Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A4A72A58956B11EDAE87EE10C4F9AE02.roa
File: A4A72A58956B11EDAE87EE10C4F9AE02.roa (raw, json)
Hash identifier: x2NVIGWlPgvef1MyU+lrKfGa7VHCX4m6K63q75wDne4=
Subject key identifier: F4:AB:33:66:79:D3:77:20:D0:6A:A2:9E:C9:EA:B4:F5:21:93:C9:76
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6320
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A4A72A58956B11EDAE87EE10C4F9AE02.roa
Signing time: Mon 16 Jan 2023 07:01:48 +0000
ROA not before: Mon 16 Jan 2023 07:01:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133311
IP address blocks: 103.98.79.0/24 maxlen: 24
103.100.80.0/22 maxlen: 24
103.127.60.0/23 maxlen: 24
103.127.76.0/24 maxlen: 24
103.127.77.0/24 maxlen: 24
103.141.52.0/23 maxlen: 24
103.156.206.0/23 maxlen: 24
103.158.178.0/24 maxlen: 24
103.158.179.0/24 maxlen: 24
103.159.98.0/23 maxlen: 23
103.159.200.0/24 maxlen: 24
103.160.28.0/23 maxlen: 24
103.163.54.0/23 maxlen: 23
103.174.126.0/23 maxlen: 24
103.174.240.0/23 maxlen: 24
103.177.0.0/23 maxlen: 24
103.181.22.0/23 maxlen: 23
103.181.23.0/24 maxlen: 24
103.182.196.0/23 maxlen: 24
103.199.98.0/24 maxlen: 24
103.199.99.0/24 maxlen: 24
103.199.116.0/24 maxlen: 24
103.201.136.0/24 maxlen: 24
103.201.137.0/24 maxlen: 24
103.201.138.0/24 maxlen: 24
103.208.72.0/22 maxlen: 24
103.225.174.0/24 maxlen: 24
160.202.156.0/24 maxlen: 24
160.202.157.0/24 maxlen: 24
160.202.158.0/24 maxlen: 24
160.202.159.0/24 maxlen: 24
2001:df1:95c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25376 (0x6320)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 16 07:01:48 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c4f65b-8506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e4:67:1c:83:27:a3:1d:14:40:d4:23:0c:2d:
30:e2:9a:ab:0c:ac:a1:24:80:1d:06:e1:d5:43:0f:
82:98:b8:10:ae:96:cb:48:12:cb:c2:18:3f:4a:83:
37:a8:c4:4e:ff:c4:16:86:68:d5:16:70:d8:40:07:
8c:87:1c:33:c6:a6:fa:13:48:b9:03:87:39:6a:91:
84:72:f5:50:1d:3d:9e:a3:bf:24:fd:92:c7:97:64:
74:e8:5b:70:e9:fb:5f:e4:57:48:96:f2:5d:d0:52:
71:ef:8b:53:a6:f0:b9:73:02:8e:8f:ec:11:4b:18:
a6:94:5d:16:cb:6b:6f:a3:20:2f:ab:b9:37:e3:3f:
69:fe:22:28:50:5d:d2:72:3d:c2:12:e9:0d:af:e3:
c1:7b:4c:73:3d:c7:f8:b3:c8:dc:4d:f7:f7:16:f3:
3c:04:4a:e1:f6:33:01:e6:2b:34:39:aa:7f:81:ab:
2b:68:e9:e8:1d:7c:42:fb:4a:a4:81:69:8d:6e:30:
24:42:92:33:ae:7f:c6:a4:e8:6c:0a:37:1f:9d:ee:
18:a0:57:79:15:98:f1:43:ba:94:38:d8:fa:56:d6:
84:75:0f:c9:8e:14:39:d1:48:de:79:72:9a:e6:be:
6f:ed:c3:3f:1b:c0:60:12:5b:18:9e:7a:32:d1:8b:
01:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AB:33:66:79:D3:77:20:D0:6A:A2:9E:C9:EA:B4:F5:21:93:C9:76
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A4A72A58956B11EDAE87EE10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.98.79.0/24
