Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/D0B435BC062111EC9C63DF45C4F9AE02.roa
File: D0B435BC062111EC9C63DF45C4F9AE02.roa (raw, json)
Hash identifier: CH5F2GClG/cDIs8gCp5CsBvkqVtWkq2FMW2E578GKEw=
Subject key identifier: 6E:99:25:42:24:38:38:A1:9F:F5:74:DE:D8:E5:EC:6A:44:49:DB:61
Certificate issuer: /CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Certificate serial: 068B
Authority key identifier: 53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/D0B435BC062111EC9C63DF45C4F9AE02.roa
Signing time: Fri 29 Jul 2022 10:29:15 +0000
ROA not before: Fri 29 Jul 2022 10:29:15 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 17924
IP address blocks: 45.64.240.0/22 maxlen: 24
49.130.0.0/15 maxlen: 15
49.130.0.0/17 maxlen: 18
49.130.128.0/24 maxlen: 24
49.130.129.0/24 maxlen: 24
49.130.130.0/24 maxlen: 24
49.130.131.0/24 maxlen: 24
49.130.192.0/18 maxlen: 18
49.131.0.0/17 maxlen: 18
103.1.16.0/22 maxlen: 22
121.202.0.0/15 maxlen: 15
121.202.0.0/18 maxlen: 18
121.202.64.0/19 maxlen: 19
121.202.96.0/20 maxlen: 20
121.202.124.0/24 maxlen: 24
121.202.126.0/24 maxlen: 24
121.202.127.0/24 maxlen: 24
121.202.131.0/24 maxlen: 24
121.202.132.0/24 maxlen: 24
121.202.137.0/24 maxlen: 24
121.202.142.0/24 maxlen: 24
121.202.150.0/24 maxlen: 24
121.202.160.0/19 maxlen: 19
121.202.232.0/22 maxlen: 22
121.202.236.0/22 maxlen: 22
121.202.251.0/24 maxlen: 24
121.202.252.0/24 maxlen: 24
121.202.253.0/24 maxlen: 24
121.202.254.0/24 maxlen: 24
121.203.0.0/20 maxlen: 20
121.203.16.0/20 maxlen: 20
121.203.32.0/20 maxlen: 20
121.203.48.0/20 maxlen: 20
121.203.64.0/18 maxlen: 18
121.203.64.0/21 maxlen: 21
121.203.72.0/21 maxlen: 21
121.203.80.0/21 maxlen: 21
121.203.88.0/21 maxlen: 21
121.203.96.0/21 maxlen: 21
121.203.104.0/21 maxlen: 21
121.203.112.0/21 maxlen: 21
121.203.120.0/21 maxlen: 21
121.203.128.0/18 maxlen: 18
121.203.192.0/19 maxlen: 19
121.203.224.0/20 maxlen: 20
121.203.240.0/21 maxlen: 21
121.203.248.0/21 maxlen: 21
180.219.0.0/16 maxlen: 16
180.219.0.0/20 maxlen: 20
180.219.16.0/20 maxlen: 20
180.219.32.0/20 maxlen: 20
180.219.48.0/20 maxlen: 20
180.219.64.0/20 maxlen: 20
180.219.80.0/20 maxlen: 20
180.219.96.0/20 maxlen: 20
180.219.112.0/20 maxlen: 20
180.219.128.0/20 maxlen: 20
180.219.144.0/20 maxlen: 20
180.219.160.0/20 maxlen: 20
180.219.176.0/20 maxlen: 20
180.219.192.0/19 maxlen: 19
180.219.192.0/20 maxlen: 20
180.219.224.0/19 maxlen: 19
182.152.0.0/15 maxlen: 15
182.152.0.0/17 maxlen: 17
182.152.128.0/17 maxlen: 17
