Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A54D11EA358311EDA659ED2FC4F9AE02.roa
File: A54D11EA358311EDA659ED2FC4F9AE02.roa (raw, json)
Hash identifier: I0GVDwpiDOCgF7tCIuJpkdDYQ7NS1cDzR/LEO0KgcL0=
Subject key identifier: A0:38:C8:10:81:7E:5A:78:8A:DD:31:8A:02:09:6E:02:41:17:17:0E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5D4D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A54D11EA358311EDA659ED2FC4F9AE02.roa
Signing time: Fri 16 Sep 2022 05:51:45 +0000
ROA not before: Fri 16 Sep 2022 05:51:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140125
IP address blocks: 103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 23
103.167.239.0/24 maxlen: 24
103.168.0.0/23 maxlen: 24
103.168.32.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.171.110.0/23 maxlen: 24
103.171.174.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.96.0/23 maxlen: 24
103.179.100.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.179.121.0/24 maxlen: 24
103.179.224.0/23 maxlen: 24
103.179.226.0/23 maxlen: 24
103.180.110.0/23 maxlen: 24
103.180.168.0/23 maxlen: 24
103.180.172.0/23 maxlen: 24
103.180.174.0/23 maxlen: 24
103.180.176.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.64.0/23 maxlen: 24
103.181.84.0/23 maxlen: 23
103.181.85.0/24 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.114.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.154.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.181.198.0/23 maxlen: 24
103.182.58.0/23 maxlen: 24
103.183.216.0/23 maxlen: 24
103.189.82.0/23 maxlen: 24
103.229.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23885 (0x5d4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 16 05:51:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63240ef1-1c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fd:37:a7:8d:3d:bc:e6:1b:ec:0f:ca:55:14:
61:f6:96:ed:2c:b2:58:6a:c7:c0:fb:55:14:f3:8b:
bb:5b:cf:0b:b9:7c:f5:18:91:36:5b:7f:61:a6:d9:
c0:f9:af:1f:f4:57:e6:40:ad:e9:48:57:2f:fc:a1:
27:64:79:66:32:cb:44:c0:4c:83:da:6f:ae:72:1e:
1b:d6:0c:8c:c1:88:70:41:ec:47:5d:44:52:06:23:
5c:45:bc:32:27:a7:9c:4f:69:83:c6:85:6f:c7:cc:
a4:9b:be:58:d6:64:37:c0:a8:f5:5c:2c:4d:11:32:
db:9d:98:cf:af:be:31:30:91:ad:6c:c9:f8:83:8c:
33:ef:8e:5c:fe:0c:de:fa:f4:02:7d:38:4c:c4:e2:
16:eb:62:40:91:45:5f:83:85:fb:40:83:9c:d3:18:
27:2c:3b:83:aa:49:d5:c1:e9:5a:d0:cf:71:e5:45:
ed:6c:d7:7f:39:d8:61:c9:8f:1e:5b:af:ed:b0:c1:
f0:9d:c6:d6:c5:6d:10:40:36:66:a8:87:00:30:e6:
83:7a:74:5d:35:ee:05:43:a3:ba:59:01:96:0e:d9:
1f:50:73:63:23:3a:a7:f6:bd:17:89:30:c5:3e:ca:
3b:2f:d3:7d:91:a8:a5:6a:4c:86:a3:cf:f4:9d:05:
eb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:38:C8:10:81:7E:5A:78:8A:DD:31:8A:02:09:6E:02:41:17:17:0E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A54D11EA358311EDA659ED2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.224.0/23
