Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/AFB74AF0C77511EC81DCA645C4F9AE02.roa
File: AFB74AF0C77511EC81DCA645C4F9AE02.roa (raw, json)
Hash identifier: ixLf/5GjW09WpKvKEWNbf34mr7XOZ2FTgL8lb29o53A=
Subject key identifier: 54:A9:DF:B3:B1:7A:9D:4A:49:FA:D8:E0:51:AA:E7:F8:59:14:32:1B
Certificate issuer: /CN=A91975CC/serialNumber=0BAC42986E9ABDB7CEE2CDFB2A9FE8D6D02AAB5C
Certificate serial: 3E
Authority key identifier: 0B:AC:42:98:6E:9A:BD:B7:CE:E2:CD:FB:2A:9F:E8:D6:D0:2A:AB:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/AFB74AF0C77511EC81DCA645C4F9AE02.roa
Signing time: Fri 29 Apr 2022 04:53:45 +0000
ROA not before: Fri 29 Apr 2022 04:53:45 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 134697
IP address blocks: 45.248.48.0/22 maxlen: 22
45.248.48.0/24 maxlen: 24
45.248.49.0/24 maxlen: 24
45.248.50.0/24 maxlen: 24
45.248.51.0/24 maxlen: 24
103.205.28.0/23 maxlen: 24
103.214.222.0/24 maxlen: 24
103.216.190.0/23 maxlen: 24
203.12.0.0/23 maxlen: 24
203.12.2.0/23 maxlen: 24
203.12.4.0/23 maxlen: 24
203.12.8.0/24 maxlen: 24
203.12.10.0/23 maxlen: 24
203.12.12.0/23 maxlen: 24
203.12.14.0/23 maxlen: 24
2404:e80::/32 maxlen: 32
2404:e80::/36 maxlen: 36
2404:e80:4000::/36 maxlen: 36
2404:e80:6000::/36 maxlen: 36
2404:e80:8000::/36 maxlen: 36
2404:e80:9000::/36 maxlen: 36
2404:e80:a000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62 (0x3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91975CC/serialNumber=0BAC42986E9ABDB7CEE2CDFB2A9FE8D6D02AAB5C
Validity
Not Before: Apr 29 04:53:45 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=626b6f59-a666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b5:79:d4:a6:c6:de:33:27:b0:d3:47:f8:9f:
5b:0a:42:87:aa:54:50:1f:f9:89:86:65:3f:80:47:
4c:72:60:fa:3e:f8:5b:41:57:18:25:21:73:2e:b3:
07:c5:8d:32:47:25:a1:83:72:4e:56:62:a6:2a:94:
b8:a4:2e:4e:6f:d3:bc:1d:5d:6a:ca:ae:72:10:d8:
5a:58:7f:80:6d:e7:a1:a1:e5:b4:1c:c4:ad:0f:90:
20:ce:d5:1a:1e:7a:0a:cd:be:1c:ee:8f:c2:09:b5:
2e:2c:da:75:9f:79:b0:8f:3e:5d:f9:f5:ea:b8:2b:
92:39:7d:af:83:64:ae:ce:2d:bd:dc:1e:c9:9c:1e:
e3:5c:22:2c:34:5a:56:58:54:9e:be:b0:f0:04:45:
0d:0a:aa:45:74:65:50:96:d0:2f:17:ab:23:91:03:
a3:f7:26:70:09:86:c4:9b:6a:e2:16:0d:84:46:32:
fe:a4:8f:3f:83:0c:7c:4e:eb:80:62:a2:b8:4d:4c:
10:5f:a3:0b:73:ce:6a:87:9f:56:5a:7d:08:3d:42:
83:59:a5:2a:56:61:99:51:27:33:68:1d:ef:d2:53:
a1:69:7e:cc:f8:ad:59:10:f6:52:66:27:59:c2:d7:
41:da:b6:d7:8a:b0:f1:91:9f:cb:e0:1b:cc:33:5e:
9e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A9:DF:B3:B1:7A:9D:4A:49:FA:D8:E0:51:AA:E7:F8:59:14:32:1B
X509v3 Authority Key Identifier:
keyid:0B:AC:42:98:6E:9A:BD:B7:CE:E2:CD:FB:2A:9F:E8:D6:D0:2A:AB:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/C6xCmG6avbfO4s37Kp_o1tAqq1w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C6xCmG6avbfO4s37Kp_o1tAqq1w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91975CC/1EA343E2AFE311ECA2CB066DC4F9AE02/AFB74AF0C77511EC81DCA645C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.48.0/22
