Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FB874600F61011ECBF57791EC4F9AE02.roa
File: FB874600F61011ECBF57791EC4F9AE02.roa (raw, json)
Hash identifier: sOJDBe72Q2Wm0IXQJx6PsXl1foYFzhHzEBSFJg0cLWY=
Subject key identifier: A2:AA:49:75:D1:EA:CE:BB:F7:B2:1C:7A:6F:50:22:E2:B3:72:B2:CC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 655D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FB874600F61011ECBF57791EC4F9AE02.roa
Signing time: Tue 21 Feb 2023 09:01:43 +0000
ROA not before: Tue 21 Feb 2023 09:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134033
IP address blocks: 43.241.64.0/22 maxlen: 24
43.241.120.0/22 maxlen: 24
45.117.64.0/22 maxlen: 24
103.57.132.0/22 maxlen: 24
103.172.210.0/24 maxlen: 24
103.172.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25949 (0x655d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 21 09:01:43 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63f48876-51eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:08:47:5a:50:8e:e6:f1:07:36:cb:a4:03:b3:
0f:1c:d5:3b:cc:65:4f:e5:d5:80:06:cf:5c:51:c2:
a4:6d:67:ef:96:16:15:ca:40:e3:a5:f9:52:ae:6c:
c1:bc:4c:70:19:68:36:cb:17:6b:ef:cf:1c:88:4c:
2a:df:ca:ef:27:f2:3f:16:7e:95:d4:63:a0:2a:93:
23:0e:8a:b7:42:75:5a:42:50:a9:e3:32:d3:3d:f1:
69:bf:bd:84:ac:27:69:7f:d3:c7:c7:ce:c3:e6:30:
30:bd:fe:4e:e6:38:67:f7:39:4f:f8:8b:ca:27:45:
db:9f:57:86:93:4b:cc:d6:18:9e:5c:ac:90:06:05:
36:54:6e:f4:75:24:07:a2:85:52:3e:5a:df:8a:99:
e5:45:5b:47:ed:fe:88:aa:09:56:1a:e5:5c:a0:18:
20:dd:5a:62:54:c9:f5:8a:9d:f9:8f:5d:fa:79:09:
9a:52:97:85:5f:b1:f0:b1:38:b0:2b:24:fb:a7:46:
42:1c:aa:b3:c8:f2:aa:e0:c1:f4:5d:96:fe:3f:ee:
50:45:8d:4e:c9:5b:59:61:d1:5c:13:bd:1b:37:c4:
09:fd:ed:98:46:ff:b2:e5:c0:b1:60:45:74:bb:41:
51:b1:95:2a:51:f7:65:c6:93:5b:44:68:fa:6b:94:
97:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AA:49:75:D1:EA:CE:BB:F7:B2:1C:7A:6F:50:22:E2:B3:72:B2:CC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FB874600F61011ECBF57791EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.64.0/22
43.241.120.0/22
45.117.64.0/22
103.57.132.0/22
103.172.210.0/23
Signature Algorithm: sha256WithRSAEncryption
29:42:04:d8:6d:0d:dc:d4:65:9f:85:80:e2:1e:03:af:ae:d6:
2b:38:d1:aa:1d:a4:76:da:94:47:96:8c:ca:b8:2a:aa:dd:b0:
3c:df:12:7f:4c:c0:79:3e:fa:b6:30:a0:62:ed:6b:c1:53:97:
0d:c6:02:a8:7f:00:8c:ae:a2:00:f8:05:2b:a5:29:e2:3c:ee:
4e:0a:38:c6:3d:01:44:e4:33:07:5a:d6:41:92:7a:16:c6:af:
d4:4e:11:c1:18:2b:6c:8d:c1:35:28:64:18:f9:42:a4:d7:5f:
a8:4d:69:ec:03:fd:c6:cc:4d:e7:09:00:57:f2:65:2a:ee:f0:
8e:7f:c7:a8:b0:c8:97:3f:3c:e8:f6:da:2f:82:5f:bf:80:cd:
de:37:46:ac:50:c1:d9:a7:85:5d:e5:c8:f8:09:53:1b:b5:e7:
41:fe:81:3a:9c:10:ab:8f:09:7f:3b:d0:0c:28:ad:6a:07:f8:
0b:e0:a8:62:39:4b:70:41:98:0b:38:ab:b3:20:c0:8c:45:ac:
7e:57:d9:ce:81:40:37:35:d3:6a:f1:12:a7:5e:68:a2:e2:8f:
7a:fa:ed:f5:aa:ac:ee:ca:8a:71:79:0a:1d:32:dd:4d:c2:15:
e5:8e:1a:ac:a6:5d:67:6b:77:d1:24:b3:ca:02:b2:69:1a:13:
f8:33:06:6f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICZV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjIxMDkwMTQzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Y0ODg3Ni01MWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyQhHWlCO5vEHNsukA7MPHNU7zGVP5dWABs9cUcKkbWfvlhYVykDjpflSrmzB
vExwGWg2yxdr788ciEwq38rvJ/I/Fn6V1GOgKpMjDoq3QnVaQlCp4zLTPfFpv72E
rCdpf9PHx87D5jAwvf5O5jhn9zlP+IvKJ0Xbn1eGk0vM1hieXKyQBgU2VG70dSQH
ooVSPlrfipnlRVtH7f6IqglWGuVcoBgg3VpiVMn1ip35j136eQmaUpeFX7HwsTiw
KyT7p0ZCHKqzyPKq4MH0XZb+P+5QRY1OyVtZYdFcE70bN8QJ/e2YRv+y5cCxYEV0
u0FRsZUqUfdlxpNbRGj6a5SXawIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKKqSXXR
6s6797Icem9QIuKzcrLMMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkI4NzQ2MDBG
NjEwMTFFQ0JGNTc3OTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAIr8UADBAIr8XgDBAItdUADBAJnOYQDBAFnrNIwDQYJKoZI
hvcNAQELBQADggEBAClCBNhtDdzUZZ+FgOIeA6+u1is40aodpHbalEeWjMq4Kqrd
sDzfEn9MwHk++rYwoGLta8FTlw3GAqh/AIyuogD4BSulKeI87k4KOMY9AUTkMwda
1kGSehbGr9ROEcEYK2yNwTUoZBj5QqTXX6hNaewD/cbMTecJAFfyZSru8I5/x6iw
yJc/POj22i+CX7+Azd43RqxQwdmnhV3lyPgJUxu150H+gTqcEKuPCX870AworWoH
+AvgqGI5S3BBmAs4q7MgwIxFrH5X2c6BQDc102rxEqdeaKLij3r67fWqrO7KinF5
Ch0y3U3CFeWOGqymXWdrd9Eks8oCsmkaE/gzBm8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org