Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/016D2E18C82811EA9B7BE77FC4F9AE02.roa
File: 016D2E18C82811EA9B7BE77FC4F9AE02.roa (raw, json)
Hash identifier: pumvwT1qeX3t0P4UDqs2wzdsBYOIxcijH4tYLw6Tb40=
Subject key identifier: 65:52:F5:84:C6:29:C4:B3:2E:5E:A4:8C:54:3C:BC:B0:28:B0:F1:2F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4C1D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/016D2E18C82811EA9B7BE77FC4F9AE02.roa
Signing time: Tue 12 Apr 2022 10:21:40 +0000
ROA not before: Tue 12 Apr 2022 10:21:39 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 133589
IP address blocks: 45.114.176.0/24 maxlen: 24
45.114.177.0/24 maxlen: 24
45.114.178.0/24 maxlen: 24
45.114.179.0/24 maxlen: 24
103.43.80.0/24 maxlen: 24
103.43.81.0/24 maxlen: 24
103.43.82.0/24 maxlen: 24
103.43.83.0/24 maxlen: 24
2001:df0:9fc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19485 (0x4c1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 12 10:21:39 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=625552b3-340d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cc:fa:1c:ac:b3:38:93:00:4d:fe:00:b5:5d:
ac:7e:d7:1f:2d:7e:77:ac:9b:e5:c2:5d:44:b8:00:
59:8a:16:06:43:65:a2:da:65:d2:0e:5c:3d:19:a7:
e6:4a:7e:c5:71:80:16:fb:f9:6f:d1:25:3a:65:e2:
76:59:b1:50:01:d5:b1:fd:6d:93:60:ec:c5:a8:3b:
28:30:69:cb:1b:1d:0e:ad:b1:58:3b:e9:af:d0:54:
e0:eb:d3:47:5f:d4:fe:6f:f8:af:30:3b:95:63:79:
c5:a3:1f:59:5e:e7:ee:c5:6d:b7:8a:f7:de:55:fc:
22:f5:4e:d0:67:72:51:1a:48:47:78:4b:9f:7f:ca:
78:93:8a:00:da:93:0f:f9:84:63:22:75:30:0d:16:
3d:96:81:3b:61:cc:9a:db:cc:68:84:0b:e6:84:95:
9c:e7:9a:4e:7b:fe:b4:2f:3b:87:b9:b2:89:6c:d8:
c0:1b:85:db:46:c5:5b:48:08:17:c2:8f:e6:42:d9:
da:09:22:89:64:a6:02:47:e2:03:84:70:0d:9e:c6:
b3:de:2f:4a:ea:f2:b1:3c:ce:eb:60:b5:c7:9b:18:
cc:67:ee:e1:17:60:9b:37:30:66:65:d0:e6:de:eb:
7f:e9:ed:00:e4:32:7c:e6:ca:6a:91:0d:55:05:d5:
fc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:52:F5:84:C6:29:C4:B3:2E:5E:A4:8C:54:3C:BC:B0:28:B0:F1:2F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/016D2E18C82811EA9B7BE77FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.176.0/22
103.43.80.0/22
IPv6:
2001:df0:9fc0::/48
Signature Algorithm: sha256WithRSAEncryption
59:0d:02:ff:f8:c2:99:2b:b1:46:95:6e:31:bd:2f:c4:c8:76:
35:6e:c2:f5:9b:d5:74:b0:fb:94:f9:ca:f8:bb:71:12:06:88:
1c:ef:59:64:2b:35:a6:2c:4e:1d:5b:4b:7e:97:21:bd:bf:e9:
2b:c8:4a:52:51:0f:44:0d:50:06:ed:66:a8:29:c8:1b:f0:fd:
83:f0:78:7e:cb:1f:95:c2:b5:72:70:07:3a:89:16:e6:9c:fe:
30:60:c9:de:17:09:d9:0e:71:3c:37:43:8e:5f:28:15:d2:04:
6f:85:25:bf:4d:a7:cd:ec:9b:d7:dd:6f:d4:d0:7b:8f:1c:f0:
4d:dc:70:63:0f:a7:df:cd:81:de:70:bc:b5:46:7b:d6:07:b3:
5e:db:7b:e7:b9:4f:b5:df:c1:7b:53:c5:98:77:69:b8:bd:5b:
5f:f5:33:b1:b4:4d:fc:ca:a6:99:f1:36:b4:c0:0c:46:d9:52:
de:8b:5d:ed:bd:25:ab:70:80:e9:29:9a:50:f6:55:a5:84:74:
32:5d:94:ff:36:7c:f9:ae:24:a5:02:52:cb:a6:82:a3:1f:93:
b7:0f:23:68:7c:2a:9b:59:91:3a:b4:9f:66:12:b9:d0:a3:c6:
c7:40:76:1f:03:4e:e9:bc:89:cf:a0:74:0d:b8:6a:30:1a:a7:
69:5f:25:19
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICTB0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNDEyMTAyMTM5WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjU1NTJiMy0zNDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvsz6HKyzOJMATf4AtV2sftcfLX53rJvlwl1EuABZihYGQ2Wi2mXSDlw9Gafm
Sn7FcYAW+/lv0SU6ZeJ2WbFQAdWx/W2TYOzFqDsoMGnLGx0OrbFYO+mv0FTg69NH
X9T+b/ivMDuVY3nFox9ZXufuxW23ivfeVfwi9U7QZ3JRGkhHeEuff8p4k4oA2pMP
+YRjInUwDRY9loE7Ycya28xohAvmhJWc55pOe/60LzuHubKJbNjAG4XbRsVbSAgX
wo/mQtnaCSKJZKYCR+IDhHANnsaz3i9K6vKxPM7rYLXHmxjMZ+7hF2CbNzBmZdDm
3ut/6e0A5DJ85spqkQ1VBdX8FwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFGVS9YTG
KcSzLl6kjFQ8vLAosPEvMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDE2RDJFMThD
ODI4MTFFQTlCN0JFNzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAItcrADBAJnK1AwDwQCAAIwCQMHACABDfCfwDANBgkqhkiG
9w0BAQsFAAOCAQEAWQ0C//jCmSuxRpVuMb0vxMh2NW7C9ZvVdLD7lPnK+LtxEgaI
HO9ZZCs1pixOHVtLfpchvb/pK8hKUlEPRA1QBu1mqCnIG/D9g/B4fssflcK1cnAH
OokW5pz+MGDJ3hcJ2Q5xPDdDjl8oFdIEb4Ulv02nzeyb191v1NB7jxzwTdxwYw+n
382B3nC8tUZ71gezXtt757lPtd/Be1PFmHdpuL1bX/UzsbRN/MqmmfE2tMAMRtlS
3otd7b0lq3CA6SmaUPZVpYR0Ml2U/zZ8+a4kpQJSy6aCox+Ttw8jaHwqm1mROrSf
ZhK50KPGx0B2HwNO6byJz6B0DbhqMBqnaV8lGQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:47 2023 by rpki-client on console-ams.rpki-client.org