182.152.128.0/21 maxlen: 21
182.152.136.0/21 maxlen: 21
182.152.144.0/21 maxlen: 21
182.152.152.0/21 maxlen: 21
182.152.160.0/21 maxlen: 21
182.152.168.0/21 maxlen: 21
182.152.176.0/21 maxlen: 21
182.152.184.0/21 maxlen: 21
182.152.192.0/21 maxlen: 21
182.152.200.0/21 maxlen: 21
182.152.208.0/21 maxlen: 21
182.152.216.0/21 maxlen: 21
182.152.224.0/21 maxlen: 21
182.152.232.0/21 maxlen: 21
182.152.240.0/21 maxlen: 21
182.152.248.0/21 maxlen: 21
182.153.0.0/18 maxlen: 19
182.153.64.0/19 maxlen: 19
182.153.128.0/19 maxlen: 19
182.153.192.0/19 maxlen: 19
182.153.224.0/19 maxlen: 19
182.153.248.0/21 maxlen: 21
203.78.32.0/21 maxlen: 21
203.78.32.0/24 maxlen: 24
203.78.36.0/24 maxlen: 24
203.78.37.0/24 maxlen: 24
203.78.40.0/22 maxlen: 22
203.78.40.0/24 maxlen: 24
203.78.41.0/24 maxlen: 24
203.78.42.0/24 maxlen: 24
2407:b400::/32 maxlen: 32
2407:b400:31:11::/64 maxlen: 64
2407:b400:51:3::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1675 (0x68b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Validity
Not Before: Jul 29 10:29:15 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62e3b67a-c2bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f2:55:63:23:18:42:84:8c:5f:03:5f:a9:24:
09:8f:81:83:92:eb:4e:80:b2:c6:b3:b1:6a:93:cb:
58:0e:89:07:27:2d:b7:91:15:31:47:93:b5:3a:5e:
2f:e4:1c:eb:11:4c:9e:0f:a6:18:de:66:93:55:3f:
dd:47:16:a1:73:e3:74:fc:76:62:24:21:0a:a7:43:
e1:a5:0f:4f:58:7a:f7:d9:61:ec:3d:71:f9:bc:ae:
0c:8c:de:d3:58:80:88:b6:f5:5a:c8:e0:3f:78:ff:
04:b9:98:5e:61:b3:79:85:94:ae:3a:8a:91:89:5d:
cf:44:b5:74:68:99:b4:52:43:68:88:0c:2f:54:65:
23:fc:03:ee:90:1f:37:37:61:bc:0f:60:cc:0f:33:
42:fe:c8:4c:82:0d:96:55:26:0e:a5:cb:27:c1:92:
64:8c:b1:8c:72:34:f5:c1:51:90:f9:0d:03:00:c7:
da:be:6a:87:37:69:03:ae:4e:96:da:2f:e0:48:38:
50:1b:4e:e5:49:51:0e:1f:96:e9:0c:13:a2:c9:45:
f7:28:d1:47:ee:9f:b9:fb:a5:ae:57:78:1d:ea:7c:
8d:76:94:11:af:24:80:2c:b4:b2:9d:3c:36:f7:f5:
20:9d:97:0e:03:d1:8e:f8:5a:0b:d9:d8:96:47:78:
f4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:99:25:42:24:38:38:A1:9F:F5:74:DE:D8:E5:EC:6A:44:49:DB:61
X509v3 Authority Key Identifier:
keyid:53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/D0B435BC062111EC9C63DF45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.240.0/22
49.130.0.0/15
103.1.16.0/22
121.202.0.0/15
180.219.0.0/16
182.152.0.0/15
203.78.32.0-203.78.43.255
IPv6:
2407:b400::/32
Signature Algorithm: sha256WithRSAEncryption
c5:92:65:58:d3:52:3f:c9:7d:59:9f:eb:fc:88:08:33:1c:2a:
