Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/E3409248FE4011EDB73FB317C4F9AE02.roa
File: E3409248FE4011EDB73FB317C4F9AE02.roa (raw, json)
Hash identifier: g44gxMBEmrN41/Mc2EJl+dJ2FaCbVfK5bKQ+VRI8XjU=
Subject key identifier: 51:91:EF:22:54:7E:CB:14:5C:51:03:CC:D8:75:9F:FA:CF:87:63:E9
Certificate issuer: /CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4
Certificate serial: 0B16
Authority key identifier: 48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/E3409248FE4011EDB73FB317C4F9AE02.roa
Signing time: Mon 29 May 2023 16:50:16 +0000
ROA not before: Mon 29 May 2023 16:50:16 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 394811
IP address blocks: 45.119.4.0/24 maxlen: 24
103.133.92.0/24 maxlen: 24
103.133.94.0/24 maxlen: 24
203.23.176.0/24 maxlen: 24
203.34.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2838 (0xb16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9174EB5/serialNumber=48E99851C189FA921B86664E30BC57C20ED1A8C4
Validity
Not Before: May 29 16:50:16 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=6474d7c8-f7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a9:61:47:0e:af:14:ac:0c:46:3b:4d:18:bd:
02:61:fe:e3:5c:c9:85:80:68:9a:ab:dc:78:25:e7:
6e:70:8b:0b:21:47:3a:d7:5e:ea:a1:41:f2:6c:b2:
d4:bc:c7:33:90:96:9d:40:6f:8e:bc:90:c7:d0:73:
e6:94:c3:07:53:cb:7c:66:e0:67:99:e6:ad:ce:9d:
24:86:83:fc:00:ea:6d:4f:b3:92:a7:f9:91:05:c4:
f4:2f:89:ed:22:05:54:e4:d5:e7:71:8b:67:1a:1d:
7c:24:a5:0a:62:1e:b7:a4:de:25:15:35:b3:02:9e:
94:cf:d0:e3:93:3c:05:5c:16:46:84:85:a3:89:56:
05:f6:f4:58:ac:d7:7c:dc:4e:aa:f3:2b:5a:18:8c:
1d:d0:fb:f3:e3:a8:73:3e:95:48:62:e8:83:95:e7:
34:0c:fc:49:31:1a:db:5f:18:a8:36:9e:1a:b1:77:
bf:07:b8:7d:be:5c:95:c7:80:f5:9a:3e:95:10:52:
e2:3f:28:ba:d8:37:42:70:c6:a2:4e:76:f7:b1:e8:
f0:27:53:81:49:9e:81:6e:f2:f0:7a:64:20:56:e4:
77:cf:58:62:de:5d:c6:ec:26:61:82:2d:b8:06:09:
10:bc:ad:e6:5f:84:14:bb:d4:73:a8:fe:db:9d:3d:
56:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:91:EF:22:54:7E:CB:14:5C:51:03:CC:D8:75:9F:FA:CF:87:63:E9
X509v3 Authority Key Identifier:
keyid:48:E9:98:51:C1:89:FA:92:1B:86:66:4E:30:BC:57:C2:0E:D1:A8:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SOmYUcGJ-pIbhmZOMLxXwg7RqMQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174EB5/AFEA29C2061911EA854A3516C4F9AE02/E3409248FE4011EDB73FB317C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.4.0/24
103.133.92.0/24
103.133.94.0/24
203.23.176.0/24
203.34.110.0/24
Signature Algorithm: sha256WithRSAEncryption
