Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/44004F100BDF11ED9E3AA135C4F9AE02.roa
File: 44004F100BDF11ED9E3AA135C4F9AE02.roa (raw, json)
Hash identifier: qprYPi6pUg23IsHalwdCuljuFQU8o/6IJ3tVzKlsXaw=
Subject key identifier: 28:09:F0:52:4E:3E:AF:5B:8C:07:B3:B3:B0:BC:F1:7F:44:A1:10:AD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5A11
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/44004F100BDF11ED9E3AA135C4F9AE02.roa
Signing time: Mon 25 Jul 2022 10:01:41 +0000
ROA not before: Mon 25 Jul 2022 10:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137409
IP address blocks: 45.120.37.0/24 maxlen: 24
103.61.148.0/24 maxlen: 24
103.61.149.0/24 maxlen: 24
139.5.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23057 (0x5a11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 25 10:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62de6a05-a9d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:50:74:9a:55:39:82:e7:4e:07:a1:3a:d7:6e:
73:19:42:c1:58:f1:b1:31:49:db:61:49:a3:9a:7d:
db:75:52:3c:0c:8d:7b:d5:3b:10:f9:c8:7b:c4:72:
e2:8d:37:cb:a7:de:a9:9e:d3:ad:53:9c:be:4f:5e:
7a:e7:84:d5:56:02:13:db:79:b2:f0:b7:ac:ad:9e:
d3:25:a1:2f:c5:11:3c:89:57:1a:7e:42:d3:a4:21:
87:3c:43:dd:75:52:8f:4c:d1:3a:25:6f:84:57:75:
55:e9:e0:65:97:45:72:02:3d:f2:77:86:4b:58:e1:
b5:c3:52:93:ba:70:95:26:0e:a1:7e:4e:6f:b3:f0:
55:e1:36:ff:45:8d:d8:6c:95:a0:10:59:52:b8:69:
a3:72:8b:63:5e:0e:cb:bc:d8:1c:cc:e8:76:82:46:
ed:dd:d4:50:52:4b:00:12:d5:91:6c:65:32:cd:a6:
b3:eb:fa:0c:b3:e1:e6:38:3b:11:3a:59:50:a0:cf:
73:9f:2f:ad:bf:a1:08:40:65:6d:05:c6:68:a5:b3:
f9:c7:05:0e:73:c2:c2:5d:df:b0:d2:5d:41:ce:42:
58:08:44:37:d0:8e:0a:f0:8c:37:13:99:89:90:90:
fc:49:18:04:06:59:c6:ec:18:61:13:b5:f3:49:a2:
c9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:09:F0:52:4E:3E:AF:5B:8C:07:B3:B3:B0:BC:F1:7F:44:A1:10:AD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/44004F100BDF11ED9E3AA135C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.37.0/24
103.61.148.0/23
139.5.232.0/22
Signature Algorithm: sha256WithRSAEncryption
95:d3:9f:ec:38:e0:f1:d9:6e:e1:c7:ba:e2:2d:90:d9:b2:f6:
cb:94:5c:72:67:c6:03:3f:94:37:1e:f5:3a:1a:66:d3:74:7f:
72:69:30:eb:83:2d:b8:e1:a0:ac:0c:82:24:e0:20:e6:2e:5e:
4d:4a:22:61:0e:ab:06:8b:ab:e3:c8:67:e6:a4:4e:33:01:05:
90:81:c0:35:a4:8f:bd:29:38:11:5c:d3:29:46:10:50:d2:29:
83:d9:d3:a8:5d:23:04:0c:21:16:52:86:c2:e9:ab:bc:e3:95:
51:ef:38:ba:bf:59:5d:4b:39:79:a4:d6:19:43:ea:b7:52:8d:
9c:bd:a6:13:7c:f9:57:9a:49:36:eb:ad:2f:36:3c:b8:1a:6e:
01:e1:5f:d9:d5:e4:e3:69:6b:53:ef:25:0d:74:66:2c:86:ec:
e2:05:2f:0c:a5:79:4e:58:9d:e0:64:9c:63:3a:c3:38:18:95:
03:93:d9:2b:8b:1a:d8:1f:27:c6:24:cf:fb:69:1f:e0:70:93:
ba:22:30:08:2d:86:05:5d:64:c8:e9:f8:1b:f3:b4:94:2a:40:
ce:19:c3:84:88:3f:d3:7d:3c:cd:b5:a1:23:95:cf:3a:74:71:
1d:04:5e:36:7a:3a:6e:b3:af:f0:36:8b:dd:38:40:af:69:e5:
fb:e1:83:d8
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICWhEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNzI1MTAwMTQxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmRlNmEwNS1hOWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5lB0mlU5gudOB6E6125zGULBWPGxMUnbYUmjmn3bdVI8DI171TsQ+ch7xHLi
jTfLp96pntOtU5y+T15654TVVgIT23my8LesrZ7TJaEvxRE8iVcafkLTpCGHPEPd
dVKPTNE6JW+EV3VV6eBll0VyAj3yd4ZLWOG1w1KTunCVJg6hfk5vs/BV4Tb/RY3Y
bJWgEFlSuGmjcotjXg7LvNgczOh2gkbt3dRQUksAEtWRbGUyzaaz6/oMs+HmODsR
OllQoM9zny+tv6EIQGVtBcZopbP5xwUOc8LCXd+w0l1BzkJYCEQ30I4K8Iw3E5mJ
kJD8SRgEBlnG7BhhE7XzSaLJMwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFCgJ8FJO
Pq9bjAezs7C88X9EoRCtMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDQwMDRGMTAw
QkRGMTFFRDlFM0FBMTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAteCUDBAFnPZQDBAKLBegwDQYJKoZIhvcNAQELBQADggEB
AJXTn+w44PHZbuHHuuItkNmy9suUXHJnxgM/lDce9ToaZtN0f3JpMOuDLbjhoKwM
giTgIOYuXk1KImEOqwaLq+PIZ+akTjMBBZCBwDWkj70pOBFc0ylGEFDSKYPZ06hd
IwQMIRZShsLpq7zjlVHvOLq/WV1LOXmk1hlD6rdSjZy9phN8+VeaSTbrrS82PLga
bgHhX9nV5ONpa1PvJQ10ZiyG7OIFLwyleU5YneBknGM6wzgYlQOT2SuLGtgfJ8Yk
z/tpH+Bwk7oiMAgthgVdZMjp+BvztJQqQM4Zw4SIP9N9PM21oSOVzzp0cR0EXjZ6
Om6zr/A2i904QK9p5fvhg9g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-fra.rpki-client.org