103.205.28.0/23
103.214.222.0/24
103.216.190.0/23
203.12.0.0-203.12.5.255
203.12.8.0/24
203.12.10.0-203.12.15.255
IPv6:
2404:e80::/32
Signature Algorithm: sha256WithRSAEncryption
45:76:4b:1b:54:4e:ff:6d:07:df:5d:02:5d:74:db:c8:05:ae:
0d:15:b7:b5:e1:c8:18:8d:29:72:b6:59:ad:a0:a7:a3:88:82:
0d:23:92:d9:49:fa:fe:12:7e:ca:16:30:5d:29:c7:6f:28:06:
13:d4:06:71:1a:3e:d0:5d:0f:fd:fc:bd:2d:eb:56:c4:24:1e:
a3:82:da:e2:a8:80:95:14:00:6d:2b:fa:fe:42:ba:20:82:2e:
71:b3:62:b8:b2:dd:1d:52:c6:1c:04:49:14:15:69:b1:60:a8:
07:b3:93:80:be:ec:cb:03:e0:a0:95:60:68:e0:8c:74:d4:c4:
4f:be:39:5c:e9:13:fc:84:71:10:1f:69:81:15:a4:33:59:3a:
ed:63:ef:3d:42:0a:4d:b7:de:48:5e:38:5d:d5:65:42:fb:cd:
b3:d5:a4:3a:21:8f:52:4b:28:35:d7:cc:20:49:58:c8:37:6e:
53:54:ac:b9:62:99:7c:de:33:6a:50:63:c0:e7:e0:10:a9:1b:
11:95:5e:19:60:c3:b6:69:03:1a:7b:2f:33:e0:bd:ef:d1:ce:
e3:d4:ff:41:5b:35:71:85:08:7e:d6:1c:8f:19:70:03:6c:5f:
5c:1f:7b:66:1f:36:c8:55:ca:a4:e0:33:63:f0:10:65:32:37:
43:b2:4e:bd
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzVDQzExMC8GA1UEBRMoMEJBQzQyOTg2RTlBQkRCN0NFRTJDREZCMkE5RkU4RDZE
MDJBQUI1QzAeFw0yMjA0MjkwNDUzNDVaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNmI2ZjU5LWE2NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZtXnUpsbeMyew00f4n1sKQoeqVFAf+YmGZT+AR0xyYPo++FtBVxglIXMuswfF
jTJHJaGDck5WYqYqlLikLk5v07wdXWrKrnIQ2FpYf4Bt56Gh5bQcxK0PkCDO1Roe
egrNvhzuj8IJtS4s2nWfebCPPl359eq4K5I5fa+DZK7OLb3cHsmcHuNcIiw0WlZY
VJ6+sPAERQ0KqkV0ZVCW0C8XqyORA6P3JnAJhsSbauIWDYRGMv6kjz+DDHxO64Bi
orhNTBBfowtzzmqHn1ZafQg9QoNZpSpWYZlRJzNoHe/SU6Fpfsz4rVkQ9lJmJ1nC
10HatteKsPGRn8vgG8wzXp4BAgMBAAGjggLXMIIC0zAdBgNVHQ4EFgQUVKnfs7F6
nUpJ+tjgUarn+FkUMhswHwYDVR0jBBgwFoAUC6xCmG6avbfO4s37Kp/o1tAqq1ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3NUNDLzFFQTM0M0UyQUZF
MzExRUNBMkNCMDY2REM0RjlBRTAyL0M2eENtRzZhdmJmTzRzMzdLcF9vMXRBcXEx
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQzZ4Q21HNmF2YmZPNHMzN0twX28xdEFxcTF3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzVDQy8xRUEzNDNFMkFGRTMxMUVDQTJDQjA2NkRDNEY5QUUwMi9BRkI3NEFGMEM3
NzUxMUVDODFEQ0E2NDVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBhBggrBgEFBQcBBwEB/wRS
MFAwPwQCAAEwOQMEAi34MAMEAWfNHAMEAGfW3gMEAWfYvjALAwMCywwDBAHLDAQD
BADLDAgwDAMEAcsMCgMEBMsMADANBAIAAjAHAwUAJAQOgDANBgkqhkiG9w0BAQsF
AAOCAQEARXZLG1RO/20H310CXXTbyAWuDRW3teHIGI0pcrZZraCno4iCDSOS2Un6
/hJ+yhYwXSnHbygGE9QGcRo+0F0P/fy9LetWxCQeo4La4qiAlRQAbSv6/kK6IIIu
cbNiuLLdHVLGHARJFBVpsWCoB7OTgL7sywPgoJVgaOCMdNTET745XOkT/IRxEB9p
gRWkM1k67WPvPUIKTbfeSF44XdVlQvvNs9WkOiGPUksoNdfMIElYyDduU1SsuWKZ
fN4zalBjwOfgEKkbEZVeGWDDtmkDGnsvM+C979HO49T/QVs1cYUIftYcjxlwA2xf
XB97Zh82yFXKpOAzY/AQZTI3Q7JOvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org