c:4c:ba:58:f8:17:
76:47:b2:b3:fb:35:8f:3f:be:f5:3f:8e:20:e4:a8:
2f:d9:90:44:25:d1:83:7e:42:8b:78:32:50:50:80:
61:5f:fc:cb:08:56:13:e1:5d:4e:94:ee:08:70:2a:
7e:c1:ac:7a:ef:34:29:fd:5a:ea:90:90:a1:39:f5:
e9:91:fe:47:de:1a:85:0b:c3:a1:a8:0b:e2:9e:30:
35:25:66:77:84:62:9c:73:08:6c:a4:ca:2b:ec:a2:
34:fd:40:61:73:7a:2d:59:02:35:d8:4d:10:9f:09:
10:3a:a9:00:85:cf:1e:93:ec:25:54:b1:6e:70:48:
16:d1:ee:2f:6e:2e:f8:40:e7:ff:a3:3e:ef:71:c1:
16:94:88:2f:6b:e6:51:3b:f7:01:b8:d4:43:14:af:
f6:81:53:4c:12:ce:ec:ef:39:3b:15:e6:bf:68:ba:
55:c2:a3:38:41:bf:81:fa:26:70:c4:b9:01:ef:af:
73:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:4E:3B:9A:B6:07:0F:70:C5:48:F0:97:67:4E:62:9A:AE:7F:C2:0E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/86F2AF402E7911EDBEEB2F86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.196.0/22
43.240.4.0/24
43.240.6.0/23
45.64.8.0/24
45.64.10.0/23
45.248.24.0/24
45.248.26.0/23
103.42.88.0/22
103.47.12.0/23
103.47.15.0/24
103.47.72.0/22
103.47.172.0/22
103.49.232.0/23
103.80.34.0/23
103.101.116.0/24
103.101.118.0/23
103.114.188.0/23
103.173.218.0/24
103.177.202.0/23
103.178.58.0/23
103.181.90.0/23
103.189.147.0/24
103.191.182.0/23
103.191.234.0/23
103.204.168.0/22
103.212.136.0/22
103.225.205.0-103.225.207.255
103.248.121.0/24
139.5.16.0/22
IPv6:
2405:5540::/32
Signature Algorithm: sha256WithRSAEncryption
50:22:5f:ee:70:71:d3:2d:61:72:f8:bb:39:aa:04:0e:40:0c:
8a:25:8e:b0:91:1e:11:b9:a3:16:5e:64:1d:2b:42:22:60:a7:
98:64:bd:9d:01:ac:93:8e:96:7a:fd:78:b8:32:e8:56:eb:4b:
0c:45:a7:bd:5d:59:30:08:c5:b5:83:4b:9e:fb:89:92:d2:c8:
2d:b2:d7:d2:70:79:f6:9f:70:8e:fc:83:79:7e:31:27:46:30:
21:37:ff:d2:97:8c:f7:f5:fd:c1:da:c4:f7:43:d6:29:b6:e1:
cd:d5:a4:06:ff:17:30:d5:06:98:50:fa:d8:de:3a:4b:32:71:
56:9f:c9:cd:37:4b:e4:75:58:aa:e9:55:bd:80:df:9a:7f:b8:
d8:af:d9:f6:00:95:82:66:c7:d9:19:ee:f8:0b:6c:e0:87:42:
d2:18:29:9c:6f:af:68:0c:07:5a:d6:21:95:cf:aa:81:b9:91:
62:bb:04:c6:8c:84:fc:91:12:70:2c:f9:63:30:8a:73:1d:94:
82:c6:ea:b6:71:56:fd:3e:ea:a4:06:29:80:66:2f:32:8b:8d:
6d:49:8b:68:98:fe:d3:9f:1e:1c:84:72:aa:2e:d4:d5:11:49:
ba:0e:8e:5c:03:bd:47:2a:9d:33:a0:78:97:b2:e5:eb:05:bc:
7e:a1:e2:c7
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgICZBgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTMxMTA0MTUwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Q4ZjA2ZC01NmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0d6fo53UzD9E3l3ObrElldAsArBVWJi15kI+BQGkIlItxjsCGOXRI2c5KdX6
xy2Bzg6o8M8gV1PbqItrF1A6RCITiwB8TLpY+Bd2R7Kz+zWPP771P44g5Kgv2ZBE
JdGDfkKLeDJQUIBhX/zLCFYT4V1OlO4IcCp+wax67zQp/VrqkJChOfXpkf5H3hqF
C8OhqAvinjA1JWZ3hGKccwhspMor7KI0/UBhc3otWQI12E0QnwkQOqkAhc8ek+wl
VLFucEgW0e4vbi74QOf/oz7vccEWlIgva+ZRO/cBuNRDFK/2gVNMEs7s7zk7Fea/
aLpVwqM4Qb+B+iZwxLkB769z+QIDAQABo4IDWTCCA1UwHQYDVR0OBBYEFBVOO5q2
Bw9wxUjwl2dOYpquf8IOMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvODZGMkFGNDAy
RTc5MTFFREJFRUIyRjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeIGCCsGAQUFBwEHAQH/
BIHSMIHPMIG9BAIAATCBtgMEAivmxAMEACvwBAMEASvwBgMEAC1ACAMEAS1ACgME
AC34GAMEAS34GgMEAmcqWAMEAWcvDAMEAGcvDwMEAmcvSAMEAmcvrAMEAWcx6AME
AWdQIgMEAGdldAMEAWdldgMEAWdyvAMEAGet2gMEAWexygMEAWeyOgMEAWe1WgME
AGe9kwMEAWe/tgMEAWe/6gMEAmfMqAMEAmfUiDAMAwQAZ+HNAwQEZ+HAAwQAZ/h5
AwQCiwUQMA0EAgACMAcDBQAkBVVAMA0GCSqGSIb3DQEBCwUAA4IBAQBQIl/ucHHT
LWFy+Ls5qgQOQAyKJY6wkR4RuaMWXmQdK0IiYKeYZL2dAayTjpZ6/Xi4MuhW60sM
Rae9XVkwCMW1g0ue+4mS0sgtstfScHn2n3CO/IN5fjEnRjAhN//Sl4z39f3B2sT3
Q9YptuHN1aQG/xcw1QaYUPrY3jpLMnFWn8nNN0vkdViq6VW9gN+af7jYr9n2AJWC
ZsfZGe74C2zgh0LSGCmcb69oDAda1iGVz6qBuZFiuwTGjIT8kRJwLPljMIpzHZSC
xuq2cVb9PuqkBimAZi8yi41tSYtomP7Tnx4chHKqLtTVEUm6Do5cA71HKp0zoHiX
suXrBbx+oeLH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:53 2023 by rpki-client on console-ams.rpki-client.org