Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D959805490AA11ED9F715F6DC4F9AE02.roa
File: D959805490AA11ED9F715F6DC4F9AE02.roa (raw, json)
Hash identifier: 9NqXPK/b2GUmwLil+u6sWb327UgLfjMpgvUGVXe9M44=
Subject key identifier: 56:BF:14:40:92:3B:20:31:70:C3:87:20:E9:2B:DF:EC:EC:94:3A:F1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 67EC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D959805490AA11ED9F715F6DC4F9AE02.roa
Signing time: Wed 05 Apr 2023 11:11:39 +0000
ROA not before: Wed 05 Apr 2023 11:11:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139482
IP address blocks: 103.97.104.0/22 maxlen: 24
103.110.251.0/24 maxlen: 24
103.114.64.0/24 maxlen: 24
103.140.72.0/24 maxlen: 24
103.140.73.0/24 maxlen: 24
103.173.14.0/24 maxlen: 24
103.173.15.0/24 maxlen: 24
103.177.42.0/23 maxlen: 24
103.177.180.0/23 maxlen: 24
103.179.120.0/24 maxlen: 24
103.179.224.0/24 maxlen: 24
103.179.225.0/24 maxlen: 24
103.181.208.0/24 maxlen: 24
103.181.209.0/24 maxlen: 24
103.190.97.0/24 maxlen: 24
2405:9540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26604 (0x67ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 5 11:11:39 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=642d576b-6970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a5:81:35:6b:22:7e:55:4f:93:db:a5:ee:0a:
e5:7f:2a:5d:f9:24:dd:c0:c6:81:41:36:ca:ea:c0:
48:b1:67:21:81:37:e4:df:72:4b:ab:55:28:af:e7:
67:03:f2:56:28:ae:c0:75:05:c2:29:f7:cc:c2:69:
a0:9d:01:0c:ff:f1:25:e9:2c:f4:25:cd:65:e6:35:
09:f0:2a:7e:ac:9b:1d:80:ab:e4:79:1b:f7:d1:3d:
40:da:f7:7f:c7:98:08:f3:1a:2d:b9:4e:25:cd:2c:
db:05:3d:54:16:99:2c:62:a7:da:95:38:1d:f0:00:
1f:8d:d5:62:be:79:81:8c:93:ba:e0:b2:74:77:ba:
fa:22:c0:69:1f:60:a2:fc:be:7a:0f:5b:3f:82:62:
77:25:a2:ee:75:1b:52:55:de:a7:d5:e4:03:24:63:
6e:07:a0:f3:b3:42:f7:a2:0e:3e:a2:c3:ac:d5:f0:
9f:49:73:13:09:16:ac:cb:45:d8:41:91:82:a3:f0:
13:71:67:a5:17:f8:ea:51:8f:a1:bd:54:ce:7d:07:
2c:94:91:74:b1:ae:a6:2a:a3:d8:d0:6d:92:c2:b3:
45:17:60:fe:8a:fd:e5:b8:ab:0a:e7:09:33:7d:51:
e2:65:d8:fb:d7:2b:9a:40:5c:7a:37:f8:52:ea:d9:
74:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BF:14:40:92:3B:20:31:70:C3:87:20:E9:2B:DF:EC:EC:94:3A:F1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D959805490AA11ED9F715F6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.104.0/22
103.110.251.0/24
103.114.64.0/24
103.140.72.0/23
103.173.14.0/23
103.177.42.0/23
103.177.180.0/23
103.179.120.0/24
103.179.224.0/23
103.181.208.0/23
103.190.97.0/24
IPv6:
2405:9540::/32
Signature Algorithm: sha256WithRSAEncryption
a7:df:00:7d:c1:54:9a:01:d1:34:d1:fb:40:d1:3b:82:46:4b:
59:22:cf:bd:dd:16:af:72:95:68:fe:e0:24:48:f6:44:3e:fa:
ef:9d:85:28:b1:dc:79:c4:e5:03:48:72:86:90:ed:4e:45:8c:
f6:80:c9:3d:68:31:6a:6f:5a:3e:5e:37:38:c6:97:4e:89:e3:
e2:30:6f:bc:61:fc:98:0c:36:a4:d3:c0:e2:dd:da:d3:86:fc:
1b:db:f1:a9:b5:c1:c0:80:0a:74:c7:c4:0a:7c:0e:1d:54:03:
f5:ee:df:7c:2f:00:5f:41:ee:c6:3c:9c:c1:ca:f5:05:e3:2b:
c1:9c:1c:98:b0:54:1c:ce:44:a2:cc:6e:43:61:eb:87:d7:05:
78:cc:92:7a:dc:40:4c:43:fd:f2:b3:56:11:44:d8:6c:12:4e:
e2:10:9f:f3:56:4d:43:4b:57:12:28:6f:06:62:1b:25:9d:0f:
c2:f7:22:fa:c3:dd:1a:4c:46:80:45:72:d5:ce:ed:3f:20:d9:
59:97:f7:d3:5b:a0:8a:27:21:71:22:b3:0b:f8:d9:b6:2b:67:
2b:50:6d:1e:7d:b4:81:58:a3:e7:c6:16:fa:ac:18:6c:43:b2:
06:d5:0f:a9:09:cb:55:3f:d3:b0:03:33:12:ca:97:fa:ff:f2:
b9:c8:ba:99
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICZ+wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNDA1MTExMTM5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJkNTc2Yi02OTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm6WBNWsiflVPk9ul7grlfypd+STdwMaBQTbK6sBIsWchgTfk33JLq1Uor+dn
A/JWKK7AdQXCKffMwmmgnQEM//El6Sz0Jc1l5jUJ8Cp+rJsdgKvkeRv30T1A2vd/
x5gI8xotuU4lzSzbBT1UFpksYqfalTgd8AAfjdVivnmBjJO64LJ0d7r6IsBpH2Ci
/L56D1s/gmJ3JaLudRtSVd6n1eQDJGNuB6Dzs0L3og4+osOs1fCfSXMTCRasy0XY
QZGCo/ATcWelF/jqUY+hvVTOfQcslJF0sa6mKqPY0G2SwrNFF2D+iv3luKsK5wkz
fVHiZdj71yuaQFx6N/hS6tl0QwIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFFa/FECS
OyAxcMOHIOkr3+zslDrxMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDk1OTgwNTQ5
MEFBMTFFRDlGNzE1RjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMEgEAgABMEIDBAJnYWgDBABnbvsDBABnckADBAFnjEgDBAFnrQ4DBAFnsSoD
BAFnsbQDBABns3gDBAFns+ADBAFntdADBABnvmEwDQQCAAIwBwMFACQFlUAwDQYJ
KoZIhvcNAQELBQADggEBAKffAH3BVJoB0TTR+0DRO4JGS1kiz73dFq9ylWj+4CRI
9kQ++u+dhSix3HnE5QNIcoaQ7U5FjPaAyT1oMWpvWj5eNzjGl06J4+Iwb7xh/JgM
NqTTwOLd2tOG/Bvb8am1wcCACnTHxAp8Dh1UA/Xu33wvAF9B7sY8nMHK9QXjK8Gc
HJiwVBzORKLMbkNh64fXBXjMknrcQExD/fKzVhFE2GwSTuIQn/NWTUNLVxIobwZi
GyWdD8L3IvrD3RpMRoBFctXO7T8g2VmX99NboIonIXEiswv42bYrZytQbR59tIFY
o+fGFvqsGGxDsgbVD6kJy1U/07ADMxLKl/r/8rnIupk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:58 2023 by rpki-client on console-fra.rpki-client.org