Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0744ABC4D7FC11EBB4605D75C4F9AE02.roa
File: 0744ABC4D7FC11EBB4605D75C4F9AE02.roa (raw, json)
Hash identifier: ku+lb5Y5XtmAKu2WwNBPfw3mnEviN0jouIgTnm8F5sY=
Subject key identifier: 53:F7:18:C8:91:6B:45:FF:C8:21:AB:AF:59:7E:53:5D:5A:45:B7:B4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 36E7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0744ABC4D7FC11EBB4605D75C4F9AE02.roa
Signing time: Mon 28 Jun 2021 10:31:42 +0000
ROA not before: Mon 28 Jun 2021 10:31:42 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 134021
IP address blocks: 45.251.80.0/22 maxlen: 24
103.43.65.0/24 maxlen: 24
103.54.220.0/22 maxlen: 24
103.66.12.0/22 maxlen: 24
103.83.58.0/24 maxlen: 24
103.96.44.0/22 maxlen: 24
103.155.136.0/23 maxlen: 24
103.159.100.0/23 maxlen: 24
103.166.68.0/23 maxlen: 24
103.210.106.0/23 maxlen: 24
103.220.36.0/22 maxlen: 24
202.168.156.0/22 maxlen: 24
2001:df4:a700::/48 maxlen: 48
2001:df5:2f80::/48 maxlen: 48
2001:df5:7a80::/48 maxlen: 48
2001:df6:7f80::/48 maxlen: 48
2405:6040::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14055 (0x36e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 28 10:31:42 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60d9a50e-36eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e9:c3:5d:e9:58:ae:d7:8b:f2:dc:57:3a:eb:
6b:fd:01:86:26:33:19:00:a6:d1:5e:d4:b8:f7:2a:
23:d7:33:8a:df:b3:1e:ee:9b:c5:de:ca:e7:a0:d0:
aa:14:50:be:9d:84:8b:3e:6a:05:bc:49:8e:95:e5:
22:8b:b2:04:57:73:1d:92:c8:55:ff:01:fe:27:9e:
f6:26:e3:4e:62:17:e6:96:81:c2:04:20:54:5d:2a:
fd:71:f5:17:56:34:63:08:0c:75:3c:a5:e2:ce:79:
4a:fc:9a:18:8f:d0:bb:91:cc:96:21:19:31:a2:05:
7e:95:5a:0b:1e:92:23:04:17:28:97:4a:cb:dd:8b:
7e:aa:ef:33:4e:3f:d8:64:3f:c0:10:c7:c2:76:4a:
52:31:9d:bf:ba:ad:c0:c1:97:46:c9:a5:9d:32:15:
80:8e:bd:f5:ce:69:7e:36:8f:a8:be:bf:70:33:f7:
34:e9:ff:5e:46:af:57:e8:c3:7b:aa:79:07:c6:ef:
d6:5d:a9:fe:1a:a6:47:f9:76:b2:9c:48:3d:a6:f8:
cb:33:fb:b0:9b:d4:bd:d6:4c:26:88:33:89:15:d6:
ee:26:67:d6:b8:9d:98:a8:3a:03:56:db:6c:30:96:
05:88:22:6a:9b:50:38:4d:a5:de:6c:29:f7:d7:c9:
a4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F7:18:C8:91:6B:45:FF:C8:21:AB:AF:59:7E:53:5D:5A:45:B7:B4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0744ABC4D7FC11EBB4605D75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.80.0/22
103.43.65.0/24
103.54.220.0/22
103.66.12.0/22
103.83.58.0/24
103.96.44.0/22
103.155.136.0/23
103.159.100.0/23
