Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5B63FBEEA2F111ED84BFCA51C4F9AE02.roa
File: 5B63FBEEA2F111ED84BFCA51C4F9AE02.roa (raw, json)
Hash identifier: +EoEFZUQmLlpFlXYOZsoW+QT6OkTVp3X6sO2/wqhmsA=
Subject key identifier: F0:91:93:EC:10:A0:FF:6D:F3:67:34:A8:6A:28:1C:6E:2D:64:3D:4F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 64EC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5B63FBEEA2F111ED84BFCA51C4F9AE02.roa
Signing time: Wed 15 Feb 2023 08:01:49 +0000
ROA not before: Wed 15 Feb 2023 08:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140641
IP address blocks: 45.248.3.0/24 maxlen: 24
103.97.104.0/24 maxlen: 24
103.97.105.0/24 maxlen: 24
103.97.106.0/24 maxlen: 24
103.97.107.0/24 maxlen: 24
103.119.170.0/23 maxlen: 24
103.152.79.0/24 maxlen: 24
103.182.64.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25836 (0x64ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 15 08:01:49 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63ec916d-285d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:97:11:0b:22:3f:18:ca:a1:e3:94:e9:79:91:
ba:f4:d8:0d:50:12:a4:14:74:0d:27:57:c0:d7:84:
53:f6:1a:f7:55:5f:dc:dd:b6:ce:f0:37:79:4f:92:
fd:24:fa:06:3b:a3:9d:a2:c6:3d:0a:88:2c:b7:7b:
a1:bb:aa:6a:18:f6:90:3f:dd:cb:0f:86:95:d1:34:
29:cc:7d:c9:e9:e4:46:c8:ed:ca:fa:70:2a:6b:47:
40:83:57:6c:b4:f2:b7:a9:1b:c5:7b:26:e0:e3:28:
85:4f:e2:ee:0c:c8:64:d0:67:47:df:88:bd:d5:14:
20:31:38:29:66:ef:be:be:ab:aa:f1:b1:0c:11:1f:
2c:a2:3b:29:2c:11:72:96:20:3c:df:88:4c:3c:ac:
d9:40:75:2d:95:77:06:ae:6d:8e:03:a4:3b:31:23:
cf:aa:6d:5d:b0:f1:52:be:f8:61:03:2c:23:95:d5:
b5:eb:28:fd:0e:67:c9:13:19:ef:44:3f:99:c1:1f:
db:74:7f:91:bc:53:ae:2d:bf:4b:f1:dc:f9:ea:5e:
f5:b0:53:03:0e:fa:0a:fe:a7:d7:32:25:fc:36:f9:
b7:39:85:f6:63:2d:05:0c:99:d2:b7:be:14:bb:1e:
87:26:e1:6b:50:20:13:18:89:76:8f:33:55:f8:31:
11:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:91:93:EC:10:A0:FF:6D:F3:67:34:A8:6A:28:1C:6E:2D:64:3D:4F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5B63FBEEA2F111ED84BFCA51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.3.0/24
103.97.104.0/22
103.119.170.0/23
103.152.79.0/24
103.182.64.0/23
Signature Algorithm: sha256WithRSAEncryption
70:93:e6:12:c3:3c:d0:f6:59:2d:c7:df:88:1d:fa:f7:20:ec:
65:21:a6:80:6e:e6:97:47:ce:73:71:ae:b3:e2:74:9e:4c:54:
a3:6e:a5:1d:ae:2a:de:7a:5a:e7:98:38:04:92:e0:07:84:8e:
a2:bd:7c:04:70:92:69:32:b9:c5:1c:33:cb:7b:aa:23:59:d5:
6c:50:5b:09:ce:fa:c9:ed:20:2a:98:26:81:c7:e9:45:64:f0:
3e:c6:b9:3d:2d:1f:17:39:85:db:5b:61:9e:66:2f:a5:9a:87:
2b:85:98:6b:a5:ab:4c:cb:bd:ec:56:61:b7:10:e0:fa:ce:f7:
1d:d1:35:d7:b5:bc:e8:cc:c6:e7:83:ed:1c:25:94:36:8a:3b:
8f:98:ec:2d:cc:56:de:b4:92:56:92:fc:29:31:6c:76:d3:98:
94:11:6f:f1:00:5c:25:38:8a:9b:50:ce:70:6a:eb:b2:7e:74:
a5:f4:e0:2c:4e:ef:04:50:10:52:d3:8a:2b:21:98:8a:4b:27:
1b:08:dd:b8:da:b0:50:cd:3b:a1:44:84:99:c0:de:87:14:e4:
a8:62:4f:b2:a2:e1:de:ee:d7:1f:2a:31:e7:6a:aa:91:b3:13:
1c:e9:15:f0:a6:63:f9:66:f6:b8:1a:b2:a7:be:62:26:bd:4f:
78:12:01:8c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICZOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjE1MDgwMTQ5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VjOTE2ZC0yODVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxpcRCyI/GMqh45TpeZG69NgNUBKkFHQNJ1fA14RT9hr3VV/c3bbO8Dd5T5L9
JPoGO6OdosY9Cogst3uhu6pqGPaQP93LD4aV0TQpzH3J6eRGyO3K+nAqa0dAg1ds
tPK3qRvFeybg4yiFT+LuDMhk0GdH34i91RQgMTgpZu++vquq8bEMER8sojspLBFy
liA834hMPKzZQHUtlXcGrm2OA6Q7MSPPqm1dsPFSvvhhAywjldW16yj9DmfJExnv
RD+ZwR/bdH+RvFOuLb9L8dz56l71sFMDDvoK/qfXMiX8Nvm3OYX2Yy0FDJnSt74U
ux6HJuFrUCATGIl2jzNV+DERaQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPCRk+wQ
oP9t82c0qGooHG4tZD1PMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNUI2M0ZCRUVB
MkYxMTFFRDg0QkZDQTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAt+AMDBAJnYWgDBAFnd6oDBABnmE8DBAFntkAwDQYJKoZI
hvcNAQELBQADggEBAHCT5hLDPND2WS3H34gd+vcg7GUhpoBu5pdHznNxrrPidJ5M
VKNupR2uKt56WueYOASS4AeEjqK9fARwkmkyucUcM8t7qiNZ1WxQWwnO+sntICqY
JoHH6UVk8D7GuT0tHxc5hdtbYZ5mL6WahyuFmGulq0zLvexWYbcQ4PrO9x3RNde1
vOjMxueD7RwllDaKO4+Y7C3MVt60klaS/CkxbHbTmJQRb/EAXCU4iptQznBq67J+
dKX04CxO7wRQEFLTiishmIpLJxsI3bjasFDNO6FEhJnA3ocU5KhiT7Ki4d7u1x8q
MedqqpGzExzpFfCmY/lm9rgasqe+Yia9T3gSAYw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org