Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8B3F6A06557011EE924F6680C4F9AE02.roa
File: 8B3F6A06557011EE924F6680C4F9AE02.roa (raw, json)
Hash identifier: r93LBsse1/1YHSYQFTAdQO/tV6GIzZJUGvvcTuOWU6M=
Subject key identifier: E0:DE:5B:D1:E3:5A:0F:8E:CB:D3:62:E8:AD:DD:AE:8E:D1:1A:E8:67
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 2134
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8B3F6A06557011EE924F6680C4F9AE02.roa
Signing time: Sat 07 Oct 2023 15:06:21 +0000
ROA not before: Sat 07 Oct 2023 15:06:21 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 24
103.61.220.0/22 maxlen: 22
103.61.220.0/24 maxlen: 24
103.61.221.0/24 maxlen: 24
103.61.222.0/24 maxlen: 24
103.61.223.0/24 maxlen: 24
103.200.32.0/22 maxlen: 22
103.200.32.0/24 maxlen: 24
103.200.33.0/24 maxlen: 24
103.200.34.0/24 maxlen: 24
103.200.35.0/24 maxlen: 24
103.203.52.0/22 maxlen: 22
103.203.52.0/24 maxlen: 24
103.203.53.0/24 maxlen: 24
103.203.54.0/24 maxlen: 24
103.203.55.0/24 maxlen: 24
103.225.136.0/22 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80::/36 maxlen: 36
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:3000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8500 (0x2134)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Validity
Not Before: Oct 7 15:06:21 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=652173ed-d82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b1:68:99:8d:a4:60:60:c7:6b:01:62:21:e7:
2a:b8:5d:2a:9a:3d:b7:c3:f9:3a:33:38:a5:8a:13:
08:0a:99:7f:93:f7:72:c9:2f:e5:95:bd:a4:47:2e:
50:bd:7b:4a:10:63:62:6b:60:54:22:a2:38:55:2c:
7a:35:c8:d3:73:c6:08:c0:49:81:02:da:1e:f6:e4:
5a:68:a2:3f:30:c5:05:16:29:03:93:96:e6:23:2e:
f1:24:31:c4:67:13:a1:a9:0e:99:3f:a1:bf:8c:c8:
72:c2:21:28:78:21:3a:9c:10:22:a0:f1:4e:12:b5:
ed:b4:a4:dd:23:5d:ba:ad:e3:d0:ac:ae:41:dc:45:
dd:aa:a0:0e:8b:51:7e:1d:90:14:e5:c1:ad:c6:60:
cb:b9:17:37:36:b3:64:ea:60:6d:c7:66:f9:23:4d:
1f:27:66:02:4e:f9:fa:f2:3f:f6:90:3c:57:c0:a4:
4e:10:a9:33:93:96:9d:c3:df:3a:49:c6:a1:f5:9f:
fb:cf:79:9e:f0:2b:a4:c2:80:8e:9f:a9:8e:98:16:
b9:a8:ff:62:34:ea:bc:c7:e3:6c:1c:31:08:18:d3:
26:36:6b:93:32:c0:1c:49:1f:75:ef:00:25:83:f2:
b7:5f:b0:86:f9:95:a3:37:52:8e:c2:cd:dd:23:ed:
00:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DE:5B:D1:E3:5A:0F:8E:CB:D3:62:E8:AD:DD:AE:8E:D1:1A:E8:67
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/8B3F6A06557011EE924F6680C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.61.220.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
b8:60:7d:63:df:29:19:1e:45:d0:6f:60:0e:20:4a:e1:d5:55:
36:00:fc:00:19:04:08:74:98:b4:f9:15:10:9b:b4:94:fa:cd:
05:4f:b4:b7:b1:fb:52:a4:a6:e9:c7:98:a1:50:44:5a:31:b6:
26:39:1f:d8:e8:0d:8d:aa:bb:13:98:90:a9:05:93:ae:3b:a7:
d4:d3:38:70:af:56:ac:6e:8e:76:43:9d:dc:da:28:24:21:6a:
86:97:9b:43:55:20:97:7b:35:b6:7f:91:d9:a5:7f:42:3e:ad:
65:62:9b:47:46:0a:d2:52:0b:44:6f:42:3a:d9:b1:6a:93:6c:
bb:77:81:9f:34:d8:d0:b6:46:a5:f3:6c:e7:6e:fb:a4:cf:9f:
f7:79:2f:8b:2c:ca:df:50:93:52:44:95:a8:aa:39:2d:08:4a:
98:00:77:8c:dc:4b:c8:5a:a2:71:ff:41:be:4f:d0:ff:d6:bc:
09:7b:fe:24:1f:ba:c0:c8:07:ba:63:46:d8:e2:ce:5c:d5:17:
3c:ad:fa:20:2f:af:f4:bd:08:c2:5f:cc:41:aa:d9:fe:5f:f2:
77:fe:13:6c:cd:15:27:f1:86:89:51:9d:4b:44:64:69:67:df:
56:4f:38:80:81:16:0c:c5:13:bc:71:90:68:2f:c0:f7:61:eb:
35:0d:06:e2
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICITQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjMxMDA3MTUwNjIxWhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTIxNzNlZC1kODJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAybFomY2kYGDHawFiIecquF0qmj23w/k6MzilihMICpl/k/dyyS/llb2kRy5Q
vXtKEGNia2BUIqI4VSx6NcjTc8YIwEmBAtoe9uRaaKI/MMUFFikDk5bmIy7xJDHE
ZxOhqQ6ZP6G/jMhywiEoeCE6nBAioPFOErXttKTdI126rePQrK5B3EXdqqAOi1F+
HZAU5cGtxmDLuRc3NrNk6mBtx2b5I00fJ2YCTvn68j/2kDxXwKROEKkzk5adw986
Scah9Z/7z3me8CukwoCOn6mOmBa5qP9iNOq8x+NsHDEIGNMmNmuTMsAcSR917wAl
g/K3X7CG+ZWjN1KOws3dI+0A9QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFODeW9Hj
Wg+Oy9Ni6K3dro7RGuhnMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvOEIzRjZBMDY1
NTcwMTFFRTkyNEY2NjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAItfDgDBAJnPdwDBAJnyCADBAJnyzQDBAJn4YgwDQQCAAIw
BwMFACQBC4AwDQYJKoZIhvcNAQELBQADggEBALhgfWPfKRkeRdBvYA4gSuHVVTYA
/AAZBAh0mLT5FRCbtJT6zQVPtLex+1KkpunHmKFQRFoxtiY5H9joDY2quxOYkKkF
k647p9TTOHCvVqxujnZDndzaKCQhaoaXm0NVIJd7NbZ/kdmlf0I+rWVim0dGCtJS
C0RvQjrZsWqTbLt3gZ802NC2RqXzbOdu+6TPn/d5L4ssyt9Qk1JElaiqOS0ISpgA
d4zcS8haonH/Qb5P0P/WvAl7/iQfusDIB7pjRtjizlzVFzyt+iAvr/S9CMJfzEGq
2f5f8nf+E2zNFSfxholRnUtEZGln31ZPOICBFgzFE7xxkGgvwPdh6zUNBuI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org