Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D99A/178822DA1D8511E2A82A7CDB08B02CD2/1C01D5AABFB811E8BA9C6934C4F9AE02.roa
File: 1C01D5AABFB811E8BA9C6934C4F9AE02.roa (raw, json)
Hash identifier: D+Xd66MVOv2ck9sm+0+X3QCT1MDSqNsnhbQXMk8lovE=
Subject key identifier: 84:1F:F2:B8:92:46:06:45:89:AE:A1:E7:B4:99:C5:7D:10:04:10:18
Certificate issuer: /CN=A915D99A/serialNumber=D17D77CB0C89B994CDDACBA275270A1E74DCAA27
Certificate serial: 32F7
Authority key identifier: D1:7D:77:CB:0C:89:B9:94:CD:DA:CB:A2:75:27:0A:1E:74:DC:AA:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0X13ywyJuZTN2suidScKHnTcqic.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D99A/178822DA1D8511E2A82A7CDB08B02CD2/1C01D5AABFB811E8BA9C6934C4F9AE02.roa
Signing time: Mon 05 Dec 2022 07:40:22 +0000
ROA not before: Mon 05 Dec 2022 07:40:22 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 17660
IP address blocks: 45.64.248.0/22 maxlen: 22
103.245.240.0/22 maxlen: 22
103.245.242.0/23 maxlen: 23
103.245.243.0/24 maxlen: 24
119.2.96.0/19 maxlen: 19
202.144.128.0/19 maxlen: 19
202.144.128.0/19 maxlen: 24
202.144.128.0/20 maxlen: 20
202.144.144.0/20 maxlen: 20
2405:d000::/32 maxlen: 32
2405:d000::/32 maxlen: 48
2405:d000:7000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13047 (0x32f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D99A/serialNumber=D17D77CB0C89B994CDDACBA275270A1E74DCAA27
Validity
Not Before: Dec 5 07:40:22 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=638da065-a6f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9e:74:cf:de:2f:60:04:61:a9:dc:63:d8:b2:
d1:13:1b:fd:44:a0:0c:75:9c:fd:25:b6:5f:b7:a7:
0f:02:40:20:d1:d1:e8:80:98:47:a3:77:57:7d:8b:
ec:33:b2:a2:01:2b:61:61:2f:c3:4c:5e:37:f2:01:
e6:34:d7:75:0c:de:44:7d:71:0a:d3:45:8c:e9:51:
48:b6:a2:e2:b3:5d:a8:95:e4:03:cc:e3:46:01:f5:
37:13:4d:56:28:27:ae:d2:57:ac:57:f3:6b:34:9e:
e9:2c:7e:2c:12:07:b6:08:c2:cc:61:91:77:3d:cf:
bf:5b:7d:0d:d0:bb:2a:fd:d6:3f:99:35:4e:da:d8:
8f:96:a2:a0:15:a2:b7:24:34:a7:a7:5e:a0:19:a3:
79:bd:2f:92:de:ea:80:c1:3e:d4:74:b4:1b:2a:0d:
00:92:0f:bd:dd:2b:d0:3e:fd:26:85:34:3b:f0:af:
6e:60:e2:51:f7:c9:3f:9b:fc:e1:d4:1f:8e:11:12:
9a:00:ba:bf:7a:c6:75:33:f2:4e:e5:a5:9e:b3:03:
e9:96:91:b4:11:35:96:69:08:3d:6b:e4:01:70:6e:
4c:a2:6b:d9:12:0e:9f:77:1d:5d:cf:25:3f:db:18:
bb:07:ca:9d:1e:15:ba:fc:ec:09:c1:dd:ee:af:52:
b8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1F:F2:B8:92:46:06:45:89:AE:A1:E7:B4:99:C5:7D:10:04:10:18
X509v3 Authority Key Identifier:
keyid:D1:7D:77:CB:0C:89:B9:94:CD:DA:CB:A2:75:27:0A:1E:74:DC:AA:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D99A/178822DA1D8511E2A82A7CDB08B02CD2/0X13ywyJuZTN2suidScKHnTcqic.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0X13ywyJuZTN2suidScKHnTcqic.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D99A/178822DA1D8511E2A82A7CDB08B02CD2/1C01D5AABFB811E8BA9C6934C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.248.0/22
