Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/800DAC6EBEE111ECBFC4F882C4F9AE02.roa
File: 800DAC6EBEE111ECBFC4F882C4F9AE02.roa (raw, json)
Hash identifier: Znj0po+zqw3pahasEgnVpp3WfTTPRk6fag/DKs8CMzM=
Subject key identifier: 53:02:C9:0E:17:AB:4E:AB:5D:B3:54:B3:5A:7D:58:CF:8A:BF:3C:75
Certificate issuer: /CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845
Certificate serial: 01F5
Authority key identifier: 52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/800DAC6EBEE111ECBFC4F882C4F9AE02.roa
Signing time: Fri 29 Jul 2022 15:52:52 +0000
ROA not before: Fri 29 Jul 2022 15:52:52 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 133660
IP address blocks: 45.112.200.0/22 maxlen: 22
45.112.200.0/23 maxlen: 23
45.112.200.0/24 maxlen: 24
45.112.201.0/24 maxlen: 24
45.112.202.0/23 maxlen: 23
45.112.202.0/24 maxlen: 24
45.112.203.0/24 maxlen: 24
103.42.84.0/22 maxlen: 22
103.42.84.0/23 maxlen: 23
103.42.84.0/24 maxlen: 24
103.42.85.0/24 maxlen: 24
103.42.86.0/23 maxlen: 23
103.42.86.0/24 maxlen: 24
103.42.87.0/24 maxlen: 24
103.150.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 501 (0x1f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845
Validity
Not Before: Jul 29 15:52:52 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=62e40253-78df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:88:c5:7e:5c:70:f9:17:5c:f6:fa:11:8d:89:
0b:8b:71:aa:19:a7:6f:f3:cf:98:85:79:00:29:d2:
19:ac:a2:11:8c:b7:07:aa:b7:c8:3d:ba:03:ca:09:
12:e3:0c:47:60:0e:71:32:4d:66:ef:4e:81:6c:e9:
97:4c:80:88:2a:b3:f5:07:7f:c7:a3:05:99:ca:dd:
45:54:e7:3f:1c:63:45:1d:e5:0b:f5:11:6b:7d:24:
8a:cb:5a:c5:10:ec:86:52:23:3a:a8:8c:0d:f1:0d:
b6:ab:ec:25:f4:d6:eb:c3:64:03:60:3a:a9:ca:7d:
96:37:95:91:3c:c5:f5:e2:cb:90:3a:c2:62:03:81:
30:27:df:0e:c7:dd:b1:42:30:49:be:91:8e:8c:4d:
52:db:59:4f:16:dc:46:0c:d3:69:a9:8e:4b:48:38:
e8:50:91:4e:21:3b:79:ed:95:93:b4:9f:f5:19:68:
1b:73:19:81:ad:3d:50:f6:16:c7:00:96:e4:ba:85:
cf:bd:80:ee:0a:a6:4d:b6:fe:fd:fa:9f:42:ea:68:
16:21:eb:23:01:72:44:12:c7:55:fb:e0:a9:61:92:
2e:07:3b:3e:15:63:0e:b9:79:c6:99:f0:e2:c2:81:
ac:b8:06:db:a7:80:28:6a:6e:1b:cb:fb:83:de:c3:
ca:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:02:C9:0E:17:AB:4E:AB:5D:B3:54:B3:5A:7D:58:CF:8A:BF:3C:75
X509v3 Authority Key Identifier:
keyid:52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/800DAC6EBEE111ECBFC4F882C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.200.0/22
103.42.84.0/22
103.150.153.0/24
Signature Algorithm: sha256WithRSAEncryption
