Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
File: FC5F913A8AF111E6B4810E56C4F9AE02.roa (raw, json)
Hash identifier: 5+3n4JgsYBatb4ObQwAi88Gbsnnh9gh1+I91QUSxG8Q=
Subject key identifier: BE:6D:E4:97:AF:C6:69:5C:F4:9C:83:C2:11:85:99:EB:5C:A1:1D:F6
Certificate issuer: /CN=A91CDCB6/serialNumber=0781675CC64FAB2B845DA7F51155498042ECE467
Certificate serial: 1CBE
Authority key identifier: 07:81:67:5C:C6:4F:AB:2B:84:5D:A7:F5:11:55:49:80:42:EC:E4:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4FnXMZPqyuEXaf1EVVJgELs5Gc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
Signing time: Thu 24 Aug 2023 16:33:12 +0000
ROA not before: Thu 24 Aug 2023 16:33:12 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 58668
IP address blocks: 45.251.128.0/22 maxlen: 24
103.12.236.0/22 maxlen: 24
103.12.236.0/23 maxlen: 24
103.12.236.0/24 maxlen: 24
103.12.237.0/24 maxlen: 24
103.12.238.0/23 maxlen: 24
103.12.238.0/24 maxlen: 24
103.12.239.0/24 maxlen: 24
2403:2c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7358 (0x1cbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CDCB6, serialNumber=0781675CC64FAB2B845DA7F51155498042ECE467
Validity
Not Before: Aug 24 16:33:12 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64e78648-83f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:aa:ec:b3:8c:a3:87:29:c4:3d:15:5b:cf:06:
a3:83:f5:c6:66:53:78:f0:66:75:2f:0d:69:78:ed:
cf:6a:c3:e4:ad:0d:e6:70:d6:13:a4:b6:70:d0:ce:
3c:ca:e4:9b:c6:c6:35:d1:b8:4b:03:76:44:ba:8b:
5e:f9:0a:9c:67:26:0a:27:3d:67:6e:37:5c:e8:86:
5f:e0:89:bb:26:15:c1:75:aa:2a:a8:81:c0:de:bb:
9f:77:24:95:c9:ff:07:73:90:22:6b:81:3b:16:95:
77:98:b7:83:ac:6e:4d:09:2a:09:3c:76:72:e8:df:
30:73:f2:4e:c9:8d:21:a8:a4:0e:c3:fd:64:d7:44:
56:40:cf:80:f3:89:28:2b:7f:42:e8:64:f5:9b:2d:
c3:e5:74:c5:9a:12:e4:d7:6d:3b:4d:6f:e1:82:e9:
d4:92:78:c1:19:90:7f:13:a9:cc:8a:db:39:b9:d0:
b4:74:4b:77:31:81:08:b4:bf:50:07:e7:1b:20:22:
d8:32:63:96:7c:f5:cd:a8:52:d3:b8:cb:bc:23:10:
68:85:b7:d7:f5:be:ad:11:f0:43:64:b7:e8:b1:89:
77:b5:b9:02:34:b9:2f:5c:03:22:7e:86:6b:3f:e5:
49:b5:8d:90:9d:50:e3:cf:ac:b5:c6:40:0f:80:6f:
e5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:6D:E4:97:AF:C6:69:5C:F4:9C:83:C2:11:85:99:EB:5C:A1:1D:F6
X509v3 Authority Key Identifier:
keyid:07:81:67:5C:C6:4F:AB:2B:84:5D:A7:F5:11:55:49:80:42:EC:E4:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/B4FnXMZPqyuEXaf1EVVJgELs5Gc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4FnXMZPqyuEXaf1EVVJgELs5Gc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.128.0/22
103.12.236.0/22
IPv6:
