Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916E2DC/6D89644A6AE711ED94B44C87C4F9AE02/F87B51746C7411EDAF1A9C37C4F9AE02.roa
File: F87B51746C7411EDAF1A9C37C4F9AE02.roa (raw, json)
Hash identifier: K+TxNUey/PCl0SIsy6dqz/FnqbsfZB0p4XRHVzbGkUw=
Subject key identifier: CE:69:B9:B4:3F:91:A3:58:57:E4:5D:42:42:27:9E:60:C0:EC:52:9B
Certificate issuer: /CN=A916E2DC/serialNumber=9FAC8AB96A0DA2929FC3D1871BED6F743E8C9577
Certificate serial: 1D
Authority key identifier: 9F:AC:8A:B9:6A:0D:A2:92:9F:C3:D1:87:1B:ED:6F:74:3E:8C:95:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n6yKuWoNopKfw9GHG-1vdD6MlXc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916E2DC/6D89644A6AE711ED94B44C87C4F9AE02/F87B51746C7411EDAF1A9C37C4F9AE02.roa
Signing time: Fri 06 Jan 2023 04:04:29 +0000
ROA not before: Fri 06 Jan 2023 04:04:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149634
IP address blocks: 45.114.160.0/22 maxlen: 22
103.183.64.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916E2DC/serialNumber=9FAC8AB96A0DA2929FC3D1871BED6F743E8C9577
Validity
Not Before: Jan 6 04:04:29 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63b79dcc-2e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cc:c3:c1:13:3b:b7:90:e5:43:60:a3:9e:e3:
ef:f4:70:6b:61:ed:f3:3c:1d:5a:69:0d:3c:d4:7d:
7f:84:cb:84:51:d1:21:5e:5e:f1:95:dc:92:99:6e:
15:d9:77:1e:3d:d4:57:79:65:50:d3:e1:48:4b:b6:
91:97:26:ae:1b:1e:e6:6f:70:84:ad:5f:78:fc:21:
3d:46:d5:ab:91:e5:0e:a9:2c:7b:a9:5d:1e:a0:5a:
b6:33:b3:ac:c8:94:de:82:ed:45:8f:2e:15:9a:59:
a3:86:3c:9b:a1:89:0c:8b:2b:b4:f3:b2:ad:59:0f:
1c:92:40:15:69:e2:de:82:c5:b6:bf:b6:0d:f2:a8:
b2:15:c2:3e:b6:d7:d8:91:98:5b:a1:5c:1c:dd:30:
45:26:9e:ef:d3:d3:4d:a2:e9:e8:64:aa:99:6e:a1:
24:5c:aa:53:21:5a:fa:f9:52:58:63:f7:a3:42:72:
37:b0:5d:a1:5d:d6:a7:2b:eb:b7:ea:8d:40:3f:1e:
28:95:91:85:ad:cb:4c:64:6d:81:1d:a9:1e:9a:45:
02:0e:c8:07:ad:0b:10:df:68:9c:05:27:57:b9:cf:
db:23:48:5c:4e:fd:c8:6e:1c:1e:0e:22:09:8e:6d:
90:70:73:6a:5b:03:a3:9d:f0:ef:a3:1b:e6:47:24:
cf:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:69:B9:B4:3F:91:A3:58:57:E4:5D:42:42:27:9E:60:C0:EC:52:9B
X509v3 Authority Key Identifier:
keyid:9F:AC:8A:B9:6A:0D:A2:92:9F:C3:D1:87:1B:ED:6F:74:3E:8C:95:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916E2DC/6D89644A6AE711ED94B44C87C4F9AE02/n6yKuWoNopKfw9GHG-1vdD6MlXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n6yKuWoNopKfw9GHG-1vdD6MlXc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916E2DC/6D89644A6AE711ED94B44C87C4F9AE02/F87B51746C7411EDAF1A9C37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.160.0/22
