Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC1CE11034DE11ED97DB4938C4F9AE02.roa
File: CC1CE11034DE11ED97DB4938C4F9AE02.roa (raw, json)
Hash identifier: Lkb5VwODjpadS/Ji6hnCHFhi88WPfB9hswUzSyBnHGc=
Subject key identifier: DC:7E:6E:5F:77:57:AB:11:FD:5E:CA:DC:F3:D2:7E:5C:4D:5C:15:37
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 605F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC1CE11034DE11ED97DB4938C4F9AE02.roa
Signing time: Sat 19 Nov 2022 08:02:03 +0000
ROA not before: Sat 19 Nov 2022 08:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150102
IP address blocks: 43.255.56.0/24 maxlen: 24
103.194.119.0/24 maxlen: 24
103.212.132.0/24 maxlen: 24
103.212.133.0/24 maxlen: 24
103.217.80.0/23 maxlen: 24
103.229.209.0/24 maxlen: 24
139.5.232.0/24 maxlen: 24
139.5.233.0/24 maxlen: 24
139.5.234.0/24 maxlen: 24
139.5.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24671 (0x605f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 19 08:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63788d7a-7146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:35:39:fe:14:76:82:2b:56:3c:7c:1c:b8:27:
ba:fd:14:b6:f8:a9:35:59:42:3b:42:4c:de:f3:da:
a5:b2:03:4f:69:9a:ef:a1:f0:e9:27:77:6f:93:2d:
43:dd:86:68:fa:58:90:cc:5f:1e:a4:6a:59:ea:7a:
d4:4f:4d:95:7b:72:18:ba:58:f0:79:72:97:75:8e:
2a:0f:3a:0a:b6:7a:a6:6a:84:c6:be:cb:74:68:4b:
58:86:fe:af:6f:af:e3:11:38:8f:47:18:00:65:fe:
35:b4:4e:2f:e2:15:f1:c2:c5:bc:5f:52:73:01:8c:
cf:bd:24:a6:2d:44:22:fd:26:88:33:a3:91:9c:87:
77:00:3a:51:e6:a8:10:a8:36:74:cd:d7:ad:96:83:
10:ad:7e:22:a8:ff:47:a4:5c:f1:a7:73:6b:6b:17:
22:7a:af:ec:16:25:32:f4:3a:dc:b6:1c:5e:1f:c8:
b7:f4:bf:89:d0:41:9f:87:1c:6a:8e:8c:a4:aa:f4:
0d:5e:d4:67:33:20:96:32:75:81:23:96:aa:ba:fc:
cf:b4:1d:fd:53:f0:40:d6:c9:02:dd:d2:e8:7d:dc:
9d:b4:93:dc:a1:be:c6:66:c0:b1:a9:73:4f:53:7b:
e2:b0:39:1c:3c:7e:b2:e4:be:c5:fd:cd:96:37:7c:
36:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7E:6E:5F:77:57:AB:11:FD:5E:CA:DC:F3:D2:7E:5C:4D:5C:15:37
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC1CE11034DE11ED97DB4938C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.56.0/24
103.194.119.0/24
103.212.132.0/23
103.217.80.0/23
103.229.209.0/24
139.5.232.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:99:2a:ea:05:9e:50:cb:42:cb:bc:69:b0:8c:5a:49:bb:33:
cc:10:98:2f:9a:59:c2:24:c5:b4:a6:9c:46:3f:55:33:d0:5a:
27:3c:2a:fe:2e:1d:9a:fd:ab:27:ac:90:78:b0:87:2a:d0:16:
b4:7d:d1:fb:f6:37:63:43:c2:62:6f:0b:3e:93:b5:0b:7a:e9:
bc:8a:1d:93:88:27:c0:f9:98:c5:24:47:90:a0:92:d3:e9:ca:
f3:89:5f:93:ae:38:82:df:03:e7:df:dd:27:a5:f3:59:28:29:
a3:ac:90:f4:4a:e3:27:02:47:26:82:ee:61:16:bc:55:3d:4d:
eb:dd:5a:3a:3b:0d:b1:00:e4:79:19:b3:de:9c:90:75:31:8f:
f2:16:20:4c:b3:a1:03:8a:1f:35:55:09:69:1f:32:96:91:97:
5f:73:7b:53:55:46:30:e2:82:65:d4:0e:d8:48:01:6c:91:13:
67:16:c3:07:d8:85:eb:ee:c1:3d:3f:df:4a:93:cc:7a:f1:94:
ac:3c:71:1f:83:d6:4c:98:f9:35:68:21:54:eb:f7:f7:6b:71:
db:6b:21:47:36:5e:e3:c5:15:b5:ba:d0:96:62:5c:64:7c:52:
c6:39:82:a7:c4:f4:36:57:6f:9e:d1:40:80:11:5b:c5:10:d1:
5b:92:bf:b4
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICYF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMTE5MDgwMjAzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzc4OGQ3YS03MTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsTU5/hR2gitWPHwcuCe6/RS2+Kk1WUI7Qkze89qlsgNPaZrvofDpJ3dvky1D
3YZo+liQzF8epGpZ6nrUT02Ve3IYuljweXKXdY4qDzoKtnqmaoTGvst0aEtYhv6v
b6/jETiPRxgAZf41tE4v4hXxwsW8X1JzAYzPvSSmLUQi/SaIM6ORnId3ADpR5qgQ
qDZ0zdetloMQrX4iqP9HpFzxp3Nraxcieq/sFiUy9DrcthxeH8i39L+J0EGfhxxq
joykqvQNXtRnMyCWMnWBI5aquvzPtB39U/BA1skC3dLofdydtJPcob7GZsCxqXNP
U3visDkcPH6y5L7F/c2WN3w24QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFNx+bl93
V6sR/V7K3PPSflxNXBU3MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQ0MxQ0UxMTAz
NERFMTFFRDk3REI0OTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAr/zgDBABnwncDBAFn1IQDBAFn2VADBABn5dEDBAKLBegw
DQYJKoZIhvcNAQELBQADggEBAK6ZKuoFnlDLQsu8abCMWkm7M8wQmC+aWcIkxbSm
nEY/VTPQWic8Kv4uHZr9qyeskHiwhyrQFrR90fv2N2NDwmJvCz6TtQt66byKHZOI
J8D5mMUkR5CgktPpyvOJX5OuOILfA+ff3Sel81koKaOskPRK4ycCRyaC7mEWvFU9
TevdWjo7DbEA5HkZs96ckHUxj/IWIEyzoQOKHzVVCWkfMpaRl19ze1NVRjDigmXU
DthIAWyRE2cWwwfYhevuwT0/30qTzHrxlKw8cR+D1kyY+TVoIVTr9/drcdtrIUc2
XuPFFbW60JZiXGR8UsY5gqfE9DZXb57RQIARW8UQ0VuSv7Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org