Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F5410786EEA11ED95B80D2BC4F9AE02.roa
File: 8F5410786EEA11ED95B80D2BC4F9AE02.roa (raw, json)
Hash identifier: A/ETZrRDQ9W2T2ALoDk+kTOU3iTAq6e2FfyY+o9XI4I=
Subject key identifier: CC:15:7E:43:55:6B:9D:48:8D:FF:45:C2:60:5E:18:91:1F:E8:EA:F2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 60C4
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F5410786EEA11ED95B80D2BC4F9AE02.roa
Signing time: Mon 28 Nov 2022 07:02:03 +0000
ROA not before: Mon 28 Nov 2022 07:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45954
IP address blocks: 43.254.176.0/24 maxlen: 24
103.7.80.0/22 maxlen: 22
103.7.80.0/23 maxlen: 24
103.235.68.0/24 maxlen: 24
103.235.69.0/24 maxlen: 24
103.235.70.0/24 maxlen: 24
103.235.71.0/24 maxlen: 24
150.107.100.0/22 maxlen: 22
150.107.100.0/23 maxlen: 23
150.107.101.0/24 maxlen: 24
180.150.240.0/24 maxlen: 24
223.255.244.0/22 maxlen: 23
223.255.244.0/24 maxlen: 24
223.255.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24772 (0x60c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 28 07:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63845cea-9201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:44:bc:4c:90:bd:9f:8f:a9:c7:fa:46:7c:74:
ea:8b:d6:00:fe:f9:f7:ab:44:7d:e5:38:cb:e5:35:
02:e1:02:31:66:d9:8a:d6:cd:eb:3e:3d:62:64:34:
be:96:ca:78:03:38:58:ec:55:a2:8f:e2:20:17:76:
b6:9a:13:93:b0:32:94:d0:35:e1:98:5a:20:21:d2:
c1:e6:b0:aa:a4:3c:61:84:5a:11:ac:49:e3:30:b0:
e3:b2:07:32:03:4e:24:b3:4f:9f:45:7d:cf:5a:36:
a9:c4:2f:91:72:bf:5f:60:c3:62:74:64:50:21:74:
c7:58:0c:43:78:4b:db:eb:12:0f:30:27:f3:fc:37:
c8:88:ff:56:74:00:10:ed:c9:ef:0e:3f:f9:fb:75:
d1:21:46:82:cd:91:72:34:9b:97:43:e5:f1:14:fc:
9f:ae:86:51:e0:c9:05:00:8e:7d:ed:2b:89:2a:aa:
49:30:85:7b:a9:e8:da:a9:98:6a:20:c0:1a:17:d0:
f2:d7:81:61:82:01:51:b2:7b:be:71:1a:a1:82:6e:
11:c0:3c:64:f5:45:0e:8b:d9:a7:78:a2:b4:76:f2:
8c:44:8c:c5:1f:0c:33:81:84:e4:1b:b3:e8:46:85:
42:a0:8b:5f:6f:2b:f1:dd:33:92:b0:fd:15:c4:f7:
d9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:15:7E:43:55:6B:9D:48:8D:FF:45:C2:60:5E:18:91:1F:E8:EA:F2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8F5410786EEA11ED95B80D2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.176.0/24
103.7.80.0/22
103.235.68.0/22
150.107.100.0/22
180.150.240.0/24
223.255.244.0/22
Signature Algorithm: sha256WithRSAEncryption
27:7d:77:2d:8b:8d:69:fe:31:d6:b4:7a:93:ef:8e:19:41:01:
e2:3f:04:d4:2c:c0:3d:3e:37:52:08:08:93:91:d0:bb:42:33:
5b:92:ac:d4:10:f8:2e:3d:49:db:e1:40:ff:24:3e:67:8a:80:
2a:32:17:fa:cb:a9:a1:a0:a5:a3:4e:9a:53:c7:93:9c:be:7c:
6f:d4:8a:8d:8b:b9:1f:84:48:1d:61:6f:78:71:69:3d:29:00:
06:de:f0:c3:9e:d7:d0:c3:8f:15:43:5f:33:8d:11:a7:77:ef:
0b:1e:e5:1b:83:82:9e:c8:26:6c:8e:09:e0:79:0b:41:03:50:
f1:2f:a0:21:4c:aa:bb:b4:dc:99:1c:4a:db:d4:69:06:f8:3d:
8e:69:4d:7e:13:fa:57:66:4d:40:80:fa:28:e4:68:b0:19:f0:
7b:d0:c1:18:7d:6b:3f:d0:f1:a0:22:a6:b9:69:80:42:85:c9:
75:ad:92:a4:fb:b9:d3:4c:c6:34:b6:bf:57:cf:63:e6:d2:62:
2c:b1:a4:2f:b1:c2:cd:11:50:a4:eb:b1:82:dc:ba:7d:5d:c9:
ad:02:f3:54:22:a3:a1:05:c5:68:c4:ef:e7:cd:3a:47:b5:f9:
ba:7f:17:71:21:64:b3:ef:8e:71:f2:68:d6:ae:11:1f:0c:48:
f7:8d:9a:82
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICYMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMTI4MDcwMjAzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg0NWNlYS05MjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxUS8TJC9n4+px/pGfHTqi9YA/vn3q0R95TjL5TUC4QIxZtmK1s3rPj1iZDS+
lsp4AzhY7FWij+IgF3a2mhOTsDKU0DXhmFogIdLB5rCqpDxhhFoRrEnjMLDjsgcy
A04ks0+fRX3PWjapxC+Rcr9fYMNidGRQIXTHWAxDeEvb6xIPMCfz/DfIiP9WdAAQ
7cnvDj/5+3XRIUaCzZFyNJuXQ+XxFPyfroZR4MkFAI597SuJKqpJMIV7qejaqZhq
IMAaF9Dy14FhggFRsnu+cRqhgm4RwDxk9UUOi9mneKK0dvKMRIzFHwwzgYTkG7Po
RoVCoItfbyvx3TOSsP0VxPfZkQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFMwVfkNV
a51Ijf9FwmBeGJEf6OryMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOEY1NDEwNzg2
RUVBMTFFRDk1QjgwRDJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAr/rADBAJnB1ADBAJn60QDBAKWa2QDBAC0lvADBALf//Qw
DQYJKoZIhvcNAQELBQADggEBACd9dy2LjWn+Mda0epPvjhlBAeI/BNQswD0+N1II
CJOR0LtCM1uSrNQQ+C49SdvhQP8kPmeKgCoyF/rLqaGgpaNOmlPHk5y+fG/Uio2L
uR+ESB1hb3hxaT0pAAbe8MOe19DDjxVDXzONEad37wse5RuDgp7IJmyOCeB5C0ED
UPEvoCFMqru03JkcStvUaQb4PY5pTX4T+ldmTUCA+ijkaLAZ8HvQwRh9az/Q8aAi
prlpgEKFyXWtkqT7udNMxjS2v1fPY+bSYiyxpC+xws0RUKTrsYLcun1dya0C81Qi
o6EFxWjE7+fNOke1+bp/F3EhZLPvjnHyaNauER8MSPeNmoI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org