Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B41E91FC7D0511ED8181DA7FC4F9AE02.roa
File: B41E91FC7D0511ED8181DA7FC4F9AE02.roa (raw, json)
Hash identifier: HF9ZTeXf/1HE8cLRPCKB1KLcBJD9NCgMWizDNM4zd+Y=
Subject key identifier: 9E:23:15:83:4E:6A:A3:54:B6:2B:63:8A:33:4E:84:D1:9F:F1:96:53
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 61E9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B41E91FC7D0511ED8181DA7FC4F9AE02.roa
Signing time: Mon 26 Dec 2022 09:51:38 +0000
ROA not before: Mon 26 Dec 2022 09:51:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133001
IP address blocks: 43.225.160.0/22 maxlen: 24
43.251.216.0/22 maxlen: 24
45.117.220.0/22 maxlen: 24
45.119.44.0/24 maxlen: 24
45.119.45.0/24 maxlen: 24
45.119.46.0/24 maxlen: 24
45.119.47.0/24 maxlen: 24
103.38.36.0/22 maxlen: 24
103.51.132.0/24 maxlen: 24
103.51.133.0/24 maxlen: 24
103.51.134.0/24 maxlen: 24
103.51.135.0/24 maxlen: 24
103.54.76.0/24 maxlen: 24
103.54.77.0/24 maxlen: 24
103.114.0.0/22 maxlen: 24
103.116.147.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.140.26.0/24 maxlen: 24
103.140.27.0/24 maxlen: 24
103.165.68.0/24 maxlen: 24
103.165.69.0/24 maxlen: 24
103.176.210.0/24 maxlen: 24
103.176.211.0/24 maxlen: 24
103.187.123.0/24 maxlen: 24
103.196.76.0/22 maxlen: 24
103.201.148.0/22 maxlen: 24
103.239.168.0/24 maxlen: 24
103.239.169.0/24 maxlen: 24
103.239.170.0/24 maxlen: 24
103.239.171.0/24 maxlen: 24
111.125.225.0/24 maxlen: 24
157.119.202.0/24 maxlen: 24
183.87.251.0/24 maxlen: 24
183.87.252.0/22 maxlen: 24
202.94.160.0/22 maxlen: 24
2401:b240::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25065 (0x61e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 26 09:51:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63a96eaa-2d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:4c:2c:79:bf:a4:22:e9:1d:14:0d:f7:df:
96:e4:a4:f2:65:30:c4:92:1e:50:59:31:d4:83:47:
6f:8c:f3:a6:96:e8:6f:70:d4:e9:ce:81:3a:b2:53:
33:4d:c2:f6:be:43:6c:d8:6c:1f:40:ec:57:36:21:
0c:4d:8d:9a:6f:19:e3:31:c9:18:97:80:4c:b6:c1:
6e:1b:c1:c3:1b:cf:9e:9c:e1:1e:5f:f9:d4:81:a0:
8d:00:46:31:08:2f:f8:e3:8c:42:02:60:95:86:84:
29:68:e6:78:e7:b2:65:7c:9c:23:f0:e5:2c:0b:6f:
cc:bf:91:0d:d0:fb:81:c1:4f:32:31:19:ec:7c:9d:
66:6b:8f:22:9d:86:90:11:ef:c8:51:61:b4:00:a8:
ed:3e:9a:18:cb:f8:e0:00:db:f5:32:19:53:f5:0d:
e1:fb:37:53:08:98:24:31:ee:41:19:d7:b6:36:5e:
36:9f:76:83:42:df:5d:f0:3c:de:80:2e:7c:65:84:
fa:3f:3f:24:b1:86:ae:18:7f:8a:59:4f:79:57:64:
03:41:a6:10:ad:48:0a:7d:ea:bd:3d:15:24:c5:76:
52:d4:96:8e:ec:86:ed:ae:9b:95:88:6c:09:2d:0d:
f7:7e:7c:1c:20:14:fb:5d:60:69:64:bb:63:95:8f:
9b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:23:15:83:4E:6A:A3:54:B6:2B:63:8A:33:4E:84:D1:9F:F1:96:53
