Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C906ABC8506311EDA2F9424CC4F9AE02.roa
File: C906ABC8506311EDA2F9424CC4F9AE02.roa (raw, json)
Hash identifier: HjdpeVgaZvyKa4B8v/djwCW9KZTSw1Yax0lihTNXjd8=
Subject key identifier: 14:DE:81:0C:F8:28:9F:0E:BD:D5:2A:C2:B1:C0:B3:81:CF:26:5A:1F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5EFE
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C906ABC8506311EDA2F9424CC4F9AE02.roa
Signing time: Thu 20 Oct 2022 10:41:42 +0000
ROA not before: Thu 20 Oct 2022 10:41:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140125
IP address blocks: 103.168.0.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.179.120.0/24 maxlen: 24
103.179.121.0/24 maxlen: 24
103.179.226.0/23 maxlen: 24
103.180.176.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.181.64.0/23 maxlen: 24
103.181.84.0/23 maxlen: 23
103.181.85.0/24 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.114.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.181.198.0/23 maxlen: 24
103.182.58.0/23 maxlen: 24
103.189.82.0/23 maxlen: 24
103.229.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24318 (0x5efe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 20 10:41:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=635125e6-c735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9a:ab:dd:48:ae:cf:25:7a:b5:ff:23:d2:c7:
6f:57:87:44:9a:a8:d0:c2:81:88:c3:a4:72:07:94:
f2:06:05:2f:3c:92:c9:e7:db:2f:d9:da:ea:f7:af:
e2:76:42:ce:f5:03:cf:b7:60:63:d5:60:9f:7a:90:
bb:cb:03:80:2e:a6:3a:22:f5:10:66:df:6d:7e:87:
f7:f1:c5:db:e6:23:ec:3e:e3:b6:3f:67:2e:7c:6f:
de:bb:9b:6f:7d:18:00:88:cd:f4:4b:4f:0e:62:c6:
55:8f:35:90:ae:8c:ba:d9:b2:8f:53:30:39:51:b1:
35:bf:6e:47:c3:51:56:97:fc:9e:f3:a1:fe:0c:a9:
bc:91:81:7f:aa:07:b6:02:56:1a:19:b5:cf:61:d5:
35:ec:d6:8b:65:8d:69:4a:64:71:fc:70:ea:28:95:
e3:58:99:68:bc:23:2e:0c:a5:8d:b7:d2:99:54:81:
d5:c4:78:75:fe:d2:63:4e:30:2c:25:17:27:70:a7:
a0:05:5d:92:af:67:50:b2:00:2b:26:40:7e:3a:3d:
81:1a:0d:65:4b:7c:44:4b:b7:2e:74:08:07:cf:bb:
a0:ee:87:30:ed:01:18:e6:de:48:cd:b4:34:07:e5:
9f:69:ad:87:bd:48:41:49:a1:bd:5a:e1:e0:b1:71:
6f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DE:81:0C:F8:28:9F:0E:BD:D5:2A:C2:B1:C0:B3:81:CF:26:5A:1F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C906ABC8506311EDA2F9424CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.168.0.0/23
103.173.14.0/23
103.179.94.0/23
103.179.118.0-103.179.121.255
103.179.226.0/23
103.180.176.0/23
103.180.212.0/23
103.181.64.0/23
103.181.84.0/23
103.181.110.0/23
103.181.114.0/23
103.181.152.0/23
103.181.174.0/23
103.181.198.0/23
103.182.58.0/23
103.189.82.0/23
103.229.209.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ed:c7:75:bd:93:e6:d6:ba:ce:79:00:bc:8b:d5:3c:59:a4:
92:76:55:2e:95:64:ae:f3:11:0e:aa:8a:fa:42:3d:0b:d7:35:
90:83:8e:09:d2:76:30:ea:34:67:de:63:9e:36:5b:0b:3e:18:
85:36:62:01:65:73:15:11:9c:ea:8d:7c:1e:55:36:f1:65:bc:
f8:54:50:77:a4:a4:25:3e:8e:c8:96:a5:75:b4:34:c8:84:48:
0d:c5:91:c0:68:ff:8a:17:ce:ea:ae:08:1e:ec:80:6b:8c:06:
42:57:f3:b9:10:ea:3b:de:b4:d2:33:54:d7:d4:13:b3:46:12:
6b:b0:5e:56:1e:d2:fa:50:41:be:49:9e:01:84:a4:77:76:33:
e3:01:73:cd:d1:27:32:3b:f4:73:f2:ee:40:3f:05:a7:a3:ef:
ef:40:09:ba:8f:86:06:51:30:a2:b9:b0:52:b9:23:57:f0:24:
6a:22:df:d6:2d:76:ec:04:50:3b:10:7b:02:58:85:c1:83:6a:
92:9e:73:c0:ff:99:83:0b:89:32:e8:8e:10:a4:a0:4b:f2:07:
cb:d9:f2:ca:7b:e7:99:f0:a1:ca:a3:82:65:b2:00:e2:75:58:
35:eb:10:bc:f2:c9:82:bf:56:bb:23:3d:00:9c:bb:f4:af:a2:
90:17:41:d1
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgICXv4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMDIwMTA0MTQyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzUxMjVlNi1jNzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzJqr3UiuzyV6tf8j0sdvV4dEmqjQwoGIw6RyB5TyBgUvPJLJ59sv2drq96/i
dkLO9QPPt2Bj1WCfepC7ywOALqY6IvUQZt9tfof38cXb5iPsPuO2P2cufG/eu5tv
fRgAiM30S08OYsZVjzWQroy62bKPUzA5UbE1v25Hw1FWl/ye86H+DKm8kYF/qge2
AlYaGbXPYdU17NaLZY1pSmRx/HDqKJXjWJlovCMuDKWNt9KZVIHVxHh1/tJjTjAs
JRcncKegBV2Sr2dQsgArJkB+Oj2BGg1lS3xES7cudAgHz7ug7ocw7QEY5t5IzbQ0
B+Wfaa2HvUhBSaG9WuHgsXFvuwIDAQABo4IC/jCCAvowHQYDVR0OBBYEFBTegQz4
KJ8OvdUqwrHAs4HPJlofMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQzkwNkFCQzg1
MDYzMTFFREEyRjk0MjRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYcGCCsGAQUFBwEHAQH/
BHgwdjB0BAIAATBuAwQBZ6gAAwQBZ60OAwQBZ7NeMAwDBAFns3YDBAFns3gDBAFn
s+IDBAFntLADBAFntNQDBAFntUADBAFntVQDBAFntW4DBAFntXIDBAFntZgDBAFn
ta4DBAFntcYDBAFntjoDBAFnvVIDBABn5dEwDQYJKoZIhvcNAQELBQADggEBAIXt
x3W9k+bWus55ALyL1TxZpJJ2VS6VZK7zEQ6qivpCPQvXNZCDjgnSdjDqNGfeY542
Wws+GIU2YgFlcxURnOqNfB5VNvFlvPhUUHekpCU+jsiWpXW0NMiESA3FkcBo/4oX
zuquCB7sgGuMBkJX87kQ6jvetNIzVNfUE7NGEmuwXlYe0vpQQb5JngGEpHd2M+MB
c83RJzI79HPy7kA/Baej7+9ACbqPhgZRMKK5sFK5I1fwJGoi39YtduwEUDsQewJY
hcGDapKec8D/mYMLiTLojhCkoEvyB8vZ8sp755nwocqjgmWyAOJ1WDXrELzyyYK/
VrsjPQCcu/SvopAXQdE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org