Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
File: FC5F913A8AF111E6B4810E56C4F9AE02.roa (raw, json)
Hash identifier: FCQyDUVsXnJBHVZEg6FUsLU0txO/XQUcDcyNuFSytFA=
Subject key identifier: AA:63:52:E4:4D:1E:9B:0F:15:BF:B8:03:7D:33:E9:FA:AC:60:FC:4D
Certificate issuer: /CN=A91CDCB6/serialNumber=0781675CC64FAB2B845DA7F51155498042ECE467
Certificate serial: 1C00
Authority key identifier: 07:81:67:5C:C6:4F:AB:2B:84:5D:A7:F5:11:55:49:80:42:EC:E4:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4FnXMZPqyuEXaf1EVVJgELs5Gc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
Signing time: Fri 23 Sep 2022 04:53:29 +0000
ROA not before: Fri 23 Sep 2022 04:53:29 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 58668
IP address blocks: 45.251.128.0/22 maxlen: 24
103.12.236.0/22 maxlen: 24
103.12.236.0/23 maxlen: 24
103.12.236.0/24 maxlen: 24
103.12.237.0/24 maxlen: 24
103.12.238.0/23 maxlen: 24
103.12.238.0/24 maxlen: 24
103.12.239.0/24 maxlen: 24
2403:2c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7168 (0x1c00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CDCB6/serialNumber=0781675CC64FAB2B845DA7F51155498042ECE467
Validity
Not Before: Sep 23 04:53:29 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=632d3bc8-fbc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e8:5a:57:ee:1f:a9:94:8c:b4:f2:1c:a5:52:
8b:82:f0:5b:cd:f7:2c:e7:21:19:31:72:e4:db:c4:
4e:1f:a4:e9:51:3e:d5:ee:bb:9a:71:2f:b3:81:2d:
e2:36:a0:1c:b3:bc:21:1c:25:7d:86:6b:fa:c2:ef:
af:d0:10:ce:cb:9a:28:01:ed:24:c6:6d:50:b0:22:
32:79:93:4c:c8:c5:99:2d:10:8a:92:33:c9:38:67:
93:d1:12:10:a5:42:94:9c:f5:73:73:7c:fa:28:5e:
3f:8e:1e:61:17:2f:44:3c:81:b6:06:2e:d2:a4:aa:
0b:74:6f:d4:0d:6f:37:9e:72:a7:20:dc:5f:7b:53:
14:e0:b1:17:95:0f:0f:6b:88:10:ef:02:12:50:ca:
47:57:9d:b9:f0:93:b8:26:34:7d:10:29:a1:62:15:
a0:da:bf:d1:e0:89:89:9b:bd:5e:d3:68:a9:e4:ed:
3a:d2:00:9f:b9:b8:f3:3c:42:23:35:a2:f9:f3:10:
74:c4:84:55:18:69:f7:19:0d:90:65:7c:2f:6c:69:
d7:f7:0b:54:bf:de:db:4a:5d:2e:79:fa:53:68:71:
d2:02:8f:8c:6c:f9:b6:54:ae:98:b6:76:ac:39:18:
86:5e:1d:03:4f:3b:50:db:5d:e2:a3:06:7f:65:d1:
cd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:63:52:E4:4D:1E:9B:0F:15:BF:B8:03:7D:33:E9:FA:AC:60:FC:4D
X509v3 Authority Key Identifier:
keyid:07:81:67:5C:C6:4F:AB:2B:84:5D:A7:F5:11:55:49:80:42:EC:E4:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/B4FnXMZPqyuEXaf1EVVJgELs5Gc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4FnXMZPqyuEXaf1EVVJgELs5Gc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CDCB6/67C6AA4A8AF111E698078355C4F9AE02/FC5F913A8AF111E6B4810E56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.128.0/22
