Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/D3C9A57E971711ED84898F0DC4F9AE02.roa
File: D3C9A57E971711ED84898F0DC4F9AE02.roa (raw, json)
Hash identifier: l6j4FuwwnoyCocO6fe0znYGtOghcxO7+aF7DhztqlSY=
Subject key identifier: 3F:E6:6D:13:FE:18:49:A4:B2:91:B7:06:A9:C5:2E:02:BD:E1:DE:F2
Certificate issuer: /CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Certificate serial: 1129
Authority key identifier: 2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/D3C9A57E971711ED84898F0DC4F9AE02.roa
Signing time: Wed 18 Jan 2023 10:06:52 +0000
ROA not before: Wed 18 Jan 2023 10:06:52 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 9902
IP address blocks: 103.23.136.0/22 maxlen: 22
103.23.136.0/24 maxlen: 24
103.23.137.0/24 maxlen: 24
103.23.138.0/24 maxlen: 24
103.23.139.0/24 maxlen: 24
103.25.92.0/24 maxlen: 24
103.25.93.0/24 maxlen: 24
103.25.94.0/24 maxlen: 24
103.25.95.0/24 maxlen: 24
103.244.248.0/22 maxlen: 22
103.244.248.0/24 maxlen: 24
103.244.249.0/24 maxlen: 24
103.244.250.0/24 maxlen: 24
103.244.251.0/24 maxlen: 24
110.235.220.0/22 maxlen: 22
110.235.220.0/24 maxlen: 24
110.235.221.0/24 maxlen: 24
110.235.222.0/24 maxlen: 24
110.235.223.0/24 maxlen: 24
123.108.248.0/21 maxlen: 21
123.108.248.0/24 maxlen: 24
123.108.249.0/24 maxlen: 24
123.108.250.0/24 maxlen: 24
123.108.251.0/24 maxlen: 24
123.108.252.0/24 maxlen: 24
123.108.253.0/24 maxlen: 24
123.108.254.0/23 maxlen: 24
124.199.112.0/20 maxlen: 20
124.199.112.0/24 maxlen: 24
124.199.113.0/24 maxlen: 24
124.199.114.0/24 maxlen: 24
124.199.115.0/24 maxlen: 24
124.199.116.0/24 maxlen: 24
124.199.117.0/24 maxlen: 24
124.199.118.0/24 maxlen: 24
124.199.119.0/24 maxlen: 24
124.199.120.0/24 maxlen: 24
124.199.121.0/24 maxlen: 24
124.199.122.0/24 maxlen: 24
124.199.123.0/24 maxlen: 24
124.199.124.0/24 maxlen: 24
124.199.125.0/24 maxlen: 24
124.199.126.0/24 maxlen: 24
124.199.127.0/24 maxlen: 24
163.53.196.0/22 maxlen: 22
163.53.196.0/24 maxlen: 24
163.53.197.0/24 maxlen: 24
163.53.198.0/24 maxlen: 24
163.53.199.0/24 maxlen: 24
202.124.32.0/24 maxlen: 24
202.124.33.0/24 maxlen: 24
202.124.34.0/24 maxlen: 24
202.124.35.0/24 maxlen: 24
202.124.36.0/24 maxlen: 24
202.124.37.0/24 maxlen: 24
202.124.38.0/24 maxlen: 24
202.124.39.0/24 maxlen: 24
202.124.40.0/24 maxlen: 24
202.124.41.0/24 maxlen: 24
202.124.42.0/24 maxlen: 24
202.124.43.0/24 maxlen: 24
202.124.44.0/24 maxlen: 24
202.124.45.0/24 maxlen: 24
202.124.46.0/24 maxlen: 24
202.124.47.0/24 maxlen: 24
