Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/440E1B10FE4911ED9352E438C4F9AE02.roa
File: 440E1B10FE4911ED9352E438C4F9AE02.roa (raw, json)
Hash identifier: NtE39kkb7qf6LqphLydI0wJ+dej9t9btwzx3/MQnK2Y=
Subject key identifier: AC:16:B4:D5:36:5D:CE:6F:CA:65:17:84:AA:57:78:3A:55:B4:04:B6
Certificate issuer: /CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4
Certificate serial: 0B1D
Authority key identifier: 48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/440E1B10FE4911ED9352E438C4F9AE02.roa
Signing time: Thu 01 Jun 2023 04:10:36 +0000
ROA not before: Thu 01 Jun 2023 04:10:36 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 394881
IP address blocks: 45.119.4.0/24 maxlen: 24
103.133.92.0/24 maxlen: 24
103.133.94.0/24 maxlen: 24
203.23.176.0/24 maxlen: 24
203.23.177.0/24 maxlen: 24
203.34.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2845 (0xb1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4
Validity
Not Before: Jun 1 04:10:36 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=64781a3c-f90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:47:37:f2:66:d0:66:f0:51:e9:15:c5:ac:09:
69:65:6a:73:b9:7f:e0:a6:76:e2:ac:17:5a:34:cd:
d6:2b:cf:6f:78:d5:9d:44:28:9f:9d:f7:25:2e:6c:
88:ee:11:b7:e2:4c:a6:2f:6d:2e:de:9e:d8:ef:cc:
e2:5a:6d:19:de:69:00:2d:34:a1:98:88:8f:85:49:
2f:5d:27:2f:dc:07:77:31:c3:b4:f6:eb:81:d9:ca:
d8:07:99:67:7c:83:99:92:a3:31:4f:41:24:3a:09:
6c:b7:ee:05:2b:77:e9:02:5a:68:eb:f2:d0:35:42:
f2:31:40:66:c1:54:c1:1d:76:ba:83:b6:da:aa:16:
7f:9b:4e:b1:f6:75:7e:d9:ac:1f:6b:98:b4:0a:9f:
1f:37:56:83:ce:12:3a:21:b6:87:36:b4:07:5b:63:
4d:a8:f0:00:c9:ff:cc:2e:28:59:f5:80:f7:57:68:
99:54:00:12:61:f7:6d:9d:5a:4f:ee:ec:ca:8f:19:
66:d4:bc:a8:1b:ed:6d:6e:1b:e2:ae:b1:e1:15:cb:
ac:35:94:90:a5:0d:3e:f5:74:8f:c7:e8:91:a2:ed:
4b:b3:0b:a9:1d:4a:e3:5f:c4:19:2b:12:5d:cf:c6:
b8:ed:57:eb:fc:41:8c:fb:85:b7:6d:6e:d0:fe:e8:
da:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:16:B4:D5:36:5D:CE:6F:CA:65:17:84:AA:57:78:3A:55:B4:04:B6
X509v3 Authority Key Identifier:
keyid:48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/440E1B10FE4911ED9352E438C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.4.0/24
103.133.92.0/24
103.133.94.0/24
203.23.176.0/23
203.34.110.0/24
Signature Algorithm: sha256WithRSAEncryption
60:fd:08:1d:53:ea:70:ac:a7:5e:00:35:95:91:31:3f:79:d1:
4b:6f:bf:06:b9:39:fe:30:85:bd:3c:a0:2d:14:ec:d5:cc:87:
f5:a9:32:2a:b7:65:a1:c1:5f:66:c2:f3:84:29:d3:2b:0c:0e:
20:e7:66:4d:34:42:cb:4b:e9:93:c6:6b:74:93:e6:38:36:2a:
47:8c:67:e0:3f:a1:fc:61:ec:c0:79:0e:e3:ba:5b:cf:a1:b3:
be:95:be:67:d2:b8:0e:20:14:e9:67:bd:5d:1e:98:4d:7a:8e:
c9:1c:43:6a:ad:e4:55:f1:95:55:0f:69:2e:64:d8:8e:31:56:
b6:fd:dc:77:82:f8:e1:08:a8:5a:20:fc:c5:ba:af:ef:51:e6:
48:9c:12:92:d0:74:84:8c:63:13:92:ad:e0:f1:31:07:4e:a3:
b9:b7:d1:22:8b:a8:37:ed:c0:3a:aa:8b:08:04:46:8d:44:09:
84:1c:ad:25:57:09:87:64:47:a6:0a:c5:85:b2:8c:6d:ed:7e:
1d:bb:51:69:e3:62:7f:98:23:82:98:5e:92:8a:52:ba:a1:5f:
53:f7:43:9d:a4:ee:cb:40:08:3a:8d:98:02:1b:36:d5:5a:48:
30:a8:e3:0d:71:f5:38:6d:2f:44:48:a6:5f:22:ae:6b:2b:21:
e7:a2:61:84
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICCx0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzRFQjUxMTAvBgNVBAUTKDQ4RTk5ODUxQzE4OUZBOTIxQjg2NjY0RTMwQkM1N0My
MEVEMUE4QzQwHhcNMjMwNjAxMDQxMDM2WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4MWEzYy1mOTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1kc38mbQZvBR6RXFrAlpZWpzuX/gpnbirBdaNM3WK89veNWdRCifnfclLmyI
7hG34kymL20u3p7Y78ziWm0Z3mkALTShmIiPhUkvXScv3Ad3McO09uuB2crYB5ln
fIOZkqMxT0EkOglst+4FK3fpAlpo6/LQNULyMUBmwVTBHXa6g7baqhZ/m06x9nV+
2awfa5i0Cp8fN1aDzhI6IbaHNrQHW2NNqPAAyf/MLihZ9YD3V2iZVAASYfdtnVpP
7uzKjxlm1LyoG+1tbhvirrHhFcusNZSQpQ0+9XSPx+iRou1LswupHUrjX8QZKxJd
z8a47Vfr/EGM+4W3bW7Q/ujaVQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKwWtNU2
Xc5vymUXhKpXeDpVtAS2MB8GA1UdIwQYMBaAFEjpmFHBifqSG4ZmTjC8V8IO0ajE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEVCNS9BRkVBMjlDMjA2
MTkxMUVBODU0QTM1MTZDNEY5QUUwMi9TT21ZVWNHSi1wSWJobVpPTUx4WHdnN1Jx
TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NPbVlVY0dKLXBJYmhtWk9NTHhYd2c3UnFNUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzRFQjUvQUZFQTI5QzIwNjE5MTFFQTg1NEEzNTE2QzRGOUFFMDIvNDQwRTFCMTBG
RTQ5MTFFRDkzNTJFNDM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAtdwQDBABnhVwDBABnhV4DBAHLF7ADBADLIm4wDQYJKoZI
hvcNAQELBQADggEBAGD9CB1T6nCsp14ANZWRMT950Utvvwa5Of4whb08oC0U7NXM
h/WpMiq3ZaHBX2bC84Qp0ysMDiDnZk00QstL6ZPGa3ST5jg2KkeMZ+A/ofxh7MB5
DuO6W8+hs76VvmfSuA4gFOlnvV0emE16jskcQ2qt5FXxlVUPaS5k2I4xVrb93HeC
+OEIqFog/MW6r+9R5kicEpLQdISMYxOSreDxMQdOo7m30SKLqDftwDqqiwgERo1E
CYQcrSVXCYdkR6YKxYWyjG3tfh27UWnjYn+YI4KYXpKKUrqhX1P3Q52k7stACDqN
mAIbNtVaSDCo4w1x9ThtL0RIpl8irmsrIeeiYYQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org