34:af:37:0c:e7:17:5f:91:20:f4:e3:27:07:9c:1b:ce:40:a0:
3e:91:7e:35:0c:e8:85:97:28:82:62:ab:23:a1:98:d0:ea:97:
b1:ff:63:35:3d:ab:6f:21:98:8a:14:de:09:13:29:1f:89:80:
80:8d:91:ce:8d:15:c6:97:bb:74:81:f5:15:d9:85:5e:b8:f8:
a7:68:ea:9e:d7:f3:10:f2:3d:1e:e4:43:f9:78:e0:cc:df:07:
a9:58:88:46:60:94:6a:47:9b:75:6c:77:17:98:c4:1d:f2:e5:
05:50:92:11:d8:00:13:6c:ed:04:2e:ba:47:02:63:e0:cf:be:
87:50:58:6e:3b:72:6a:ba:45:12:22:b2:3f:9d:64:b5:28:e6:
68:37:f4:13:81:0a:21:88:9b:cc:b1:3b:1d:72:26:5e:16:f9:
bc:34:54:1f:7d:2d:3d:ad:31:b5:6b:3b:33:4b:ab:34:58:7e:
d4:83:12:34:2a:c9:8b:3a:dc:66:16:88:8a:4c:3e:f2:eb:6e:
81:d3:1c:e4:94:d8:c3:b8:b9:84:cd:6c:fb:fd:6b:56:a4:97:
8b:f2:c6:d6:a8:14:b5:b9:80:98:7f:09:59:a8:78:d9:44:36:
d9:7d:a1:19:e3:94:b5:c9:a9:3d:f1:29:ed:40:07:24:67:b9:
1c:d9:92:99
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAfUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTk0NjcxMTAvBgNVBAUTKDUyQkU5RERFOTU2OEZFNEFEQ0EwRjM0NUIzNjE3QTYz
QzMwNzU4NDUwHhcNMjIwNzI5MTU1MjUyWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU0MDI1My03OGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4IjFflxw+Rdc9voRjYkLi3GqGadv88+YhXkAKdIZrKIRjLcHqrfIPboDygkS
4wxHYA5xMk1m706BbOmXTICIKrP1B3/HowWZyt1FVOc/HGNFHeUL9RFrfSSKy1rF
EOyGUiM6qIwN8Q22q+wl9Nbrw2QDYDqpyn2WN5WRPMX14suQOsJiA4EwJ98Ox92x
QjBJvpGOjE1S21lPFtxGDNNpqY5LSDjoUJFOITt57ZWTtJ/1GWgbcxmBrT1Q9hbH
AJbkuoXPvYDuCqZNtv79+p9C6mgWIesjAXJEEsdV++CpYZIuBzs+FWMOuXnGmfDi
woGsuAbbp4Aoam4by/uD3sPKwQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFMCyQ4X
q06rXbNUs1p9WM+Kvzx1MB8GA1UdIwQYMBaAFFK+nd6VaP5K3KDzRbNhemPDB1hF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTQ2Ny83NzBCNEYxQTUy
NkYxMUVDQkM1MEVCMTdDNEY5QUUwMi9VcjZkM3BWb19rcmNvUE5GczJGNlk4TUhX
RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VyNmQzcFZvX2tyY29QTkZzMkY2WThNSFdFVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTk0NjcvNzcwQjRGMUE1MjZGMTFFQ0JDNTBFQjE3QzRGOUFFMDIvODAwREFDNkVC
RUUxMTFFQ0JGQzRGODgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAItcMgDBAJnKlQDBABnlpkwDQYJKoZIhvcNAQELBQADggEB
ADSvNwznF1+RIPTjJwecG85AoD6RfjUM6IWXKIJiqyOhmNDql7H/YzU9q28hmIoU
3gkTKR+JgICNkc6NFcaXu3SB9RXZhV64+Kdo6p7X8xDyPR7kQ/l44MzfB6lYiEZg
lGpHm3VsdxeYxB3y5QVQkhHYABNs7QQuukcCY+DPvodQWG47cmq6RRIisj+dZLUo
5mg39BOBCiGIm8yxOx1yJl4W+bw0VB99LT2tMbVrOzNLqzRYftSDEjQqyYs63GYW
iIpMPvLrboHTHOSU2MO4uYTNbPv9a1akl4vyxtaoFLW5gJh/CVmoeNlENtl9oRnj
lLXJqT3xKe1AByRnuRzZkpk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org