103.167.238.0/23
103.168.0.0/23
103.168.32.0/23
103.170.36.0/23
103.171.110.0/23
103.171.174.0/23
103.173.14.0/23
103.179.94.0-103.179.97.255
103.179.100.0/23
103.179.118.0/23
103.179.121.0/24
103.179.224.0/22
103.180.110.0/23
103.180.168.0/23
103.180.172.0-103.180.177.255
103.180.212.0/22
103.180.238.0/23
103.181.64.0/23
103.181.84.0/23
103.181.110.0/23
103.181.114.0/23
103.181.152.0/22
103.181.174.0/23
103.181.198.0/23
103.182.58.0/23
103.183.216.0/23
103.189.82.0/23
103.229.209.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c7:f3:77:eb:cc:36:07:06:67:97:d0:cd:16:ed:b4:e0:22:
e5:5d:c7:52:a5:79:4e:09:41:36:54:91:66:2f:d2:ef:9c:bb:
d0:a6:8c:ff:e7:99:84:3d:80:e7:37:1f:48:4e:63:18:5f:6b:
df:76:24:3d:bb:16:95:09:74:1e:bd:f8:b7:3c:51:85:36:02:
70:24:dd:90:03:ab:56:74:a4:36:87:5d:48:95:9d:e2:e4:3e:
1d:4b:cb:ef:a6:ba:c5:f6:aa:fd:74:bc:18:99:9a:7e:51:cc:
f7:1d:7f:4d:70:b3:3b:97:77:c6:b7:83:2e:32:a8:ad:6d:60:
af:02:41:3a:18:c2:28:d5:2b:e5:bc:92:fe:d0:3b:e9:ba:7f:
39:d0:df:87:03:f9:94:b0:da:79:bc:1e:ed:e0:10:f9:20:e8:
90:7e:4b:45:e9:7e:d3:46:ec:d0:25:1c:15:49:02:3f:80:01:
4f:fa:60:7c:83:e0:6f:18:a3:64:11:75:3f:2e:71:dd:bc:d7:
52:e2:d0:b9:57:4f:08:61:ed:8c:93:61:a1:e6:bc:50:f7:a7:
82:dc:aa:64:75:d1:42:d9:ed:45:00:22:3b:ed:51:36:6b:fb:
95:bf:46:38:fb:e8:c5:69:2d:31:1d:bb:70:d6:88:37:51:7b:
ff:38:40:e8
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgICXU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwOTE2MDU1MTQ1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzI0MGVmMS0xYzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1/03p409vOYb7A/KVRRh9pbtLLJYasfA+1UU84u7W88LuXz1GJE2W39hptnA
+a8f9FfmQK3pSFcv/KEnZHlmMstEwEyD2m+uch4b1gyMwYhwQexHXURSBiNcRbwy
J6ecT2mDxoVvx8ykm75Y1mQ3wKj1XCxNETLbnZjPr74xMJGtbMn4g4wz745c/gze
+vQCfThMxOIW62JAkUVfg4X7QIOc0xgnLDuDqknVwela0M9x5UXtbNd/OdhhyY8e
W6/tsMHwncbWxW0QQDZmqIcAMOaDenRdNe4FQ6O6WQGWDtkfUHNjIzqn9r0XiTDF
Pso7L9N9kailakyGo8/0nQXrDQIDAQABo4IDUjCCA04wHQYDVR0OBBYEFKA4yBCB
flp4it0xigIJbgJBFxcOMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQTU0RDExRUEz
NTgzMTFFREE2NTlFRDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdsGCCsGAQUFBwEHAQH/
BIHLMIHIMIHFBAIAATCBvgMEAWen4AMEAWen7gMEAWeoAAMEAWeoIAMEAWeqJAME
AWerbgMEAWerrgMEAWetDjAMAwQBZ7NeAwQBZ7NgAwQBZ7NkAwQBZ7N2AwQAZ7N5
AwQCZ7PgAwQBZ7RuAwQBZ7SoMAwDBAJntKwDBAFntLADBAJntNQDBAFntO4DBAFn
tUADBAFntVQDBAFntW4DBAFntXIDBAJntZgDBAFnta4DBAFntcYDBAFntjoDBAFn
t9gDBAFnvVIDBABn5dEwDQYJKoZIhvcNAQELBQADggEBAC7H83frzDYHBmeX0M0W
7bTgIuVdx1KleU4JQTZUkWYv0u+cu9CmjP/nmYQ9gOc3H0hOYxhfa992JD27FpUJ
dB69+Lc8UYU2AnAk3ZADq1Z0pDaHXUiVneLkPh1Ly++musX2qv10vBiZmn5RzPcd
f01wszuXd8a3gy4yqK1tYK8CQToYwijVK+W8kv7QO+m6fznQ34cD+ZSw2nm8Hu3g
EPkg6JB+S0XpftNG7NAlHBVJAj+AAU/6YHyD4G8Yo2QRdT8ucd2811Li0LlXTwhh
7YyTYaHmvFD3p4LcqmR10ULZ7UUAIjvtUTZr+5W/Rjj76MVpLTEdu3DWiDdRe/84
QOg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org