Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/F37D4AD6118011EEB936341CC4F9AE02.roa
File: F37D4AD6118011EEB936341CC4F9AE02.roa (raw, json)
Hash identifier: hpCldGBR56GJhf8VFSo9Ppq8CQCDbXn5FVX+mT2hd+8=
Subject key identifier: 39:55:B3:62:93:DD:BE:68:E2:D6:68:6E:DA:96:18:7C:8B:E9:10:B9
Certificate issuer: /CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Certificate serial: 119C
Authority key identifier: 2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/F37D4AD6118011EEB936341CC4F9AE02.roa
Signing time: Tue 11 Jul 2023 06:56:01 +0000
ROA not before: Tue 11 Jul 2023 06:56:01 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 9902
IP address blocks: 103.23.136.0/22 maxlen: 22
103.23.136.0/24 maxlen: 24
103.23.137.0/24 maxlen: 24
103.23.138.0/24 maxlen: 24
103.23.139.0/24 maxlen: 24
103.25.92.0/24 maxlen: 24
103.25.93.0/24 maxlen: 24
103.25.94.0/24 maxlen: 24
103.25.95.0/24 maxlen: 24
103.244.248.0/22 maxlen: 22
103.244.248.0/24 maxlen: 24
103.244.249.0/24 maxlen: 24
103.244.250.0/24 maxlen: 24
103.244.251.0/24 maxlen: 24
110.235.220.0/22 maxlen: 22
110.235.220.0/24 maxlen: 24
110.235.221.0/24 maxlen: 24
110.235.222.0/24 maxlen: 24
110.235.223.0/24 maxlen: 24
123.108.248.0/21 maxlen: 21
123.108.248.0/24 maxlen: 24
123.108.249.0/24 maxlen: 24
123.108.250.0/24 maxlen: 24
123.108.251.0/24 maxlen: 24
123.108.252.0/24 maxlen: 24
123.108.253.0/24 maxlen: 24
123.108.254.0/23 maxlen: 24
124.199.112.0/20 maxlen: 20
124.199.112.0/24 maxlen: 24
124.199.113.0/24 maxlen: 24
124.199.114.0/24 maxlen: 24
124.199.115.0/24 maxlen: 24
124.199.116.0/24 maxlen: 24
124.199.117.0/24 maxlen: 24
124.199.118.0/24 maxlen: 24
124.199.119.0/24 maxlen: 24
124.199.120.0/24 maxlen: 24
124.199.121.0/24 maxlen: 24
124.199.122.0/24 maxlen: 24
124.199.123.0/24 maxlen: 24
124.199.124.0/24 maxlen: 24
124.199.125.0/24 maxlen: 24
124.199.126.0/24 maxlen: 24
124.199.127.0/24 maxlen: 24
163.53.196.0/22 maxlen: 22
163.53.196.0/24 maxlen: 24
163.53.197.0/24 maxlen: 24
163.53.198.0/24 maxlen: 24
163.53.199.0/24 maxlen: 24
202.124.32.0/24 maxlen: 24
202.124.33.0/24 maxlen: 24
202.124.34.0/24 maxlen: 24
202.124.35.0/24 maxlen: 24
202.124.36.0/24 maxlen: 24
202.124.37.0/24 maxlen: 24
202.124.38.0/24 maxlen: 24
202.124.39.0/24 maxlen: 24
202.124.40.0/24 maxlen: 24
202.124.41.0/24 maxlen: 24
202.124.42.0/24 maxlen: 24
202.124.43.0/24 maxlen: 24
202.124.44.0/24 maxlen: 24
202.124.45.0/24 maxlen: 24
202.124.46.0/24 maxlen: 24
202.124.47.0/24 maxlen: 24
