Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B839CCB8EE1A11ECAE638C50C4F9AE02.roa
File: B839CCB8EE1A11ECAE638C50C4F9AE02.roa (raw, json)
Hash identifier: iHtLUa5/CZx0MdKaSw83w2hx8Tl59drqHFf9QZZkZ+w=
Subject key identifier: F1:D7:CD:AD:A3:85:C1:FB:AC:E3:A5:11:CC:98:20:3A:C8:8B:FF:34
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5780
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B839CCB8EE1A11ECAE638C50C4F9AE02.roa
Signing time: Fri 17 Jun 2022 08:51:47 +0000
ROA not before: Fri 17 Jun 2022 08:51:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140125
IP address blocks: 103.82.48.0/22 maxlen: 24
103.114.64.0/22 maxlen: 24
103.163.14.0/23 maxlen: 24
103.167.212.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.168.0.0/23 maxlen: 24
103.168.32.0/23 maxlen: 24
103.168.60.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.170.148.0/23 maxlen: 24
103.171.108.0/23 maxlen: 24
103.171.110.0/23 maxlen: 24
103.171.174.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.98.0/23 maxlen: 24
103.177.226.0/23 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.96.0/23 maxlen: 24
103.179.100.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.179.224.0/23 maxlen: 24
103.179.226.0/23 maxlen: 24
103.180.110.0/23 maxlen: 24
103.180.168.0/23 maxlen: 24
103.180.172.0/23 maxlen: 24
103.180.174.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.236.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.64.0/23 maxlen: 24
103.181.84.0/23 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.114.0/23 maxlen: 24
103.181.150.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.154.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.181.198.0/23 maxlen: 24
103.182.58.0/23 maxlen: 24
103.183.216.0/23 maxlen: 24
103.187.92.0/23 maxlen: 24
103.194.118.0/24 maxlen: 24
103.212.134.0/24 maxlen: 24
103.229.208.0/23 maxlen: 24
103.252.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22400 (0x5780)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 17 08:51:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62ac40a3-909d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5b:0a:76:b2:7e:7b:3c:27:52:13:63:96:21:
73:cb:01:4e:97:24:92:9c:d9:5b:f0:ad:2e:98:db:
5f:f9:6c:8a:fb:42:08:1f:3e:92:eb:16:21:83:5f:
1f:6d:6e:93:13:d4:24:da:2a:3b:fc:1d:60:f3:ad:
e3:8c:b8:3f:b6:02:10:88:72:fd:9e:6d:0f:1a:1e:
23:2f:91:4b:35:3e:c1:8a:fd:49:07:37:cb:ac:d9:
1c:48:ce:19:4a:c2:e6:1e:8c:e6:0e:9f:78:2d:29:
08:b6:ab:ff:ee:ac:a3:fd:6e:1b:9e:cd:5d:57:5c:
15:a1:c4:81:76:0d:0b:cf:f3:a5:f7:af:03:82:eb:
2b:55:9c:1a:ef:11:78:f1:50:d6:6d:61:5d:05:5d:
8e:0a:a1:9d:24:40:56:f8:9b:56:8e:bf:5f:94:ac:
24:b2:ad:09:3e:9d:0c:18:b6:3c:d6:fc:c9:13:38:
60:e7:9d:5b:a8:02:82:3a:e8:b1:14:f2:6c:1b:f8:
8c:c9:c2:fe:c5:ab:bc:4e:45:86:12:5e:d7:88:5b:
21:7b:f3:d3:d0:5a:a3:c0:fb:34:0e:ad:0e:c2:52:
77:70:2f:fb:2a:79:ad:3a:42:79:e9:3f:6b:0f:02:
2d:41:25:70:78:c6:a1:da:66:0c:28:dd:9f:dd:9b:
23:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D7:CD:AD:A3:85:C1:FB:AC:E3:A5:11:CC:98:20:3A:C8:8B:FF:34
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B839CCB8EE1A11ECAE638C50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.48.0/22
