Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/0C5D2D4E145911EDAD1BE030C4F9AE02.roa
File: 0C5D2D4E145911EDAD1BE030C4F9AE02.roa (raw, json)
Hash identifier: HTFXh86WYxqKm6TuHKl1B1/7JTqgVstHnBPGQRW7olw=
Subject key identifier: 98:88:D2:6B:56:5F:8F:F0:C4:B1:26:5F:91:4C:BA:04:A7:22:3E:EE
Certificate issuer: /CN=A91776E4/serialNumber=5699A6F52F90057382CDE96F76526F7FCA0193A3
Certificate serial: E6
Authority key identifier: 56:99:A6:F5:2F:90:05:73:82:CD:E9:6F:76:52:6F:7F:CA:01:93:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vpmm9S-QBXOCzelvdlJvf8oBk6M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/0C5D2D4E145911EDAD1BE030C4F9AE02.roa
Signing time: Thu 29 Sep 2022 05:25:00 +0000
ROA not before: Thu 29 Sep 2022 05:25:00 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 132721
IP address blocks: 45.125.216.0/24 maxlen: 24
45.125.217.0/24 maxlen: 24
45.125.218.0/24 maxlen: 24
45.125.219.0/24 maxlen: 24
103.93.46.0/24 maxlen: 24
103.98.112.0/24 maxlen: 24
103.98.114.0/24 maxlen: 24
103.98.115.0/24 maxlen: 24
103.194.104.0/24 maxlen: 24
103.194.105.0/24 maxlen: 24
103.194.106.0/24 maxlen: 24
103.194.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230 (0xe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91776E4/serialNumber=5699A6F52F90057382CDE96F76526F7FCA0193A3
Validity
Not Before: Sep 29 05:25:00 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63352c2c-af0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:22:d6:6c:4a:34:4a:58:69:8d:2e:20:d5:
0a:b1:f1:a2:d1:c9:0f:41:d6:39:8e:02:5a:4a:66:
d7:f9:d1:ea:a5:7a:a3:ba:38:38:54:8d:df:fc:a5:
f0:6c:c1:bc:de:33:ea:b7:1d:5d:0b:5f:c8:ed:b0:
6e:5e:6e:6f:15:f5:fd:28:37:1f:5f:e1:0d:87:26:
f4:c2:b5:6e:7d:73:7b:43:46:37:e1:9b:a2:76:c1:
eb:fd:44:b2:dc:60:a7:cc:fe:17:76:6c:b1:35:6f:
42:13:b4:7e:21:e9:3e:d1:51:5f:c2:6f:03:79:d0:
65:4f:af:7f:70:87:90:2d:66:84:f4:c8:9c:1c:32:
33:fb:58:c5:57:38:2a:aa:cb:0c:fb:51:4d:91:94:
fb:e9:34:e3:78:c8:71:a3:ef:9e:de:72:af:fe:9e:
d8:f3:b3:81:d3:de:27:d1:c2:7f:ed:ee:eb:7c:e9:
92:bb:20:2e:04:9e:25:58:a2:2e:10:97:e8:52:0a:
fa:9a:f5:71:20:5c:4f:80:32:a6:67:ba:7f:13:0f:
81:11:c8:7b:d5:ca:b8:bd:52:d0:39:73:0a:68:36:
4f:f3:d6:a3:3e:f6:41:f8:03:82:b5:84:81:c4:66:
9f:a1:b2:ea:93:21:58:a5:d7:a5:0e:85:ed:7a:75:
72:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:88:D2:6B:56:5F:8F:F0:C4:B1:26:5F:91:4C:BA:04:A7:22:3E:EE
X509v3 Authority Key Identifier:
keyid:56:99:A6:F5:2F:90:05:73:82:CD:E9:6F:76:52:6F:7F:CA:01:93:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/Vpmm9S-QBXOCzelvdlJvf8oBk6M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vpmm9S-QBXOCzelvdlJvf8oBk6M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91776E4/47428870E9F011ECA8358A84C4F9AE02/0C5D2D4E145911EDAD1BE030C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.216.0/22