203.80.160.0/21 maxlen: 21
203.80.161.0/24 maxlen: 24
203.80.162.0/24 maxlen: 24
203.80.163.0/24 maxlen: 24
203.80.164.0/24 maxlen: 24
203.80.165.0/24 maxlen: 24
203.80.166.0/24 maxlen: 24
203.80.167.0/24 maxlen: 24
203.167.16.0/22 maxlen: 24
2402:5100::/32 maxlen: 32
2402:5100::/48 maxlen: 48
2402:5100:1::/48 maxlen: 48
2402:5100:2::/48 maxlen: 48
2402:5100:3::/48 maxlen: 48
2402:5100:4::/48 maxlen: 48
2402:5100:5::/48 maxlen: 48
2402:5100:6::/47 maxlen: 47
2402:5100:8::/45 maxlen: 45
2402:5100:10::/44 maxlen: 44
2402:5100:20::/43 maxlen: 43
2402:5100:40::/42 maxlen: 42
2402:5100:80::/41 maxlen: 41
2402:5100:100::/40 maxlen: 40
2402:5100:200::/39 maxlen: 39
2402:5100:400::/38 maxlen: 38
2402:5100:800::/37 maxlen: 37
2402:5100:1000::/36 maxlen: 36
2402:5100:2000::/35 maxlen: 35
2402:5100:2000::/36 maxlen: 36
2402:5100:2000::/48 maxlen: 48
2402:5100:4000::/34 maxlen: 34
2402:5100:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4508 (0x119c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Validity
Not Before: Jul 11 06:56:01 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64acfd01-93dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0e:77:7a:38:ed:ff:4b:b6:aa:8d:cd:2a:47:
e2:f2:51:9c:a6:41:ca:34:c1:14:3b:73:b3:f8:20:
49:4d:eb:d1:86:cd:4f:e6:e2:c2:4e:39:25:68:07:
e9:4d:55:f0:ed:1e:60:24:60:83:97:10:d1:c9:b7:
50:d4:c4:7e:88:30:d1:94:55:2e:21:7f:7f:95:79:
1f:d7:fd:4c:2d:eb:35:2e:84:76:e2:cd:22:b5:8a:
49:be:08:9e:81:b9:57:72:1d:0f:99:03:e6:79:3d:
90:c7:b7:1f:ad:eb:4a:60:d2:9e:74:02:8e:5d:dd:
45:6c:56:26:85:33:e8:2a:1f:e3:c0:0e:88:1b:67:
d1:0e:ec:83:bc:5f:3c:e1:27:89:ca:20:f2:26:59:
f0:4f:9d:70:e0:fd:9e:2a:1d:f1:45:b4:6e:2c:64:
cd:83:0e:52:b1:2e:82:81:60:2b:17:20:93:c4:8c:
0f:9b:2c:02:2f:d0:15:f8:25:03:ed:57:73:f1:c9:
ed:64:5a:ee:84:0e:7d:0d:46:10:f2:e3:4c:66:8e:
e2:41:6d:15:2f:2f:0b:b5:04:4e:73:45:a3:2d:3c:
0d:6c:c0:76:6d:55:24:26:2d:2d:1a:ce:80:9e:d0:
ba:80:b0:e0:be:61:d0:0c:64:9c:22:9a:8f:8f:5a:
d8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:55:B3:62:93:DD:BE:68:E2:D6:68:6E:DA:96:18:7C:8B:E9:10:B9
X509v3 Authority Key Identifier:
keyid:2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/F37D4AD6118011EEB936341CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.136.0/22
103.25.92.0/22
103.244.248.0/22
110.235.220.0/22
123.108.248.0/21
124.199.112.0/20
163.53.196.0/22
202.124.32.0/20
203.80.160.0/21
203.167.16.0/22
IPv6:
2402:5100::/32
Signature Algorithm: sha256WithRSAEncryption
