Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/7ABCA5BA82EB11EE928E1764C4F9AE02.roa
File: 7ABCA5BA82EB11EE928E1764C4F9AE02.roa (raw, json)
Hash identifier: Lgt7B8oVCxJ3Kxnt2uaWuxDyKhMV3di0IurKLzJv5kA=
Subject key identifier: D3:97:B0:1D:07:92:7B:CE:F6:95:6C:47:B8:97:53:1A:C7:8C:48:B1
Certificate issuer: /CN=A9183B95/serialNumber=FAD7ECC9C05CD8EB2056909D6C614715E2C5133E
Certificate serial: 02DB
Authority key identifier: FA:D7:EC:C9:C0:5C:D8:EB:20:56:90:9D:6C:61:47:15:E2:C5:13:3E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tfsycBc2OsgVpCdbGFHFeLFEz4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/7ABCA5BA82EB11EE928E1764C4F9AE02.roa
Signing time: Tue 14 Nov 2023 12:43:58 +0000
ROA not before: Tue 14 Nov 2023 12:43:58 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 212238
IP address blocks: 43.228.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 731 (0x2db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9183B95/serialNumber=FAD7ECC9C05CD8EB2056909D6C614715E2C5133E
Validity
Not Before: Nov 14 12:43:58 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=65536b8e-141e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b0:c3:de:c9:5d:e4:c7:8a:3d:99:4b:5d:50:
c5:8d:53:1c:22:3c:2d:6a:6c:4f:5a:26:b7:f2:6c:
1d:35:35:d2:ba:bb:2e:ab:d4:05:b4:06:07:3d:54:
f4:bb:a2:14:eb:20:19:d5:6e:fa:00:c0:31:ba:fc:
e0:47:ae:93:58:d5:2c:be:72:91:66:5a:d4:0a:17:
55:48:07:d9:fd:57:64:b5:65:44:0d:88:d9:9a:ec:
11:cd:bb:a1:18:86:69:37:76:72:63:23:a9:8d:15:
0c:c0:ee:d5:7a:41:14:81:5b:ba:5d:79:97:c0:ab:
1d:b0:0f:56:eb:fe:de:4b:b3:14:c4:be:6f:c6:bb:
90:af:20:3d:a9:48:80:19:fa:04:f9:ec:b7:d4:3b:
f9:34:51:47:3b:00:d1:51:e1:b3:28:c2:78:57:7d:
95:d9:92:fe:30:75:95:64:07:44:ce:31:ad:d4:fb:
bf:6c:e8:b3:93:c2:b9:80:95:7b:b3:e2:3a:9e:dd:
fb:6a:b3:05:eb:61:48:cb:51:ea:97:e1:90:34:aa:
33:11:a7:94:61:af:95:a9:4a:e7:c3:c9:f6:cf:f0:
8e:7d:9e:1e:7b:e8:06:01:f9:d8:22:b2:a8:3f:62:
e1:0d:07:44:75:1f:1e:0e:5f:4a:ed:e4:d6:ef:f3:
db:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:97:B0:1D:07:92:7B:CE:F6:95:6C:47:B8:97:53:1A:C7:8C:48:B1
X509v3 Authority Key Identifier:
keyid:FA:D7:EC:C9:C0:5C:D8:EB:20:56:90:9D:6C:61:47:15:E2:C5:13:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/-tfsycBc2OsgVpCdbGFHFeLFEz4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-tfsycBc2OsgVpCdbGFHFeLFEz4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9183B95/B54A3C34803511EC9ADDA54FC4F9AE02/7ABCA5BA82EB11EE928E1764C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.158.0/24