103.100.80.0/22
103.127.60.0/23
103.127.76.0/23
103.141.52.0/23
103.156.206.0/23
103.158.178.0/23
103.159.98.0/23
103.159.200.0/24
103.160.28.0/23
103.163.54.0/23
103.174.126.0/23
103.174.240.0/23
103.177.0.0/23
103.181.22.0/23
103.182.196.0/23
103.199.98.0/23
103.199.116.0/24
103.201.136.0-103.201.138.255
103.208.72.0/22
103.225.174.0/24
160.202.156.0/22
IPv6:
2001:df1:95c0::/48
Signature Algorithm: sha256WithRSAEncryption
58:e8:e6:c6:6c:ba:cb:91:9a:d1:fa:73:b3:0d:04:f9:70:7b:
fe:35:72:ff:0e:b0:2d:45:4b:55:04:bb:f7:c4:fd:22:18:e3:
32:ca:b6:3b:d0:43:64:d9:c3:79:a7:53:43:6c:2d:a4:1c:60:
6b:ce:bc:66:2b:ea:51:41:ef:92:d8:91:6a:f4:b0:f4:f5:2a:
49:72:27:62:83:cc:27:a9:3c:07:c3:63:2f:6d:33:f3:ed:ee:
78:ab:db:70:73:b2:c8:f6:bb:60:6b:44:16:8d:67:e7:9b:72:
d5:37:30:8d:80:98:25:97:46:ae:be:60:68:ff:2f:56:b8:0c:
14:76:98:6d:bb:42:a5:a6:4c:da:fc:32:ae:9e:8a:42:15:22:
a7:58:ff:d9:a3:d4:91:95:db:b9:92:df:2a:be:50:e0:5b:33:
f9:21:19:2b:ad:e2:f7:52:f8:7d:16:d9:19:ee:33:c5:e6:e5:
af:ea:d1:eb:58:68:29:6d:b5:65:d7:ad:5f:86:21:ac:e4:5a:
6a:2f:b2:2c:ad:63:9f:c6:e9:81:56:20:03:9e:38:83:93:55:
22:a2:fa:71:44:e8:a6:37:8c:8d:df:31:ec:32:1e:38:ea:26:
72:4c:11:82:79:aa:27:cd:36:cd:50:2f:2a:1c:95:f0:f4:aa:
f1:6d:83:a9
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICYyAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTE2MDcwMTQ4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M0ZjY1Yi04NTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv+RnHIMnox0UQNQjDC0w4pqrDKyhJIAdBuHVQw+CmLgQrpbLSBLLwhg/SoM3
qMRO/8QWhmjVFnDYQAeMhxwzxqb6E0i5A4c5apGEcvVQHT2eo78k/ZLHl2R06Ftw
6ftf5FdIlvJd0FJx74tTpvC5cwKOj+wRSximlF0Wy2tvoyAvq7k34z9p/iIoUF3S
cj3CEukNr+PBe0xzPcf4s8jcTff3FvM8BErh9jMB5is0Oap/gasraOnoHXxC+0qk
gWmNbjAkQpIzrn/GpOhsCjcfne4YoFd5FZjxQ7qUONj6VtaEdQ/JjhQ50UjeeXKa
5r5v7cM/G8BgElsYnnoy0YsBzwIDAQABo4IDMTCCAy0wHQYDVR0OBBYEFPSrM2Z5
03cg0GqinsnqtPUhk8l2MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQTRBNzJBNTg5
NTZCMTFFREFFODdFRTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgboGCCsGAQUFBwEHAQH/
BIGqMIGnMIGTBAIAATCBjAMEAGdiTwMEAmdkUAMEAWd/PAMEAWd/TAMEAWeNNAME
AWeczgMEAWeesgMEAWefYgMEAGefyAMEAWegHAMEAWejNgMEAWeufgMEAWeu8AME
AWexAAMEAWe1FgMEAWe2xAMEAWfHYgMEAGfHdDAMAwQDZ8mIAwQAZ8mKAwQCZ9BI
AwQAZ+GuAwQCoMqcMA8EAgACMAkDBwAgAQ3xlcAwDQYJKoZIhvcNAQELBQADggEB
AFjo5sZsusuRmtH6c7MNBPlwe/41cv8OsC1FS1UEu/fE/SIY4zLKtjvQQ2TZw3mn
U0NsLaQcYGvOvGYr6lFB75LYkWr0sPT1KklyJ2KDzCepPAfDYy9tM/Pt7nir23Bz
ssj2u2BrRBaNZ+ebctU3MI2AmCWXRq6+YGj/L1a4DBR2mG27QqWmTNr8Mq6eikIV
IqdY/9mj1JGV27mS3yq+UOBbM/khGSut4vdS+H0W2RnuM8Xm5a/q0etYaClttWXX
rV+GIazkWmovsiytY5/G6YFWIAOeOIOTVSKi+nFE6KY3jI3fMewyHjjqJnJMEYJ5
qifNNs1QLyoclfD0qvFtg6k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org