103.166.68.0/23
103.210.106.0/23
103.220.36.0/22
202.168.156.0/22
IPv6:
2001:df4:a700::/48
2001:df5:2f80::/48
2001:df5:7a80::/48
2001:df6:7f80::/48
2405:6040::/32
Signature Algorithm: sha256WithRSAEncryption
9e:89:0d:91:d7:77:38:fc:0f:44:9e:88:ff:bd:f6:b0:c9:a1:
76:1c:f7:d7:e2:27:1b:7f:22:dd:bd:72:76:74:2d:d2:c8:5e:
e0:24:68:19:55:68:ae:92:d3:33:4c:d1:6d:3a:4c:45:03:5b:
d4:cb:ec:5d:5f:a3:b9:bc:ec:be:87:96:0e:65:5a:19:d3:44:
a8:ec:d7:d2:69:d3:46:ff:0f:6d:f2:f6:00:9f:e9:e6:2c:da:
ba:23:83:6b:ee:40:24:20:be:ae:75:5a:1d:e0:f7:65:e3:5a:
eb:09:f4:18:a3:27:ca:a4:81:9e:eb:7a:46:dd:20:13:8b:45:
02:8b:4e:aa:df:5f:e7:ca:9e:df:c5:40:06:82:d3:dd:6b:cc:
b9:40:9d:e4:2b:93:4d:32:6f:f6:bb:5b:b1:1a:d8:dc:b7:20:
45:81:63:98:54:fd:f5:50:73:23:61:c9:78:96:d9:1e:e9:3e:
56:08:1a:21:ca:8a:6a:20:54:01:18:47:92:1e:21:8c:49:37:
bc:04:0c:d3:e5:80:f3:cb:42:a5:6b:57:ce:d6:77:86:00:6d:
d3:f3:eb:a5:a6:64:60:72:7a:3b:ff:84:3c:fc:96:f0:ad:80:
83:5f:ce:0d:7d:19:4b:79:86:54:a9:9e:cd:d4:2d:37:c1:77:
45:f9:21:6a
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgICNucwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjEwNjI4MTAzMTQyWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGQ5YTUwZS0zNmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr+nDXelYrteL8txXOutr/QGGJjMZAKbRXtS49yoj1zOK37Me7pvF3srnoNCq
FFC+nYSLPmoFvEmOleUii7IEV3MdkshV/wH+J572JuNOYhfmloHCBCBUXSr9cfUX
VjRjCAx1PKXiznlK/JoYj9C7kcyWIRkxogV+lVoLHpIjBBcol0rL3Yt+qu8zTj/Y
ZD/AEMfCdkpSMZ2/uq3AwZdGyaWdMhWAjr31zml+No+ovr9wM/c06f9eRq9X6MN7
qnkHxu/WXan+GqZH+XaynEg9pvjLM/uwm9S91kwmiDOJFdbuJmfWuJ2YqDoDVtts
MJYFiCJqm1A4TaXebCn318mkiwIDAQABo4IDDTCCAwkwHQYDVR0OBBYEFFP3GMiR
a0X/yCGrr1l+U11aRbe0MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDc0NEFCQzRE
N0ZDMTFFQkI0NjA1RDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZYGCCsGAQUFBwEHAQH/
BIGGMIGDME4EAgABMEgDBAIt+1ADBABnK0EDBAJnNtwDBAJnQgwDBABnUzoDBAJn
YCwDBAFnm4gDBAFnn2QDBAFnpkQDBAFn0moDBAJn3CQDBALKqJwwMQQCAAIwKwMH
ACABDfSnAAMHACABDfUvgAMHACABDfV6gAMHACABDfZ/gAMFACQFYEAwDQYJKoZI
hvcNAQELBQADggEBAJ6JDZHXdzj8D0SeiP+99rDJoXYc99fiJxt/It29cnZ0LdLI
XuAkaBlVaK6S0zNM0W06TEUDW9TL7F1fo7m87L6Hlg5lWhnTRKjs19Jp00b/D23y
9gCf6eYs2rojg2vuQCQgvq51Wh3g92XjWusJ9BijJ8qkgZ7rekbdIBOLRQKLTqrf
X+fKnt/FQAaC091rzLlAneQrk00yb/a7W7Ea2Ny3IEWBY5hU/fVQcyNhyXiW2R7p
PlYIGiHKimogVAEYR5IeIYxJN7wEDNPlgPPLQqVrV87Wd4YAbdPz66WmZGByejv/
hDz8lvCtgINfzg19GUt5hlSpns3ULTfBd0X5IWo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-fra.rpki-client.org