Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/4DF74D9CA7BC11EDBF487823C4F9AE02.roa
File: 4DF74D9CA7BC11EDBF487823C4F9AE02.roa (raw, json)
Hash identifier: sWV0byDTDyukJjhhFEP2VFbdQKToiSiPcOKfFBXUgTY=
Subject key identifier: 67:04:26:5A:66:F3:0A:DD:9D:01:CA:1B:92:49:D4:77:09:D2:0E:DD
Certificate issuer: /CN=A91778C2/serialNumber=6D4AE89FA97A716A2D92661FF2CF5BD3CCDC29FC
Certificate serial: 1585
Authority key identifier: 6D:4A:E8:9F:A9:7A:71:6A:2D:92:66:1F:F2:CF:5B:D3:CC:DC:29:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/4DF74D9CA7BC11EDBF487823C4F9AE02.roa
Signing time: Wed 08 Feb 2023 14:24:32 +0000
ROA not before: Wed 08 Feb 2023 14:24:32 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 203061
IP address blocks: 43.242.0.0/22 maxlen: 22
116.206.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5509 (0x1585)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91778C2/serialNumber=6D4AE89FA97A716A2D92661FF2CF5BD3CCDC29FC
Validity
Not Before: Feb 8 14:24:32 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=63e3b0a0-6d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4c:15:18:e2:65:56:d7:53:5d:72:94:b9:93:
72:57:07:fb:b8:97:e3:65:3d:58:25:08:3d:69:fb:
d5:58:eb:00:bf:e5:e1:79:bc:89:d4:79:3c:9f:6b:
7e:be:37:57:75:ee:2e:ed:f5:6b:0f:eb:2b:63:93:
57:55:56:4c:d5:41:cb:ca:01:1d:60:f1:3a:89:91:
cb:8d:b0:14:a3:a8:8b:cf:8b:0b:4b:f2:02:a9:3c:
9e:6d:c1:c2:33:e2:c0:d7:ea:2e:81:82:5d:21:cc:
03:fc:a2:57:2f:a7:f1:38:79:f0:44:24:fc:43:a5:
cb:3a:dc:5b:40:3a:13:44:0f:c2:96:5e:68:71:68:
be:fa:53:87:e4:c2:a4:35:a1:7a:25:4f:52:c4:7b:
6d:00:c8:fd:58:9c:ec:59:f6:fd:dc:88:89:98:5c:
f8:92:de:fe:da:8d:ab:db:62:53:0d:6a:6d:99:b3:
5e:e8:a2:3c:0f:39:00:22:b3:f9:51:b9:7e:a0:ab:
17:2d:27:48:89:67:62:d8:bf:da:cd:1d:0d:e8:8a:
8c:b0:bf:b7:69:34:49:a1:71:43:e5:a7:87:9a:96:
eb:e5:20:0d:1a:47:f0:7e:ef:17:5d:62:f7:c2:57:
b1:24:28:37:42:d5:14:81:cd:a4:50:ab:c6:72:02:
be:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:04:26:5A:66:F3:0A:DD:9D:01:CA:1B:92:49:D4:77:09:D2:0E:DD
X509v3 Authority Key Identifier:
keyid:6D:4A:E8:9F:A9:7A:71:6A:2D:92:66:1F:F2:CF:5B:D3:CC:DC:29:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/bUron6l6cWotkmYf8s9b08zcKfw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/4DF74D9CA7BC11EDBF487823C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.0.0/22
116.206.48.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:ec:fa:87:a4:1e:fa:52:cb:70:c1:77:cd:ef:4f:54:25:db:
4e:cf:23:80:7f:db:02:bd:e5:ee:ad:3e:bb:3d:81:71:f5:73:
9a:6f:5d:2b:a8:f9:7a:fa:8a:34:2e:cd:2e:73:bf:fd:f4:fb:
41:d1:49:be:88:f7:cd:94:0b:3f:28:8a:e4:75:46:4a:eb:d5:
81:43:ea:e2:7c:7f:96:7e:de:f7:8a:70:13:df:cb:d9:5b:1d:
df:fe:ab:12:04:a8:a7:48:03:ac:d4:53:cb:5b:fe:31:a4:f5:
bf:e9:34:e9:1a:41:07:8d:9c:d3:e1:69:67:6d:73:e6:8a:0e:
7a:b2:15:d0:58:85:23:a4:a6:08:28:44:d1:09:fc:cf:e0:2b:
56:77:d0:2b:4c:25:cb:d6:88:e4:0e:4f:19:20:13:c8:1f:f3:
9b:47:f6:8c:57:49:35:64:9b:e7:8e:bc:34:fc:b8:ce:a9:77:
f7:76:f7:1e:6b:f6:0d:ec:86:f3:3b:d7:9f:0a:52:a9:f3:78:
f6:7f:96:b3:cf:7c:be:5e:76:ef:78:b8:17:88:5b:fc:92:2e:
23:6d:d8:f1:40:39:ae:d8:15:f3:79:36:81:d7:c1:ed:0c:b4:
f1:6a:d5:49:ef:74:3e:e7:09:5f:e1:91:cd:61:dc:fc:94:0a:
52:a8:d8:24
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc4QzIxMTAvBgNVBAUTKDZENEFFODlGQTk3QTcxNkEyRDkyNjYxRkYyQ0Y1QkQz
Q0NEQzI5RkMwHhcNMjMwMjA4MTQyNDMyWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UzYjBhMC02ZDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArUwVGOJlVtdTXXKUuZNyVwf7uJfjZT1YJQg9afvVWOsAv+XhebyJ1Hk8n2t+
vjdXde4u7fVrD+srY5NXVVZM1UHLygEdYPE6iZHLjbAUo6iLz4sLS/ICqTyebcHC
M+LA1+ougYJdIcwD/KJXL6fxOHnwRCT8Q6XLOtxbQDoTRA/Cll5ocWi++lOH5MKk
NaF6JU9SxHttAMj9WJzsWfb93IiJmFz4kt7+2o2r22JTDWptmbNe6KI8DzkAIrP5
Ubl+oKsXLSdIiWdi2L/azR0N6IqMsL+3aTRJoXFD5aeHmpbr5SANGkfwfu8XXWL3
wlexJCg3QtUUgc2kUKvGcgK+MQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGcEJlpm
8wrdnQHKG5JJ1HcJ0g7dMB8GA1UdIwQYMBaAFG1K6J+penFqLZJmH/LPW9PM3Cn8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzhDMi9FRDJCQkM3MEY4
ODcxMUU3OTIxRjg2NjhDNEY5QUUwMi9iVXJvbjZsNmNXb3RrbVlmOHM5YjA4emNL
ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JVcm9uNmw2Y1dvdGttWWY4czliMDh6Y0tmdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc4QzIvRUQyQkJDNzBGODg3MTFFNzkyMUY4NjY4QzRGOUFFMDIvNERGNzREOUNB
N0JDMTFFREJGNDg3ODIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr8gADBAJ0zjAwDQYJKoZIhvcNAQELBQADggEBAMDs+oek
HvpSy3DBd83vT1Ql207PI4B/2wK95e6tPrs9gXH1c5pvXSuo+Xr6ijQuzS5zv/30
+0HRSb6I982UCz8oiuR1Rkrr1YFD6uJ8f5Z+3veKcBPfy9lbHd/+qxIEqKdIA6zU
U8tb/jGk9b/pNOkaQQeNnNPhaWdtc+aKDnqyFdBYhSOkpggoRNEJ/M/gK1Z30CtM
JcvWiOQOTxkgE8gf85tH9oxXSTVkm+eOvDT8uM6pd/d29x5r9g3shvM7158KUqnz
ePZ/lrPPfL5edu94uBeIW/ySLiNt2PFAOa7YFfN5NoHXwe0MtPFq1UnvdD7nCV/h
kc1h3PyUClKo2CQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org