Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/49CE74EA50BF11EFBD3A2B34C4F9AE02.roa
File: 49CE74EA50BF11EFBD3A2B34C4F9AE02.roa (raw, json)
Hash identifier: xXVK0j+FjwHX5EsTajZMWg7/RX+tITGSHfcTNgW+bN8=
Subject key identifier: 4C:8F:03:16:55:03:FA:6C:84:6E:A9:55:A6:4A:41:CE:31:B9:AD:D9
Certificate issuer: /CN=A918E4B7/serialNumber=0AB6DD26515C53ECC5B0462B4C475D5A7E5A5537
Certificate serial: 046E
Authority key identifier: 0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/49CE74EA50BF11EFBD3A2B34C4F9AE02.roa
Signing time: Thu 22 Aug 2024 14:16:25 +0000
ROA not before: Thu 22 Aug 2024 14:16:25 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 64022
IP address blocks: 45.126.124.0/24 maxlen: 24
45.126.125.0/24 maxlen: 24
45.126.126.0/24 maxlen: 24
45.126.127.0/24 maxlen: 24
103.6.170.0/24 maxlen: 24
103.6.171.0/24 maxlen: 24
103.102.44.0/24 maxlen: 24
103.102.45.0/24 maxlen: 24
103.102.47.0/24 maxlen: 24
103.195.4.0/24 maxlen: 24
103.195.5.0/24 maxlen: 24
103.195.6.0/24 maxlen: 24
103.195.7.0/24 maxlen: 24
103.252.116.0/24 maxlen: 24
103.252.117.0/24 maxlen: 24
103.252.118.0/24 maxlen: 24
103.252.119.0/24 maxlen: 24
114.29.236.0/24 maxlen: 24
114.29.237.0/24 maxlen: 24
114.29.238.0/24 maxlen: 24
114.29.239.0/24 maxlen: 24
2401:df40:1::/48 maxlen: 48
2402:da80:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1134 (0x46e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E4B7
Validity
Not Before: Aug 22 14:16:25 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66c74838-a0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e4:fc:f3:2c:27:8e:97:df:46:00:f8:0b:01:
53:bb:1b:cd:28:9d:3a:2c:e2:28:be:d7:23:fc:f0:
67:e9:eb:81:a4:56:d1:f6:3d:e9:06:29:7e:da:a2:
a3:69:7e:bf:dc:97:a4:5e:7d:f5:9b:56:3d:3b:e0:
be:e5:83:35:fc:f6:86:66:8f:26:03:5e:9a:74:32:
cf:8b:28:e1:09:2d:7b:08:65:e9:dd:7d:c6:10:4a:
1b:9d:8d:75:c3:7d:e1:b5:f3:03:af:c1:15:43:50:
a5:f4:04:50:b0:e7:ae:53:00:80:b6:0c:ff:53:20:
79:1d:52:08:ea:7d:b1:95:45:8f:20:f7:ff:88:bf:
53:4c:79:5b:f1:b0:50:72:40:a6:6b:10:27:2c:5a:
c5:b0:5f:31:30:e4:48:70:2e:7b:c5:37:52:fb:f3:
81:5e:56:9a:52:86:17:c7:69:39:31:b2:a6:59:fa:
2d:d1:86:0e:20:c3:e4:fa:6a:e3:17:c9:cb:05:91:
16:ef:0f:c5:a1:30:67:cb:c8:d1:72:a0:d1:b9:0f:
72:46:4d:d2:6c:01:1b:e1:78:ad:8f:4c:c0:8e:33:
9b:de:6d:24:86:1c:00:9b:fe:f7:26:6a:34:9d:b7:
31:ad:f4:fe:6e:1c:42:7a:b4:c0:9f:9c:56:70:df:
3d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8F:03:16:55:03:FA:6C:84:6E:A9:55:A6:4A:41:CE:31:B9:AD:D9
X509v3 Authority Key Identifier:
keyid:0A:B6:DD:26:51:5C:53:EC:C5:B0:46:2B:4C:47:5D:5A:7E:5A:55:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/CrbdJlFcU-zFsEYrTEddWn5aVTc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CrbdJlFcU-zFsEYrTEddWn5aVTc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E4B7/EB312F021EAA11ECB756BF30C4F9AE02/49CE74EA50BF11EFBD3A2B34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.126.124.0/22