203.80.160.0/21 maxlen: 21
203.80.161.0/24 maxlen: 24
203.80.162.0/24 maxlen: 24
203.80.163.0/24 maxlen: 24
203.80.164.0/24 maxlen: 24
203.80.165.0/24 maxlen: 24
203.80.166.0/24 maxlen: 24
203.80.167.0/24 maxlen: 24
203.167.16.0/22 maxlen: 24
2402:5100::/32 maxlen: 32
2402:5100::/48 maxlen: 48
2402:5100:1::/48 maxlen: 48
2402:5100:2::/48 maxlen: 48
2402:5100:3::/48 maxlen: 48
2402:5100:4::/48 maxlen: 48
2402:5100:5::/48 maxlen: 48
2402:5100:6::/47 maxlen: 47
2402:5100:8::/45 maxlen: 45
2402:5100:10::/44 maxlen: 44
2402:5100:20::/43 maxlen: 43
2402:5100:40::/42 maxlen: 42
2402:5100:80::/41 maxlen: 41
2402:5100:100::/40 maxlen: 40
2402:5100:200::/39 maxlen: 39
2402:5100:400::/38 maxlen: 38
2402:5100:800::/37 maxlen: 37
2402:5100:1000::/36 maxlen: 36
2402:5100:2000::/35 maxlen: 35
2402:5100:4000::/34 maxlen: 34
2402:5100:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4393 (0x1129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Validity
Not Before: Jan 18 10:06:52 2023 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=63c7c4bb-5441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:85:2d:e9:0a:d9:e3:e4:61:3f:7e:91:ae:ef:
09:84:f0:41:12:f0:bb:8a:20:d1:f3:9b:a7:b3:1d:
71:31:ec:aa:32:e1:5e:e0:5b:58:a2:01:53:91:6d:
59:94:1b:e1:ba:e9:a9:e9:55:89:1f:32:04:8a:d2:
a9:d1:8d:07:78:61:85:c6:48:79:cb:6a:8c:03:c6:
5f:3b:04:5b:2a:50:8b:28:2b:53:7d:cb:de:82:22:
02:a0:0b:46:42:e5:d8:37:57:7c:8f:13:bf:f9:1a:
c1:8a:5c:f6:3e:6e:01:04:0f:64:35:2b:a3:b5:df:
76:eb:d7:16:55:43:76:c4:83:0d:c5:6c:c1:fd:b3:
76:be:c3:e6:47:a2:b9:5d:8a:93:71:b5:8c:4e:cf:
48:33:74:88:13:bb:34:8c:72:af:d0:d7:26:95:60:
fb:aa:2e:61:98:e4:ce:44:58:95:74:e7:7e:1f:81:
5a:7a:00:c5:3f:91:bd:21:5d:4e:0b:02:db:bf:aa:
44:77:1a:c4:51:0f:0c:af:b3:10:b7:62:04:6d:07:
11:d9:27:d7:10:d8:7a:f8:7a:5e:f0:cf:17:ad:88:
88:8b:5a:43:81:9e:37:33:2e:49:f2:74:87:61:f2:
1f:a6:f8:17:1c:c8:2f:49:d4:2e:65:03:9a:c7:a3:
de:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E6:6D:13:FE:18:49:A4:B2:91:B7:06:A9:C5:2E:02:BD:E1:DE:F2
X509v3 Authority Key Identifier:
keyid:2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/D3C9A57E971711ED84898F0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.136.0/22
103.25.92.0/22
103.244.248.0/22
110.235.220.0/22
123.108.248.0/21
124.199.112.0/20
163.53.196.0/22
202.124.32.0/20
203.80.160.0/21
203.167.16.0/22
IPv6:
2402:5100::/32
Signature Algorithm: sha256WithRSAEncryption
33:41:7b:f2:33:a5:06:9a:f0:0c:ad:d5:d8:6d:7b:cc:0f:95:
