Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F5BC554296FD11ED87B56F84C4F9AE02.roa
File: F5BC554296FD11ED87B56F84C4F9AE02.roa (raw, json)
Hash identifier: /u/5uGzqQvtdtMFG2g2DKtPquAtH7ffV7ERW6MduwVI=
Subject key identifier: 0D:E1:E8:71:95:01:30:9B:F6:17:4A:E5:3D:54:D7:F4:F5:75:A3:CE
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 64BC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F5BC554296FD11ED87B56F84C4F9AE02.roa
Signing time: Mon 13 Feb 2023 06:41:42 +0000
ROA not before: Mon 13 Feb 2023 06:41:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133674
IP address blocks: 45.117.2.0/24 maxlen: 24
103.69.238.0/24 maxlen: 24
103.81.161.0/24 maxlen: 24
103.169.74.0/23 maxlen: 24
103.232.244.0/22 maxlen: 24
2001:df6:ef80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25788 (0x64bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 13 06:41:42 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63e9dba5-8e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:31:73:b6:b5:08:aa:42:a2:55:eb:0b:e4:e4:
4d:30:da:59:ef:8a:52:7e:76:12:00:78:d6:59:9b:
63:21:a2:56:15:c8:8b:5f:c8:03:b9:d0:fe:f9:0d:
e1:56:90:00:56:56:90:1f:81:99:5e:6a:96:8d:17:
a7:cb:67:9f:34:68:1e:93:74:83:33:e6:2b:82:4a:
e0:41:67:c2:c8:b7:7c:7b:40:76:04:a2:84:8f:82:
9a:9a:a1:60:6a:d8:9c:96:a2:d3:90:78:94:d5:0e:
e9:f7:ad:12:f8:62:8d:bd:17:fb:36:ff:d1:18:d2:
56:4b:e2:f4:ed:92:d0:78:08:15:af:f8:ca:72:3e:
da:d6:6e:3d:53:39:17:b1:c8:ca:43:eb:41:a7:1d:
bb:7e:c9:d7:f6:41:61:0a:1f:21:1b:fc:20:93:12:
2b:b8:29:7d:33:89:e2:21:d8:cc:21:d8:d5:fb:75:
84:58:56:dc:ca:ea:61:2f:a4:2a:05:b7:92:94:0e:
f0:7c:fc:c0:a1:8d:61:ad:b0:c6:ee:f6:42:d9:a9:
a6:1f:f8:bf:4b:ac:6e:5b:8e:0e:3f:7c:a3:2d:9d:
d8:de:7d:1b:18:7e:cb:8b:88:60:5e:93:da:cc:09:
9e:bc:73:e7:1a:07:c2:4e:a7:3e:f6:7a:7b:33:47:
fe:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E1:E8:71:95:01:30:9B:F6:17:4A:E5:3D:54:D7:F4:F5:75:A3:CE
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F5BC554296FD11ED87B56F84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.2.0/24
103.69.238.0/24
103.81.161.0/24
103.169.74.0/23
103.232.244.0/22
IPv6:
2001:df6:ef80::/48
Signature Algorithm: sha256WithRSAEncryption
22:74:a6:74:bd:a1:02:8d:ae:00:e7:36:44:95:a6:e0:a6:4f:
47:fc:cd:6f:8d:ce:00:b8:71:83:dd:ad:3f:a2:86:f5:ff:8b:
c3:23:27:1d:b0:c5:7a:b9:21:45:74:8e:5d:d6:c9:98:4e:12:
61:13:ef:3c:54:af:fe:7a:18:45:53:62:57:3b:97:71:01:8d:
6d:13:23:da:c2:ff:09:d6:5f:93:06:48:7f:c4:0d:94:d4:ea:
10:a8:4e:18:11:9b:78:ae:ad:5a:3c:a0:f6:f6:e4:39:77:70:
d4:62:80:8a:3a:0b:d7:7a:90:c3:8d:8e:51:06:92:02:12:ab:
fa:90:1a:c2:30:e3:15:2b:52:8b:d1:51:2b:ab:ea:30:c5:b1:
a6:2d:78:9f:41:62:d9:2a:0c:cf:d2:64:6a:d0:c2:6d:3f:be:
13:24:27:f4:e6:5b:7b:ac:1a:65:de:24:d6:01:40:e5:a0:2c:
ff:7b:f5:c9:73:16:35:2a:5d:a6:57:90:74:74:21:5f:61:b2:
db:38:03:3a:94:fd:2e:fb:3b:e2:75:b8:e2:af:99:27:92:3a:
89:b9:20:ee:cb:70:f4:a4:3a:4e:1b:87:b7:c7:08:6f:cb:88:
c2:4f:a2:6a:ec:02:d6:f9:d7:21:d5:ed:2a:c1:c4:cc:6a:2b:
f5:f4:a7:8d
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICZLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjEzMDY0MTQyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2U5ZGJhNS04ZTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0jFztrUIqkKiVesL5ORNMNpZ74pSfnYSAHjWWZtjIaJWFciLX8gDudD++Q3h
VpAAVlaQH4GZXmqWjReny2efNGgek3SDM+YrgkrgQWfCyLd8e0B2BKKEj4KamqFg
aticlqLTkHiU1Q7p960S+GKNvRf7Nv/RGNJWS+L07ZLQeAgVr/jKcj7a1m49UzkX
scjKQ+tBpx27fsnX9kFhCh8hG/wgkxIruCl9M4niIdjMIdjV+3WEWFbcyuphL6Qq
BbeSlA7wfPzAoY1hrbDG7vZC2ammH/i/S6xuW44OP3yjLZ3Y3n0bGH7Li4hgXpPa
zAmevHPnGgfCTqc+9np7M0f+9QIDAQABo4ICvjCCArowHQYDVR0OBBYEFA3h6HGV
ATCb9hdK5T1U1/T1daPOMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjVCQzU1NDI5
NkZEMTFFRDg3QjU2Rjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCQEAgABMB4DBAAtdQIDBABnRe4DBABnUaEDBAFnqUoDBAJn6PQwDwQCAAIw
CQMHACABDfbvgDANBgkqhkiG9w0BAQsFAAOCAQEAInSmdL2hAo2uAOc2RJWm4KZP
R/zNb43OALhxg92tP6KG9f+LwyMnHbDFerkhRXSOXdbJmE4SYRPvPFSv/noYRVNi
VzuXcQGNbRMj2sL/CdZfkwZIf8QNlNTqEKhOGBGbeK6tWjyg9vbkOXdw1GKAijoL
13qQw42OUQaSAhKr+pAawjDjFStSi9FRK6vqMMWxpi14n0Fi2SoMz9JkatDCbT++
EyQn9OZbe6waZd4k1gFA5aAs/3v1yXMWNSpdpleQdHQhX2Gy2zgDOpT9Lvs74nW4
4q+ZJ5I6ibkg7stw9KQ6ThuHt8cIb8uIwk+iauwC1vnXIdXtKsHEzGor9fSnjQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org