Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8631B57809A311EEAA321668C4F9AE02.roa
File: 8631B57809A311EEAA321668C4F9AE02.roa (raw, json)
Hash identifier: VeKMRV2mfwUFFs+/FmQ373QcXZX93w9X8EVkUJ/b+1o=
Subject key identifier: FD:C1:51:E6:55:39:32:CB:E9:C9:2D:37:55:CE:2A:8E:87:7A:25:94
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 211E
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8631B57809A311EEAA321668C4F9AE02.roa
Signing time: Sun 17 Sep 2023 15:17:16 +0000
ROA not before: Sun 17 Sep 2023 15:17:16 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 24
103.61.220.0/22 maxlen: 22
103.200.32.0/22 maxlen: 22
103.200.32.0/24 maxlen: 24
103.200.33.0/24 maxlen: 24
103.200.34.0/24 maxlen: 24
103.200.35.0/24 maxlen: 24
103.203.52.0/22 maxlen: 22
103.225.136.0/22 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:3000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8478 (0x211e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Validity
Not Before: Sep 17 15:17:16 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6507187b-9d47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f8:5d:ff:98:70:81:45:a2:4c:3e:6e:13:8d:
61:c8:3e:82:ef:c2:3b:66:8a:88:bf:16:1b:ff:eb:
53:a5:da:f0:9b:a5:41:79:fc:78:1f:f1:3c:82:9d:
83:bb:9b:36:f9:9b:a7:2e:e4:50:a7:fb:db:39:27:
db:97:77:11:26:74:19:51:94:0a:8c:77:73:55:9a:
e1:d5:1c:3a:9e:08:86:af:fc:65:7a:66:56:52:ac:
f1:84:ef:3c:b7:33:47:ee:0c:74:07:cf:a8:5d:7f:
a7:df:7a:73:ec:5a:88:5e:b6:a7:1e:9b:03:69:06:
1b:a0:e3:e8:68:41:6c:5e:fa:61:4b:83:67:b2:d5:
2c:65:7f:d2:af:20:4d:c8:a3:5e:45:cf:2f:64:8b:
ec:54:66:e8:ce:5e:77:4a:39:e1:e4:0e:ca:bf:1d:
f7:16:9a:64:96:d2:cb:23:6c:f1:65:09:84:2b:8b:
86:44:de:22:d4:9f:04:7b:4d:7e:11:c8:17:58:07:
68:f3:9b:7f:bf:0d:70:ed:16:31:e3:ea:41:35:2d:
c4:cc:9c:42:ee:2f:6f:07:e1:19:9c:72:97:b6:b9:
f5:4b:a1:60:88:61:a4:25:f5:ae:cb:e6:09:2c:97:
65:09:33:a1:bc:a9:00:33:7c:fb:f1:9c:57:67:33:
8e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C1:51:E6:55:39:32:CB:E9:C9:2D:37:55:CE:2A:8E:87:7A:25:94
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8631B57809A311EEAA321668C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.61.220.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
83:55:2c:a6:49:b0:de:76:4d:56:b3:5d:4d:d4:6c:26:55:c7:
39:87:15:ea:1b:74:0a:e5:b0:9e:59:d7:5e:dc:59:7b:aa:82:
da:87:b4:29:29:f5:dc:13:c7:9d:66:27:61:83:df:94:60:ab:
49:ff:fc:5c:c3:28:2a:4b:27:78:18:58:c2:97:97:3a:ca:21:
e7:bb:83:7e:8c:86:51:2f:f2:b4:1b:b4:6d:ad:46:32:90:65:
7d:24:c5:f9:ee:d5:17:2e:b7:05:38:68:d8:2a:41:c1:b4:3b:
e0:11:c5:9b:e3:5e:b4:90:db:7f:0b:b4:1d:f8:eb:56:8b:20:
08:4b:be:47:5d:06:44:03:4d:2b:d0:4d:b7:0d:c7:ef:e2:92:
06:2a:bb:43:ad:f4:b9:9b:1f:86:b7:4b:f8:b3:84:13:85:b8:
72:a9:0f:49:74:18:fe:fd:e8:e9:62:f1:63:33:f4:0f:38:09:
be:47:e6:5d:08:5b:d1:80:7b:68:98:7d:a0:da:ff:bb:65:8e:
ec:a6:68:57:8a:8c:92:38:78:e7:4d:35:97:73:73:e1:24:cb:
66:6f:3c:f8:39:a7:01:31:8a:47:74:0d:f4:92:27:56:2b:0c:
e7:42:09:eb:6c:ae:a1:f5:74:bc:b6:31:56:dd:59:69:3f:72:
bb:07:f7:5c
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICIR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjMwOTE3MTUxNzE2WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTA3MTg3Yi05ZDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv/hd/5hwgUWiTD5uE41hyD6C78I7ZoqIvxYb/+tTpdrwm6VBefx4H/E8gp2D
u5s2+ZunLuRQp/vbOSfbl3cRJnQZUZQKjHdzVZrh1Rw6ngiGr/xlemZWUqzxhO88
tzNH7gx0B8+oXX+n33pz7FqIXranHpsDaQYboOPoaEFsXvphS4NnstUsZX/SryBN
yKNeRc8vZIvsVGbozl53Sjnh5A7Kvx33FppkltLLI2zxZQmEK4uGRN4i1J8Ee01+
EcgXWAdo85t/vw1w7RYx4+pBNS3EzJxC7i9vB+EZnHKXtrn1S6FgiGGkJfWuy+YJ
LJdlCTOhvKkAM3z78ZxXZzOOiwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFP3BUeZV
OTLL6cktN1XOKo6HeiWUMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvODYzMUI1Nzgw
OUEzMTFFRUFBMzIxNjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItfDgDBAJnPdwDBAJnyCADBAJnyzQDBAJn4YgwDQQCAAIw
BwMFACQBC4AwDQYJKoZIhvcNAQELBQADggEBAINVLKZJsN52TVazXU3UbCZVxzmH
FeobdArlsJ5Z117cWXuqgtqHtCkp9dwTx51mJ2GD35Rgq0n//FzDKCpLJ3gYWMKX
lzrKIee7g36MhlEv8rQbtG2tRjKQZX0kxfnu1RcutwU4aNgqQcG0O+ARxZvjXrSQ
238LtB3461aLIAhLvkddBkQDTSvQTbcNx+/ikgYqu0Ot9LmbH4a3S/izhBOFuHKp
D0l0GP796Oli8WMz9A84Cb5H5l0IW9GAe2iYfaDa/7tljuymaFeKjJI4eOdNNZdz
c+Eky2ZvPPg5pwExikd0DfSSJ1YrDOdCCetsrqH1dLy2MVbdWWk/crsH91w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org