Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/710C7BF896E211ED91732348C4F9AE02.roa
File: 710C7BF896E211ED91732348C4F9AE02.roa (raw, json)
Hash identifier: 4WQ8AAiLAz87Luuj837LZB74iwgjXyAIFG5gZL/FuFk=
Subject key identifier: A2:12:45:DE:E3:21:1C:0F:ED:51:31:D6:CC:BE:D2:94:5A:52:29:41
Certificate issuer: /CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Certificate serial: 1127
Authority key identifier: 2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/710C7BF896E211ED91732348C4F9AE02.roa
Signing time: Wed 18 Jan 2023 03:44:42 +0000
ROA not before: Wed 18 Jan 2023 03:44:42 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 9902
IP address blocks: 103.23.136.0/22 maxlen: 22
103.23.136.0/24 maxlen: 24
103.23.137.0/24 maxlen: 24
103.23.138.0/24 maxlen: 24
103.23.139.0/24 maxlen: 24
103.25.92.0/24 maxlen: 24
103.25.93.0/24 maxlen: 24
103.25.94.0/24 maxlen: 24
103.25.95.0/24 maxlen: 24
103.244.248.0/22 maxlen: 22
103.244.248.0/24 maxlen: 24
103.244.249.0/24 maxlen: 24
103.244.250.0/24 maxlen: 24
103.244.251.0/24 maxlen: 24
110.235.220.0/22 maxlen: 22
110.235.220.0/24 maxlen: 24
110.235.221.0/24 maxlen: 24
110.235.222.0/24 maxlen: 24
110.235.223.0/24 maxlen: 24
123.108.248.0/21 maxlen: 21
123.108.248.0/24 maxlen: 24
123.108.249.0/24 maxlen: 24
123.108.250.0/24 maxlen: 24
123.108.251.0/24 maxlen: 24
123.108.252.0/24 maxlen: 24
123.108.253.0/24 maxlen: 24
123.108.254.0/23 maxlen: 24
124.199.112.0/20 maxlen: 20
124.199.112.0/24 maxlen: 24
124.199.113.0/24 maxlen: 24
124.199.114.0/24 maxlen: 24
124.199.115.0/24 maxlen: 24
124.199.116.0/24 maxlen: 24
124.199.117.0/24 maxlen: 24
124.199.118.0/24 maxlen: 24
124.199.119.0/24 maxlen: 24
124.199.120.0/24 maxlen: 24
124.199.121.0/24 maxlen: 24
124.199.122.0/24 maxlen: 24
124.199.123.0/24 maxlen: 24
124.199.124.0/24 maxlen: 24
124.199.125.0/24 maxlen: 24
124.199.126.0/24 maxlen: 24
124.199.127.0/24 maxlen: 24
163.53.196.0/22 maxlen: 22
163.53.196.0/24 maxlen: 24
163.53.197.0/24 maxlen: 24
163.53.198.0/24 maxlen: 24
163.53.199.0/24 maxlen: 24
202.124.32.0/24 maxlen: 24
202.124.33.0/24 maxlen: 24
202.124.34.0/24 maxlen: 24
202.124.35.0/24 maxlen: 24
202.124.36.0/24 maxlen: 24
202.124.37.0/24 maxlen: 24
202.124.38.0/24 maxlen: 24
202.124.39.0/24 maxlen: 24
202.124.40.0/24 maxlen: 24
202.124.41.0/24 maxlen: 24
202.124.42.0/24 maxlen: 24
202.124.43.0/24 maxlen: 24
202.124.44.0/24 maxlen: 24
202.124.45.0/24 maxlen: 24
202.124.46.0/24 maxlen: 24
202.124.47.0/24 maxlen: 24
203.80.160.0/21 maxlen: 21
