Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E412BBB0F22511EC88BA5369C4F9AE02.roa
File: E412BBB0F22511EC88BA5369C4F9AE02.roa (raw, json)
Hash identifier: ZHatdZFdnA7pQEy0XQRlUGL4QmGcK6BWZgKPAFc8Mmo=
Subject key identifier: 4C:46:42:6F:AF:73:DD:2B:CD:AD:C4:DB:D8:32:9B:50:C2:3D:14:22
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5D68
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E412BBB0F22511EC88BA5369C4F9AE02.roa
Signing time: Mon 19 Sep 2022 09:51:40 +0000
ROA not before: Mon 19 Sep 2022 09:51:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45804
IP address blocks: 43.239.80.0/22 maxlen: 24
43.251.168.0/22 maxlen: 24
43.251.172.0/22 maxlen: 24
43.251.176.0/22 maxlen: 24
45.116.188.0/22 maxlen: 24
45.123.216.0/22 maxlen: 24
45.248.56.0/22 maxlen: 24
103.27.140.0/22 maxlen: 24
103.56.236.0/22 maxlen: 24
103.59.88.0/24 maxlen: 24
103.60.219.0/24 maxlen: 24
103.76.80.0/22 maxlen: 24
103.93.100.0/22 maxlen: 24
103.170.8.0/24 maxlen: 24
103.192.60.0/22 maxlen: 24
103.193.88.0/22 maxlen: 24
103.205.163.0/24 maxlen: 24
103.216.204.0/22 maxlen: 24
103.234.93.0/24 maxlen: 24
103.244.240.0/22 maxlen: 24
103.244.244.0/24 maxlen: 24
103.245.2.0/24 maxlen: 24
103.245.20.0/24 maxlen: 24
103.251.80.0/22 maxlen: 24
114.29.224.0/22 maxlen: 24
139.5.140.0/24 maxlen: 24
139.5.141.0/24 maxlen: 24
139.5.142.0/24 maxlen: 24
139.5.143.0/24 maxlen: 24
150.129.108.0/22 maxlen: 24
150.129.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23912 (0x5d68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 19 09:51:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63283bac-0f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:59:2b:eb:b4:54:86:79:bf:b5:6e:18:7f:6d:
55:a8:1e:e1:bf:20:86:61:f7:1f:4a:87:76:0d:cd:
82:b8:a8:73:ae:e4:46:0c:e8:80:e4:21:14:8a:91:
98:b7:ce:f0:17:2c:6e:16:02:6c:f5:10:d2:82:57:
4a:1f:57:ad:26:a8:e9:9b:54:cc:dc:24:ac:0e:b3:
3f:1d:e1:fc:f1:46:bb:58:96:14:32:19:eb:1a:a4:
68:90:21:8e:03:6f:80:7d:65:07:f0:6c:62:2b:ad:
a2:72:90:87:ec:f2:57:de:91:5c:d8:1d:9c:07:1f:
de:5c:77:ae:33:bd:ef:1c:26:6a:ae:57:1f:0f:99:
a5:04:6c:2f:4a:20:ec:ca:d3:fe:fe:86:c5:3d:40:
32:24:0c:d3:1c:c7:9a:2f:7a:e7:1e:01:ca:23:e5:
2f:ed:3d:ad:e2:64:8b:b4:0b:72:a4:a5:38:72:97:
a5:fc:4d:cb:33:68:2c:a6:57:de:fe:2d:7c:11:07:
f6:97:47:7f:b9:49:81:cd:5d:10:72:b6:35:de:ba:
e7:00:ce:75:20:0c:ef:40:d9:6a:f4:61:9c:77:b4:
fd:da:58:f3:17:91:0f:e2:99:fd:44:6c:1d:5e:eb:
e8:a3:6e:a0:09:05:5d:c5:df:6c:7c:68:78:fe:2e:
3d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:46:42:6F:AF:73:DD:2B:CD:AD:C4:DB:D8:32:9B:50:C2:3D:14:22
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E412BBB0F22511EC88BA5369C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.80.0/22
43.251.168.0-43.251.179.255
45.116.188.0/22