103.12.236.0/22
IPv6:
2403:2c40::/32
Signature Algorithm: sha256WithRSAEncryption
63:06:45:93:16:d0:48:74:df:66:2b:44:3c:c8:8b:b8:69:25:
f4:59:24:bf:c7:98:18:91:81:ca:1a:24:61:b5:7b:ce:1b:28:
95:9f:dc:6d:22:82:1e:92:cc:6c:47:b0:45:b2:20:76:d6:9d:
5d:d4:83:16:41:d9:33:14:4b:97:f4:b8:04:be:f0:f2:6e:0a:
71:8a:c8:26:ac:68:fb:10:36:ff:62:7f:db:41:71:a3:32:e8:
25:3f:89:65:2d:59:fd:5f:f3:f7:a3:5c:a9:7e:41:98:72:e3:
05:08:ad:8a:ee:e6:31:11:5a:4f:b3:fd:aa:f2:0f:dd:cf:13:
33:45:23:e2:f3:8b:a7:f7:5a:7a:f8:ca:cc:d9:76:d4:20:c4:
da:4e:7b:71:64:39:12:9a:08:c6:20:a3:39:c2:42:7f:19:04:
ff:5a:04:c0:92:1f:5a:37:c0:43:2b:33:c1:de:d2:85:67:b2:
8f:e7:9d:48:b9:55:92:3a:f0:a5:0a:07:e8:b0:8a:55:dc:b8:
09:87:63:8b:0b:f6:91:cd:57:c3:62:a1:1a:6d:f3:cf:c9:72:
f4:ef:52:3d:88:43:2a:86:52:07:33:03:27:7c:d7:16:c7:4e:
04:5d:c9:9a:66:8d:cd:66:cf:03:7d:94:d0:f9:b3:fb:d5:3d:
91:e0:cb:26
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICHAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0RDQjYxMTAvBgNVBAUTKDA3ODE2NzVDQzY0RkFCMkI4NDVEQTdGNTExNTU0OTgw
NDJFQ0U0NjcwHhcNMjIwOTIzMDQ1MzI5WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzJkM2JjOC1mYmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ehaV+4fqZSMtPIcpVKLgvBbzfcs5yEZMXLk28ROH6TpUT7V7ruacS+zgS3i
NqAcs7whHCV9hmv6wu+v0BDOy5ooAe0kxm1QsCIyeZNMyMWZLRCKkjPJOGeT0RIQ
pUKUnPVzc3z6KF4/jh5hFy9EPIG2Bi7SpKoLdG/UDW83nnKnINxfe1MU4LEXlQ8P
a4gQ7wISUMpHV5258JO4JjR9ECmhYhWg2r/R4ImJm71e02ip5O060gCfubjzPEIj
NaL58xB0xIRVGGn3GQ2QZXwvbGnX9wtUv97bSl0uefpTaHHSAo+MbPm2VK6Ytnas
ORiGXh0DTztQ213iowZ/ZdHNHwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKpjUuRN
HpsPFb+4A30z6fqsYPxNMB8GA1UdIwQYMBaAFAeBZ1zGT6srhF2n9RFVSYBC7ORn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRENCNi82N0M2QUE0QThB
RjExMUU2OTgwNzgzNTVDNEY5QUUwMi9CNEZuWE1aUHF5dUVYYWYxRVZWSmdFTHM1
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I0Rm5YTVpQcXl1RVhhZjFFVlZKZ0VMczVHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0RDQjYvNjdDNkFBNEE4QUYxMTFFNjk4MDc4MzU1QzRGOUFFMDIvRkM1RjkxM0E4
QUYxMTFFNkI0ODEwRTU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIt+4ADBAJnDOwwDQQCAAIwBwMFACQDLEAwDQYJKoZIhvcN
AQELBQADggEBAGMGRZMW0Eh032YrRDzIi7hpJfRZJL/HmBiRgcoaJGG1e84bKJWf
3G0igh6SzGxHsEWyIHbWnV3UgxZB2TMUS5f0uAS+8PJuCnGKyCasaPsQNv9if9tB
caMy6CU/iWUtWf1f8/ejXKl+QZhy4wUIrYru5jERWk+z/aryD93PEzNFI+Lzi6f3
Wnr4yszZdtQgxNpOe3FkORKaCMYgoznCQn8ZBP9aBMCSH1o3wEMrM8He0oVnso/n
nUi5VZI68KUKB+iwilXcuAmHY4sL9pHNV8NioRpt88/JcvTvUj2IQyqGUgczAyd8
1xbHTgRdyZpmjc1mzwN9lND5s/vVPZHgyyY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org