Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AE53B4681A4111ED8F58F77AC4F9AE02.roa
File: AE53B4681A4111ED8F58F77AC4F9AE02.roa (raw, json)
Hash identifier: 5ToXGHyPmsvnJHUwgJA0Ilv6CaVDSmDAWveYl33b0d0=
Subject key identifier: 3C:5A:07:0A:95:FE:46:7D:AF:A3:BB:F7:AB:68:B0:B8:2B:3A:6C:6F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5F3D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AE53B4681A4111ED8F58F77AC4F9AE02.roa
Signing time: Wed 26 Oct 2022 11:01:48 +0000
ROA not before: Wed 26 Oct 2022 11:01:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17665
IP address blocks: 36.255.88.0/22 maxlen: 24
43.230.40.0/22 maxlen: 24
59.152.120.0/22 maxlen: 24
103.10.224.0/22 maxlen: 24
103.38.68.0/23 maxlen: 24
103.38.128.0/22 maxlen: 24
103.46.192.0/23 maxlen: 24
103.88.56.0/24 maxlen: 24
103.88.57.0/24 maxlen: 24
103.88.58.0/24 maxlen: 24
103.88.59.0/24 maxlen: 24
103.99.196.0/23 maxlen: 24
103.99.198.0/23 maxlen: 24
103.147.1.0/24 maxlen: 24
103.159.212.0/24 maxlen: 24
103.163.148.0/23 maxlen: 24
103.164.46.0/23 maxlen: 24
103.165.28.0/23 maxlen: 24
103.169.156.0/23 maxlen: 24
103.174.159.0/24 maxlen: 24
103.175.30.0/24 maxlen: 24
103.175.31.0/24 maxlen: 24
103.177.174.0/23 maxlen: 24
103.181.140.0/24 maxlen: 24
103.181.141.0/24 maxlen: 24
103.183.54.0/23 maxlen: 24
103.189.146.0/24 maxlen: 24
103.203.36.0/22 maxlen: 24
103.206.8.0/24 maxlen: 24
103.206.9.0/24 maxlen: 24
103.206.10.0/24 maxlen: 24
103.206.11.0/24 maxlen: 24
103.209.68.0/22 maxlen: 22
103.209.68.0/24 maxlen: 24
103.209.69.0/24 maxlen: 24
103.209.70.0/24 maxlen: 24
103.209.71.0/24 maxlen: 24
103.251.52.0/22 maxlen: 24
203.192.192.0/20 maxlen: 24
203.192.208.0/22 maxlen: 24
203.192.220.0/22 maxlen: 24
203.192.224.0/23 maxlen: 24
203.192.226.0/24 maxlen: 24
203.192.228.0/22 maxlen: 24
203.192.232.0/22 maxlen: 24
203.192.237.0/24 maxlen: 24
203.192.238.0/23 maxlen: 24
203.192.240.0/20 maxlen: 20
203.192.240.0/24 maxlen: 24
203.192.241.0/24 maxlen: 24
203.192.242.0/24 maxlen: 24
203.192.243.0/24 maxlen: 24
203.192.244.0/24 maxlen: 24
203.192.245.0/24 maxlen: 24
203.192.246.0/24 maxlen: 24
203.192.247.0/24 maxlen: 24
203.192.248.0/24 maxlen: 24
203.192.249.0/24 maxlen: 24
203.192.250.0/24 maxlen: 24
203.192.251.0/24 maxlen: 24
203.192.252.0/24 maxlen: 24
203.192.253.0/24 maxlen: 24
203.192.254.0/24 maxlen: 24