103.245.240.0/22
119.2.96.0/19
202.144.128.0/19
IPv6:
2405:d000::/32
Signature Algorithm: sha256WithRSAEncryption
82:ce:06:63:2e:13:b9:75:31:ef:af:f3:c8:1e:46:3d:f6:3d:
b4:0c:2b:b6:55:c7:50:c5:8f:1e:f4:3e:b4:6c:6f:29:2a:91:
d4:d3:61:5a:9e:a5:57:c1:ac:ef:6c:f9:3f:e7:90:d5:d0:85:
76:ef:86:e9:a7:ba:b6:a7:14:5e:1d:27:f5:6a:3e:c9:3c:89:
0b:04:17:51:11:d7:de:c9:5f:6c:45:e1:2c:16:26:10:82:88:
51:dd:00:4d:20:a8:cd:90:8b:fe:e9:6c:db:6e:c9:dc:f9:e7:
d6:d8:ef:d5:24:9b:3a:e6:69:b0:09:03:ff:85:5a:ab:37:f2:
d4:20:2a:19:04:38:18:22:2d:e6:e6:2d:3e:86:38:89:35:88:
e4:12:0a:b1:ee:dc:64:81:db:a3:15:bd:6a:f3:40:9f:39:7d:
a6:98:cb:70:39:c6:a8:99:24:9b:2a:1d:a0:1d:dd:9b:cb:8b:
50:81:5b:e0:a2:8c:ee:2b:22:65:0d:02:db:47:f3:78:0a:eb:
34:32:c3:75:5e:65:7b:50:0b:f8:a4:fc:21:71:79:80:81:e3:
e0:f8:a9:87:70:40:2a:df:1c:ef:a7:32:5a:61:23:2d:16:a2:
9b:67:e7:c3:ca:9c:4f:9f:11:ce:2a:bf:bb:ed:22:6a:ce:15:
c0:d7:7f:9f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICMvcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ5OUExMTAvBgNVBAUTKEQxN0Q3N0NCMEM4OUI5OTRDRERBQ0JBMjc1MjcwQTFF
NzREQ0FBMjcwHhcNMjIxMjA1MDc0MDIyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzhkYTA2NS1hNmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4550z94vYARhqdxj2LLRExv9RKAMdZz9JbZft6cPAkAg0dHogJhHo3dXfYvs
M7KiASthYS/DTF438gHmNNd1DN5EfXEK00WM6VFItqLis12oleQDzONGAfU3E01W
KCeu0lesV/NrNJ7pLH4sEge2CMLMYZF3Pc+/W30N0Lsq/dY/mTVO2tiPlqKgFaK3
JDSnp16gGaN5vS+S3uqAwT7UdLQbKg0Akg+93SvQPv0mhTQ78K9uYOJR98k/m/zh
1B+OERKaALq/esZ1M/JO5aWeswPplpG0ETWWaQg9a+QBcG5MomvZEg6fdx1dzyU/
2xi7B8qdHhW6/OwJwd3ur1K4aQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIQf8riS
RgZFia6h57SZxX0QBBAYMB8GA1UdIwQYMBaAFNF9d8sMibmUzdrLonUnCh503Kon
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDk5QS8xNzg4MjJEQTFE
ODUxMUUyQTgyQTdDREIwOEIwMkNEMi8wWDEzeXd5SnVaVE4yc3VpZFNjS0huVGNx
aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBYMTN5d3lKdVpUTjJzdWlkU2NLSG5UY3FpYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ5OUEvMTc4ODIyREExRDg1MTFFMkE4MkE3Q0RCMDhCMDJDRDIvMUMwMUQ1QUFC
RkI4MTFFOEJBOUM2OTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAItQPgDBAJn9fADBAV3AmADBAXKkIAwDQQCAAIwBwMFACQF
0AAwDQYJKoZIhvcNAQELBQADggEBAILOBmMuE7l1Me+v88geRj32PbQMK7ZVx1DF
jx70PrRsbykqkdTTYVqepVfBrO9s+T/nkNXQhXbvhumnuranFF4dJ/VqPsk8iQsE
F1ER197JX2xF4SwWJhCCiFHdAE0gqM2Qi/7pbNtuydz559bY79UkmzrmabAJA/+F
Wqs38tQgKhkEOBgiLebmLT6GOIk1iOQSCrHu3GSB26MVvWrzQJ85faaYy3A5xqiZ
JJsqHaAd3ZvLi1CBW+CijO4rImUNAttH83gK6zQyw3VeZXtQC/ik/CFxeYCB4+D4
qYdwQCrfHO+nMlphIy0Woptn58PKnE+fEc4qv7vtImrOFcDXf58=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:41 2023 by rpki-client on console-ams.rpki-client.org