Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F0E7312036311ECA450AE60C4F9AE02.roa
File: 9F0E7312036311ECA450AE60C4F9AE02.roa (raw, json)
Hash identifier: /RXiO5nDh0c0eapLjKKKZBw5XUEVCS6LH9D1cyD7tho=
Subject key identifier: 4F:B0:43:7A:DE:2C:38:72:14:D5:7B:FE:2D:5B:2A:1C:7E:FF:99:05
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 55FD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F0E7312036311ECA450AE60C4F9AE02.roa
Signing time: Wed 25 May 2022 08:12:02 +0000
ROA not before: Wed 25 May 2022 08:12:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132335
IP address blocks: 43.230.200.0/22 maxlen: 24
45.64.104.0/22 maxlen: 24
45.120.136.0/22 maxlen: 24
103.12.211.0/24 maxlen: 24
103.13.112.0/22 maxlen: 24
103.26.204.0/22 maxlen: 24
103.87.172.0/24 maxlen: 24
103.152.79.0/24 maxlen: 24
103.165.119.0/24 maxlen: 24
103.173.68.0/24 maxlen: 24
103.187.238.0/24 maxlen: 24
103.250.184.0/23 maxlen: 24
103.250.186.0/24 maxlen: 24
2001:df0:c1c0::/48 maxlen: 48
2001:df2:1000::/48 maxlen: 48
2001:df2:1001::/48 maxlen: 48
2405:7140::/48 maxlen: 48
2405:7140:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22013 (0x55fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 25 08:12:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=628de4d2-82e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:4d:c2:36:46:b4:37:d3:73:98:7e:0c:da:
a7:68:1f:17:b6:53:b0:98:b3:ae:3f:fb:19:82:69:
c0:85:7d:d7:01:ea:d4:ac:6f:5d:4c:a8:b8:a4:a4:
00:fd:a7:bc:d0:08:b2:56:b1:93:65:f5:56:ec:c0:
13:d4:cd:a1:0a:6a:10:87:2a:3d:9f:15:c5:ca:8f:
3a:e6:9a:5e:2d:88:74:a2:ad:5a:6a:de:da:da:20:
c9:e3:60:58:50:d7:6d:98:26:52:be:68:23:91:d2:
44:35:4a:4c:d4:78:64:04:a3:e9:bd:ca:b1:c1:b8:
a2:51:d7:d0:82:fe:21:d2:09:36:d8:4d:79:e8:39:
50:52:b1:26:c0:c0:cf:8a:13:40:0e:80:88:8d:5d:
16:54:6e:af:b3:0e:7e:bb:8e:7e:a8:4f:db:11:41:
df:fe:19:b9:fa:23:be:4c:5d:13:e3:d5:81:2c:0a:
c5:e5:a4:86:d1:b4:fa:ac:d9:c6:8a:04:0a:67:fb:
ad:b4:57:bb:ec:dd:ee:3c:9e:c8:ba:8d:29:6b:92:
c7:34:9f:31:19:60:83:cf:0f:6d:ad:e4:d9:a1:bf:
33:bc:4e:fc:fd:31:d5:29:6d:95:aa:e9:b2:86:19:
51:af:d7:96:55:2c:d5:be:4b:47:a4:85:44:b5:0a:
c2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B0:43:7A:DE:2C:38:72:14:D5:7B:FE:2D:5B:2A:1C:7E:FF:99:05
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F0E7312036311ECA450AE60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.200.0/22
45.64.104.0/22
45.120.136.0/22
103.12.211.0/24
103.13.112.0/22
103.26.204.0/22
103.87.172.0/24
103.152.79.0/24
