Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D92648B4139611EEAA8C626DC4F9AE02.roa
File: D92648B4139611EEAA8C626DC4F9AE02.roa (raw, json)
Hash identifier: N4WmjCaGYfBlxJhZezhLY806C4u5CFigF016hs6Dh/c=
Subject key identifier: 96:F4:B1:EE:A7:79:78:B7:0E:CE:0A:68:B4:E4:1F:7D:4B:50:95:3E
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 03FA
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D92648B4139611EEAA8C626DC4F9AE02.roa
Signing time: Sun 25 Jun 2023 20:28:31 +0000
ROA not before: Sun 25 Jun 2023 20:28:31 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 54339
IP address blocks: 43.255.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1018 (0x3fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Jun 25 20:28:31 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6498a36e-d29a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:94:a7:0b:a0:88:c5:54:14:29:d8:92:1f:b7:
3d:f4:eb:54:7b:91:e3:32:fa:30:01:f1:4f:a7:1f:
b2:5f:34:d0:d0:33:7d:05:fa:ca:39:33:88:4c:4a:
98:d1:b7:b2:95:99:e1:95:b7:90:e8:ce:95:3b:10:
b1:4d:34:b1:7c:73:be:0a:e9:43:14:ad:6b:43:84:
e4:88:ec:98:98:91:b9:62:63:41:5b:d5:d3:1f:2c:
27:81:2c:b5:7c:d2:4e:74:cf:8f:d3:c0:6c:fd:f1:
35:b9:72:53:c3:47:8d:12:cb:bc:60:a9:a7:52:0f:
f0:a1:5f:25:13:44:95:a7:3c:33:02:a3:65:ac:8c:
90:5f:ad:af:f1:48:ed:50:c6:f5:19:9f:78:07:38:
3b:cf:34:65:d7:25:31:0e:a3:3b:41:59:67:93:ee:
33:5c:bc:d3:a7:90:89:db:bf:33:24:20:e5:e2:91:
f1:40:48:5c:5d:32:37:d2:bd:1d:7d:ca:99:d1:90:
38:d3:c8:67:89:90:9e:22:b4:c5:6d:9c:3f:19:4f:
4b:bb:4d:ba:43:23:e8:91:44:2c:02:39:0c:29:28:
47:05:92:1c:35:fd:ad:81:7d:66:fb:5c:b3:a2:9a:
84:dc:b2:b2:2a:fb:93:76:10:a4:b1:0b:6a:5a:bf:
50:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F4:B1:EE:A7:79:78:B7:0E:CE:0A:68:B4:E4:1F:7D:4B:50:95:3E
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/D92648B4139611EEAA8C626DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.121.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ea:5b:3d:f7:18:18:5a:2a:11:97:73:f5:a1:11:79:49:a8:
ec:04:bd:08:02:d6:f4:bd:db:ed:1c:94:4a:31:49:66:65:49:
e9:7d:9e:7c:ea:7b:45:d6:90:aa:30:64:9e:a5:95:d5:4c:ac:
f5:cc:03:36:74:09:0f:5a:4b:a9:db:97:31:09:f4:c7:66:9d:
1a:b5:60:03:66:07:a0:c8:d8:87:c3:4e:20:ac:8c:71:50:6c:
93:11:20:63:18:2b:e3:bc:ba:8a:85:56:49:1a:8b:91:ca:ef:
47:c4:6e:81:3d:06:f5:3f:96:74:fb:00:f6:a4:b7:ea:7f:2b:
16:5b:f1:01:4f:68:a6:c9:a6:8b:db:24:00:3a:83:be:b8:ea:
73:46:5a:3b:89:68:5d:f6:9c:e8:0b:da:d7:60:d7:68:b1:81:
69:47:c0:30:e5:df:da:91:c8:a7:26:f8:04:92:b3:69:6f:4e:
01:a2:53:10:ca:14:6f:20:39:f7:ae:88:74:0e:f9:88:0c:1e:
6e:2a:c7:e1:fb:ee:61:00:0c:61:9d:e1:1d:17:a6:9a:6a:90:
a7:a9:4e:31:36:d9:64:c4:0b:30:e5:12:cc:3e:6c:bf:22:10:
78:40:b8:ad:8a:ce:ad:e4:c6:d8:5a:25:e6:44:c5:65:93:c2:
50:e3:91:ab
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA/owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNjI1MjAyODMxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk4YTM2ZS1kMjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7ZSnC6CIxVQUKdiSH7c99OtUe5HjMvowAfFPpx+yXzTQ0DN9BfrKOTOITEqY
0beylZnhlbeQ6M6VOxCxTTSxfHO+CulDFK1rQ4TkiOyYmJG5YmNBW9XTHywngSy1
fNJOdM+P08Bs/fE1uXJTw0eNEsu8YKmnUg/woV8lE0SVpzwzAqNlrIyQX62v8Ujt
UMb1GZ94Bzg7zzRl1yUxDqM7QVlnk+4zXLzTp5CJ278zJCDl4pHxQEhcXTI30r0d
fcqZ0ZA408hniZCeIrTFbZw/GU9Lu026QyPokUQsAjkMKShHBZIcNf2tgX1m+1yz
opqE3LKyKvuTdhCksQtqWr9QQQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJb0se6n
eXi3Ds4KaLTkH31LUJU+MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRDkyNjQ4QjQx
Mzk2MTFFRUFBOEM2MjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/3kwDQYJKoZIhvcNAQELBQADggEBAFrqWz33GBhaKhGX
c/WhEXlJqOwEvQgC1vS92+0clEoxSWZlSel9nnzqe0XWkKowZJ6lldVMrPXMAzZ0
CQ9aS6nblzEJ9MdmnRq1YANmB6DI2IfDTiCsjHFQbJMRIGMYK+O8uoqFVkkai5HK
70fEboE9BvU/lnT7APakt+p/KxZb8QFPaKbJpovbJAA6g7646nNGWjuJaF32nOgL
2tdg12ixgWlHwDDl39qRyKcm+ASSs2lvTgGiUxDKFG8gOfeuiHQO+YgMHm4qx+H7
7mEADGGd4R0XpppqkKepTjE22WTECzDlEsw+bL8iEHhAuK2Kzq3kxthaJeZExWWT
wlDjkas=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org