Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BCB1/D00DD498BC0211EAB8C79048C4F9AE02/60B98928ED3E11ED8478BE43C4F9AE02.roa
File: 60B98928ED3E11ED8478BE43C4F9AE02.roa (raw, json)
Hash identifier: sii2u++xR5Av4m6+R7G8zodA16ZaceK053fabjw9juo=
Subject key identifier: 45:0B:57:EC:A6:C1:D1:94:E7:72:97:7F:3B:6B:9C:FC:8D:DA:D7:49
Certificate issuer: /CN=A915BCB1/serialNumber=072CDF651B312CAFBDB049A33569FEA6EF6C9517
Certificate serial: 073A
Authority key identifier: 07:2C:DF:65:1B:31:2C:AF:BD:B0:49:A3:35:69:FE:A6:EF:6C:95:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByzfZRsxLK-9sEmjNWn-pu9slRc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BCB1/D00DD498BC0211EAB8C79048C4F9AE02/60B98928ED3E11ED8478BE43C4F9AE02.roa
Signing time: Thu 08 Jun 2023 08:24:29 +0000
ROA not before: Thu 08 Jun 2023 08:24:29 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 17819
IP address blocks: 45.116.132.0/24 maxlen: 24
45.116.135.0/24 maxlen: 24
103.9.92.0/24 maxlen: 24
103.9.93.0/24 maxlen: 24
103.9.94.0/24 maxlen: 24
103.9.95.0/24 maxlen: 24
103.37.132.0/24 maxlen: 24
103.245.5.0/24 maxlen: 24
103.245.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1850 (0x73a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BCB1/serialNumber=072CDF651B312CAFBDB049A33569FEA6EF6C9517
Validity
Not Before: Jun 8 08:24:29 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6481903d-7627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f8:58:03:2c:a7:31:63:62:bf:7e:c3:27:ea:
c5:ff:d7:9b:8c:29:31:1c:dc:7c:43:fd:1d:52:03:
a6:d9:de:b4:fb:0f:b0:67:a1:6a:d0:cf:d9:88:11:
c6:9d:4c:db:a3:a2:e9:dc:a0:7e:d9:99:47:c9:54:
86:a2:16:8a:eb:44:9b:4f:1b:40:92:63:de:50:96:
f6:e9:23:1e:31:bc:4b:96:45:3f:c6:67:2c:27:ec:
b6:12:85:36:d3:b9:1b:65:06:f3:9c:18:82:fd:0d:
1f:98:7e:ad:89:f7:a9:82:8a:08:22:51:7d:31:cd:
1d:32:f1:83:de:16:70:f7:57:ae:b3:39:eb:cd:fd:
69:80:fe:00:50:f6:e5:3f:18:e6:da:c5:74:80:c4:
cf:ac:29:b9:80:c8:60:56:0e:87:2c:0d:c1:ce:ae:
3e:53:d8:9a:23:bc:7b:f3:be:30:ca:e0:4e:9c:31:
74:eb:44:9a:07:3e:47:58:cc:ce:4b:5b:80:8d:56:
a8:40:30:5a:28:49:24:31:5a:7a:b8:39:57:eb:f6:
76:eb:46:6e:92:4f:1b:2d:ff:3f:ea:59:d1:4d:52:
11:38:25:69:36:db:ac:70:a8:9b:32:7f:df:20:32:
87:91:b0:5f:fc:05:22:ea:49:34:0c:69:d5:b1:ce:
46:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:0B:57:EC:A6:C1:D1:94:E7:72:97:7F:3B:6B:9C:FC:8D:DA:D7:49
X509v3 Authority Key Identifier:
keyid:07:2C:DF:65:1B:31:2C:AF:BD:B0:49:A3:35:69:FE:A6:EF:6C:95:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BCB1/D00DD498BC0211EAB8C79048C4F9AE02/ByzfZRsxLK-9sEmjNWn-pu9slRc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ByzfZRsxLK-9sEmjNWn-pu9slRc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BCB1/D00DD498BC0211EAB8C79048C4F9AE02/60B98928ED3E11ED8478BE43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.132.0/24