203.80.161.0/24 maxlen: 24
203.80.162.0/24 maxlen: 24
203.80.163.0/24 maxlen: 24
203.80.164.0/24 maxlen: 24
203.80.165.0/24 maxlen: 24
203.80.166.0/24 maxlen: 24
203.80.167.0/24 maxlen: 24
203.167.16.0/22 maxlen: 22
203.167.16.0/24 maxlen: 24
203.167.17.0/24 maxlen: 24
203.167.18.0/23 maxlen: 24
2402:5100::/32 maxlen: 32
2402:5100::/48 maxlen: 48
2402:5100:1::/48 maxlen: 48
2402:5100:2::/48 maxlen: 48
2402:5100:3::/48 maxlen: 48
2402:5100:4::/48 maxlen: 48
2402:5100:5::/48 maxlen: 48
2402:5100:6::/47 maxlen: 47
2402:5100:8::/45 maxlen: 45
2402:5100:10::/44 maxlen: 44
2402:5100:20::/43 maxlen: 43
2402:5100:40::/42 maxlen: 42
2402:5100:80::/41 maxlen: 41
2402:5100:100::/40 maxlen: 40
2402:5100:200::/39 maxlen: 39
2402:5100:400::/38 maxlen: 38
2402:5100:800::/37 maxlen: 37
2402:5100:1000::/36 maxlen: 36
2402:5100:2000::/35 maxlen: 35
2402:5100:4000::/34 maxlen: 34
2402:5100:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4391 (0x1127)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Validity
Not Before: Jan 18 03:44:42 2023 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63c76b2a-140c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:9d:04:28:c1:bd:b2:c4:51:2d:5e:13:86:
ad:e0:e1:17:67:17:b8:85:67:1e:ba:98:d7:a6:f1:
50:5d:26:8b:85:94:5d:5c:75:a6:3f:e1:87:8b:6e:
61:b4:9a:08:00:f6:58:99:3d:63:6a:61:00:fc:87:
64:b9:5e:9c:83:c1:ad:d3:a3:be:d4:ee:25:db:d2:
54:1d:b5:a7:35:9c:64:1a:fb:54:f8:25:a0:9d:51:
64:da:70:8b:f3:54:61:9d:b9:cf:e1:51:b1:b4:85:
50:c5:fa:bd:11:97:8e:ac:e6:13:a6:77:36:78:c8:
a8:ff:8f:2b:6c:5a:c9:00:b8:29:ca:c7:eb:23:6e:
11:a4:cf:ab:fd:38:73:88:fd:a1:e1:09:cf:62:8f:
fe:3b:7c:a7:24:98:70:b3:62:11:80:a2:bd:ea:99:
39:07:23:b7:26:be:1a:b5:e3:1e:4e:94:b6:23:bb:
44:51:ba:b2:9c:4d:59:7c:6b:85:29:71:29:66:f5:
c1:ed:60:59:72:28:38:33:fa:f7:9d:de:19:dc:be:
c4:a7:37:6b:4c:32:0c:c3:9b:e8:ad:7d:df:33:db:
33:8c:58:dd:87:98:49:b5:44:8c:38:28:c2:16:65:
5a:0c:8d:5b:e4:2d:94:47:94:6c:82:b2:3b:6d:6a:
45:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:12:45:DE:E3:21:1C:0F:ED:51:31:D6:CC:BE:D2:94:5A:52:29:41
X509v3 Authority Key Identifier:
keyid:2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/710C7BF896E211ED91732348C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.136.0/22
103.25.92.0/22
103.244.248.0/22
110.235.220.0/22
123.108.248.0/21
124.199.112.0/20
163.53.196.0/22
202.124.32.0/20
203.80.160.0/21
203.167.16.0/22
IPv6:
2402:5100::/32
Signature Algorithm: sha256WithRSAEncryption