7d:dc:da:cb:56:ed:ae:29:66:cb:f4:ce:f6:0f:be:46:11:4e:
93:66:5c:66:86:13:ef:78:57:00:d3:5a:a6:6c:55:e7:43:ef:
8b:45:85:bc:c3:59:30:27:21:2d:9c:51:c4:b9:e5:5b:c1:46:
20:10:91:42:7a:84:fe:53:41:7c:e8:90:b4:85:d8:a4:04:96:
f2:f4:ef:96:2a:38:c5:74:47:f1:3f:7d:5f:c9:8a:cf:e9:58:
3d:7e:95:a1:3d:47:7a:57:88:94:60:16:40:a5:b9:8e:8a:fd:
26:5b:a4:10:aa:2e:0e:cf:aa:36:60:a1:0b:f5:fd:bf:6f:8b:
19:fd:63:0e:ce:f5:37:75:de:36:76:fd:e5:6e:1b:07:91:1f:
e6:8d:6e:ff:f2:48:9f:35:79:04:e2:80:8b:1f:47:8a:fa:93:
15:25:f2:b3:99:91:5a:e2:85:04:31:68:14:34:41:40:4c:1d:
f8:d3:be:a9:4a:db:3d:39:bd:c2:6e:40:77:56:b7:d1:67:b2:
c6:ba:6d:bf:2d:c4:5c:3a:92:30:c3:bd:d4:0e:74:07:e8:60:
7a:fb:a1:e3:28:e7:b5:ff:25:06:c9:3b:a6:80:c0:71:53:08:
33:77:ba:3e:7a:2b:33:28:f3:58:04:2c:27:c1:70:3d:33:d6:
11:e7:5e:c4
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICEZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIyRTU1REU5QUM4
QzU3RkQ2NkMwHhcNMjMwNzExMDY1NjAxWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFjZmQwMS05M2RjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArQ53ejjt/0u2qo3NKkfi8lGcpkHKNMEUO3Oz+CBJTevRhs1P5uLCTjklaAfp
TVXw7R5gJGCDlxDRybdQ1MR+iDDRlFUuIX9/lXkf1/1MLes1LoR24s0itYpJvgie
gblXch0PmQPmeT2Qx7cfretKYNKedAKOXd1FbFYmhTPoKh/jwA6IG2fRDuyDvF88
4SeJyiDyJlnwT51w4P2eKh3xRbRuLGTNgw5SsS6CgWArFyCTxIwPmywCL9AV+CUD
7Vdz8cntZFruhA59DUYQ8uNMZo7iQW0VLy8LtQROc0WjLTwNbMB2bVUkJi0tGs6A
ntC6gLDgvmHQDGScIpqPj1rYfQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFDlVs2KT
3b5o4tZobtqWGHyL6RC5MB8GA1UdIwQYMBaAFC2iUcEaxogU9SfyLlXemsjFf9Zs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTQzNi9BQUI4MDJFOEM3
OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1JyR2lCVDFKX0l1VmQ2YXlNVl8x
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xhSlJ3UnJHaUJUMUpfSXVWZDZheU1WXzFtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE0MzYvQUFCODAyRThDNzhDMTFFOEE3NkNEOTE0QzRGOUFFMDIvRjM3RDRBRDYx
MTgwMTFFRUI5MzYzNDFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAJnF4gDBAJnGVwDBAJn9PgDBAJu69wDBAN7bPgDBAR8x3AD
BAKjNcQDBATKfCADBAPLUKADBALLpxAwDQQCAAIwBwMFACQCUQAwDQYJKoZIhvcN
AQELBQADggEBAH3c2stW7a4pZsv0zvYPvkYRTpNmXGaGE+94VwDTWqZsVedD74tF
hbzDWTAnIS2cUcS55VvBRiAQkUJ6hP5TQXzokLSF2KQElvL075YqOMV0R/E/fV/J
is/pWD1+laE9R3pXiJRgFkCluY6K/SZbpBCqLg7PqjZgoQv1/b9vixn9Yw7O9Td1
3jZ2/eVuGweRH+aNbv/ySJ81eQTigIsfR4r6kxUl8rOZkVrihQQxaBQ0QUBMHfjT
vqlK2z05vcJuQHdWt9Fnssa6bb8txFw6kjDDvdQOdAfoYHr7oeMo57X/JQbJO6aA
wHFTCDN3uj56KzMo81gELCfBcD0z1hHnXsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org