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B41E91FC7D0511ED8181DA7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.160.0/22
43.251.216.0/22
45.117.220.0/22
45.119.44.0/22
103.38.36.0/22
103.51.132.0/22
103.54.76.0/23
103.114.0.0/22
103.116.147.0/24
103.133.116.0/24
103.140.26.0/23
103.165.68.0/23
103.176.210.0/23
103.187.123.0/24
103.196.76.0/22
103.201.148.0/22
103.239.168.0/22
111.125.225.0/24
157.119.202.0/24
183.87.251.0-183.87.255.255
202.94.160.0/22
IPv6:
2401:b240::/32
Signature Algorithm: sha256WithRSAEncryption
34:55:a8:e2:ee:40:63:15:5f:15:6b:c5:40:9f:91:8c:ec:c5:
a5:08:a8:48:78:01:cd:c8:ba:bb:c2:b4:18:05:ad:c7:4f:66:
a1:43:7c:c7:eb:9d:7f:1c:91:3a:ee:7e:7b:62:f9:b8:62:39:
9c:75:c6:6d:7c:37:f9:1b:76:dd:92:26:53:82:49:c7:17:29:
46:99:8a:41:55:98:90:51:84:da:e8:02:9e:66:0b:cf:7a:26:
8f:53:92:04:7a:9b:29:e7:8f:f4:a7:83:5d:75:8e:0e:37:a1:
72:8a:7d:ce:e0:d6:1c:db:be:53:c1:ec:10:48:db:a3:04:70:
13:00:33:cb:cf:c8:73:8e:a5:f5:e1:3c:06:38:a2:68:da:38:
f6:10:5f:54:41:53:ba:cc:36:70:d7:3d:5d:1e:f9:27:b0:91:
17:df:e7:ed:e3:6b:37:a8:79:7e:d1:f3:41:22:aa:f8:3a:14:
9f:66:45:1f:2a:38:07:ff:af:31:b7:fc:b0:aa:06:b5:98:79:
c9:67:b0:b2:81:46:81:88:52:b7:ee:33:8f:02:08:38:5f:9c:
2f:40:1b:6f:5b:66:70:53:45:b6:20:76:7a:e0:62:9a:0c:29:
10:58:0b:ed:39:bb:68:56:f8:b8:32:d5:97:9a:6c:70:66:73:
4c:f4:7b:0b
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgICYekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMjI2MDk1MTM4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E5NmVhYS0yZDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArL1MLHm/pCLpHRQN99+W5KTyZTDEkh5QWTHUg0dvjPOmluhvcNTpzoE6slMz
TcL2vkNs2GwfQOxXNiEMTY2abxnjMckYl4BMtsFuG8HDG8+enOEeX/nUgaCNAEYx
CC/444xCAmCVhoQpaOZ457JlfJwj8OUsC2/Mv5EN0PuBwU8yMRnsfJ1ma48inYaQ
Ee/IUWG0AKjtPpoYy/jgANv1MhlT9Q3h+zdTCJgkMe5BGde2Nl42n3aDQt9d8Dze
gC58ZYT6Pz8ksYauGH+KWU95V2QDQaYQrUgKfeq9PRUkxXZS1JaO7IbtrpuViGwJ
LQ33fnwcIBT7XWBpZLtjlY+bGwIDAQABo4IDKDCCAyQwHQYDVR0OBBYEFJ4jFYNO
aqNUtitjijNOhNGf8ZZTMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjQxRTkxRkM3
RDA1MTFFRDgxODFEQTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbEGCCsGAQUFBwEHAQH/
BIGhMIGeMIGMBAIAATCBhQMEAivhoAMEAiv72AMEAi113AMEAi13LAMEAmcmJAME
AmczhAMEAWc2TAMEAmdyAAMEAGd0kwMEAGeFdAMEAWeMGgMEAWelRAMEAWew0gME
AGe7ewMEAmfETAMEAmfJlAMEAmfvqAMEAG994QMEAJ13yjALAwQAt1f7AwMDt1AD
BALKXqAwDQQCAAIwBwMFACQBskAwDQYJKoZIhvcNAQELBQADggEBADRVqOLuQGMV
XxVrxUCfkYzsxaUIqEh4Ac3IurvCtBgFrcdPZqFDfMfrnX8ckTrufnti+bhiOZx1
xm18N/kbdt2SJlOCSccXKUaZikFVmJBRhNroAp5mC896Jo9TkgR6mynnj/Sng111
jg43oXKKfc7g1hzbvlPB7BBI26MEcBMAM8vPyHOOpfXhPAY4omjaOPYQX1RBU7rM
NnDXPV0e+SewkRff5+3jazeoeX7R80Eiqvg6FJ9mRR8qOAf/rzG3/LCqBrWYecln
sLKBRoGIUrfuM48CCDhfnC9AG29bZnBTRbYgdnrgYpoMKRBYC+05u2hW+Lgy1Zea
bHBmc0z0ews=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org