103.183.64.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:59:e6:52:ff:a0:35:91:81:5c:35:2b:0f:9c:c4:ae:06:d9:
36:a3:97:a6:d0:11:d8:6a:36:8e:01:48:f5:1c:8a:e5:a5:9d:
45:6d:47:6b:c2:3f:27:b7:6a:cf:ab:0f:e8:e3:c0:21:73:f9:
18:1d:ff:da:16:72:d9:52:48:03:5b:8f:3f:f0:73:a9:a6:06:
4a:e8:ab:1e:04:70:f9:f1:2a:e3:7c:ca:c7:20:e3:f6:2c:eb:
92:24:41:36:db:3f:85:06:83:ca:03:1b:c9:2c:68:3f:cd:84:
67:73:e6:3c:53:25:76:f1:e0:0b:5f:ac:c9:d5:4e:68:ae:2f:
c9:c6:c8:79:c7:8f:ac:d8:2a:f1:39:19:e7:39:e4:9b:ac:1a:
0a:ad:6a:05:8d:6a:82:d4:8c:b7:b3:4e:8b:74:a2:c4:67:e3:
75:68:38:8e:81:d8:33:c3:3a:60:59:65:a1:3c:93:37:9b:62:
20:f0:98:b8:d1:fd:9d:17:03:05:c4:1c:1a:84:28:1d:04:1c:
c7:92:c9:bc:d7:7d:08:24:fc:65:ec:5d:9d:a1:5c:c5:97:ac:
1e:3d:ee:e1:85:0b:c7:81:33:48:70:94:39:b3:bc:92:d8:15:
3c:26:41:e9:f5:b4:aa:d7:81:7f:26:e3:f6:a5:cd:8a:74:b3:
8b:b9:e8:4d
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
RTJEQzExMC8GA1UEBRMoOUZBQzhBQjk2QTBEQTI5MjlGQzNEMTg3MUJFRDZGNzQz
RThDOTU3NzAeFw0yMzAxMDYwNDA0MjlaFw0yMzA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYjc5ZGNjLTJlODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRzMPBEzu3kOVDYKOe4+/0cGth7fM8HVppDTzUfX+Ey4RR0SFeXvGV3JKZbhXZ
dx491Fd5ZVDT4UhLtpGXJq4bHuZvcIStX3j8IT1G1auR5Q6pLHupXR6gWrYzs6zI
lN6C7UWPLhWaWaOGPJuhiQyLK7Tzsq1ZDxySQBVp4t6Cxba/tg3yqLIVwj6219iR
mFuhXBzdMEUmnu/T002i6ehkqpluoSRcqlMhWvr5Ulhj96NCcjewXaFd1qcr67fq
jUA/HiiVkYWty0xkbYEdqR6aRQIOyAetCxDfaJwFJ1e5z9sjSFxO/chuHB4OIgmO
bZBwc2pbA6Od8O+jG+ZHJM8jAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUzmm5tD+R
o1hX5F1CQieeYMDsUpswHwYDVR0jBBgwFoAUn6yKuWoNopKfw9GHG+1vdD6MlXcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZFMkRDLzZEODk2NDRBNkFF
NzExRUQ5NEI0NEM4N0M0RjlBRTAyL242eUt1V29Ob3BLZnc5R0hHLTF2ZEQ2TWxY
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbjZ5S3VXb05vcEtmdzlHSEctMXZkRDZNbFhjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
RTJEQy82RDg5NjQ0QTZBRTcxMUVEOTRCNDRDODdDNEY5QUUwMi9GODdCNTE3NDZD
NzQxMUVEQUYxQTlDMzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAi1yoAMEAWe3QDANBgkqhkiG9w0BAQsFAAOCAQEASlnmUv+g
NZGBXDUrD5zErgbZNqOXptAR2Go2jgFI9RyK5aWdRW1Ha8I/J7dqz6sP6OPAIXP5
GB3/2hZy2VJIA1uPP/BzqaYGSuirHgRw+fEq43zKxyDj9izrkiRBNts/hQaDygMb
ySxoP82EZ3PmPFMldvHgC1+sydVOaK4vycbIecePrNgq8TkZ5znkm6waCq1qBY1q
gtSMt7NOi3SixGfjdWg4joHYM8M6YFlloTyTN5tiIPCYuNH9nRcDBcQcGoQoHQQc
x5LJvNd9CCT8ZexdnaFcxZesHj3u4YULx4EzSHCUObO8ktgVPCZB6fW0qteBfybj
9qXNinSzi7noTQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-fra.rpki-client.org