94:05:20:0a:5e:8b:50:72:c5:80:e2:b3:1e:28:a8:b5:7c:c3:
b0:47:b4:c9:8d:d0:c0:83:10:7c:70:0d:ad:4a:a4:74:ea:64:
15:54:f9:e3:5e:47:ab:47:fc:67:dc:e5:dd:0c:b7:dc:27:2f:
ce:8b:74:f9:58:1b:71:0d:3f:68:6a:bd:04:84:3a:3f:80:0e:
2b:08:24:a5:10:1d:1e:a0:0e:1f:dd:e0:57:91:37:2e:4f:2e:
a7:75:b5:31:a3:33:24:6e:78:24:c9:72:5b:14:f9:94:e4:70:
51:9f:4b:d7:e4:5f:b6:5a:3f:92:2f:dd:ef:ef:5c:3c:46:b4:
14:39:8d:4e:38:89:f0:4a:a1:b1:fa:2b:a3:93:01:47:0d:ba:
38:34:a2:8e:0c:6b:a7:f4:e6:d2:48:70:04:4e:71:48:5b:91:
76:fd:4d:2f:58:b7:ae:e4:be:8b:86:db:c1:e5:9f:66:81:87:
bc:3d:39:ac:ca:27:22:40:9c:7f:ec:8b:13:24:ee:ee:87:ff:
3c:ba:62:b6:e0:5c:70:8f:ee:09:06:c3:c7:8e:0d:02:8a:88:
a9:ef:80:80:f3:dd:76:d0:d9:46:5a:64:cc:6c:9b:bf:92:7f:
43:53:c3:ee
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICESkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIyRTU1REU5QUM4
QzU3RkQ2NkMwHhcNMjMwMTE4MTAwNjUyWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M3YzRiYi01NDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsoUt6QrZ4+RhP36Rru8JhPBBEvC7iiDR85unsx1xMeyqMuFe4FtYogFTkW1Z
lBvhuump6VWJHzIEitKp0Y0HeGGFxkh5y2qMA8ZfOwRbKlCLKCtTfcvegiICoAtG
QuXYN1d8jxO/+RrBilz2Pm4BBA9kNSujtd9269cWVUN2xIMNxWzB/bN2vsPmR6K5
XYqTcbWMTs9IM3SIE7s0jHKv0NcmlWD7qi5hmOTORFiVdOd+H4FaegDFP5G9IV1O
CwLbv6pEdxrEUQ8Mr7MQt2IEbQcR2SfXENh6+Hpe8M8XrYiIi1pDgZ43My5J8nSH
YfIfpvgXHMgvSdQuZQOax6Pe/wIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFD/mbRP+
GEmkspG3BqnFLgK94d7yMB8GA1UdIwQYMBaAFC2iUcEaxogU9SfyLlXemsjFf9Zs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTQzNi9BQUI4MDJFOEM3
OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1JyR2lCVDFKX0l1VmQ2YXlNVl8x
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xhSlJ3UnJHaUJUMUpfSXVWZDZheU1WXzFtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE0MzYvQUFCODAyRThDNzhDMTFFOEE3NkNEOTE0QzRGOUFFMDIvRDNDOUE1N0U5
NzE3MTFFRDg0ODk4RjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAJnF4gDBAJnGVwDBAJn9PgDBAJu69wDBAN7bPgDBAR8x3AD
BAKjNcQDBATKfCADBAPLUKADBALLpxAwDQQCAAIwBwMFACQCUQAwDQYJKoZIhvcN
AQELBQADggEBADNBe/IzpQaa8Ayt1dhte8wPlZQFIApei1ByxYDisx4oqLV8w7BH
tMmN0MCDEHxwDa1KpHTqZBVU+eNeR6tH/Gfc5d0Mt9wnL86LdPlYG3ENP2hqvQSE
Oj+ADisIJKUQHR6gDh/d4FeRNy5PLqd1tTGjMyRueCTJclsU+ZTkcFGfS9fkX7Za
P5Iv3e/vXDxGtBQ5jU44ifBKobH6K6OTAUcNujg0oo4Ma6f05tJIcAROcUhbkXb9
TS9Yt67kvouG28Hln2aBh7w9OazKJyJAnH/sixMk7u6H/zy6YrbgXHCP7gkGw8eO
DQKKiKnvgIDz3XbQ2UZaZMxsm7+Sf0NTw+4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-ams.rpki-client.org