Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8631B57809A311EEAA321668C4F9AE02.roa
File: 8631B57809A311EEAA321668C4F9AE02.roa (raw, json)
Hash identifier: +yA2YUTNyHZYmMGxAk5/IvjFRS+xtLlogxiu70/JVB0=
Subject key identifier: D3:B3:7D:CA:4B:68:42:BC:A5:3E:E3:2B:12:7B:02:58:AB:93:BE:69
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 20E9
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8631B57809A311EEAA321668C4F9AE02.roa
Signing time: Tue 13 Jun 2023 04:34:03 +0000
ROA not before: Tue 13 Jun 2023 04:34:03 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 24
103.61.220.0/22 maxlen: 22
103.200.32.0/22 maxlen: 22
103.203.52.0/22 maxlen: 22
103.225.136.0/22 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:3000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8425 (0x20e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Validity
Not Before: Jun 13 04:34:03 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6487f1bb-81c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a0:07:3f:ce:42:c6:81:59:e8:e7:75:f2:21:
2c:62:49:f0:0e:47:c8:d5:14:63:fb:39:83:70:5a:
f5:a0:52:48:b9:30:ab:8b:2b:26:a1:ac:c4:27:af:
28:c0:f6:12:e3:81:46:eb:aa:48:31:43:5d:db:a1:
9c:cb:75:58:95:97:75:79:00:3e:68:c9:9e:1d:ab:
0c:dc:74:ce:a5:2b:8a:bf:25:0b:3e:ea:88:b6:6c:
f7:3d:1b:3e:38:db:f5:15:91:72:3f:86:5d:4a:fc:
28:6e:bf:53:1b:9f:76:12:77:94:28:59:91:15:2d:
e3:71:c4:63:e1:99:fe:9f:17:d9:eb:85:18:6b:c8:
f0:65:79:31:41:35:06:ae:21:43:e4:60:6d:49:64:
cc:90:d7:0d:8f:c7:e5:73:69:59:b6:57:e9:85:d8:
23:c7:1a:b4:86:bd:b1:19:b0:03:f2:e4:7d:62:82:
b8:5b:fc:76:71:59:ae:f5:27:7a:62:0f:41:f9:d3:
e0:5f:9a:e0:cc:98:9b:23:a5:19:13:0f:ad:06:37:
44:80:67:ce:be:83:6a:7b:bf:62:85:63:64:7b:d5:
2a:83:51:6b:5b:f8:e3:45:ea:d4:7d:ec:89:71:94:
bb:fc:b7:c0:24:1f:10:a2:e3:3d:fe:18:32:44:ad:
c4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B3:7D:CA:4B:68:42:BC:A5:3E:E3:2B:12:7B:02:58:AB:93:BE:69
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8631B57809A311EEAA321668C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.61.220.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
b5:5e:2f:12:d5:48:ef:1f:aa:a7:a4:d5:74:e1:67:06:03:9a:
63:3c:2f:e6:f6:c0:68:fe:c8:d9:c9:03:37:b1:45:83:f4:3d:
c1:06:19:41:52:e4:ae:8f:64:a2:6c:75:2b:ea:f2:10:a0:0f:
0e:18:95:73:72:df:8c:93:df:6a:08:e9:1d:9f:dd:93:1d:98:
87:46:17:a3:84:22:83:ad:63:58:66:63:da:6a:ba:24:cb:00:
58:57:b7:20:fa:f3:7c:60:15:20:1f:6e:52:73:d7:92:3d:e3:
e8:5f:56:63:9a:72:c1:ed:40:1b:40:34:45:a4:e2:b9:f8:d3:
8e:3f:b2:f5:df:fb:fe:f4:e8:4b:48:a2:e6:48:ac:85:03:e8:
2e:38:0e:8b:fd:a0:0e:d2:bb:88:69:1c:05:a3:9c:41:1b:98:
46:d3:94:2a:88:e3:cb:0d:15:af:94:be:04:7e:52:ea:34:38:
43:25:1a:cc:d6:78:ac:1c:88:7b:33:66:96:81:05:c6:f8:de:
0b:d6:8f:d2:20:08:6e:9d:8f:b6:d9:23:05:dc:4c:c5:47:5f:
88:63:55:f8:c5:05:f8:8a:a1:14:b9:ba:74:74:11:75:83:b4:
9f:43:31:d7:4a:5e:aa:b4:5e:00:94:36:92:f0:1c:51:b1:61:
6b:e5:a3:eb
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICIOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjMwNjEzMDQzNDAzWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg3ZjFiYi04MWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAraAHP85CxoFZ6Od18iEsYknwDkfI1RRj+zmDcFr1oFJIuTCriysmoazEJ68o
wPYS44FG66pIMUNd26Gcy3VYlZd1eQA+aMmeHasM3HTOpSuKvyULPuqItmz3PRs+
ONv1FZFyP4ZdSvwobr9TG592EneUKFmRFS3jccRj4Zn+nxfZ64UYa8jwZXkxQTUG
riFD5GBtSWTMkNcNj8flc2lZtlfphdgjxxq0hr2xGbAD8uR9YoK4W/x2cVmu9Sd6
Yg9B+dPgX5rgzJibI6UZEw+tBjdEgGfOvoNqe79ihWNke9Uqg1FrW/jjRerUfeyJ
cZS7/LfAJB8QouM9/hgyRK3ERwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFNOzfcpL
aEK8pT7jKxJ7Alirk75pMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvODYzMUI1Nzgw
OUEzMTFFRUFBMzIxNjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItfDgDBAJnPdwDBAJnyCADBAJnyzQDBAJn4YgwDQQCAAIw
BwMFACQBC4AwDQYJKoZIhvcNAQELBQADggEBALVeLxLVSO8fqqek1XThZwYDmmM8
L+b2wGj+yNnJAzexRYP0PcEGGUFS5K6PZKJsdSvq8hCgDw4YlXNy34yT32oI6R2f
3ZMdmIdGF6OEIoOtY1hmY9pquiTLAFhXtyD683xgFSAfblJz15I94+hfVmOacsHt
QBtANEWk4rn4044/svXf+/706EtIouZIrIUD6C44Dov9oA7Su4hpHAWjnEEbmEbT
lCqI48sNFa+UvgR+Uuo0OEMlGszWeKwciHszZpaBBcb43gvWj9IgCG6dj7bZIwXc
TMVHX4hjVfjFBfiKoRS5unR0EXWDtJ9DMddKXqq0XgCUNpLwHFGxYWvlo+s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org