20:e0:29:5c:11:b8:dd:95:2a:bc:a4:fc:00:cf:f2:9d:0c:3f:
13:fb:09:9e:ed:45:99:b8:0a:52:5d:fa:0a:82:d9:eb:64:26:
48:88:22:f0:99:b9:dc:17:98:aa:d6:34:6b:c5:71:d2:65:d8:
39:a1:da:5c:91:26:2b:df:7d:7a:72:b8:66:c5:63:ef:57:fe:
57:0f:20:2e:cf:31:1a:a7:82:11:99:33:37:48:b3:9e:9d:8a:
87:9d:f9:0a:a6:89:b8:77:c6:1d:fb:44:82:c0:bf:99:1c:d1:
6e:45:f1:d1:8a:38:1f:6b:6f:fb:26:4f:85:a5:0f:89:5f:78:
01:17:b4:e3:55:3e:58:ab:30:7b:f8:99:38:40:af:91:45:ba:
b7:d0:d3:88:91:6c:04:47:d6:71:69:79:16:50:6b:03:95:55:
69:27:4d:77:fe:fe:a8:57:9d:20:d4:91:0e:f6:79:54:5f:85:
01:f7:c6:8e:ea:7e:28:f4:d9:0e:56:5c:2e:d5:1e:a2:87:c7:
52:04:e4:40:b1:b4:9c:6f:74:18:be:59:f2:44:09:86:c4:7a:
c1:2e:fa:2c:9a:5f:bc:d6:63:e7:e8:3b:ad:15:76:6f:64:f2:
5e:25:62:fc:94:fb:47:f1:d8:0b:3a:30:33:d4:36:7a:9a:9a:
0c:96:49:0e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICCxYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzRFQjUxMTAvBgNVBAUTKDQ4RTk5ODUxQzE4OUZBOTIxQjg2NjY0RTMwQkM1N0My
MEVEMUE4QzQwHhcNMjMwNTI5MTY1MDE2WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc0ZDdjOC1mN2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6lhRw6vFKwMRjtNGL0CYf7jXMmFgGiaq9x4JeducIsLIUc6117qoUHybLLU
vMczkJadQG+OvJDH0HPmlMMHU8t8ZuBnmeatzp0khoP8AOptT7OSp/mRBcT0L4nt
IgVU5NXncYtnGh18JKUKYh63pN4lFTWzAp6Uz9DjkzwFXBZGhIWjiVYF9vRYrNd8
3E6q8ytaGIwd0Pvz46hzPpVIYuiDlec0DPxJMRrbXxioNp4asXe/B7h9vlyVx4D1
mj6VEFLiPyi62DdCcMaiTnb3sejwJ1OBSZ6BbvLwemQgVuR3z1hi3l3G7CZhgi24
BgkQvK3mX4QUu9RzqP7bnT1WMwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFGR7yJU
fssUXFEDzNh1n/rPh2PpMB8GA1UdIwQYMBaAFEjpmFHBifqSG4ZmTjC8V8IO0ajE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEVCNS9BRkVBMjlDMjA2
MTkxMUVBODU0QTM1MTZDNEY5QUUwMi9TT21ZVWNHSi1wSWJobVpPTUx4WHdnN1Jx
TVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NPbVlVY0dKLXBJYmhtWk9NTHhYd2c3UnFNUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzRFQjUvQUZFQTI5QzIwNjE5MTFFQTg1NEEzNTE2QzRGOUFFMDIvRTM0MDkyNDhG
RTQwMTFFREI3M0ZCMzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAtdwQDBABnhVwDBABnhV4DBADLF7ADBADLIm4wDQYJKoZI
hvcNAQELBQADggEBACDgKVwRuN2VKryk/ADP8p0MPxP7CZ7tRZm4ClJd+gqC2etk
JkiIIvCZudwXmKrWNGvFcdJl2Dmh2lyRJivffXpyuGbFY+9X/lcPIC7PMRqnghGZ
MzdIs56dioed+Qqmibh3xh37RILAv5kc0W5F8dGKOB9rb/smT4WlD4lfeAEXtONV
PlirMHv4mThAr5FFurfQ04iRbARH1nFpeRZQawOVVWknTXf+/qhXnSDUkQ72eVRf
hQH3xo7qfij02Q5WXC7VHqKHx1IE5ECxtJxvdBi+WfJECYbEesEu+iyaX7zWY+fo
O60Vdm9k8l4lYvyU+0fx2As6MDPUNnqamgyWSQ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-ams.rpki-client.org