Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FB57C516CCBB11ECA7F35312C4F9AE02.roa
File: FB57C516CCBB11ECA7F35312C4F9AE02.roa (raw, json)
Hash identifier: 4CROI0bemGSqKn8ZGsve+FiLEcJ7oRickdJlrSvnJYg=
Subject key identifier: F3:40:57:11:8C:CE:F4:F2:10:1E:C5:D4:59:99:75:EF:C8:38:B7:B6
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 3AB5
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FB57C516CCBB11ECA7F35312C4F9AE02.roa
Signing time: Fri 30 Sep 2022 14:31:01 +0000
ROA not before: Fri 30 Sep 2022 14:31:01 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 18403
IP address blocks: 1.52.0.0/14 maxlen: 24
42.112.0.0/13 maxlen: 24
43.239.148.0/22 maxlen: 24
58.186.0.0/15 maxlen: 24
103.35.64.0/22 maxlen: 24
103.39.92.0/22 maxlen: 24
103.102.128.0/24 maxlen: 24
103.102.129.0/24 maxlen: 24
103.102.130.0/24 maxlen: 24
103.102.131.0/24 maxlen: 24
103.143.206.0/23 maxlen: 24
103.156.10.0/23 maxlen: 24
103.156.12.0/23 maxlen: 24
103.156.30.0/23 maxlen: 24
103.156.32.0/23 maxlen: 24
103.156.34.0/23 maxlen: 24
103.159.54.0/24 maxlen: 24
103.159.55.0/24 maxlen: 24
103.171.92.0/23 maxlen: 23
103.171.92.0/24 maxlen: 24
103.171.93.0/24 maxlen: 24
113.22.0.0/16 maxlen: 24
113.23.0.0/17 maxlen: 24
118.68.0.0/14 maxlen: 24
144.48.20.0/22 maxlen: 24
183.80.0.0/16 maxlen: 24
183.81.0.0/17 maxlen: 24
203.191.8.0/21 maxlen: 24
210.245.0.0/17 maxlen: 24
2001:df2:d900::/48 maxlen: 48
2405:4800::/30 maxlen: 31
2405:4800::/32 maxlen: 48
2405:4801::/32 maxlen: 48
2405:4802::/32 maxlen: 48
2405:4803::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15029 (0x3ab5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 30 14:31:01 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6336fda4-2220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:94:90:5a:50:b7:a9:dd:7b:39:11:62:b6:3d:
6d:a1:e5:07:7d:a0:ee:32:a3:aa:13:69:bf:8c:9c:
a0:88:8a:78:91:f0:f4:ad:20:4c:b6:13:25:6e:64:
e3:03:20:f4:1b:f3:f4:e7:2b:65:f9:7f:29:bc:a0:
1e:1d:ab:06:ee:7a:80:08:34:e2:5b:fb:ca:0a:a3:
a9:75:bf:af:43:e4:8a:cd:71:81:f6:9c:37:91:5c:
ba:a6:8e:64:83:fc:4e:f6:d4:27:6a:0a:3c:04:f3:
73:54:2b:c3:06:10:4c:fb:b8:b2:26:21:28:0e:67:
1e:c7:a6:02:13:9b:ae:a0:c4:13:bf:a6:1e:38:d5:
1b:4b:7f:66:02:d5:2a:5b:7b:b6:2f:de:61:3d:f1:
6a:56:c9:2e:b5:43:94:16:af:f0:85:c3:03:f8:6a:
25:12:7d:eb:27:4e:11:eb:5d:f1:e5:ba:7c:76:7e:
bb:04:4d:e9:72:99:2d:97:4b:5f:27:5d:be:12:3a:
b2:af:9e:0c:6f:51:7d:64:14:b9:90:3b:16:15:e9:
88:4c:2c:e9:f5:45:ad:12:d9:ce:21:91:8a:8a:96:
aa:68:16:68:3a:da:e1:36:09:60:ad:22:09:28:40:
66:77:b9:6b:d2:cf:3f:e4:3e:a8:3b:53:3c:bd:39:
d7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:40:57:11:8C:CE:F4:F2:10:1E:C5:D4:59:99:75:EF:C8:38:B7:B6
