Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91450A4/DD4736980C3611EBA4E49E21C4F9AE02/4F8A9592992611EC94DB646EC4F9AE02.roa
File: 4F8A9592992611EC94DB646EC4F9AE02.roa (raw, json)
Hash identifier: 5bua4eCCvRD7Uy4YeMv8pE9pBV/DloeqYLyGkoEiIV0=
Subject key identifier: ED:6B:E1:D3:AF:08:71:07:FB:5F:E1:B3:7F:DB:53:51:F0:FE:1A:C2
Certificate issuer: /CN=A91450A4/serialNumber=3D1D6A332AEA4EC502037A0909F4CC19D42DB198
Certificate serial: 040D
Authority key identifier: 3D:1D:6A:33:2A:EA:4E:C5:02:03:7A:09:09:F4:CC:19:D4:2D:B1:98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR1qMyrqTsUCA3oJCfTMGdQtsZg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91450A4/DD4736980C3611EBA4E49E21C4F9AE02/4F8A9592992611EC94DB646EC4F9AE02.roa
Signing time: Tue 01 Mar 2022 06:10:37 +0000
ROA not before: Tue 01 Mar 2022 06:10:37 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 133739
IP address blocks: 43.243.236.0/22 maxlen: 22
43.243.236.0/23 maxlen: 24
43.243.238.0/24 maxlen: 24
43.243.239.0/24 maxlen: 24
103.24.240.0/22 maxlen: 22
103.24.240.0/24 maxlen: 24
103.24.242.0/24 maxlen: 24
103.39.60.0/22 maxlen: 22
103.39.60.0/23 maxlen: 24
103.39.62.0/24 maxlen: 24
103.39.63.0/24 maxlen: 24
103.224.208.0/22 maxlen: 22
103.224.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1037 (0x40d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91450A4/serialNumber=3D1D6A332AEA4EC502037A0909F4CC19D42DB198
Validity
Not Before: Mar 1 06:10:37 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=621db8dc-e4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c0:f5:9b:51:86:53:2d:24:50:c3:2e:3c:90:
b9:36:0d:49:81:74:20:13:8a:06:55:8e:86:5e:69:
8a:f1:80:78:96:4f:fc:dc:ff:63:6a:57:ed:cd:c6:
65:1a:cb:c1:e7:f7:0a:e3:7c:dd:ec:3d:d9:6f:d1:
f4:7e:09:cb:8d:4f:e7:3d:95:ca:92:58:30:24:ca:
e7:ba:15:61:01:f5:61:24:0c:6c:a7:fd:5d:d9:5b:
4f:47:e5:2d:4f:da:65:a3:39:52:fe:4d:93:2f:a7:
67:dd:82:56:b9:f1:13:9b:ce:fe:b5:41:6f:1f:f3:
63:7d:fc:6f:55:0f:3f:ae:61:e0:8b:fc:37:4d:6b:
97:96:60:25:42:91:02:ee:35:86:92:2d:1e:be:f9:
3e:6f:b5:b4:0f:6a:36:87:90:61:fc:de:16:74:aa:
41:82:93:41:8e:2e:91:fe:53:0f:40:ac:61:2c:73:
e7:3f:f1:5f:27:0a:9e:02:c3:76:3e:5b:16:e5:38:
22:f1:48:6c:1c:46:4c:f2:92:da:90:97:9d:7c:95:
0f:c7:59:2b:39:83:f3:cd:07:e5:7e:3e:72:aa:8a:
2f:07:41:8b:35:75:d3:80:1f:7e:b8:55:54:f4:38:
6c:d3:de:9d:be:3e:64:83:4c:02:4c:c5:f3:ca:52:
ed:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6B:E1:D3:AF:08:71:07:FB:5F:E1:B3:7F:DB:53:51:F0:FE:1A:C2
X509v3 Authority Key Identifier:
keyid:3D:1D:6A:33:2A:EA:4E:C5:02:03:7A:09:09:F4:CC:19:D4:2D:B1:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91450A4/DD4736980C3611EBA4E49E21C4F9AE02/PR1qMyrqTsUCA3oJCfTMGdQtsZg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR1qMyrqTsUCA3oJCfTMGdQtsZg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91450A4/DD4736980C3611EBA4E49E21C4F9AE02/4F8A9592992611EC94DB646EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.236.0/22
