Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B6C8024132911EDAA7D030FC4F9AE02.roa
File: 9B6C8024132911EDAA7D030FC4F9AE02.roa (raw, json)
Hash identifier: TMAQ6kII+HWATjTJJ+50Tq1+0MPvroOF2MuSD24HDqM=
Subject key identifier: 85:DB:73:6C:EA:0B:59:E2:A7:03:E9:68:BF:60:48:03:46:1C:CB:B1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5ABD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B6C8024132911EDAA7D030FC4F9AE02.roa
Signing time: Wed 03 Aug 2022 12:41:34 +0000
ROA not before: Wed 03 Aug 2022 12:41:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141875
IP address blocks: 45.125.252.0/22 maxlen: 22
45.125.252.0/24 maxlen: 24
45.125.253.0/24 maxlen: 24
45.125.254.0/24 maxlen: 24
45.125.255.0/24 maxlen: 24
103.18.156.0/22 maxlen: 22
103.18.156.0/23 maxlen: 24
103.165.72.0/23 maxlen: 24
103.169.242.0/23 maxlen: 24
103.241.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23229 (0x5abd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 3 12:41:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62ea6cfe-10b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ff:9e:34:b9:04:4c:33:95:5a:95:4f:cd:34:
d8:47:a8:65:24:b5:40:36:6f:37:09:cc:b7:71:dc:
77:38:c2:7b:44:ff:a4:fb:73:20:62:4e:8f:67:ab:
02:ea:35:32:1f:fd:7a:5b:f3:fd:5e:96:08:f4:59:
00:1d:5a:29:10:c3:c6:15:c7:87:5b:24:3d:f2:d6:
6a:0a:ea:fc:aa:30:ad:4f:39:db:ef:d7:d7:60:e9:
f2:13:c2:fd:f8:33:1a:73:3f:5e:ea:27:7e:80:09:
22:60:99:91:8c:f3:f9:6f:1e:be:c7:d6:61:42:a6:
9b:76:79:b0:26:a0:63:51:54:08:79:76:16:35:1c:
6f:c9:01:ca:ed:f4:c1:9a:c9:a0:97:8c:c7:fb:b1:
2c:88:e2:9a:02:02:80:01:01:08:76:55:5d:a5:45:
8a:0c:70:8d:b9:b3:7e:6f:86:10:b2:2c:8d:4c:c2:
66:a0:73:73:24:30:34:e5:b4:e7:21:53:1b:b1:98:
23:cf:12:c9:ec:5d:58:84:73:7f:19:0b:8e:07:73:
81:8f:d9:d8:04:8e:9f:a5:c9:3a:e3:1f:b3:bb:7d:
70:e0:5f:c5:1c:49:b0:a8:61:ca:dd:5a:2a:ed:47:
3b:38:39:54:18:40:84:b6:62:90:fa:b2:f3:76:0f:
e6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DB:73:6C:EA:0B:59:E2:A7:03:E9:68:BF:60:48:03:46:1C:CB:B1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B6C8024132911EDAA7D030FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.252.0/22
103.18.156.0/22
103.165.72.0/23
103.169.242.0/23
103.241.132.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:83:64:96:3a:92:0c:7c:a1:bb:83:6e:4e:62:49:f4:74:7a:
38:88:91:5e:1c:91:64:bb:0e:7f:9c:eb:36:18:9c:82:16:69:
ae:f7:1a:0c:c4:d4:3c:f0:29:64:e7:11:03:e5:48:96:0d:44:
ed:f5:f4:7b:14:8b:21:79:eb:a3:c6:61:79:2b:7e:6e:a4:ef:
24:e2:0b:9d:f0:eb:b1:1f:60:39:de:0e:19:be:91:e6:00:aa:
c4:a4:06:b1:54:fb:35:50:73:5e:06:c0:e2:c1:b0:d6:d1:65:
4d:cb:ec:f4:99:0a:d0:b1:a5:dd:c7:7d:fd:73:c4:25:c2:9e:
89:5b:d6:ba:30:96:ad:62:6a:29:14:07:a5:36:ec:f2:2b:4c:
6f:1c:66:70:e9:18:98:4c:0d:5b:79:05:09:f2:56:b6:38:fd:
1a:cc:1b:b0:03:e1:fa:72:b3:91:67:0f:1b:17:e4:69:56:b8:
3c:85:d5:94:4a:8d:ca:2f:67:7c:9b:d5:4b:e5:64:87:1b:e7:
51:04:6f:12:a9:7f:19:af:00:2e:eb:46:37:f5:c3:2f:5e:79:
ec:41:6f:c1:da:8a:6e:2c:59:87:9d:59:b4:f0:cb:27:c2:c9:
8f:ed:d4:9e:db:c0:4e:74:4c:e5:c0:51:5e:b0:2f:a2:bc:ee:
4f:bc:b5:ac
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICWr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODAzMTI0MTM0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmVhNmNmZS0xMGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz/+eNLkETDOVWpVPzTTYR6hlJLVANm83Ccy3cdx3OMJ7RP+k+3MgYk6PZ6sC
6jUyH/16W/P9XpYI9FkAHVopEMPGFceHWyQ98tZqCur8qjCtTznb79fXYOnyE8L9
+DMacz9e6id+gAkiYJmRjPP5bx6+x9ZhQqabdnmwJqBjUVQIeXYWNRxvyQHK7fTB
msmgl4zH+7EsiOKaAgKAAQEIdlVdpUWKDHCNubN+b4YQsiyNTMJmoHNzJDA05bTn
IVMbsZgjzxLJ7F1YhHN/GQuOB3OBj9nYBI6fpck64x+zu31w4F/FHEmwqGHK3Voq
7Uc7ODlUGECEtmKQ+rLzdg/mPwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFIXbc2zq
C1nipwPpaL9gSANGHMuxMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOUI2QzgwMjQx
MzI5MTFFREFBN0QwMzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAItffwDBAJnEpwDBAFnpUgDBAFnqfIDBABn8YQwDQYJKoZI
hvcNAQELBQADggEBAAyDZJY6kgx8obuDbk5iSfR0ejiIkV4ckWS7Dn+c6zYYnIIW
aa73GgzE1DzwKWTnEQPlSJYNRO319HsUiyF566PGYXkrfm6k7yTiC53w67EfYDne
Dhm+keYAqsSkBrFU+zVQc14GwOLBsNbRZU3L7PSZCtCxpd3Hff1zxCXCnolb1row
lq1iaikUB6U27PIrTG8cZnDpGJhMDVt5BQnyVrY4/RrMG7AD4fpys5FnDxsX5GlW
uDyF1ZRKjcovZ3yb1UvlZIcb51EEbxKpfxmvAC7rRjf1wy9eeexBb8Haim4sWYed
WbTwyyfCyY/t1J7bwE50TOXAUV6wL6K87k+8taw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org