203.192.255.0/24 maxlen: 24
203.194.96.0/24 maxlen: 24
203.194.97.0/24 maxlen: 24
203.194.98.0/24 maxlen: 24
203.194.99.0/24 maxlen: 24
203.194.100.0/24 maxlen: 24
203.194.101.0/24 maxlen: 24
203.194.102.0/24 maxlen: 24
203.194.103.0/24 maxlen: 24
203.194.104.0/24 maxlen: 24
203.194.105.0/24 maxlen: 24
203.194.106.0/24 maxlen: 24
203.194.107.0/24 maxlen: 24
203.194.108.0/24 maxlen: 24
203.194.109.0/24 maxlen: 24
203.194.110.0/24 maxlen: 24
2404:ba00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24381 (0x5f3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 26 11:01:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6359139c-e23e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7c:ce:cb:21:0d:51:81:e1:45:6a:59:5d:87:
68:0b:26:b8:cf:8b:3a:9c:9e:da:62:7f:cf:7b:4f:
2b:dc:60:ef:74:73:c4:70:9e:8b:b2:34:58:59:26:
f0:b3:08:84:39:91:c4:43:f4:b1:31:d0:54:39:a6:
0c:c2:2d:7f:f1:19:f4:26:59:65:fd:cd:f3:bd:20:
d7:9e:5a:3d:b6:06:57:ba:09:9a:b1:18:1e:21:d0:
56:de:04:8d:92:51:d7:98:37:7d:82:cd:f6:ec:ea:
70:b9:1d:03:6d:06:f5:b9:a6:92:05:d6:0a:7e:9e:
35:8a:b4:35:d0:10:49:2d:8e:0d:12:9e:88:71:51:
9d:de:4d:0a:77:11:18:bb:a4:a9:68:26:c6:8f:24:
9a:6c:32:37:8e:c6:92:5c:6c:0a:54:e0:bf:76:9a:
58:f9:fa:33:22:0f:cf:93:99:66:5a:69:3d:e8:2e:
3e:92:98:20:5e:44:70:5a:cc:a5:47:c5:44:52:a6:
90:0b:f2:b8:54:93:26:13:3c:0a:4a:cd:eb:16:1b:
4c:e1:56:83:45:c2:e1:1e:75:26:a5:10:b9:f2:73:
9a:08:ab:22:ab:74:92:93:9f:7d:2f:76:92:a6:f6:
01:fe:b7:3c:6b:d3:69:ac:07:8f:56:86:3e:46:21:
18:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:5A:07:0A:95:FE:46:7D:AF:A3:BB:F7:AB:68:B0:B8:2B:3A:6C:6F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AE53B4681A4111ED8F58F77AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.88.0/22
43.230.40.0/22
59.152.120.0/22
103.10.224.0/22
103.38.68.0/23
103.38.128.0/22
103.46.192.0/23
103.88.56.0/22
103.99.196.0/22
103.147.1.0/24
103.159.212.0/24
103.163.148.0/23
103.164.46.0/23
103.165.28.0/23
103.169.156.0/23
103.174.159.0/24
103.175.30.0/23
103.177.174.0/23
103.181.140.0/23
103.183.54.0/23
103.189.146.0/24
103.203.36.0/22
103.206.8.0/22
103.209.68.0/22
103.251.52.0/22
203.192.192.0-203.192.211.255
203.192.220.0-203.192.226.255
203.192.228.0-203.192.235.255
203.192.237.0-203.192.255.255
203.194.96.0-203.194.110.255
IPv6:
2404:ba00::/32
Signature Algorithm: sha256WithRSAEncryption