103.93.46.0/24
103.98.112.0/24
103.98.114.0/23
103.194.104.0/22
Signature Algorithm: sha256WithRSAEncryption
17:5d:05:af:b1:58:b4:d2:0c:68:45:a0:09:ef:fe:ce:95:ef:
2e:94:b3:f7:43:e6:2d:f4:24:59:33:72:27:e8:55:f6:7f:f6:
84:f4:94:e5:a4:42:69:52:58:3d:e5:0c:5a:0e:03:cd:4d:78:
52:ee:2f:2b:8c:6a:5d:65:94:7e:1b:9a:5d:7a:38:32:33:1f:
0a:bf:1d:7e:51:4c:75:e1:de:36:57:35:fa:c2:9e:75:c0:8e:
8c:ea:7b:4f:65:75:cf:be:40:f5:31:c2:77:b7:09:72:1c:28:
0b:d2:87:f7:c2:87:b7:64:29:d1:9b:eb:de:b3:d7:1e:c0:2f:
62:20:73:1e:ab:fd:9c:a8:5d:ae:8b:46:1b:96:d1:0b:8c:2d:
ae:11:4a:0a:7e:15:60:6a:b4:94:0d:1f:c9:49:6d:eb:f5:5b:
c4:0e:e8:3b:eb:34:d5:13:3d:6c:0b:a9:6a:7b:fc:20:f3:1f:
07:1f:0a:01:84:1d:04:ad:07:f6:48:4d:a5:1a:92:ce:be:e2:
a3:7f:64:c5:e9:91:24:f4:5f:74:96:7d:70:3d:e9:88:9c:49:
57:fd:f3:5f:13:ef:2d:b1:2a:f2:5c:ab:74:9b:94:4e:eb:57:
48:85:44:f6:77:78:79:1d:59:20:23:b0:55:a3:5d:9e:69:c6:
e7:e7:e8:cd
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc2RTQxMTAvBgNVBAUTKDU2OTlBNkY1MkY5MDA1NzM4MkNERTk2Rjc2NTI2RjdG
Q0EwMTkzQTMwHhcNMjIwOTI5MDUyNTAwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM1MmMyYy1hZjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqq0i1mxKNEpYaY0uINUKsfGi0ckPQdY5jgJaSmbX+dHqpXqjujg4VI3f/KXw
bMG83jPqtx1dC1/I7bBuXm5vFfX9KDcfX+ENhyb0wrVufXN7Q0Y34ZuidsHr/USy
3GCnzP4XdmyxNW9CE7R+Iek+0VFfwm8DedBlT69/cIeQLWaE9MicHDIz+1jFVzgq
qssM+1FNkZT76TTjeMhxo++e3nKv/p7Y87OB094n0cJ/7e7rfOmSuyAuBJ4lWKIu
EJfoUgr6mvVxIFxPgDKmZ7p/Ew+BEch71cq4vVLQOXMKaDZP89ajPvZB+AOCtYSB
xGafobLqkyFYpdelDoXtenVy2QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJiI0mtW
X4/wxLEmX5FMugSnIj7uMB8GA1UdIwQYMBaAFFaZpvUvkAVzgs3pb3ZSb3/KAZOj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzZFNC80NzQyODg3MEU5
RjAxMUVDQTgzNThBODRDNEY5QUUwMi9WcG1tOVMtUUJYT0N6ZWx2ZGxKdmY4b0Jr
Nk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZwbW05Uy1RQlhPQ3plbHZkbEp2ZjhvQms2TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc2RTQvNDc0Mjg4NzBFOUYwMTFFQ0E4MzU4QTg0QzRGOUFFMDIvMEM1RDJENEUx
NDU5MTFFREFEMUJFMDMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAItfdgDBABnXS4DBABnYnADBAFnYnIDBAJnwmgwDQYJKoZI
hvcNAQELBQADggEBABddBa+xWLTSDGhFoAnv/s6V7y6Us/dD5i30JFkzcifoVfZ/
9oT0lOWkQmlSWD3lDFoOA81NeFLuLyuMal1llH4bml16ODIzHwq/HX5RTHXh3jZX
NfrCnnXAjozqe09ldc++QPUxwne3CXIcKAvSh/fCh7dkKdGb696z1x7AL2Igcx6r
/ZyoXa6LRhuW0QuMLa4RSgp+FWBqtJQNH8lJbev1W8QO6DvrNNUTPWwLqWp7/CDz
HwcfCgGEHQStB/ZITaUaks6+4qN/ZMXpkST0X3SWfXA96YicSVf9818T7y2xKvJc
q3SblE7rV0iFRPZ3eHkdWSAjsFWjXZ5pxufn6M0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org