3d:a3:dd:63:58:d5:9d:08:a4:ef:2b:f6:17:52:ce:aa:55:98:
c3:ec:6c:11:02:c9:91:cb:a6:48:66:5f:1e:cc:03:17:d4:3e:
12:2a:7f:cf:c9:a7:fe:2b:17:7c:02:09:56:f9:0a:fe:40:6a:
ae:c0:b8:c7:88:dd:54:b4:d9:d9:e7:23:8f:b0:78:d4:76:ce:
36:7d:33:28:c3:14:21:fd:67:69:de:7e:ea:6d:36:e5:c5:5f:
4a:a6:3a:d0:03:2d:4f:1d:02:4c:fc:40:69:5b:24:90:3d:b0:
de:ad:b9:6e:c3:ae:f9:e0:5a:7f:c2:b7:d8:ca:84:cb:2f:0c:
28:c5:ff:43:8f:4a:4b:5e:db:01:a7:19:4d:35:ea:39:12:02:
d3:4f:b5:78:d0:07:58:a7:69:6d:92:e4:31:e3:5c:3b:8f:6d:
0e:41:f4:5c:c9:76:9c:2d:f2:5b:71:6f:33:b6:3b:cf:99:3d:
90:02:13:cc:ad:a9:77:c0:e3:b0:41:67:26:7a:a3:10:e2:07:
63:3e:a0:bd:6f:f8:8d:de:0d:94:28:f9:4b:fd:a0:be:b5:7c:
54:bf:97:06:cf:8f:d7:64:d7:bd:f5:d3:4e:e4:a4:8a:03:16:
2e:44:5b:8b:4b:04:54:04:e9:1d:d7:36:37:76:d9:e9:06:ef:
5f:f9:3c:7d
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICEScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIyRTU1REU5QUM4
QzU3RkQ2NkMwHhcNMjMwMTE4MDM0NDQyWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M3NmIyYS0xNDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs8SdBCjBvbLEUS1eE4at4OEXZxe4hWceupjXpvFQXSaLhZRdXHWmP+GHi25h
tJoIAPZYmT1jamEA/IdkuV6cg8Gt06O+1O4l29JUHbWnNZxkGvtU+CWgnVFk2nCL
81RhnbnP4VGxtIVQxfq9EZeOrOYTpnc2eMio/48rbFrJALgpysfrI24RpM+r/Thz
iP2h4QnPYo/+O3ynJJhws2IRgKK96pk5ByO3Jr4ateMeTpS2I7tEUbqynE1ZfGuF
KXEpZvXB7WBZcig4M/r3nd4Z3L7EpzdrTDIMw5vorX3fM9szjFjdh5hJtUSMOCjC
FmVaDI1b5C2UR5RsgrI7bWpFmwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFKISRd7j
IRwP7VEx1sy+0pRaUilBMB8GA1UdIwQYMBaAFC2iUcEaxogU9SfyLlXemsjFf9Zs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTQzNi9BQUI4MDJFOEM3
OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1JyR2lCVDFKX0l1VmQ2YXlNVl8x
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xhSlJ3UnJHaUJUMUpfSXVWZDZheU1WXzFtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE0MzYvQUFCODAyRThDNzhDMTFFOEE3NkNEOTE0QzRGOUFFMDIvNzEwQzdCRjg5
NkUyMTFFRDkxNzMyMzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAJnF4gDBAJnGVwDBAJn9PgDBAJu69wDBAN7bPgDBAR8x3AD
BAKjNcQDBATKfCADBAPLUKADBALLpxAwDQQCAAIwBwMFACQCUQAwDQYJKoZIhvcN
AQELBQADggEBAD2j3WNY1Z0IpO8r9hdSzqpVmMPsbBECyZHLpkhmXx7MAxfUPhIq
f8/Jp/4rF3wCCVb5Cv5Aaq7AuMeI3VS02dnnI4+weNR2zjZ9MyjDFCH9Z2nefupt
NuXFX0qmOtADLU8dAkz8QGlbJJA9sN6tuW7DrvngWn/Ct9jKhMsvDCjF/0OPSkte
2wGnGU016jkSAtNPtXjQB1inaW2S5DHjXDuPbQ5B9FzJdpwt8ltxbzO2O8+ZPZAC
E8ytqXfA47BBZyZ6oxDiB2M+oL1v+I3eDZQo+Uv9oL61fFS/lwbPj9dk1731007k
pIoDFi5EW4tLBFQE6R3XNjd22ekG71/5PH0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org