45.116.135.0/24
103.9.92.0/22
103.37.132.0/24
103.245.5.0-103.245.6.255
Signature Algorithm: sha256WithRSAEncryption
85:bb:b9:6f:c5:e9:09:3f:a3:94:94:b8:81:6d:84:2a:40:d3:
62:cf:2f:85:a2:53:15:4f:4d:22:ad:52:e1:f4:a2:54:c4:41:
cd:e7:0c:93:96:05:b7:e0:06:0d:0c:59:6e:9d:fc:50:be:e7:
59:86:d2:13:cb:b6:82:4f:69:21:e0:2e:6c:07:61:d7:9f:9d:
36:3d:28:58:68:00:a7:b4:d1:83:b7:4e:13:e4:5e:95:bd:a5:
67:78:5e:73:eb:fe:bb:c4:62:01:76:e6:a8:fb:3b:4d:f0:8f:
27:a5:1d:13:aa:cd:aa:99:43:89:34:23:9a:fc:bd:6a:1e:55:
b6:5e:f0:a8:88:df:9e:e9:9b:e7:1c:ac:8f:41:9c:61:93:8f:
e8:ac:84:86:12:68:33:e0:d2:f2:06:4b:08:d0:98:47:88:d7:
dc:24:cb:c6:89:55:cf:84:db:83:ff:de:ba:01:4f:90:63:fa:
29:1b:8e:97:4e:77:f6:e5:b0:45:e8:87:0a:e9:6f:dc:67:00:
99:f4:16:ee:f1:66:0b:fc:ac:93:fd:cf:ce:cd:13:43:48:4f:
b8:31:2e:ac:f2:bb:cc:46:f7:07:b5:7a:70:2b:64:64:a0:55:
3f:fb:9a:48:38:10:16:28:92:07:43:83:4a:58:05:e8:bc:0b:
54:bd:73:b0
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICBzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJDQjExMTAvBgNVBAUTKDA3MkNERjY1MUIzMTJDQUZCREIwNDlBMzM1NjlGRUE2
RUY2Qzk1MTcwHhcNMjMwNjA4MDgyNDI5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxOTAzZC03NjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp/hYAyynMWNiv37DJ+rF/9ebjCkxHNx8Q/0dUgOm2d60+w+wZ6Fq0M/ZiBHG
nUzbo6Lp3KB+2ZlHyVSGohaK60SbTxtAkmPeUJb26SMeMbxLlkU/xmcsJ+y2EoU2
07kbZQbznBiC/Q0fmH6tifepgooIIlF9Mc0dMvGD3hZw91eusznrzf1pgP4AUPbl
Pxjm2sV0gMTPrCm5gMhgVg6HLA3Bzq4+U9iaI7x7874wyuBOnDF060SaBz5HWMzO
S1uAjVaoQDBaKEkkMVp6uDlX6/Z260Zukk8bLf8/6lnRTVIROCVpNtuscKibMn/f
IDKHkbBf/AUi6kk0DGnVsc5GgQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFEULV+ym
wdGU53KXfztrnPyN2tdJMB8GA1UdIwQYMBaAFAcs32UbMSyvvbBJozVp/qbvbJUX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkNCMS9EMDBERDQ5OEJD
MDIxMUVBQjhDNzkwNDhDNEY5QUUwMi9CeXpmWlJzeExLLTlzRW1qTlduLXB1OXNs
UmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0J5emZaUnN4TEstOXNFbWpOV24tcHU5c2xSYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJDQjEvRDAwREQ0OThCQzAyMTFFQUI4Qzc5MDQ4QzRGOUFFMDIvNjBCOTg5MjhF
RDNFMTFFRDg0NzhCRTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAAtdIQDBAAtdIcDBAJnCVwDBABnJYQwDAMEAGf1BQMEAGf1
BjANBgkqhkiG9w0BAQsFAAOCAQEAhbu5b8XpCT+jlJS4gW2EKkDTYs8vhaJTFU9N
Iq1S4fSiVMRBzecMk5YFt+AGDQxZbp38UL7nWYbSE8u2gk9pIeAubAdh15+dNj0o
WGgAp7TRg7dOE+Relb2lZ3hec+v+u8RiAXbmqPs7TfCPJ6UdE6rNqplDiTQjmvy9
ah5Vtl7wqIjfnumb5xysj0GcYZOP6KyEhhJoM+DS8gZLCNCYR4jX3CTLxolVz4Tb
g//eugFPkGP6KRuOl0539uWwReiHCulv3GcAmfQW7vFmC/ysk/3Pzs0TQ0hPuDEu
rPK7zEb3B7V6cCtkZKBVP/uaSDgQFiiSB0ODSlgF6LwLVL1zsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org