2403:2c40::/32
Signature Algorithm: sha256WithRSAEncryption
7e:8d:54:0e:ec:2e:1a:92:f4:cd:b1:d9:0a:c0:a1:f5:6e:d5:
1b:d0:ba:44:34:96:9e:93:e8:f3:8e:59:b4:80:26:85:8f:68:
40:70:e8:25:47:09:96:d8:83:dc:c2:92:4f:b4:16:69:0f:a0:
50:39:d1:59:2f:02:9a:64:74:67:d6:6b:ae:b5:88:c1:c3:6b:
fb:4f:5d:b3:9b:06:bf:b4:7b:fd:c1:46:e1:88:7a:8c:f4:a1:
87:50:4d:80:6f:b8:c8:8b:88:62:02:d7:0f:ce:6e:bf:ec:9b:
f9:43:2c:cd:5d:83:6b:62:4b:d7:90:ce:86:50:99:e3:d3:80:
df:e2:97:2b:71:73:8a:c3:5d:cc:61:7a:09:d9:d8:24:56:d9:
74:21:6d:7b:03:38:7e:aa:d0:e6:32:e7:97:b9:f2:62:19:b3:
0d:19:08:ae:94:d1:84:25:9e:04:64:08:ae:0f:5e:76:76:52:
68:47:2a:2f:56:a4:52:4f:9b:e6:ee:1e:52:5b:ab:ae:4d:b7:
0d:1b:1f:0e:31:bc:e4:b0:a6:9b:f0:e2:53:02:63:d3:23:d1:
4f:7a:42:be:89:1c:40:20:df:8f:08:3a:54:93:ff:b1:0a:2e:
45:7f:50:ba:43:ff:1e:53:44:9c:37:dd:88:3d:91:e6:52:e9:
56:ba:39:00
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICHL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0RDQjYxMTAvBgNVBAUTKDA3ODE2NzVDQzY0RkFCMkI4NDVEQTdGNTExNTU0OTgw
NDJFQ0U0NjcwHhcNMjMwODI0MTYzMzEyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU3ODY0OC04M2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvqrss4yjhynEPRVbzwajg/XGZlN48GZ1Lw1peO3PasPkrQ3mcNYTpLZw0M48
yuSbxsY10bhLA3ZEuote+QqcZyYKJz1nbjdc6IZf4Im7JhXBdaoqqIHA3rufdySV
yf8Hc5Aia4E7FpV3mLeDrG5NCSoJPHZy6N8wc/JOyY0hqKQOw/1k10RWQM+A84ko
K39C6GT1my3D5XTFmhLk1207TW/hgunUknjBGZB/E6nMits5udC0dEt3MYEItL9Q
B+cbICLYMmOWfPXNqFLTuMu8IxBohbfX9b6tEfBDZLfosYl3tbkCNLkvXAMifoZr
P+VJtY2QnVDjz6y1xkAPgG/lAQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFL5t5Jev
xmlc9JyDwhGFmetcoR32MB8GA1UdIwQYMBaAFAeBZ1zGT6srhF2n9RFVSYBC7ORn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRENCNi82N0M2QUE0QThB
RjExMUU2OTgwNzgzNTVDNEY5QUUwMi9CNEZuWE1aUHF5dUVYYWYxRVZWSmdFTHM1
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I0Rm5YTVpQcXl1RVhhZjFFVlZKZ0VMczVHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0RDQjYvNjdDNkFBNEE4QUYxMTFFNjk4MDc4MzU1QzRGOUFFMDIvRkM1RjkxM0E4
QUYxMTFFNkI0ODEwRTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt+4ADBAJnDOwwDQQCAAIwBwMFACQDLEAwDQYJKoZIhvcN
AQELBQADggEBAH6NVA7sLhqS9M2x2QrAofVu1RvQukQ0lp6T6POOWbSAJoWPaEBw
6CVHCZbYg9zCkk+0FmkPoFA50VkvAppkdGfWa661iMHDa/tPXbObBr+0e/3BRuGI
eoz0oYdQTYBvuMiLiGIC1w/Obr/sm/lDLM1dg2tiS9eQzoZQmePTgN/ilytxc4rD
XcxhegnZ2CRW2XQhbXsDOH6q0OYy55e58mIZsw0ZCK6U0YQlngRkCK4PXnZ2UmhH
Ki9WpFJPm+buHlJbq65Ntw0bHw4xvOSwppvw4lMCY9Mj0U96Qr6JHEAg348IOlST
/7EKLkV/ULpD/x5TRJw33Yg9keZS6Va6OQA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:38:40 2025 by rpki-client