Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/64A9C0E4993311ECBAEF4461C4F9AE02.roa
File: 64A9C0E4993311ECBAEF4461C4F9AE02.roa (raw, json)
Hash identifier: kic/D2mY/I/CtVXj9a9Wi3Wds8dlx1kiDwJye7IZbuY=
Subject key identifier: 1A:84:31:A7:08:33:ED:AC:F1:48:E9:22:B6:45:8A:A5:15:B6:74:2F
Certificate issuer: /CN=A91B1185/serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Certificate serial: 1310
Authority key identifier: FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/64A9C0E4993311ECBAEF4461C4F9AE02.roa
Signing time: Mon 25 Apr 2022 17:44:09 +0000
ROA not before: Mon 25 Apr 2022 17:44:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24435
IP address blocks: 103.27.20.0/24 maxlen: 24
103.27.22.0/24 maxlen: 24
175.111.0.0/22 maxlen: 22
175.111.0.0/24 maxlen: 24
175.111.1.0/24 maxlen: 24
175.111.2.0/24 maxlen: 24
175.111.3.0/24 maxlen: 24
175.111.4.0/23 maxlen: 24
203.130.0.0/20 maxlen: 20
203.130.0.0/24 maxlen: 24
203.130.1.0/24 maxlen: 24
203.130.2.0/24 maxlen: 24
203.130.3.0/24 maxlen: 24
203.130.4.0/24 maxlen: 24
203.130.5.0/24 maxlen: 24
203.130.6.0/24 maxlen: 24
203.130.7.0/24 maxlen: 24
203.130.8.0/24 maxlen: 24
203.130.9.0/24 maxlen: 24
203.130.10.0/24 maxlen: 24
203.130.11.0/24 maxlen: 24
203.130.12.0/24 maxlen: 24
203.130.13.0/24 maxlen: 24
203.130.14.0/24 maxlen: 24
203.130.15.0/24 maxlen: 24
203.130.16.0/24 maxlen: 24
203.130.17.0/24 maxlen: 24
203.130.18.0/24 maxlen: 24
203.130.19.0/24 maxlen: 24
203.130.20.0/24 maxlen: 24
203.130.21.0/24 maxlen: 24
203.130.22.0/24 maxlen: 24
203.130.23.0/24 maxlen: 24
203.130.24.0/24 maxlen: 24
203.130.25.0/24 maxlen: 24
203.130.26.0/23 maxlen: 24
203.130.28.0/22 maxlen: 22
203.130.28.0/24 maxlen: 24
203.130.29.0/24 maxlen: 24
203.130.30.0/24 maxlen: 24
203.130.31.0/24 maxlen: 24
2001:fe8::/48 maxlen: 48
2001:fe8:1::/48 maxlen: 48
2001:fe8:2::/48 maxlen: 48
2001:fe8:10::/48 maxlen: 48
2001:fe8:4000::/48 maxlen: 48
2001:fe8:4001::/48 maxlen: 48
2001:fe8:4100::/48 maxlen: 48
2001:fe8:4101::/48 maxlen: 48
2001:fe8:8100::/48 maxlen: 48
2001:fe8:8101::/48 maxlen: 48
2001:fe8:8110::/48 maxlen: 48
2001:fe8:8111::/48 maxlen: 48
2001:fe8:8130::/48 maxlen: 48
2001:fe8:8131::/48 maxlen: 48
2001:fe8:c001::/48 maxlen: 48
2001:fe8:c100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4880 (0x1310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1185/serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Validity
Not Before: Apr 25 17:44:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6266dde9-9325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8e:f5:94:2e:d8:2d:05:91:a7:c1:47:9e:6c:
fa:b9:c5:c6:19:ba:c7:f7:be:07:c1:11:0c:37:89:
0e:24:1f:a6:fd:4a:16:7c:b9:7c:45:44:37:23:af:
b1:6b:ea:af:3f:24:6f:44:50:99:03:2a:47:2a:85:
78:f1:63:b1:3e:c2:dc:8f:16:47:d0:27:b4:1f:20:
dd:04:0d:fb:d9:e0:06:ea:9e:72:b9:d2:8c:98:46:
b8:21:94:c3:20:04:e8:d3:89:05:bb:be:6d:9d:32:
cd:31:40:8e:0e:ef:2e:73:80:47:68:30:b1:a5:ce:
a6:20:96:0d:b5:67:48:86:7f:f8:a2:8d:d5:c4:86:
8f:c6:a7:89:0b:62:87:37:ab:95:09:65:7c:e4:cb:
6f:14:98:99:b0:db:b2:9c:c2:d0:86:77:67:f7:1d:
0b:37:f0:e9:a9:ad:6c:d3:2a:a0:aa:1c:a5:90:bd:
26:d5:27:95:82:62:ee:03:e2:ca:be:f3:32:7d:23:
35:fb:d3:25:58:b1:0c:59:aa:d4:91:72:94:93:5f:
35:65:85:3c:10:c1:6e:dd:1a:0c:64:d5:98:b9:8c:
60:fc:a2:d7:73:dd:6b:f3:e6:cb:67:c1:c1:2f:1a:
1d:23:d9:bc:d4:5f:eb:7f:c9:f3:a0:4c:9e:13:f7:
c9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:84:31:A7:08:33:ED:AC:F1:48:E9:22:B6:45:8A:A5:15:B6:74:2F
X509v3 Authority Key Identifier:
keyid:FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/64A9C0E4993311ECBAEF4461C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.20.0/24
103.27.22.0/24
175.111.0.0-175.111.5.255
203.130.0.0/19
IPv6:
2001:fe8::-2001:fe8:2:ffff:ffff:ffff:ffff:ffff
2001:fe8:10::/48
2001:fe8:4000::/47
2001:fe8:4100::/47
2001:fe8:8100::/47
2001:fe8:8110::/47
2001:fe8:8130::/47
2001:fe8:c001::/48
2001:fe8:c100::/48
Signature Algorithm: sha256WithRSAEncryption
64:0f:51:be:4e:64:f6:37:52:fe:80:e4:c5:c0:82:73:14:97:
b3:05:e5:90:eb:9e:74:93:e2:df:b0:6e:86:da:eb:06:53:b9:
7e:27:01:9f:66:ea:d7:d8:f7:28:1c:5c:30:f6:0d:c0:f3:a3:
b5:a0:00:14:05:cb:85:8e:b9:d0:18:0c:66:7a:8c:4e:7b:80:
bf:90:6c:2a:51:c7:ad:56:77:b5:c3:21:9c:f8:95:f5:d9:0a:
48:43:14:72:e9:17:bb:35:7e:c0:c5:0f:f9:de:01:e7:b3:22:
9c:3c:2e:e5:44:e5:b2:65:53:b9:90:e0:d8:e0:d4:f7:63:bd:
02:30:ad:7e:24:3b:a9:f7:fe:6e:19:9b:bf:27:78:9c:23:f0:
8e:52:ea:b6:ce:1c:12:38:88:d2:f9:24:c5:a5:1e:a7:74:58:
cd:0c:72:61:86:8c:5b:6f:f4:66:6f:ca:1a:c4:ba:18:24:48:
3d:b2:40:7e:75:5a:9c:76:3f:77:f2:8d:49:64:22:39:c1:c7:
c2:24:fd:92:88:39:80:9e:1f:20:6f:cd:c2:c7:cf:d0:40:58:
2e:b6:03:df:03:18:03:81:d6:2d:86:b1:8d:50:85:4e:78:fb:
df:97:21:fa:ee:92:c8:a5:fb:47:43:4d:ba:9e:69:fc:e2:b2:
0e:93:46:2e
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgICExAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjExODUxMTAvBgNVBAUTKEZFM0NEMzdDRUMwRTM4MjMwN0I0RjlENUZGRDU3RTk3
RjEyMUYwNTMwHhcNMjIwNDI1MTc0NDA5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjY2ZGRlOS05MzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz471lC7YLQWRp8FHnmz6ucXGGbrH974HwREMN4kOJB+m/UoWfLl8RUQ3I6+x
a+qvPyRvRFCZAypHKoV48WOxPsLcjxZH0Ce0HyDdBA372eAG6p5yudKMmEa4IZTD
IATo04kFu75tnTLNMUCODu8uc4BHaDCxpc6mIJYNtWdIhn/4oo3VxIaPxqeJC2KH
N6uVCWV85MtvFJiZsNuynMLQhndn9x0LN/Dpqa1s0yqgqhylkL0m1SeVgmLuA+LK
vvMyfSM1+9MlWLEMWarUkXKUk181ZYU8EMFu3RoMZNWYuYxg/KLXc91r8+bLZ8HB
LxodI9m81F/rf8nzoEyeE/fJUwIDAQABo4IDEzCCAw8wHQYDVR0OBBYEFBqEMacI
M+2s8UjpIrZFiqUVtnQvMB8GA1UdIwQYMBaAFP4803zsDjgjB7T51f/VfpfxIfBT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTE4NS8zRUE5REQzQTE2
MjMxMUU4OTJDNEE5NDBDNEY5QUUwMi9fanpUZk93T09DTUh0UG5WXzlWLWxfRWg4
Rk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19qelRmT3dPT0NNSHRQblZfOVYtbF9FaDhGTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjExODUvM0VBOUREM0ExNjIzMTFFODkyQzRBOTQwQzRGOUFFMDIvNjRBOUMwRTQ5
OTMzMTFFQ0JBRUY0NDYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZwGCCsGAQUFBwEHAQH/
BIGMMIGJMCUEAgABMB8DBABnGxQDBABnGxYwCwMDAK9vAwQBr28EAwQFy4IAMGAE
AgACMFowEAMFAyABD+gDBwAgAQ/oAAIDBwAgAQ/oABADBwEgAQ/oQAADBwEgAQ/o
QQADBwEgAQ/ogQADBwEgAQ/ogRADBwEgAQ/ogTADBwAgAQ/owAEDBwAgAQ/owQAw
DQYJKoZIhvcNAQELBQADggEBAGQPUb5OZPY3Uv6A5MXAgnMUl7MF5ZDrnnST4t+w
boba6wZTuX4nAZ9m6tfY9ygcXDD2DcDzo7WgABQFy4WOudAYDGZ6jE57gL+QbCpR
x61Wd7XDIZz4lfXZCkhDFHLpF7s1fsDFD/neAeezIpw8LuVE5bJlU7mQ4Njg1Pdj
vQIwrX4kO6n3/m4Zm78neJwj8I5S6rbOHBI4iNL5JMWlHqd0WM0McmGGjFtv9GZv
yhrEuhgkSD2yQH51Wpx2P3fyjUlkIjnBx8Ik/ZKIOYCeHyBvzcLHz9BAWC62A98D
GAOB1i2GsY1QhU54+9+XIfruksil+0dDTbqeafzisg6TRi4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-ams.rpki-client.org