Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC50262EE3B411EBB3CB3785C4F9AE02.roa
File: BC50262EE3B411EBB3CB3785C4F9AE02.roa (raw, json)
Hash identifier: lnkc1wXcr8YJRDfgxhg1qL57HXYTAHo7ITcYaR13vHc=
Subject key identifier: C6:CD:4A:A0:7B:37:A6:4A:77:3B:BB:82:1C:75:DF:85:9C:FC:77:B7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4B1A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC50262EE3B411EBB3CB3785C4F9AE02.roa
Signing time: Mon 28 Mar 2022 11:41:28 +0000
ROA not before: Mon 28 Mar 2022 11:41:28 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 137127
IP address blocks: 103.102.28.0/22 maxlen: 24
103.112.121.0/24 maxlen: 24
103.124.109.0/24 maxlen: 24
103.147.120.0/24 maxlen: 24
103.147.121.0/24 maxlen: 24
103.148.62.0/24 maxlen: 24
103.148.63.0/24 maxlen: 24
103.167.130.0/23 maxlen: 24
103.168.248.0/23 maxlen: 24
103.171.200.0/23 maxlen: 24
103.174.34.0/23 maxlen: 24
103.183.24.0/24 maxlen: 24
103.183.25.0/24 maxlen: 24
103.220.32.0/24 maxlen: 24
103.220.34.0/24 maxlen: 24
137.59.99.0/24 maxlen: 24
2001:df0:82c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19226 (0x4b1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 28 11:41:28 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=62419ee7-2d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:eb:9c:15:a2:92:31:db:9b:a1:3b:f3:23:ff:
62:30:3a:8b:81:5a:98:2c:f7:80:2a:53:f3:ea:5f:
b1:e5:9b:20:5f:f5:25:b6:8c:06:68:3a:21:1a:b4:
42:65:26:fd:7d:97:5d:0b:64:61:fb:85:67:90:7f:
76:36:af:72:7c:5d:eb:82:ae:b8:36:db:ce:9f:8c:
5b:38:67:70:bb:b3:17:76:3a:47:09:c3:84:45:e1:
6a:7f:00:78:51:01:21:47:f8:19:f0:20:9e:05:dc:
4d:5d:52:16:db:b9:e8:25:3d:ca:69:68:fe:e3:90:
0c:3b:b9:2e:8b:fc:75:2f:79:a3:ed:bf:f5:89:2c:
79:c9:5e:d4:ed:bd:1b:23:07:61:18:bb:da:33:fa:
72:14:06:3f:aa:17:ce:db:6a:97:cc:4c:81:ac:ec:
53:46:70:0b:b0:e1:43:4c:60:ad:aa:0a:60:33:9b:
fa:a7:3d:f3:ea:5f:32:c7:4e:06:ba:4e:15:93:90:
99:d2:05:93:f0:02:82:51:50:7b:be:b6:3f:2d:55:
aa:4b:64:52:a3:66:9a:8c:8d:7b:4d:5e:4f:f6:d9:
c9:78:68:83:6e:95:49:97:ef:6d:81:17:ee:f7:27:
c8:f7:73:23:2a:70:f5:e1:1b:10:72:16:1a:29:66:
88:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CD:4A:A0:7B:37:A6:4A:77:3B:BB:82:1C:75:DF:85:9C:FC:77:B7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/BC50262EE3B411EBB3CB3785C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.28.0/22
103.112.121.0/24
103.124.109.0/24
103.147.120.0/23
