Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/2C6B56B4C60D11ECB35BB85CC4F9AE02.roa
File: 2C6B56B4C60D11ECB35BB85CC4F9AE02.roa (raw, json)
Hash identifier: B9amVL/f5+8g+09IWLZ5gvepP6jG5KleOVF3Xsn+zPg=
Subject key identifier: 08:F2:99:D1:2B:AE:D6:BC:E0:76:3A:9A:81:A2:B9:9F:CE:CF:C8:81
Certificate issuer: /CN=A9191E08/serialNumber=33B6953295801038F017FA65D470781A5CC772C0
Certificate serial: 02
Authority key identifier: 33:B6:95:32:95:80:10:38:F0:17:FA:65:D4:70:78:1A:5C:C7:72:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7aVMpWAEDjwF_pl1HB4GlzHcsA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/2C6B56B4C60D11ECB35BB85CC4F9AE02.roa
Signing time: Wed 27 Apr 2022 09:34:03 +0000
ROA not before: Wed 27 Apr 2022 09:34:03 +0000
ROA not after: Mon 31 Oct 2022 00:00:00 +0000
asID: 132742
IP address blocks: 45.122.136.0/24 maxlen: 24
45.122.137.0/24 maxlen: 24
45.122.138.0/24 maxlen: 24
45.122.139.0/24 maxlen: 24
103.63.4.0/24 maxlen: 24
103.63.5.0/24 maxlen: 24
103.63.6.0/24 maxlen: 24
103.63.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191E08/serialNumber=33B6953295801038F017FA65D470781A5CC772C0
Validity
Not Before: Apr 27 09:34:03 2022 GMT
Not After : Oct 31 00:00:00 2022 GMT
Subject: CN=62690e0a-eef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6a:77:49:1b:84:2d:4e:df:6b:e0:83:c8:7a:
91:51:f1:0c:dd:b1:56:11:e8:0b:66:81:9f:a2:33:
88:3c:3e:1b:33:7e:6a:af:2d:04:68:a5:6e:d2:95:
00:ed:e5:6e:d3:34:b8:34:0c:d2:da:67:08:27:a1:
03:74:90:8d:d7:d6:4a:48:a8:4e:86:64:bd:01:e4:
07:e6:6c:81:a1:66:79:48:ea:41:6c:1e:4f:8c:8d:
fc:58:4c:7c:11:ea:cb:85:da:7b:02:49:9b:0f:ab:
30:6c:5c:77:48:78:ae:71:b9:41:99:59:8d:6c:05:
c5:25:6b:79:6a:d7:f0:d5:1f:7b:8a:f9:f3:13:11:
9a:bf:64:b8:32:01:5c:53:9f:9f:c2:3d:fc:5f:e3:
d2:b9:66:a6:15:ad:bd:43:94:bd:fb:26:49:95:ee:
5f:4a:9e:f7:b2:d1:35:bd:8c:ae:fd:f1:1b:6c:f0:
ae:43:3f:d2:b0:29:91:07:71:82:98:a9:2d:2b:87:
c5:2b:1b:1e:a9:a7:af:22:22:4b:e9:0f:0f:b2:bf:
27:0f:82:08:79:55:17:66:43:42:e0:1f:98:96:de:
ac:ec:64:3d:2e:8e:1f:0f:63:99:80:1b:70:c7:2d:
0b:ea:22:6f:fd:bc:92:f5:b8:a8:6f:24:54:d1:b6:
81:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F2:99:D1:2B:AE:D6:BC:E0:76:3A:9A:81:A2:B9:9F:CE:CF:C8:81
X509v3 Authority Key Identifier:
keyid:33:B6:95:32:95:80:10:38:F0:17:FA:65:D4:70:78:1A:5C:C7:72:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/M7aVMpWAEDjwF_pl1HB4GlzHcsA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7aVMpWAEDjwF_pl1HB4GlzHcsA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/2C6B56B4C60D11ECB35BB85CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.122.136.0/22