45.123.216.0/22
45.248.56.0/22
103.27.140.0/22
103.56.236.0/22
103.59.88.0/24
103.60.219.0/24
103.76.80.0/22
103.93.100.0/22
103.170.8.0/24
103.192.60.0/22
103.193.88.0/22
103.205.163.0/24
103.216.204.0/22
103.234.93.0/24
103.244.240.0-103.244.244.255
103.245.2.0/24
103.245.20.0/24
103.251.80.0/22
114.29.224.0/22
139.5.140.0/22
150.129.108.0/22
150.129.132.0/22
Signature Algorithm: sha256WithRSAEncryption
40:9d:68:61:43:2a:1a:6b:c6:a7:fe:27:61:a0:82:61:0b:d3:
f1:bd:fc:b8:2f:e6:14:9a:bc:9a:1a:88:39:d7:37:ef:c4:43:
12:44:d4:1c:5c:b7:b2:23:1c:d7:a9:6f:87:83:f0:46:0d:1a:
03:90:0f:db:95:2f:c8:c8:3c:e9:be:f4:89:b0:b6:41:d2:19:
25:82:d1:38:1b:e9:48:2b:0a:9b:17:f3:d1:2c:49:3f:16:5d:
2e:b8:01:e8:3c:e0:b6:ea:3a:c4:76:3b:d9:f7:ca:e3:ff:a5:
b8:bf:5f:1d:2d:f3:70:df:07:c3:58:d5:ac:83:ab:a5:df:24:
9b:32:a2:76:88:75:e4:e4:ec:82:fa:51:ae:04:cf:f2:97:2a:
a9:e7:1b:e2:3b:35:12:fe:8b:48:b7:8c:95:4e:85:1c:77:e3:
be:fe:49:cf:27:ef:b7:a5:1b:87:4b:8c:70:2b:68:7b:57:fb:
7c:0a:60:c3:f8:22:6a:1f:7a:19:f3:93:0b:44:4e:e2:73:6b:
ac:30:d0:34:d2:45:f7:e3:53:da:82:b8:22:de:e4:5d:55:5e:
d4:db:e4:7a:6b:9d:43:d9:db:1c:ad:e6:93:9f:78:c3:39:9c:
cc:0e:67:66:c7:22:fd:95:db:70:da:2e:71:79:31:47:66:6f:
63:7b:99:58
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICXWgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwOTE5MDk1MTQwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzI4M2JhYy0wZjUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnFkr67RUhnm/tW4Yf21VqB7hvyCGYfcfSod2Dc2CuKhzruRGDOiA5CEUipGY
t87wFyxuFgJs9RDSgldKH1etJqjpm1TM3CSsDrM/HeH88Ua7WJYUMhnrGqRokCGO
A2+AfWUH8GxiK62icpCH7PJX3pFc2B2cBx/eXHeuM73vHCZqrlcfD5mlBGwvSiDs
ytP+/obFPUAyJAzTHMeaL3rnHgHKI+Uv7T2t4mSLtAtypKU4cpel/E3LM2gsplfe
/i18EQf2l0d/uUmBzV0QcrY13rrnAM51IAzvQNlq9GGcd7T92ljzF5EP4pn9RGwd
Xuvoo26gCQVdxd9sfGh4/i49AwIDAQABo4IDOjCCAzYwHQYDVR0OBBYEFExGQm+v
c90rza3E29gym1DCPRQiMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTQxMkJCQjBG
MjI1MTFFQzg4QkE1MzY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcMGCCsGAQUFBwEHAQH/
BIGzMIGwMIGtBAIAATCBpgMEAivvUDAMAwQDK/uoAwQCK/uwAwQCLXS8AwQCLXvY
AwQCLfg4AwQCZxuMAwQCZzjsAwQAZztYAwQAZzzbAwQCZ0xQAwQCZ11kAwQAZ6oI
AwQCZ8A8AwQCZ8FYAwQAZ82jAwQCZ9jMAwQAZ+pdMAwDBARn9PADBABn9PQDBABn
9QIDBABn9RQDBAJn+1ADBAJyHeADBAKLBYwDBAKWgWwDBAKWgYQwDQYJKoZIhvcN
AQELBQADggEBAECdaGFDKhprxqf+J2GggmEL0/G9/Lgv5hSavJoaiDnXN+/EQxJE
1Bxct7IjHNepb4eD8EYNGgOQD9uVL8jIPOm+9ImwtkHSGSWC0Tgb6UgrCpsX89Es
ST8WXS64Aeg84LbqOsR2O9n3yuP/pbi/Xx0t83DfB8NY1ayDq6XfJJsyonaIdeTk
7IL6Ua4Ez/KXKqnnG+I7NRL+i0i3jJVOhRx3477+Sc8n77elG4dLjHAraHtX+3wK
YMP4ImofehnzkwtETuJza6ww0DTSRffjU9qCuCLe5F1VXtTb5HprnUPZ2xyt5pOf
eMM5nMwOZ2bHIv2V23DaLnF5MUdmb2N7mVg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:58 2023 by rpki-client on console-fra.rpki-client.org