103.148.62.0/23
103.167.130.0/23
103.168.248.0/23
103.171.200.0/23
103.174.34.0/23
103.183.24.0/23
103.220.32.0/24
103.220.34.0/24
137.59.99.0/24
IPv6:
2001:df0:82c0::/48
Signature Algorithm: sha256WithRSAEncryption
70:c4:c0:64:05:28:aa:3a:7f:9b:ed:09:d7:66:3b:17:da:66:
29:f6:0a:8e:9d:b6:58:85:ee:08:01:9e:b1:13:1c:38:92:a3:
b5:61:d8:99:6d:8e:89:48:36:3d:df:83:80:51:21:ce:c0:5d:
b0:23:dc:1c:6a:f4:f1:af:62:db:3c:15:5e:73:f7:10:55:7e:
ce:41:90:1b:47:a7:c0:8d:8f:26:cf:4c:7a:d3:b5:68:0d:c4:
93:bb:b1:d5:e7:8f:c2:de:fb:c5:61:c2:47:dc:94:8e:82:85:
29:68:19:0c:bd:ba:77:8c:8f:72:f8:89:99:5d:26:81:f1:15:
e0:7c:bd:96:8f:54:2a:b5:36:d1:fb:87:b2:41:a9:3f:60:12:
10:6b:18:7e:8e:34:72:f6:0e:ad:81:b2:58:91:5a:e6:9b:c6:
1c:cb:9a:1a:12:c2:e9:72:31:a3:4d:03:00:9a:6f:0e:26:92:
82:fb:8e:9c:2d:5b:f5:a0:89:92:e1:36:c0:f8:06:2f:bf:41:
a1:60:3f:f8:5c:24:14:cc:1d:5a:c2:25:79:f7:d4:39:ba:05:
83:40:b9:f1:ed:6a:8f:2b:23:c7:97:dd:1a:72:11:17:91:14:
f3:a3:54:92:db:92:e6:6a:11:b8:3e:70:bf:55:cc:9b:54:d6:
4e:c7:75:53
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgICSxowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMzI4MTE0MTI4WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQxOWVlNy0yZDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1OucFaKSMduboTvzI/9iMDqLgVqYLPeAKlPz6l+x5ZsgX/UltowGaDohGrRC
ZSb9fZddC2Rh+4VnkH92Nq9yfF3rgq64NtvOn4xbOGdwu7MXdjpHCcOEReFqfwB4
UQEhR/gZ8CCeBdxNXVIW27noJT3KaWj+45AMO7kui/x1L3mj7b/1iSx5yV7U7b0b
IwdhGLvaM/pyFAY/qhfO22qXzEyBrOxTRnALsOFDTGCtqgpgM5v6pz3z6l8yx04G
uk4Vk5CZ0gWT8AKCUVB7vrY/LVWqS2RSo2aajI17TV5P9tnJeGiDbpVJl+9tgRfu
9yfI93MjKnD14RsQchYaKWaIFQIDAQABo4IC7jCCAuowHQYDVR0OBBYEFMbNSqB7
N6ZKdzu7ghx134Wc/He3MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQkM1MDI2MkVF
M0I0MTFFQkIzQ0IzNzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwweAYIKwYBBQUHAQcBAf8E
aTBnMFQEAgABME4DBAJnZhwDBABncHkDBABnfG0DBAFnk3gDBAFnlD4DBAFnp4ID
BAFnqPgDBAFnq8gDBAFnriIDBAFntxgDBABn3CADBABn3CIDBACJO2MwDwQCAAIw
CQMHACABDfCCwDANBgkqhkiG9w0BAQsFAAOCAQEAcMTAZAUoqjp/m+0J12Y7F9pm
KfYKjp22WIXuCAGesRMcOJKjtWHYmW2OiUg2Pd+DgFEhzsBdsCPcHGr08a9i2zwV
XnP3EFV+zkGQG0enwI2PJs9MetO1aA3Ek7ux1eePwt77xWHCR9yUjoKFKWgZDL26
d4yPcviJmV0mgfEV4Hy9lo9UKrU20fuHskGpP2ASEGsYfo40cvYOrYGyWJFa5pvG
HMuaGhLC6XIxo00DAJpvDiaSgvuOnC1b9aCJkuE2wPgGL79BoWA/+FwkFMwdWsIl
effUOboFg0C58e1qjysjx5fdGnIRF5EU86NUktuS5moRuD5wv1XMm1TWTsd1Uw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org