103.63.4.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:26:bc:d8:49:d4:42:4b:5f:e1:57:27:6f:ec:ec:65:51:69:
45:15:6a:69:a7:40:90:ed:03:80:36:87:ba:74:86:b9:db:d6:
b2:04:b8:f4:0e:ed:34:40:3e:7b:73:aa:f8:e6:79:fb:81:c7:
2f:e1:98:96:7d:13:55:96:fb:7e:95:46:c5:ae:5e:e3:da:89:
cd:76:6f:47:42:fa:5e:b9:6a:6b:8b:f0:0b:40:53:f7:cc:de:
e0:d2:38:3c:19:8d:c8:64:93:37:66:82:8f:48:e2:b4:69:fd:
40:78:e1:a4:7b:a3:53:cd:f3:88:3b:00:57:49:58:a6:ee:d6:
5b:c0:a5:41:39:f4:54:b7:d9:4a:a7:65:10:a4:34:c5:c9:15:
9a:a4:14:3f:d9:25:a4:c3:4d:d6:90:17:e5:86:89:6e:1a:2e:
72:63:50:a5:53:ff:b6:69:51:36:2a:81:f6:1c:cb:49:c7:eb:
51:05:f0:39:d6:77:08:66:fc:7d:55:64:55:c5:52:3f:80:a5:
97:2d:b6:5d:eb:d3:39:3e:14:96:89:36:92:89:a6:da:a7:d2:
fe:67:d7:9b:6e:dc:19:41:1f:dd:06:cb:6f:d9:76:61:4d:00:
51:f6:37:87:8d:24:23:39:aa:c7:6f:15:58:3c:2e:58:d0:a9:
c1:cd:4f:ce
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MUUwODExMC8GA1UEBRMoMzNCNjk1MzI5NTgwMTAzOEYwMTdGQTY1RDQ3MDc4MUE1
Q0M3NzJDMDAeFw0yMjA0MjcwOTM0MDNaFw0yMjEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjkwZTBhLWVlZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFandJG4QtTt9r4IPIepFR8QzdsVYR6AtmgZ+iM4g8PhszfmqvLQRopW7SlQDt
5W7TNLg0DNLaZwgnoQN0kI3X1kpIqE6GZL0B5AfmbIGhZnlI6kFsHk+MjfxYTHwR
6suF2nsCSZsPqzBsXHdIeK5xuUGZWY1sBcUla3lq1/DVH3uK+fMTEZq/ZLgyAVxT
n5/CPfxf49K5ZqYVrb1DlL37JkmV7l9Knvey0TW9jK798Rts8K5DP9KwKZEHcYKY
qS0rh8UrGx6pp68iIkvpDw+yvycPggh5VRdmQ0LgH5iW3qzsZD0ujh8PY5mAG3DH
LQvqIm/9vJL1uKhvJFTRtoE7AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUCPKZ0Suu
1rzgdjqagaK5n87PyIEwHwYDVR0jBBgwFoAUM7aVMpWAEDjwF/pl1HB4GlzHcsAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkxRTA4LzlFQzYzMUVDQzYw
OTExRUNCNDYwRUM1N0M0RjlBRTAyL003YVZNcFdBRURqd0ZfcGwxSEI0R2x6SGNz
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTTdhVk1wV0FFRGp3Rl9wbDFIQjRHbHpIY3NBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MUUwOC85RUM2MzFFQ0M2MDkxMUVDQjQ2MEVDNTdDNEY5QUUwMi8yQzZCNTZCNEM2
MEQxMUVDQjM1QkI4NUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAi16iAMEAmc/BDANBgkqhkiG9w0BAQsFAAOCAQEAsSa82EnU
Qktf4Vcnb+zsZVFpRRVqaadAkO0DgDaHunSGudvWsgS49A7tNEA+e3Oq+OZ5+4HH
L+GYln0TVZb7fpVGxa5e49qJzXZvR0L6Xrlqa4vwC0BT98ze4NI4PBmNyGSTN2aC
j0jitGn9QHjhpHujU83ziDsAV0lYpu7WW8ClQTn0VLfZSqdlEKQ0xckVmqQUP9kl
pMNN1pAX5YaJbhoucmNQpVP/tmlRNiqB9hzLScfrUQXwOdZ3CGb8fVVkVcVSP4Cl
ly22XevTOT4Ulok2komm2qfS/mfXm27cGUEf3QbLb9l2YU0AUfY3h40kIzmqx28V
WDwuWNCpwc1Pzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org