Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E35D364640BC11EE85A11A47C4F9AE02.roa
File: E35D364640BC11EE85A11A47C4F9AE02.roa (raw, json)
Hash identifier: yuTJSQn/zfUqdwg9YkPU5Lh6FdQxvXccpEzzeTSbiDs=
Subject key identifier: B3:6C:8B:46:5A:62:3D:4F:7E:47:30:BF:70:01:DE:E8:69:76:94:EE
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 782C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E35D364640BC11EE85A11A47C4F9AE02.roa
Signing time: Tue 22 Aug 2023 07:24:11 +0000
ROA not before: Tue 22 Aug 2023 07:24:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132323
IP address blocks: 45.115.188.0/22 maxlen: 24
45.116.116.0/22 maxlen: 24
2001:df2:9ac0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30764 (0x782c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 22 07:24:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64e4629b-b2a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2e:a1:54:61:a4:88:a2:86:5a:b7:58:c8:14:
a7:a6:19:d1:d9:3c:ad:e6:55:2b:f0:a1:ee:f0:ec:
28:5e:1f:85:fa:e2:e5:ff:de:b8:5d:8d:aa:61:e9:
9c:39:08:7a:b5:5c:e4:7e:26:fa:8a:63:ac:7e:ec:
9e:77:e2:4e:b3:53:71:6c:72:18:64:77:65:2a:69:
01:af:77:02:e3:20:f3:94:08:15:fb:a6:3d:01:69:
43:9c:74:ab:9e:0f:19:ca:c8:02:c2:04:c5:57:7d:
01:e2:bb:8f:ec:e1:d8:2e:36:b2:a8:6f:35:0c:e3:
63:e6:ab:46:a3:49:65:83:73:15:43:4e:d8:4b:83:
1c:b5:95:36:b0:57:1d:68:23:80:b8:dd:90:92:09:
79:80:72:2c:52:1e:54:be:1e:dc:84:06:1c:a4:04:
11:84:72:e9:55:71:21:c3:0d:d8:6a:36:08:85:1e:
e0:d4:3c:ea:c5:a1:aa:7d:fa:ae:e6:de:1f:3c:07:
8c:03:ea:da:99:8d:dd:5a:5d:68:c8:8f:0d:ab:ee:
e3:9c:67:ea:d8:0c:23:62:8e:44:f9:0c:7c:cc:4b:
b3:89:9a:43:d6:fe:f1:0d:7b:8f:9f:6e:31:5d:97:
d6:13:f5:79:37:3e:bf:b2:ea:43:a5:e4:c9:5e:f4:
14:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6C:8B:46:5A:62:3D:4F:7E:47:30:BF:70:01:DE:E8:69:76:94:EE
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E35D364640BC11EE85A11A47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.188.0/22
45.116.116.0/22
IPv6:
2001:df2:9ac0::/48
Signature Algorithm: sha256WithRSAEncryption
72:4c:d8:d0:ce:28:0b:c3:17:d9:7e:fd:a8:e5:41:fd:6c:13:
87:1e:48:35:88:17:71:aa:22:76:96:5d:ff:0a:2f:d5:29:ec:
3a:c3:a3:69:4e:56:93:4f:16:4b:64:69:f3:0d:6f:4e:ee:b3:
1b:2a:84:9b:97:8f:5d:db:91:f1:47:59:7f:ab:2b:d2:4e:53:
55:cd:62:cb:3f:dd:8a:e2:e9:32:72:70:c0:cd:aa:5f:6a:df:
61:dd:83:a4:48:dd:66:4e:f6:12:67:3b:40:f1:2a:a8:39:3e:
7c:64:0c:33:84:8e:91:70:54:f2:75:fb:bd:07:b0:49:12:cf:
42:cf:11:c5:67:af:14:9a:cd:4a:74:9b:3f:f4:49:95:e8:6c:
a0:22:4d:3b:cc:cd:38:f5:ef:37:45:87:1c:98:aa:ca:94:56:
4e:2a:66:ba:79:a6:29:68:e3:d1:79:64:49:a7:d4:73:a3:20:
4a:83:d1:20:93:df:fc:8a:d6:23:fe:1c:2b:46:b1:a1:da:98:
ac:4c:fd:72:5c:d3:40:6d:bb:c1:2e:99:a0:04:49:84:45:65:
9a:d6:ef:b3:f2:b4:d5:68:01:83:7b:fe:dc:b1:80:e7:f4:1d:
d6:51:3c:de:27:c5:35:7f:64:0a:47:8f:84:fc:15:d8:d4:af:
3d:69:26:f8
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICeCwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODIyMDcyNDExWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU0NjI5Yi1iMmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwi6hVGGkiKKGWrdYyBSnphnR2Tyt5lUr8KHu8OwoXh+F+uLl/964XY2qYemc
OQh6tVzkfib6imOsfuyed+JOs1NxbHIYZHdlKmkBr3cC4yDzlAgV+6Y9AWlDnHSr
ng8ZysgCwgTFV30B4ruP7OHYLjayqG81DONj5qtGo0llg3MVQ07YS4MctZU2sFcd
aCOAuN2Qkgl5gHIsUh5Uvh7chAYcpAQRhHLpVXEhww3YajYIhR7g1DzqxaGqffqu
5t4fPAeMA+ramY3dWl1oyI8Nq+7jnGfq2AwjYo5E+Qx8zEuziZpD1v7xDXuPn24x
XZfWE/V5Nz6/supDpeTJXvQU7QIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFLNsi0Za
Yj1Pfkcwv3AB3uhpdpTuMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTM1RDM2NDY0
MEJDMTFFRTg1QTExQTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAItc7wDBAItdHQwDwQCAAIwCQMHACABDfKawDANBgkqhkiG
9w0BAQsFAAOCAQEAckzY0M4oC8MX2X79qOVB/WwThx5INYgXcaoidpZd/wov1Sns
OsOjaU5Wk08WS2Rp8w1vTu6zGyqEm5ePXduR8UdZf6sr0k5TVc1iyz/diuLpMnJw
wM2qX2rfYd2DpEjdZk72Emc7QPEqqDk+fGQMM4SOkXBU8nX7vQewSRLPQs8RxWev
FJrNSnSbP/RJlehsoCJNO8zNOPXvN0WHHJiqypRWTipmunmmKWjj0XlkSafUc6Mg
SoPRIJPf/IrWI/4cK0axodqYrEz9clzTQG27wS6ZoARJhEVlmtbvs/K01WgBg3v+
3LGA5/Qd1lE83ifFNX9kCkePhPwV2NSvPWkm+A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:46:45 2025 by rpki-client