Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F85E109872A511EBB6AF9557C4F9AE02.roa
File: F85E109872A511EBB6AF9557C4F9AE02.roa (raw, json)
Hash identifier: ve1HCOgVtx/u49VelXcYxVUMtJ9zrF1V1Mvo8dGrOJk=
Subject key identifier: BE:A5:96:9F:57:1D:87:67:CA:44:B2:4F:03:6D:5C:4A:A9:4D:EF:42
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 343F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F85E109872A511EBB6AF9557C4F9AE02.roa
Signing time: Tue 25 May 2021 16:22:11 +0000
ROA not before: Tue 25 May 2021 16:22:11 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 45954
IP address blocks: 43.254.176.0/22 maxlen: 24
103.7.80.0/22 maxlen: 24
103.235.68.0/24 maxlen: 24
103.235.69.0/24 maxlen: 24
103.235.70.0/24 maxlen: 24
103.235.71.0/24 maxlen: 24
103.241.20.0/22 maxlen: 24
150.107.100.0/22 maxlen: 24
180.150.240.0/22 maxlen: 24
223.255.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13375 (0x343f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 25 16:22:11 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60ad2432-d399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d0:4b:f9:4b:38:27:ff:02:8b:84:4b:79:2e:
b0:89:87:73:07:78:66:a5:ec:d0:e7:a7:ce:ce:fd:
78:2a:aa:2a:d2:f4:71:38:3a:6c:f1:67:24:10:c9:
c3:56:b2:4b:8e:29:53:da:56:c0:62:ac:ee:94:ad:
87:ce:16:ec:2e:2e:aa:c3:b5:dd:35:43:5a:7e:51:
26:4a:1d:d6:9b:f8:56:c4:60:62:02:b5:49:f3:63:
30:35:05:47:1a:3e:2b:99:5b:74:4a:0b:e6:95:6a:
65:6d:93:6d:61:12:2e:7b:71:10:02:26:92:24:20:
67:14:ec:f0:75:ba:c5:57:b1:31:99:68:5b:c4:20:
97:b4:48:49:24:5a:e3:a3:e8:00:54:be:dc:e7:a4:
92:85:44:6b:45:93:bd:67:3f:10:1d:e9:a1:f4:25:
65:f0:b8:86:68:c8:b1:53:31:0d:d3:cf:d6:a4:33:
df:9b:e1:33:9f:97:8c:45:2e:e4:67:3f:87:e1:01:
69:56:1f:e9:bb:b3:04:fb:56:34:96:19:2d:b5:a6:
1d:b5:1f:cb:b9:29:33:a0:64:dc:f8:ba:ea:03:c2:
2c:5b:05:9f:32:e1:83:19:06:c2:e3:95:3c:a3:47:
a2:af:de:38:24:2d:c4:88:76:50:89:59:1f:6c:64:
8e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A5:96:9F:57:1D:87:67:CA:44:B2:4F:03:6D:5C:4A:A9:4D:EF:42
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F85E109872A511EBB6AF9557C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.176.0/22
103.7.80.0/22
103.235.68.0/22
103.241.20.0/22
150.107.100.0/22
180.150.240.0/22
223.255.244.0/22
Signature Algorithm: sha256WithRSAEncryption
79:f5:e2:6c:3b:d0:09:60:88:31:d0:e5:5f:54:29:97:fe:bd:
c5:74:c3:df:b7:06:e2:9f:f3:ee:07:b0:e8:d2:55:a8:69:04:
b7:80:6e:a6:dc:bb:a4:2c:f1:6a:14:d9:f3:38:01:3e:45:4f:
2a:98:10:57:b9:fd:7c:e9:98:ce:0f:5e:11:e1:d0:2b:e1:c3:
f6:b7:68:69:76:a6:d1:ae:62:28:8e:fd:f2:77:64:c6:e1:16:
65:d0:8f:86:00:e5:68:f0:6b:03:cc:49:3c:fa:d4:c4:eb:f8:
92:9b:8f:79:80:e1:65:a5:cb:8a:d4:b4:f3:82:58:7a:6d:98:
17:02:84:99:5c:4f:06:4b:49:dd:e6:7b:d7:1e:e9:68:b6:63:
26:73:9c:a3:07:33:a3:3b:09:92:e0:53:06:83:80:79:ec:b5:
3f:f2:e2:d9:d4:a5:e8:bf:59:ce:04:34:2a:58:ca:af:00:d3:
32:02:3e:4a:5f:63:a4:88:0a:25:68:30:ba:4d:60:89:41:1c:
e6:30:ae:1f:f6:7f:c8:b9:e9:a6:28:eb:63:22:48:0a:5e:61:
4d:3e:aa:20:db:38:8f:85:7a:2f:12:c1:6f:e9:8e:7b:59:85:
26:29:5c:5f:26:a4:2b:ca:a9:ff:73:77:d6:a3:df:14:9b:d1:
c7:d7:5c:f2
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICND8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjEwNTI1MTYyMjExWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGFkMjQzMi1kMzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwNBL+Us4J/8Ci4RLeS6wiYdzB3hmpezQ56fOzv14Kqoq0vRxODps8WckEMnD
VrJLjilT2lbAYqzulK2HzhbsLi6qw7XdNUNaflEmSh3Wm/hWxGBiArVJ82MwNQVH
Gj4rmVt0SgvmlWplbZNtYRIue3EQAiaSJCBnFOzwdbrFV7ExmWhbxCCXtEhJJFrj
o+gAVL7c56SShURrRZO9Zz8QHemh9CVl8LiGaMixUzEN08/WpDPfm+Ezn5eMRS7k
Zz+H4QFpVh/pu7ME+1Y0lhkttaYdtR/LuSkzoGTc+LrqA8IsWwWfMuGDGQbC45U8
o0eir944JC3EiHZQiVkfbGSO3wIDAQABo4ICuTCCArUwHQYDVR0OBBYEFL6llp9X
HYdnykSyTwNtXEqpTe9CMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjg1RTEwOTg3
MkE1MTFFQkI2QUY5NTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAIr/rADBAJnB1ADBAJn60QDBAJn8RQDBAKWa2QDBAK0lvAD
BALf//QwDQYJKoZIhvcNAQELBQADggEBAHn14mw70AlgiDHQ5V9UKZf+vcV0w9+3
BuKf8+4HsOjSVahpBLeAbqbcu6Qs8WoU2fM4AT5FTyqYEFe5/XzpmM4PXhHh0Cvh
w/a3aGl2ptGuYiiO/fJ3ZMbhFmXQj4YA5WjwawPMSTz61MTr+JKbj3mA4WWly4rU
tPOCWHptmBcChJlcTwZLSd3me9ce6Wi2YyZznKMHM6M7CZLgUwaDgHnstT/y4tnU
pei/Wc4ENCpYyq8A0zICPkpfY6SICiVoMLpNYIlBHOYwrh/2f8i56aYo62MiSApe
YU0+qiDbOI+Fei8SwW/pjntZhSYpXF8mpCvKqf9zd9aj3xSb0cfXXPI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org