Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/66CBDF765D8111EC8FBFA240C4F9AE02.roa
File: 66CBDF765D8111EC8FBFA240C4F9AE02.roa (raw, json)
Hash identifier: 6t8oRRuKxsBavaBSF1DEeoR8uHS6BdD3HMMcj11+e58=
Subject key identifier: 80:E9:02:EB:01:96:6E:11:70:26:17:64:53:E9:51:95:9A:ED:9B:99
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6432
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/66CBDF765D8111EC8FBFA240C4F9AE02.roa
Signing time: Wed 01 Feb 2023 12:21:39 +0000
ROA not before: Wed 01 Feb 2023 12:21:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58906
IP address blocks: 43.240.5.0/24 maxlen: 24
45.64.9.0/24 maxlen: 24
45.248.25.0/24 maxlen: 24
103.47.14.0/24 maxlen: 24
103.76.122.0/23 maxlen: 24
103.101.117.0/24 maxlen: 24
103.182.160.0/23 maxlen: 24
103.211.190.0/23 maxlen: 24
103.225.204.0/24 maxlen: 24
103.248.120.0/24 maxlen: 24
103.248.122.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25650 (0x6432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 1 12:21:39 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63da5953-128d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:12:0d:5c:35:f4:5e:54:d1:6b:b1:7a:17:4a:
5c:a4:66:cf:c9:46:a7:23:48:a3:f2:07:4f:a2:cd:
ef:b8:05:9b:45:55:0e:88:59:fe:92:dc:2f:9f:01:
42:17:4e:c1:d2:b2:a6:e9:ce:02:bc:2a:3f:9d:e1:
f4:64:77:bb:fb:45:80:96:e9:c1:95:62:3d:f7:12:
94:bf:c4:ee:72:6e:4b:48:a1:16:4d:2b:24:58:c4:
8c:ef:5d:85:f6:b0:67:30:94:c9:25:ca:7d:32:a5:
cf:db:b4:8a:ed:c3:1a:13:94:4b:0e:82:16:97:cd:
94:d2:dc:2c:49:ef:32:83:e8:cf:bd:eb:63:90:46:
c6:85:58:01:c7:67:a8:66:f8:71:60:f8:82:62:aa:
16:53:41:a8:d1:52:80:1b:f2:37:e0:59:e4:ab:36:
2c:e4:b1:ef:c3:db:95:b2:19:02:3f:f8:ba:65:bb:
c1:e1:73:38:09:2a:96:26:a9:2c:e9:1b:b9:d4:15:
e2:89:91:11:d9:dc:d8:81:9c:fb:84:06:60:7e:60:
d9:25:13:fc:c9:c7:07:61:dd:1f:bc:a5:b9:b0:97:
62:ec:39:ee:04:62:9f:7c:3d:75:53:01:31:2d:bd:
3c:22:72:77:74:1a:b7:d9:3d:d9:7f:a0:68:6a:ba:
3d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E9:02:EB:01:96:6E:11:70:26:17:64:53:E9:51:95:9A:ED:9B:99
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/66CBDF765D8111EC8FBFA240C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.5.0/24
45.64.9.0/24
45.248.25.0/24
103.47.14.0/24
103.76.122.0/23
103.101.117.0/24
103.182.160.0/23
103.211.190.0/23
103.225.204.0/24
103.248.120.0/24
103.248.122.0/23
Signature Algorithm: sha256WithRSAEncryption
82:dc:b4:d9:a9:d9:3c:eb:91:79:0d:d9:9c:0e:ae:70:6b:26:
9e:23:3f:83:ca:97:6b:38:c8:5b:11:98:70:a7:a6:e9:02:06:
b3:f6:72:44:27:42:c2:32:5c:5f:30:e5:0e:70:9f:a3:90:f1:
1d:13:e5:c6:dc:50:f2:ff:bd:24:f5:bd:c7:b4:c8:0e:4b:a3:
4d:c3:3f:18:81:e7:d6:e0:54:07:59:c0:15:0a:48:c0:4f:8c:
15:d4:ca:3e:e6:16:58:30:0b:a9:23:6b:ee:af:bb:3d:10:b6:
02:20:6c:61:d0:e6:eb:6e:17:7f:ef:b0:29:81:f9:3e:3e:06:
7c:68:ac:c2:c0:25:36:04:8a:f9:9a:bb:7f:cb:e9:33:b7:ba:
d3:33:e7:10:ce:68:80:ef:2e:fe:b3:c0:71:35:b7:ce:1b:64:
54:0c:e3:4c:6d:0c:07:c5:e9:e2:15:4c:cf:d6:4a:a1:80:08:
d8:d9:10:e8:f5:cb:04:45:c8:5d:84:74:98:62:90:9f:29:fb:
88:1c:96:31:e7:7e:54:32:7b:0d:44:b3:aa:d4:a7:e0:e7:ba:
9d:17:a1:00:7d:4b:6e:ad:bc:a5:01:4b:b4:b6:e3:e1:c2:d4:
cc:75:c7:b2:f5:c3:df:7b:71:2d:bd:81:be:4b:41:cf:4c:9d:
74:43:46:6c
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgICZDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjAxMTIyMTM5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2RhNTk1My0xMjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBINXDX0XlTRa7F6F0pcpGbPyUanI0ij8gdPos3vuAWbRVUOiFn+ktwvnwFC
F07B0rKm6c4CvCo/neH0ZHe7+0WAlunBlWI99xKUv8Tucm5LSKEWTSskWMSM712F
9rBnMJTJJcp9MqXP27SK7cMaE5RLDoIWl82U0twsSe8yg+jPvetjkEbGhVgBx2eo
ZvhxYPiCYqoWU0Go0VKAG/I34FnkqzYs5LHvw9uVshkCP/i6ZbvB4XM4CSqWJqks
6Ru51BXiiZER2dzYgZz7hAZgfmDZJRP8yccHYd0fvKW5sJdi7DnuBGKffD11UwEx
Lb08InJ3dBq32T3Zf6Boaro9eQIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFIDpAusB
lm4RcCYXZFPpUZWa7ZuZMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjZDQkRGNzY1
RDgxMTFFQzhGQkZBMjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E
TDBKMEgEAgABMEIDBAAr8AUDBAAtQAkDBAAt+BkDBABnLw4DBAFnTHoDBABnZXUD
BAFntqADBAFn074DBABn4cwDBABn+HgDBAFn+HowDQYJKoZIhvcNAQELBQADggEB
AILctNmp2TzrkXkN2ZwOrnBrJp4jP4PKl2s4yFsRmHCnpukCBrP2ckQnQsIyXF8w
5Q5wn6OQ8R0T5cbcUPL/vST1vce0yA5Lo03DPxiB59bgVAdZwBUKSMBPjBXUyj7m
FlgwC6kja+6vuz0QtgIgbGHQ5utuF3/vsCmB+T4+BnxorMLAJTYEivmau3/L6TO3
utMz5xDOaIDvLv6zwHE1t84bZFQM40xtDAfF6eIVTM/WSqGACNjZEOj1ywRFyF2E
dJhikJ8p+4gcljHnflQyew1Es6rUp+Dnup0XoQB9S26tvKUBS7S24+HC1Mx1x7L1
w997cS29gb5LQc9MnXRDRmw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org