103.114.64.0/22
103.163.14.0/23
103.167.212.0/23
103.167.224.0/23
103.168.0.0/23
103.168.32.0/23
103.168.60.0/23
103.170.36.0/22
103.170.148.0/23
103.171.108.0/22
103.171.174.0/23
103.173.14.0/23
103.173.98.0/23
103.177.226.0/23
103.179.94.0-103.179.97.255
103.179.100.0/23
103.179.118.0/23
103.179.224.0/22
103.180.110.0/23
103.180.168.0/23
103.180.172.0/22
103.180.212.0/22
103.180.236.0/22
103.181.64.0/23
103.181.84.0/23
103.181.110.0/23
103.181.114.0/23
103.181.150.0-103.181.155.255
103.181.174.0/23
103.181.198.0/23
103.182.58.0/23
103.183.216.0/23
103.187.92.0/23
103.194.118.0/24
103.212.134.0/24
103.229.208.0/23
103.252.40.0/22
Signature Algorithm: sha256WithRSAEncryption
16:e4:84:9f:8e:93:60:ed:e7:9b:ca:ae:6c:7d:97:60:28:ca:
8b:2a:53:96:38:82:72:f4:ee:40:5f:c1:89:77:cc:d3:1b:ca:
58:f7:97:32:39:d5:76:8e:1b:9b:43:f9:d2:58:bd:e4:85:4e:
85:ac:6a:15:1d:f6:bc:37:76:b8:a0:e9:a7:23:ee:af:18:c4:
8b:7c:db:ca:8e:b1:16:d1:3e:ac:41:ac:f8:92:fb:1d:01:cd:
9d:22:aa:46:8a:a3:7f:f4:c7:c7:be:89:15:d8:ec:b3:23:fd:
45:0b:8c:02:8c:cc:53:31:3d:47:f7:12:0c:62:45:84:1a:b8:
2f:12:e3:be:43:c7:0b:74:dd:54:51:8a:a0:5c:e3:d3:9a:9e:
aa:98:73:61:84:4e:d2:97:6b:2e:1d:11:fc:88:3f:bc:64:43:
4f:3f:85:19:bd:54:9d:f7:79:da:ca:25:de:a2:9d:94:b1:ec:
09:48:a3:a1:df:02:4f:e0:8b:de:68:79:9a:14:23:aa:bc:5b:
ef:76:3d:9e:3e:31:dc:38:3e:45:45:b1:82:64:39:e5:cb:70:
a0:90:82:69:3e:91:ff:af:81:5b:8c:25:43:25:9e:2c:94:a7:
fc:3e:79:57:6e:f6:1a:19:57:f9:ae:9d:04:de:75:3f:1b:b6:
54:ad:87:d1
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgICV4AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNjE3MDg1MTQ3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmFjNDBhMy05MDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxlsKdrJ+ezwnUhNjliFzywFOlySSnNlb8K0umNtf+WyK+0IIHz6S6xYhg18f
bW6TE9Qk2io7/B1g863jjLg/tgIQiHL9nm0PGh4jL5FLNT7Biv1JBzfLrNkcSM4Z
SsLmHozmDp94LSkItqv/7qyj/W4bns1dV1wVocSBdg0Lz/Ol968DgusrVZwa7xF4
8VDWbWFdBV2OCqGdJEBW+JtWjr9flKwksq0JPp0MGLY81vzJEzhg551bqAKCOuix
FPJsG/iMycL+xau8TkWGEl7XiFshe/PT0FqjwPs0Dq0OwlJ3cC/7KnmtOkJ56T9r
DwItQSVweMah2mYMKN2f3ZsjfQIDAQABo4IDijCCA4YwHQYDVR0OBBYEFPHXza2j
hcH7rOOlEcyYIDrIi/80MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjgzOUNDQjhF
RTFBMTFFQ0FFNjM4QzUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggESBggrBgEFBQcBBwEB
/wSCAQEwgf4wgfsEAgABMIH0AwQCZ1IwAwQCZ3JAAwQBZ6MOAwQBZ6fUAwQBZ6fg
AwQBZ6gAAwQBZ6ggAwQBZ6g8AwQCZ6okAwQBZ6qUAwQCZ6tsAwQBZ6uuAwQBZ60O
AwQBZ61iAwQBZ7HiMAwDBAFns14DBAFns2ADBAFns2QDBAFns3YDBAJns+ADBAFn
tG4DBAFntKgDBAJntKwDBAJntNQDBAJntOwDBAFntUADBAFntVQDBAFntW4DBAFn
tXIwDAMEAWe1lgMEAme1mAMEAWe1rgMEAWe1xgMEAWe2OgMEAWe32AMEAWe7XAME
AGfCdgMEAGfUhgMEAWfl0AMEAmf8KDANBgkqhkiG9w0BAQsFAAOCAQEAFuSEn46T
YO3nm8qubH2XYCjKiypTljiCcvTuQF/BiXfM0xvKWPeXMjnVdo4bm0P50li95IVO
haxqFR32vDd2uKDppyPurxjEi3zbyo6xFtE+rEGs+JL7HQHNnSKqRoqjf/THx76J
FdjssyP9RQuMAozMUzE9R/cSDGJFhBq4LxLjvkPHC3TdVFGKoFzj05qeqphzYYRO
0pdrLh0R/Ig/vGRDTz+FGb1Unfd52sol3qKdlLHsCUijod8CT+CL3mh5mhQjqrxb
73Y9nj4x3Dg+RUWxgmQ55ctwoJCCaT6R/6+BW4wlQyWeLJSn/D55V272GhlX+a6d
BN51Pxu2VK2H0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org