103.24.240.0/22
103.39.60.0/22
103.224.208.0/22
Signature Algorithm: sha256WithRSAEncryption
93:a4:42:34:22:ba:be:19:3e:70:c0:26:af:30:06:d4:54:70:
cc:b7:72:41:d0:92:27:51:84:ab:ee:ca:e6:46:70:d8:b5:87:
7d:58:58:8d:a5:ef:a1:cb:0a:34:05:1f:88:d3:cc:6f:67:06:
d4:f7:2f:36:26:23:56:45:d9:69:44:17:e3:c3:02:31:10:a2:
c8:53:b8:e8:f1:c2:13:90:4e:97:94:42:d6:51:6d:d5:05:70:
48:f5:24:b9:54:1e:8b:98:4b:16:2e:ff:6a:75:ce:29:7d:21:
af:75:05:52:e5:b0:d4:c0:e6:45:2d:18:f2:aa:e4:4c:e9:3d:
d9:8b:89:76:1e:d9:11:83:62:d8:14:48:2c:ce:f6:af:88:1f:
d6:61:89:5e:8d:31:b8:a6:17:6d:f4:9e:9e:24:6a:1d:4f:13:
9c:6d:1c:29:ad:94:37:9c:5b:9d:79:cd:cb:f2:8d:fd:e5:38:
2a:2a:74:03:49:96:51:ba:1e:84:7a:f4:56:ba:4f:3a:c1:44:
57:86:47:0a:38:65:4c:9c:db:02:02:74:87:d8:1f:be:a2:7a:
cc:1b:2e:b5:c4:72:23:bd:80:15:63:fc:3d:5e:30:01:69:e7:
2f:ed:fa:af:56:23:0d:5a:93:c9:e1:06:3b:d6:a8:49:59:78:
cc:9b:55:07
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBA0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDUwQTQxMTAvBgNVBAUTKDNEMUQ2QTMzMkFFQTRFQzUwMjAzN0EwOTA5RjRDQzE5
RDQyREIxOTgwHhcNMjIwMzAxMDYxMDM3WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFkYjhkYy1lNGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlsD1m1GGUy0kUMMuPJC5Ng1JgXQgE4oGVY6GXmmK8YB4lk/83P9jalftzcZl
GsvB5/cK43zd7D3Zb9H0fgnLjU/nPZXKklgwJMrnuhVhAfVhJAxsp/1d2VtPR+Ut
T9plozlS/k2TL6dn3YJWufETm87+tUFvH/NjffxvVQ8/rmHgi/w3TWuXlmAlQpEC
7jWGki0evvk+b7W0D2o2h5Bh/N4WdKpBgpNBji6R/lMPQKxhLHPnP/FfJwqeAsN2
PlsW5Tgi8UhsHEZM8pLakJedfJUPx1krOYPzzQflfj5yqoovB0GLNXXTgB9+uFVU
9Dhs096dvj5kg0wCTMXzylLtMwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFO1r4dOv
CHEH+1/hs3/bU1Hw/hrCMB8GA1UdIwQYMBaAFD0dajMq6k7FAgN6CQn0zBnULbGY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTBBNC9ERDQ3MzY5ODBD
MzYxMUVCQTRFNDlFMjFDNEY5QUUwMi9QUjFxTXlycVRzVUNBM29KQ2ZUTUdkUXRz
WmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BSMXFNeXJxVHNVQ0Ezb0pDZlRNR2RRdHNaZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDUwQTQvREQ0NzM2OTgwQzM2MTFFQkE0RTQ5RTIxQzRGOUFFMDIvNEY4QTk1OTI5
OTI2MTFFQzk0REI2NDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAIr8+wDBAJnGPADBAJnJzwDBAJn4NAwDQYJKoZIhvcNAQEL
BQADggEBAJOkQjQiur4ZPnDAJq8wBtRUcMy3ckHQkidRhKvuyuZGcNi1h31YWI2l
76HLCjQFH4jTzG9nBtT3LzYmI1ZF2WlEF+PDAjEQoshTuOjxwhOQTpeUQtZRbdUF
cEj1JLlUHouYSxYu/2p1zil9Ia91BVLlsNTA5kUtGPKq5EzpPdmLiXYe2RGDYtgU
SCzO9q+IH9ZhiV6NMbimF230np4kah1PE5xtHCmtlDecW515zcvyjf3lOCoqdANJ
llG6HoR69Fa6TzrBRFeGRwo4ZUyc2wICdIfYH76ieswbLrXEciO9gBVj/D1eMAFp
5y/t+q9WIw1ak8nhBjvWqElZeMybVQc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org