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/FB57C516CCBB11ECA7F35312C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.52.0.0/14
42.112.0.0/13
43.239.148.0/22
58.186.0.0/15
103.35.64.0/22
103.39.92.0/22
103.102.128.0/22
103.143.206.0/23
103.156.10.0-103.156.13.255
103.156.30.0-103.156.35.255
103.159.54.0/23
103.171.92.0/23
113.22.0.0-113.23.127.255
118.68.0.0/14
144.48.20.0/22
183.80.0.0-183.81.127.255
203.191.8.0/21
210.245.0.0/17
IPv6:
2001:df2:d900::/48
2405:4800::/30
Signature Algorithm: sha256WithRSAEncryption
0b:42:f6:f0:cd:4d:24:d1:8f:8f:35:55:7e:43:0d:77:c7:55:
3e:b5:24:31:df:fb:a5:1a:08:93:a7:46:da:a8:9d:43:80:08:
70:08:c0:4c:84:b2:d2:b6:52:65:4e:11:58:2f:50:dd:1e:5e:
aa:8f:99:13:b9:08:61:1b:63:5a:72:41:7d:05:d3:ab:9b:77:
12:81:b5:67:52:ed:c9:06:40:8b:fe:2d:59:84:98:c6:d9:0b:
2a:09:ab:e9:1c:fb:8c:e1:d0:c6:e7:ca:f0:e5:c5:0f:d4:5d:
e7:bb:a1:51:a3:ee:ad:aa:7b:5a:fd:1f:4b:b2:a5:70:b9:64:
09:6e:d9:64:31:f1:19:03:d8:56:cf:02:ba:e7:e8:93:4f:9f:
31:36:40:fd:f0:92:b1:9a:8c:f4:c6:09:45:d3:18:03:17:22:
3c:22:0c:fa:82:88:76:24:51:59:19:5a:ab:63:ad:91:22:6c:
23:7e:c6:b5:38:74:5e:4b:ec:73:7b:12:44:14:80:93:8e:ac:
9c:8d:37:68:f7:5f:ad:f0:e3:7b:3a:63:2d:1c:ed:9b:1e:8d:
d7:51:8d:94:8e:b4:f8:e2:35:29:e8:47:0e:d5:05:79:b3:62:
a5:02:15:15:43:05:d1:60:0a:b2:87:8c:ab:45:a7:ce:64:3c:
0f:e4:5b:bb
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgICOrUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIwOTMwMTQzMTAxWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM2ZmRhNC0yMjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJSQWlC3qd17ORFitj1toeUHfaDuMqOqE2m/jJygiIp4kfD0rSBMthMlbmTj
AyD0G/P05ytl+X8pvKAeHasG7nqACDTiW/vKCqOpdb+vQ+SKzXGB9pw3kVy6po5k
g/xO9tQnago8BPNzVCvDBhBM+7iyJiEoDmcex6YCE5uuoMQTv6YeONUbS39mAtUq
W3u2L95hPfFqVskutUOUFq/whcMD+GolEn3rJ04R613x5bp8dn67BE3pcpktl0tf
J12+Ejqyr54Mb1F9ZBS5kDsWFemITCzp9UWtEtnOIZGKipaqaBZoOtrhNglgrSIJ
KEBmd7lr0s8/5D6oO1M8vTnXwQIDAQABo4IDMjCCAy4wHQYDVR0OBBYEFPNAVxGM
zvTyEB7F1FmZde/IOLe2MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRkI1N0M1MTZD
Q0JCMTFFQ0E3RjM1MzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbsGCCsGAQUFBwEHAQH/
BIGrMIGoMIGNBAIAATCBhgMDAgE0AwMDKnADBAIr75QDAwE6ugMEAmcjQAMEAmcn
XAMEAmdmgAMEAWePzjAMAwQBZ5wKAwQBZ5wMMAwDBAFnnB4DBAJnnCADBAFnnzYD
BAFnq1wwCwMDAXEWAwQHcRcAAwMCdkQDBAKQMBQwCwMDBLdQAwQHt1EAAwQDy78I
AwQH0vUAMBYEAgACMBADBwAgAQ3y2QADBQIkBUgAMA0GCSqGSIb3DQEBCwUAA4IB
AQALQvbwzU0k0Y+PNVV+Qw13x1U+tSQx3/ulGgiTp0baqJ1DgAhwCMBMhLLStlJl
ThFYL1DdHl6qj5kTuQhhG2NackF9BdOrm3cSgbVnUu3JBkCL/i1ZhJjG2QsqCavp
HPuM4dDG58rw5cUP1F3nu6FRo+6tqnta/R9LsqVwuWQJbtlkMfEZA9hWzwK65+iT
T58xNkD98JKxmoz0xglF0xgDFyI8Igz6goh2JFFZGVqrY62RImwjfsa1OHReS+xz
exJEFICTjqycjTdo91+t8ON7OmMtHO2bHo3XUY2UjrT44jUp6EcO1QV5s2KlAhUV
QwXRYAqyh4yrRafOZDwP5Fu7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org