Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ABB5C0FA21C411ECBCA7543AC4F9AE02.roa
File: ABB5C0FA21C411ECBCA7543AC4F9AE02.roa (raw, json)
Hash identifier: LekVCGC0M+nEziPVW1pIWCvX7YfYjv6Z76lvqwcueNk=
Subject key identifier: 30:23:9B:6E:B5:FD:1B:9C:E3:AB:EF:BD:E2:04:70:05:50:9D:7B:D2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 637E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ABB5C0FA21C411ECBCA7543AC4F9AE02.roa
Signing time: Thu 19 Jan 2023 08:41:39 +0000
ROA not before: Thu 19 Jan 2023 08:41:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141490
IP address blocks: 45.123.216.0/22 maxlen: 24
103.162.120.0/23 maxlen: 24
103.192.60.0/23 maxlen: 24
103.192.62.0/23 maxlen: 24
2001:df0:b1c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25470 (0x637e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 19 08:41:39 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c90243-115a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2d:9d:b2:ee:c6:d1:f6:ab:7e:14:a3:61:30:
0b:14:35:77:e5:29:a7:34:e9:96:70:99:c2:22:90:
97:9c:63:df:fa:a3:5e:2b:84:a1:26:a5:a5:55:2c:
20:ea:94:48:f9:97:c0:c8:fe:8f:e6:2f:dc:8b:e2:
ff:2f:01:44:da:6e:c8:3e:fe:bd:e6:29:71:45:31:
aa:58:fb:1e:62:e6:3e:fe:51:8e:aa:38:02:3d:3e:
5c:86:71:e2:7d:13:36:ff:36:ea:b0:65:08:11:56:
da:ff:85:21:9d:55:70:2e:e0:07:4c:fc:09:ec:e2:
dc:7a:a2:42:a6:06:4b:18:99:30:b6:da:6f:7d:cc:
76:a4:e2:81:1d:5f:b2:a7:57:31:6e:b8:66:21:dd:
eb:35:84:d4:e3:59:d2:9a:d5:f5:b9:a7:a9:36:e5:
1d:48:10:cb:82:d4:c4:de:b9:2c:5e:60:35:6b:a6:
6a:05:d1:6c:01:0d:7b:50:86:84:ff:fc:f6:ff:2e:
fc:43:6e:59:6b:ce:1b:49:cb:e5:0e:95:5d:7b:50:
76:05:67:06:31:f6:a7:16:c9:68:0a:61:f7:2f:ff:
ea:ad:6a:92:93:c1:4e:f2:53:a7:1c:0f:62:2d:26:
54:84:fa:7c:20:2a:16:6d:4e:ae:b8:73:f5:b2:64:
6a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:23:9B:6E:B5:FD:1B:9C:E3:AB:EF:BD:E2:04:70:05:50:9D:7B:D2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ABB5C0FA21C411ECBCA7543AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.216.0/22
103.162.120.0/23
103.192.60.0/22
IPv6:
2001:df0:b1c0::/48
Signature Algorithm: sha256WithRSAEncryption
96:e1:e8:2e:54:96:54:f2:7e:01:ec:ea:a5:1e:4b:6a:f0:4a:
0c:6e:67:e6:30:17:96:1d:21:20:e6:70:f7:a8:7f:8e:2d:f7:
36:00:87:39:0e:21:8d:58:32:01:4f:0d:75:eb:e5:07:46:18:
08:bd:72:2b:1a:97:76:f4:82:9a:4d:c2:6e:42:64:c6:56:98:
59:d2:9b:22:50:91:b9:58:a9:8e:f6:96:b0:ce:41:e7:f0:e7:
92:8c:6b:16:92:e7:35:9a:b8:cd:04:33:ac:de:00:67:c0:8a:
8f:77:a4:07:f0:49:a9:e2:06:4b:1a:6c:ee:88:56:4f:00:2c:
05:4c:79:30:7c:0b:8f:ef:d0:63:05:29:d7:46:8c:f7:84:fd:
e8:55:77:61:dc:07:cf:ad:5c:02:53:59:8f:6d:80:6a:85:f7:
7f:ee:02:e1:9d:f5:fe:80:b2:fe:78:d1:e4:44:f7:d7:87:01:
a3:47:ab:23:22:76:30:b0:d7:90:41:ee:90:8e:13:7c:bb:79:
3b:6e:a2:7a:9c:a5:70:98:d1:66:32:5b:23:a6:5e:ed:b1:36:
3c:ac:57:41:89:14:9c:1f:7d:e3:48:d8:71:72:dc:9b:8a:3d:
4e:ce:82:59:91:b1:22:43:82:44:3c:fd:ff:de:01:5e:e5:10:
6e:03:33:ba
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICY34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTE5MDg0MTM5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M5MDI0My0xMTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAni2dsu7G0farfhSjYTALFDV35SmnNOmWcJnCIpCXnGPf+qNeK4ShJqWlVSwg
6pRI+ZfAyP6P5i/ci+L/LwFE2m7IPv695ilxRTGqWPseYuY+/lGOqjgCPT5chnHi
fRM2/zbqsGUIEVba/4UhnVVwLuAHTPwJ7OLceqJCpgZLGJkwttpvfcx2pOKBHV+y
p1cxbrhmId3rNYTU41nSmtX1uaepNuUdSBDLgtTE3rksXmA1a6ZqBdFsAQ17UIaE
//z2/y78Q25Za84bScvlDpVde1B2BWcGMfanFsloCmH3L//qrWqSk8FO8lOnHA9i
LSZUhPp8ICoWbU6uuHP1smRqmQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFDAjm261
/Ruc46vvveIEcAVQnXvSMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQUJCNUMwRkEy
MUM0MTFFQ0JDQTc1NDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAIte9gDBAFnongDBAJnwDwwDwQCAAIwCQMHACABDfCxwDAN
BgkqhkiG9w0BAQsFAAOCAQEAluHoLlSWVPJ+AezqpR5LavBKDG5n5jAXlh0hIOZw
96h/ji33NgCHOQ4hjVgyAU8NdevlB0YYCL1yKxqXdvSCmk3CbkJkxlaYWdKbIlCR
uVipjvaWsM5B5/DnkoxrFpLnNZq4zQQzrN4AZ8CKj3ekB/BJqeIGSxps7ohWTwAs
BUx5MHwLj+/QYwUp10aM94T96FV3YdwHz61cAlNZj22AaoX3f+4C4Z31/oCy/njR
5ET314cBo0erIyJ2MLDXkEHukI4TfLt5O26iepylcJjRZjJbI6Ze7bE2PKxXQYkU
nB9940jYcXLcm4o9Ts6CWZGxIkOCRDz9/94BXuUQbgMzug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org