Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49B783041D2A11EDB0BC2016C4F9AE02.roa
File: 49B783041D2A11EDB0BC2016C4F9AE02.roa (raw, json)
Hash identifier: SRrAaDBubTHChu57NY192Z3W5r2hdNLVBi6EJcEs4Ko=
Subject key identifier: E3:76:89:A0:64:D6:0A:8F:C8:B0:BF:7D:38:70:82:C3:2C:72:F7:15
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5B66
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49B783041D2A11EDB0BC2016C4F9AE02.roa
Signing time: Tue 16 Aug 2022 06:11:38 +0000
ROA not before: Tue 16 Aug 2022 06:11:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141875
IP address blocks: 45.125.252.0/22 maxlen: 22
45.125.252.0/24 maxlen: 24
45.125.253.0/24 maxlen: 24
45.125.254.0/24 maxlen: 24
45.125.255.0/24 maxlen: 24
103.165.72.0/23 maxlen: 24
103.169.242.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23398 (0x5b66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 16 06:11:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62fb351a-0f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:dc:ac:94:fa:fa:b7:c3:9a:1e:c4:32:9b:4b:
30:67:52:60:06:4b:1a:f0:cc:fd:c8:20:16:07:60:
cb:d6:53:ae:a7:f2:8a:8c:26:b0:26:83:9b:5a:11:
2e:5a:0a:c9:aa:9e:b0:da:9b:e9:7a:7f:bd:28:c1:
b9:80:b8:70:b8:83:93:0a:18:0f:4f:17:dc:3f:75:
74:44:f0:5c:07:59:81:d2:e6:20:2f:9b:9a:f9:26:
95:bc:ee:50:fb:8b:81:48:90:ee:03:10:41:21:80:
4d:20:93:6e:b6:61:cb:4b:32:75:db:d1:b4:d2:ca:
98:25:c3:71:f9:45:1a:2c:62:e2:98:d1:84:e4:34:
67:7c:0f:2d:da:c2:87:f8:7e:7e:05:8d:38:a1:80:
45:2f:f9:2c:19:08:6d:6a:dc:50:45:85:71:54:f0:
c6:9f:99:72:7c:f5:63:14:8a:ac:71:8e:e9:d7:c7:
8e:50:04:1b:07:f3:38:b4:6b:38:1d:c9:f7:35:b5:
89:59:3f:ba:cb:43:e9:f8:c8:3f:be:b6:a0:7c:0c:
b8:94:7b:c6:81:4f:9c:f3:4f:32:97:7e:3d:73:ed:
15:07:ca:a8:58:75:9f:24:97:53:fe:ef:b6:36:f8:
18:27:3b:bc:5e:f0:01:af:2f:60:08:d4:6e:50:76:
03:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:76:89:A0:64:D6:0A:8F:C8:B0:BF:7D:38:70:82:C3:2C:72:F7:15
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/49B783041D2A11EDB0BC2016C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.252.0/22
103.165.72.0/23
103.169.242.0/23
Signature Algorithm: sha256WithRSAEncryption
11:ac:2f:c6:21:cc:64:55:c4:ab:0c:cf:ad:f8:f7:5b:00:b0:
62:d7:f4:90:05:60:2e:aa:c7:f8:d1:33:7a:55:47:14:69:a9:
db:66:b7:f9:fe:0f:df:37:ec:24:7b:bb:35:1d:ae:61:a5:71:
e5:a1:aa:a3:75:ee:76:7a:57:af:d9:87:75:6d:96:0e:a1:02:
b3:2f:b1:c5:d4:29:b1:c3:c0:28:02:cd:06:d2:53:42:66:79:
f0:22:b6:8e:6b:b4:91:26:86:8d:b9:08:09:03:43:7f:cc:55:
ac:17:66:2e:33:e5:1d:e1:65:aa:80:da:4f:eb:5a:1f:5a:38:
32:42:bc:6f:09:b7:e6:42:89:a8:be:42:c1:41:d5:f0:e4:23:
1d:fc:38:20:22:0a:1e:d5:a4:6a:7d:61:c8:f2:b2:59:d8:78:
52:a7:3b:f1:ad:cf:d3:c8:81:bd:ce:3b:01:21:87:f1:3b:83:
ee:67:a8:56:65:ab:ad:ab:a9:f8:96:56:cc:87:43:2a:58:21:
88:69:6e:da:75:1e:8c:9b:04:12:ab:c0:f4:ad:02:ce:b1:78:
14:7c:96:b1:b9:de:97:54:7c:b2:bc:33:bb:4f:c6:31:31:0e:
49:48:d7:7d:d8:6b:a2:fe:38:8c:7d:60:09:48:bd:b7:10:7f:
67:51:fa:88
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICW2YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODE2MDYxMTM4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmZiMzUxYS0wZjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA99yslPr6t8OaHsQym0swZ1JgBksa8Mz9yCAWB2DL1lOup/KKjCawJoObWhEu
WgrJqp6w2pvpen+9KMG5gLhwuIOTChgPTxfcP3V0RPBcB1mB0uYgL5ua+SaVvO5Q
+4uBSJDuAxBBIYBNIJNutmHLSzJ129G00sqYJcNx+UUaLGLimNGE5DRnfA8t2sKH
+H5+BY04oYBFL/ksGQhtatxQRYVxVPDGn5lyfPVjFIqscY7p18eOUAQbB/M4tGs4
Hcn3NbWJWT+6y0Pp+Mg/vragfAy4lHvGgU+c808yl349c+0VB8qoWHWfJJdT/u+2
NvgYJzu8XvABry9gCNRuUHYDiQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFON2iaBk
1gqPyLC/fThwgsMscvcVMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNDlCNzgzMDQx
RDJBMTFFREIwQkMyMDE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAItffwDBAFnpUgDBAFnqfIwDQYJKoZIhvcNAQELBQADggEB
ABGsL8YhzGRVxKsMz63491sAsGLX9JAFYC6qx/jRM3pVRxRpqdtmt/n+D9837CR7
uzUdrmGlceWhqqN17nZ6V6/Zh3Vtlg6hArMvscXUKbHDwCgCzQbSU0JmefAito5r
tJEmho25CAkDQ3/MVawXZi4z5R3hZaqA2k/rWh9aODJCvG8Jt+ZCiai+QsFB1fDk
Ix38OCAiCh7VpGp9YcjyslnYeFKnO/Gtz9PIgb3OOwEhh/E7g+5nqFZlq62rqfiW
VsyHQypYIYhpbtp1HoybBBKrwPStAs6xeBR8lrG53pdUfLK8M7tPxjExDklI133Y
a6L+OIx9YAlIvbcQf2dR+og=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-ams.rpki-client.org