52:ce:8c:37:85:34:e0:7f:3e:36:f0:52:0b:12:89:1f:1c:88:
d9:1f:d6:a4:5d:09:6b:af:ad:8d:b6:11:7f:a0:d8:4c:0b:32:
c6:e1:5f:4e:1a:1d:73:89:b3:51:97:b1:00:c8:5a:ba:b7:17:
7a:2d:23:ff:a5:b5:8f:db:92:0b:f0:f8:92:7d:5c:05:49:ce:
00:15:73:85:c4:35:98:fd:6d:80:09:6b:f4:28:b4:45:7b:60:
58:4d:4e:ea:28:c2:b5:c6:5f:9e:70:8b:dd:07:5b:1a:a6:3b:
ba:b1:42:0d:39:c7:f5:f9:6d:63:01:3f:79:23:99:e8:ca:b4:
ba:26:82:d0:0a:ae:fb:50:75:9d:85:a7:84:30:43:c6:c0:d2:
5b:05:19:5c:69:11:d9:d2:f2:f3:69:78:c2:06:45:7a:6d:8e:
b1:60:08:31:17:32:e5:d4:a9:50:74:34:99:45:8d:a2:8b:8a:
a5:4c:b8:5b:ce:3b:a9:1d:d8:81:6d:3a:45:72:4b:c6:b9:ba:
76:bb:56:18:dc:29:cf:9c:7b:db:92:f3:8f:55:e7:04:99:2f:
4f:33:4b:ec:8a:86:e0:07:00:87:03:8b:eb:80:df:3f:ac:84:
e1:61:b6:f7:85:ec:10:3e:ec:51:a1:ce:91:9e:87:40:49:bc:
a6:85:cc:40
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgICXz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMDI2MTEwMTQ4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzU5MTM5Yy1lMjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq3zOyyENUYHhRWpZXYdoCya4z4s6nJ7aYn/Pe08r3GDvdHPEcJ6LsjRYWSbw
swiEOZHEQ/SxMdBUOaYMwi1/8Rn0Jlll/c3zvSDXnlo9tgZXugmasRgeIdBW3gSN
klHXmDd9gs327OpwuR0DbQb1uaaSBdYKfp41irQ10BBJLY4NEp6IcVGd3k0KdxEY
u6SpaCbGjySabDI3jsaSXGwKVOC/dppY+fozIg/Pk5lmWmk96C4+kpggXkRwWsyl
R8VEUqaQC/K4VJMmEzwKSs3rFhtM4VaDRcLhHnUmpRC58nOaCKsiq3SSk599L3aS
pvYB/rc8a9NprAePVoY+RiEYMQIDAQABo4IDfzCCA3swHQYDVR0OBBYEFDxaBwqV
/kZ9r6O796tosLgrOmxvMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQUU1M0I0Njgx
QTQxMTFFRDhGNThGNzdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEHBggrBgEFBQcBBwEB
/wSB9zCB9DCB4gQCAAEwgdsDBAIk/1gDBAIr5igDBAI7mHgDBAJnCuADBAFnJkQD
BAJnJoADBAFnLsADBAJnWDgDBAJnY8QDBABnkwEDBABnn9QDBAFno5QDBAFnpC4D
BAFnpRwDBAFnqZwDBABnrp8DBAFnrx4DBAFnsa4DBAFntYwDBAFntzYDBABnvZID
BAJnyyQDBAJnzggDBAJn0UQDBAJn+zQwDAMEBsvAwAMEAsvA0DAMAwQCy8DcAwQA
y8DiMAwDBALLwOQDBALLwOgwCwMEAMvA7QMDAMvAMAwDBAXLwmADBADLwm4wDQQC
AAIwBwMFACQEugAwDQYJKoZIhvcNAQELBQADggEBAFLOjDeFNOB/PjbwUgsSiR8c
iNkf1qRdCWuvrY22EX+g2EwLMsbhX04aHXOJs1GXsQDIWrq3F3otI/+ltY/bkgvw
+JJ9XAVJzgAVc4XENZj9bYAJa/QotEV7YFhNTuoowrXGX55wi90HWxqmO7qxQg05
x/X5bWMBP3kjmejKtLomgtAKrvtQdZ2Fp4QwQ8bA0lsFGVxpEdnS8vNpeMIGRXpt
jrFgCDEXMuXUqVB0NJlFjaKLiqVMuFvOO6kd2IFtOkVyS8a5una7VhjcKc+ce9uS
849V5wSZL08zS+yKhuAHAIcDi+uA3z+shOFhtveF7BA+7FGhzpGeh0BJvKaFzEA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org