103.165.119.0/24
103.173.68.0/24
103.187.238.0/24
103.250.184.0-103.250.186.255
IPv6:
2001:df0:c1c0::/48
2001:df2:1000::/47
2405:7140::/47
Signature Algorithm: sha256WithRSAEncryption
87:67:d9:d4:60:12:68:f1:aa:9b:d2:44:8d:47:12:68:71:3c:
e4:ab:56:ef:de:06:1c:4d:2e:ba:86:09:3f:92:8d:ee:5e:3b:
9f:91:a1:c2:1f:f9:b4:de:09:8f:c3:9f:fb:bd:33:bc:53:03:
e1:bd:46:7d:f6:d9:8e:9d:ab:02:87:c6:ee:42:e6:50:a0:ae:
29:46:12:ed:a9:7e:d5:87:9e:8e:16:63:72:90:1b:d4:7f:90:
97:c5:0c:99:aa:dd:8a:93:17:af:18:11:5f:7a:c0:4b:6d:c5:
23:93:4b:09:e3:bf:37:ea:dc:4c:f9:37:2d:2b:4e:76:87:02:
06:9d:b2:fd:ff:4b:05:d3:58:35:48:87:37:8d:ea:ad:d7:58:
c8:0d:aa:76:e6:30:23:3a:64:4b:d6:d3:10:5b:f8:87:df:5c:
15:c4:47:b2:0b:ba:38:d7:66:1f:4a:ea:24:e7:c8:a3:0b:25:
48:ac:92:9d:bf:0c:47:6d:45:da:c8:df:8c:c5:40:41:31:f0:
ee:f2:e0:bc:35:bf:c4:43:3b:8c:53:b4:91:f8:fa:40:12:be:
7a:a6:24:70:d6:73:bf:6b:7e:b5:ef:78:17:1e:15:56:33:89:
6a:10:65:c3:20:67:80:0e:19:16:c3:f4:b1:c3:f6:ec:1a:f2:
3a:48:1b:77
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgICVf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTI1MDgxMjAyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjhkZTRkMi04MmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvPFNwjZGtDfTc5h+DNqnaB8XtlOwmLOuP/sZgmnAhX3XAerUrG9dTKi4pKQA
/ae80AiyVrGTZfVW7MAT1M2hCmoQhyo9nxXFyo865ppeLYh0oq1aat7a2iDJ42BY
UNdtmCZSvmgjkdJENUpM1HhkBKPpvcqxwbiiUdfQgv4h0gk22E156DlQUrEmwMDP
ihNADoCIjV0WVG6vsw5+u45+qE/bEUHf/hm5+iO+TF0T49WBLArF5aSG0bT6rNnG
igQKZ/uttFe77N3uPJ7Iuo0pa5LHNJ8xGWCDzw9treTZob8zvE78/THVKW2Vqumy
hhlRr9eWVSzVvktHpIVEtQrCGQIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFE+wQ3re
LDhyFNV7/i1bKhx+/5kFMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOUYwRTczMTIw
MzYzMTFFQ0E0NTBBRTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYwGCCsGAQUFBwEHAQH/
BH0wezBWBAIAATBQAwQCK+bIAwQCLUBoAwQCLXiIAwQAZwzTAwQCZw1wAwQCZxrM
AwQAZ1esAwQAZ5hPAwQAZ6V3AwQAZ61EAwQAZ7vuMAwDBANn+rgDBABn+rowIQQC
AAIwGwMHACABDfDBwAMHASABDfIQAAMHASQFcUAAADANBgkqhkiG9w0BAQsFAAOC
AQEAh2fZ1GASaPGqm9JEjUcSaHE85KtW794GHE0uuoYJP5KN7l47n5Ghwh/5tN4J
j8Of+70zvFMD4b1GffbZjp2rAofG7kLmUKCuKUYS7al+1YeejhZjcpAb1H+Ql8UM
mardipMXrxgRX3rAS23FI5NLCeO/N+rcTPk3LStOdocCBp2y/f9LBdNYNUiHN43q
rddYyA2qduYwIzpkS9bTEFv4h99cFcRHsgu6ONdmH0rqJOfIowslSKySnb8MR21F
2sjfjMVAQTHw7vLgvDW/xEM7jFO0kfj6QBK+eqYkcNZzv2t+te94Fx4VVjOJahBl
wyBngA4ZFsP0scP27BryOkgbdw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:53 2023 by rpki-client on console-ams.rpki-client.org