Signature Algorithm: sha256WithRSAEncryption
61:f7:06:60:a4:c4:30:8a:f5:95:6a:dc:cd:3f:81:00:4d:b8:
74:c5:f6:58:a4:1b:4f:16:78:05:75:0f:55:f3:98:af:6f:bf:
72:da:e0:29:cb:bd:e5:70:46:15:c9:22:cc:5f:dd:0c:b3:48:
76:25:fe:a4:43:17:d2:b0:7e:09:6b:db:ba:76:b5:eb:01:98:
a4:be:6b:5c:24:80:46:35:3b:e4:39:84:e7:21:2f:3f:30:b1:
ec:00:45:3d:64:37:a9:e1:46:96:e1:0b:1a:96:e4:b1:cd:54:
4b:46:81:ce:5a:7c:a4:de:af:99:87:e5:80:c3:45:4d:ad:92:
c6:0e:96:45:0f:b3:56:f8:03:d3:fd:a1:18:36:a2:ae:6d:a1:
0a:d8:de:78:af:41:9c:ff:55:1b:e6:2c:3d:da:ec:b2:3e:d2:
53:09:9a:8f:ae:74:3f:07:bf:38:70:ae:39:77:9e:6c:40:ad:
d2:a3:77:98:c8:d8:10:86:fe:98:f2:5f:10:5e:f6:2b:aa:a7:
26:d6:2a:c9:4c:86:87:a2:42:b5:f7:7b:2b:96:91:a7:78:f4:
55:a5:47:88:87:e7:d8:50:8a:83:f5:3b:bf:b8:c0:b9:c5:a7:
4c:84:0a:c1:a1:12:c4:85:6c:25:35:f7:76:33:88:72:18:bb:
5d:ce:7b:ff
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODNCOTUxMTAvBgNVBAUTKEZBRDdFQ0M5QzA1Q0Q4RUIyMDU2OTA5RDZDNjE0NzE1
RTJDNTEzM0UwHhcNMjMxMTE0MTI0MzU4WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTUzNmI4ZS0xNDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArrDD3sld5MeKPZlLXVDFjVMcIjwtamxPWia38mwdNTXSursuq9QFtAYHPVT0
u6IU6yAZ1W76AMAxuvzgR66TWNUsvnKRZlrUChdVSAfZ/VdktWVEDYjZmuwRzbuh
GIZpN3ZyYyOpjRUMwO7VekEUgVu6XXmXwKsdsA9W6/7eS7MUxL5vxruQryA9qUiA
GfoE+ey31Dv5NFFHOwDRUeGzKMJ4V32V2ZL+MHWVZAdEzjGt1Pu/bOizk8K5gJV7
s+I6nt37arMF62FIy1Hql+GQNKozEaeUYa+VqUrnw8n2z/COfZ4ee+gGAfnYIrKo
P2LhDQdEdR8eDl9K7eTW7/PbewIDAQABo4IClTCCApEwHQYDVR0OBBYEFNOXsB0H
knvO9pVsR7iXUxrHjEixMB8GA1UdIwQYMBaAFPrX7MnAXNjrIFaQnWxhRxXixRM+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4M0I5NS9CNTRBM0MzNDgw
MzUxMUVDOUFEREE1NEZDNEY5QUUwMi8tdGZzeWNCYzJPc2dWcENkYkdGSEZlTEZF
ejQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy10ZnN5Y0JjMk9zZ1ZwQ2RiR0ZIRmVMRkV6NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODNCOTUvQjU0QTNDMzQ4MDM1MTFFQzlBRERBNTRGQzRGOUFFMDIvN0FCQ0E1QkE4
MkVCMTFFRTkyOEUxNzY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr5J4wDQYJKoZIhvcNAQELBQADggEBAGH3BmCkxDCK9ZVq
3M0/gQBNuHTF9likG08WeAV1D1XzmK9vv3La4CnLveVwRhXJIsxf3QyzSHYl/qRD
F9Kwfglr27p2tesBmKS+a1wkgEY1O+Q5hOchLz8wsewART1kN6nhRpbhCxqW5LHN
VEtGgc5afKTer5mH5YDDRU2tksYOlkUPs1b4A9P9oRg2oq5toQrY3nivQZz/VRvm
LD3a7LI+0lMJmo+udD8Hvzhwrjl3nmxArdKjd5jI2BCG/pjyXxBe9iuqpybWKslM
hoeiQrX3eyuWkad49FWlR4iH59hQioP1O7+4wLnFp0yECsGhEsSFbCU193YziHIY
u13Oe/8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org