Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/6F370B44918911EDA3426975C4F9AE02.roa
File: 6F370B44918911EDA3426975C4F9AE02.roa (raw, json)
Hash identifier: oAQcn+Je/SDv6uNtJKPwUF3uWgyBAtwFE6yq21kPJN0=
Subject key identifier: 55:41:8A:29:27:B1:60:E0:89:C7:11:6C:A9:94:D5:F2:B7:05:0C:65
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 05
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/6F370B44918911EDA3426975C4F9AE02.roa
Signing time: Wed 11 Jan 2023 11:05:18 +0000
ROA not before: Wed 11 Jan 2023 11:05:18 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 134450
IP address blocks: 45.252.189.0/24 maxlen: 24
103.221.233.0/24 maxlen: 24
103.241.52.0/22 maxlen: 22
160.20.8.0/22 maxlen: 22
202.94.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Jan 11 11:05:18 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63be97ed-7f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:76:36:15:82:3b:79:d6:d1:bf:e5:ed:21:0f:
b0:95:fe:eb:4f:f0:e9:d7:2a:6a:12:68:a0:d1:6d:
fa:4a:05:25:94:a1:16:06:6b:ad:04:a3:16:a3:3a:
90:ed:e3:36:fe:ac:df:bc:04:0f:f9:ef:49:99:b7:
89:ef:e7:14:91:9c:ef:55:34:86:6f:69:80:8e:bb:
05:56:50:48:80:20:2c:5e:c6:18:17:47:1f:e8:4b:
64:16:a1:e5:72:f4:17:10:02:35:7a:70:b3:01:48:
33:6e:2b:9e:ad:da:67:cd:60:41:7e:f6:26:b1:a5:
8c:9d:aa:a3:81:21:da:32:1a:b6:6b:02:52:64:cd:
3e:cd:61:bd:dc:df:16:39:14:42:97:fd:c0:cd:1f:
e4:dc:1c:10:91:87:fa:c3:bd:2c:a5:42:62:1b:81:
4a:f3:58:6a:da:9d:dd:47:5b:6f:96:16:2b:5b:5e:
e8:8b:c3:c3:e8:21:45:bf:ff:7d:8b:07:23:15:20:
1a:45:e6:a1:a5:80:51:c2:7f:9d:b7:da:10:82:36:
e0:63:93:eb:06:6e:75:ce:1f:23:05:2b:fa:76:d9:
b0:3c:c9:ae:dc:1e:02:e9:d6:ac:9b:6a:de:c4:72:
ca:5d:30:1d:9a:dc:73:ae:25:54:47:d4:94:37:da:
72:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:41:8A:29:27:B1:60:E0:89:C7:11:6C:A9:94:D5:F2:B7:05:0C:65
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/6F370B44918911EDA3426975C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.189.0/24
103.221.233.0/24
103.241.52.0/22
160.20.8.0/22
202.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:36:f8:08:8f:48:20:df:6e:e4:ca:94:ed:76:d8:2d:3c:70:
ee:97:f3:87:0a:80:1c:75:1b:ba:9a:4e:0e:bd:a2:e0:1f:34:
16:4a:d7:6b:e3:d4:30:09:ce:8f:ba:41:09:92:f1:43:7c:2f:
30:4e:ca:91:0e:82:0a:73:3a:33:5a:7c:f7:cb:1b:79:1a:0c:
0e:3e:0d:fc:96:d1:5b:7f:5a:aa:2f:a8:bd:37:f7:c4:b7:90:
7e:f0:19:c0:be:6f:7f:03:7c:d3:34:9a:a0:b9:09:d0:c1:c9:
30:37:17:cd:5b:80:4f:15:3a:2b:e7:ce:ad:47:7c:6e:7d:e9:
0e:30:e9:fc:12:d3:03:77:1d:c1:02:99:28:f4:64:d3:ff:d3:
80:65:7a:a5:e4:21:80:5a:88:3a:42:68:97:d2:02:84:51:b8:
f6:cf:0b:a2:01:0e:e5:f5:50:73:0f:fe:fb:e7:8c:58:69:b0:
c6:55:c7:5f:f3:7f:07:82:3d:70:b1:c1:c2:f1:5b:e0:0d:6b:
1c:04:9f:cd:27:09:89:ac:a2:51:25:39:b0:7c:10:5a:d4:a4:
17:85:fe:3c:04:7c:9b:36:3a:50:2a:a2:76:aa:43:38:f9:d9:
af:17:50:1b:0c:ae:be:a9:d3:aa:af:54:6f:68:7b:84:6f:a8:
8f:00:25:48
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NjU4NzExMC8GA1UEBRMoMkQ2MzQwNzdDQzg0N0I1OUQ0MDQ4RDQzRTA0QjMzMDk2
OThGRTYzODAeFw0yMzAxMTExMTA1MThaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzYmU5N2VkLTdmNGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZdjYVgjt51tG/5e0hD7CV/utP8OnXKmoSaKDRbfpKBSWUoRYGa60EoxajOpDt
4zb+rN+8BA/570mZt4nv5xSRnO9VNIZvaYCOuwVWUEiAICxexhgXRx/oS2QWoeVy
9BcQAjV6cLMBSDNuK56t2mfNYEF+9iaxpYydqqOBIdoyGrZrAlJkzT7NYb3c3xY5
FEKX/cDNH+TcHBCRh/rDvSylQmIbgUrzWGrand1HW2+WFitbXuiLw8PoIUW//32L
ByMVIBpF5qGlgFHCf5232hCCNuBjk+sGbnXOHyMFK/p22bA8ya7cHgLp1qybat7E
cspdMB2a3HOuJVRH1JQ32nJVAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUVUGKKSex
YOCJxxFsqZTV8rcFDGUwHwYDVR0jBBgwFoAULWNAd8yEe1nUBI1D4EszCWmP5jgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2NTg3LzQxN0Q3MUI0OTE4
NjExRURBODRBMTI0REM0RjlBRTAyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVq
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTFdOQWQ4eUVlMW5VQkkxRDRFc3pDV21QNWpnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NjU4Ny80MTdENzFCNDkxODYxMUVEQTg0QTEyNERDNEY5QUUwMi82RjM3MEI0NDkx
ODkxMUVEQTM0MjY5NzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAC38vQMEAGfd6QMEAmfxNAMEAqAUCAMEAMperjANBgkqhkiG
9w0BAQsFAAOCAQEAXzb4CI9IIN9u5MqU7XbYLTxw7pfzhwqAHHUbuppODr2i4B80
FkrXa+PUMAnOj7pBCZLxQ3wvME7KkQ6CCnM6M1p898sbeRoMDj4N/JbRW39aqi+o
vTf3xLeQfvAZwL5vfwN80zSaoLkJ0MHJMDcXzVuATxU6K+fOrUd8bn3pDjDp/BLT
A3cdwQKZKPRk0//TgGV6peQhgFqIOkJol9IChFG49s8LogEO5fVQcw/+++eMWGmw
xlXHX/N/B4I9cLHBwvFb4A1rHASfzScJiayiUSU5sHwQWtSkF4X+PAR8mzY6UCqi
dqpDOPnZrxdQGwyuvqnTqq9Ub2h7hG+ojwAlSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org