Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/8CD848D0044111EA91594D66C4F9AE02.roa
File: 8CD848D0044111EA91594D66C4F9AE02.roa (raw, json)
Hash identifier: lXrU4ig/vTKXyqWkkkRD+TLNGhSssHIFcA0EOnxI1FY=
Subject key identifier: CF:22:0A:BE:EB:89:82:5B:0A:17:7A:30:4E:5B:72:BF:21:8D:E3:02
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 399A
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/8CD848D0044111EA91594D66C4F9AE02.roa
Signing time: Fri 26 Aug 2022 14:53:29 +0000
ROA not before: Fri 26 Aug 2022 14:53:29 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 63747
IP address blocks: 45.252.240.0/22 maxlen: 23
45.252.240.0/24 maxlen: 24
45.252.241.0/24 maxlen: 24
45.252.242.0/24 maxlen: 24
45.252.243.0/24 maxlen: 24
45.252.244.0/22 maxlen: 24
103.221.224.0/22 maxlen: 24
103.221.228.0/22 maxlen: 24
2001:df2:ce00::/48 maxlen: 48
2405:53c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14746 (0x399a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 26 14:53:29 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6308de68-587d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:21:25:c2:d3:0d:f8:71:22:55:28:1b:a5:f3:
f7:e3:8a:c4:12:3a:b1:d9:75:be:4d:94:ff:75:74:
7e:bf:95:a7:85:7d:94:b7:7a:3b:f9:93:b9:c0:13:
80:5a:87:45:f5:62:6a:7f:3b:e4:38:53:b2:9e:a8:
7c:83:13:c5:2a:ae:e5:63:99:88:c4:b8:ad:de:af:
43:39:fd:7f:72:cf:ea:4a:38:a2:42:86:d8:7b:4d:
2d:2b:44:37:6e:5d:41:0e:af:d8:48:0e:61:a6:46:
a1:2c:fd:ea:05:94:db:83:07:1b:9f:07:c0:70:80:
9b:7a:78:27:81:25:f2:b4:12:46:3e:d5:47:90:c3:
56:b0:51:d7:5b:53:44:26:01:76:58:67:72:fd:6e:
db:e9:fe:f3:54:74:4c:d4:90:55:65:49:f9:ca:28:
92:5e:7c:11:0b:18:ef:90:cf:6c:ab:08:e0:d3:1d:
b0:76:19:da:1a:e1:df:df:c8:5d:1e:34:c6:e2:0d:
71:cd:b6:69:0f:32:43:97:1c:64:3b:80:90:f8:8f:
9c:99:54:f5:b9:57:24:3a:e5:16:e9:1c:bd:12:4f:
35:7e:a6:1f:7b:2f:c5:84:53:8c:7c:fd:b5:6e:5c:
ab:87:18:12:d2:b5:42:74:44:e0:79:14:56:e9:a4:
c9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:22:0A:BE:EB:89:82:5B:0A:17:7A:30:4E:5B:72:BF:21:8D:E3:02
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/8CD848D0044111EA91594D66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.240.0/21
103.221.224.0/21
IPv6:
2001:df2:ce00::/48
2405:53c0::/48
Signature Algorithm: sha256WithRSAEncryption
be:71:1c:39:f7:54:62:b7:ce:1d:1c:2b:d6:fd:8a:ef:93:33:
6b:45:63:be:2c:65:b6:4d:ee:10:a0:30:71:6a:85:ec:af:63:
07:d1:d4:9e:e3:42:ab:18:81:1b:0b:2d:f8:9f:76:eb:b5:03:
1a:cb:95:27:cc:36:82:b4:88:64:6b:9e:fe:ec:f9:72:2e:85:
6e:9f:3c:0b:82:34:50:1e:78:32:2b:2c:b4:fe:e1:30:51:71:
a9:6e:75:c2:89:e7:6c:90:66:1d:9d:76:61:1e:60:37:22:91:
06:a5:c8:8a:b4:55:ce:ce:d3:70:0e:ca:ac:d7:cb:45:60:71:
c4:46:a6:4f:8e:95:c0:8d:7a:73:b8:27:d8:70:5b:b8:d3:f1:
f0:eb:64:8d:3d:3e:32:60:d3:9e:6c:56:ce:33:d8:45:62:01:
20:44:6a:cc:56:4f:09:dc:fc:f0:54:f2:bd:a1:98:8f:d0:0e:
ba:b1:40:ae:47:20:be:17:97:5f:5a:0f:24:a9:e1:e7:8b:2d:
5b:bd:db:ad:05:2e:bb:46:57:3b:8e:03:25:e3:e8:67:35:7d:
34:34:b9:28:93:df:08:8d:0d:0c:1d:3b:ac:9f:f5:97:86:6f:
dc:6d:b9:10:6f:ab:4b:d5:b6:1b:ca:4a:5d:90:dc:10:fd:5f:
ae:5c:be:06
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICOZowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjIwODI2MTQ1MzI5WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA4ZGU2OC01ODdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmyElwtMN+HEiVSgbpfP344rEEjqx2XW+TZT/dXR+v5WnhX2Ut3o7+ZO5wBOA
WodF9WJqfzvkOFOynqh8gxPFKq7lY5mIxLit3q9DOf1/cs/qSjiiQobYe00tK0Q3
bl1BDq/YSA5hpkahLP3qBZTbgwcbnwfAcICbengngSXytBJGPtVHkMNWsFHXW1NE
JgF2WGdy/W7b6f7zVHRM1JBVZUn5yiiSXnwRCxjvkM9sqwjg0x2wdhnaGuHf38hd
HjTG4g1xzbZpDzJDlxxkO4CQ+I+cmVT1uVckOuUW6Ry9Ek81fqYfey/FhFOMfP21
blyrhxgS0rVCdETgeRRW6aTJ5wIDAQABo4ICtTCCArEwHQYDVR0OBBYEFM8iCr7r
iYJbChd6ME5bcr8hjeMCMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvOENEODQ4RDAw
NDQxMTFFQTkxNTk0RDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMBIEAgABMAwDBAMt/PADBANn3eAwGAQCAAIwEgMHACABDfLOAAMHACQFU8AA
ADANBgkqhkiG9w0BAQsFAAOCAQEAvnEcOfdUYrfOHRwr1v2K75Mza0Vjvixltk3u
EKAwcWqF7K9jB9HUnuNCqxiBGwst+J9267UDGsuVJ8w2grSIZGue/uz5ci6Fbp88
C4I0UB54MisstP7hMFFxqW51wonnbJBmHZ12YR5gNyKRBqXIirRVzs7TcA7KrNfL
RWBxxEamT46VwI16c7gn2HBbuNPx8OtkjT0+MmDTnmxWzjPYRWIBIERqzFZPCdz8
8FTyvaGYj9AOurFArkcgvheXX1oPJKnh54stW73brQUuu0ZXO44DJePoZzV9NDS5
KJPfCI0NDB07rJ/1l4Zv3G25EG+rS9W2G8pKXZDcEP1frly+Bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org