103.6.170.0/23
103.102.44.0/23
103.102.47.0/24
103.195.4.0/22
103.252.116.0/22
114.29.236.0/22
IPv6:
2401:df40:1::/48
2402:da80:100::/48
Signature Algorithm: sha256WithRSAEncryption
2b:db:3e:0b:d9:f0:33:82:42:e6:c4:89:61:4b:f0:4d:f0:91:
de:53:e3:18:91:78:cb:2f:43:08:df:55:8a:44:f8:58:cc:96:
06:bc:52:13:ac:81:dc:a2:23:4a:1c:c6:b7:d5:5c:aa:6c:c8:
bc:71:b4:59:ac:13:04:3a:5a:93:07:d9:b3:15:41:ce:c6:a5:
19:73:af:8b:eb:0b:a9:a7:40:c8:55:01:cc:2e:68:6e:b7:21:
c7:e7:a4:6a:7c:09:1d:04:06:33:d5:3b:e7:5d:b5:76:87:c1:
04:a0:39:6e:3f:35:15:6d:11:33:a1:a0:e7:9d:0e:e3:f3:30:
c5:3a:12:5d:ec:82:42:cc:f3:77:6e:38:fa:80:af:80:6b:fe:
ef:46:e5:82:13:78:83:9a:f0:d0:5c:b6:64:2d:92:bb:e2:d7:
a5:dc:bb:4f:c8:0d:2e:73:33:0c:ed:55:eb:5a:13:0c:c3:24:
af:6f:35:90:54:68:16:d0:83:73:49:b5:1f:78:10:96:25:3a:
5b:9e:21:97:9c:72:93:64:d8:ae:31:45:ca:72:b0:c7:9d:8b:
a5:0c:3e:da:3f:f9:6b:80:df:32:a1:d4:9b:cb:51:3a:da:f9:
d6:31:13:c3:23:5b:5b:1a:3d:b6:bd:76:13:92:e6:bf:39:3c:
7a:f4:15:31
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICBG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEU0QjcxMTAvBgNVBAUTKDBBQjZERDI2NTE1QzUzRUNDNUIwNDYyQjRDNDc1RDVB
N0U1QTU1MzcwHhcNMjQwODIyMTQxNjI1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM3NDgzOC1hMGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoeT88ywnjpffRgD4CwFTuxvNKJ06LOIovtcj/PBn6euBpFbR9j3pBil+2qKj
aX6/3JekXn31m1Y9O+C+5YM1/PaGZo8mA16adDLPiyjhCS17CGXp3X3GEEobnY11
w33htfMDr8EVQ1Cl9ARQsOeuUwCAtgz/UyB5HVII6n2xlUWPIPf/iL9TTHlb8bBQ
ckCmaxAnLFrFsF8xMORIcC57xTdS+/OBXlaaUoYXx2k5MbKmWfot0YYOIMPk+mrj
F8nLBZEW7w/FoTBny8jRcqDRuQ9yRk3SbAEb4Xitj0zAjjOb3m0khhwAm/73Jmo0
nbcxrfT+bhxCerTAn5xWcN89pQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFEyPAxZV
A/pshG6pVaZKQc4xua3ZMB8GA1UdIwQYMBaAFAq23SZRXFPsxbBGK0xHXVp+WlU3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTRCNy9FQjMxMkYwMjFF
QUExMUVDQjc1NkJGMzBDNEY5QUUwMi9DcmJkSmxGY1UtekZzRVlyVEVkZFduNWFW
VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NyYmRKbEZjVS16RnNFWXJURWRkV241YVZUYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEU0QjcvRUIzMTJGMDIxRUFBMTFFQ0I3NTZCRjMwQzRGOUFFMDIvNDlDRTc0RUE1
MEJGMTFFRkJEM0EyQjM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMDAEAgABMCoDBAItfnwDBAFnBqoDBAFnZiwDBABnZi8DBAJnwwQDBAJn/HQD
BAJyHewwGAQCAAIwEgMHACQB30AAAQMHACQC2oABADANBgkqhkiG9w0BAQsFAAOC
AQEAK9s+C9nwM4JC5sSJYUvwTfCR3lPjGJF4yy9DCN9VikT4WMyWBrxSE6yB3KIj
ShzGt9VcqmzIvHG0WawTBDpakwfZsxVBzsalGXOvi+sLqadAyFUBzC5obrchx+ek
anwJHQQGM9U75121dofBBKA5bj81FW0RM6Gg550O4/MwxToSXeyCQszzd244+oCv
gGv+70blghN4g5rw0Fy2ZC2Su+LXpdy7T8gNLnMzDO1V61oTDMMkr281kFRoFtCD
c0m1H3gQliU6W54hl5xyk2TYrjFFynKwx52LpQw+2j/5a4DfMqHUm8tROtr51jET
wyNbWxo9tr12E5Lmvzk8evQVMQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:44 2025 by rpki-client