88:9f:c1:bf:45:e4:4f:00:f4:56:31:76:a7:cb:43:b5:25:92:
5e:47:59:8b:6c:7d:52:e3:76:f8:b4:67:72:f8:57:9c:38:5d:
4d:dc:85:b5:27:37:0d:f8:d7:7c:4b:1f:3c:32:3a:ba:f4:f7:
4d:eb:d4:5b:e9:06:77:78:d5:bc:85:1e:da:2a:a9:d4:92:3c:
3c:14:a1:23:5e:ba:c5:49:5a:bd:ff:87:8f:46:e4:d6:b1:a8:
50:5a:06:f0:d6:1d:a7:28:2b:49:35:84:24:09:08:c8:26:aa:
a7:f1:2c:05:9d:0a:f3:92:2f:32:4f:59:fc:af:72:2a:03:e5:
fe:44:4d:2f:03:72:a5:f1:ec:e4:b9:94:37:e7:5e:1f:39:70:
fe:6a:8e:3f:4a:64:c5:af:9b:c3:17:77:9b:91:08:df:7e:5b:
10:62:5b:a0:93:53:1f:8e:07:55:4d:0e:9c:b1:94:fd:84:09:
c4:3f:9e:b4:28:de:2c:09:e1:f7:98:56:43:7b:8c:bb:3e:54:
7d:e0:c6:b7:0a:8f:40:b1:1f:36:5c:86:31:d9:eb:c9:00:17:
fe:ec:cb:b5:c0:df:77:36:11:b7:93:ee:7b:7e:96:f5:f1:8e:
c1:cf:ce:91
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICBoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUUxQUUxMTAvBgNVBAUTKDUzQkRFMjZEODI1RjY3N0Y5QUM0Mjg2RjlBNjc2NjFG
NUM0OUI1NjkwHhcNMjIwNzI5MTAyOTE1WhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmUzYjY3YS1jMmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo/JVYyMYQoSMXwNfqSQJj4GDkutOgLLGs7Fqk8tYDokHJy23kRUxR5O1Ol4v
5BzrEUyeD6YY3maTVT/dRxahc+N0/HZiJCEKp0PhpQ9PWHr32WHsPXH5vK4MjN7T
WICItvVayOA/eP8EuZheYbN5hZSuOoqRiV3PRLV0aJm0UkNoiAwvVGUj/APukB83
N2G8D2DMDzNC/shMgg2WVSYOpcsnwZJkjLGMcjT1wVGQ+Q0DAMfavmqHN2kDrk6W
2i/gSDhQG07lSVEOH5bpDBOiyUX3KNFH7p+5+6WuV3gd6nyNdpQRrySALLSynTw2
9/UgnZcOA9GO+FoL2diWR3j0QwIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFG6ZJUIk
ODihn/V03tjl7GpESdthMB8GA1UdIwQYMBaAFFO94m2CX2d/msQob5pnZh9cSbVp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTFBRS9CNDBCQjFCOEIx
MkUxMUVBOUE5NUI1NkFDNEY5QUUwMi9VNzNpYllKZlozLWF4Q2h2bW1kbUgxeEp0
V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3M2liWUpmWjMtYXhDaHZtbWRtSDF4SnRXay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUUxQUUvQjQwQkIxQjhCMTJFMTFFQTlBOTVCNTZBQzRGOUFFMDIvRDBCNDM1QkMw
NjIxMTFFQzlDNjNERjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMDQEAgABMC4DBAItQPADAwExggMEAmcBEAMDAXnKAwMAtNsDAwG2mDAMAwQF
y04gAwQCy04oMA0EAgACMAcDBQAkB7QAMA0GCSqGSIb3DQEBCwUAA4IBAQDFkmVY
01I/yX1Zn+v8iAgzHCqIn8G/ReRPAPRWMXany0O1JZJeR1mLbH1S43b4tGdy+Fec
OF1N3IW1JzcN+Nd8Sx88Mjq69PdN69Rb6QZ3eNW8hR7aKqnUkjw8FKEjXrrFSVq9
/4ePRuTWsahQWgbw1h2nKCtJNYQkCQjIJqqn8SwFnQrzki8yT1n8r3IqA+X+RE0v
A3Kl8ezkuZQ3514fOXD+ao4/SmTFr5vDF3ebkQjfflsQYlugk1MfjgdVTQ6csZT9
hAnEP560KN4sCeH3mFZDe4y7PlR94Ma3Co9AsR82XIYx2evJABf+7Mu1wN93NhG3
k+57fpb18Y7Bz86R
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org