Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/EB356D926E7611EE83E03017C4F9AE02.roa
File: EB356D926E7611EE83E03017C4F9AE02.roa (raw, json)
Hash identifier: wm8EvnGFyu5HCdcz6TEs/oIRT5YuqggVhu+S3780nf4=
Subject key identifier: DF:E7:4D:91:3C:29:35:DB:15:14:FC:FA:37:77:39:AF:E9:0B:92:9D
Certificate issuer: /CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Certificate serial: 0C2A
Authority key identifier: A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/EB356D926E7611EE83E03017C4F9AE02.roa
Signing time: Thu 19 Oct 2023 11:59:12 +0000
ROA not before: Thu 19 Oct 2023 11:59:12 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 137449
IP address blocks: 43.246.200.0/22 maxlen: 23
43.246.202.0/23 maxlen: 24
2402:76c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3114 (0xc2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Validity
Not Before: Oct 19 11:59:12 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=65311a10-cb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b5:b0:99:cf:18:ac:ed:ce:11:7e:aa:78:72:
00:61:8b:cf:7c:ad:94:de:51:73:ab:55:92:3a:69:
81:ae:59:e9:cd:fc:29:f5:99:dc:8d:d4:aa:07:9b:
96:be:19:96:bc:9e:15:30:bf:f1:89:56:1d:d5:ca:
98:45:79:d9:02:5e:69:36:5b:a4:21:cf:de:56:9e:
07:65:74:fa:17:63:8b:42:d2:28:44:be:78:f2:b5:
0b:a9:67:81:87:f5:f0:8a:82:ab:56:4a:74:92:94:
c7:01:5a:6b:17:60:ab:02:47:a8:2e:b2:05:34:2d:
e0:cd:1a:75:cb:90:7a:38:ea:ae:d1:b0:ca:fe:87:
8a:e6:a2:1c:df:5e:c3:69:f1:47:5c:d3:9f:b6:3c:
35:c1:cc:11:d8:0a:cc:35:be:9a:d2:c9:29:b5:c0:
fc:5b:73:d8:40:13:26:6f:91:7a:fc:07:c8:b5:08:
fd:60:09:9a:87:40:5b:be:d9:bb:72:18:42:40:52:
be:a6:93:14:53:e8:45:9c:97:27:77:80:12:33:29:
45:0e:2d:43:42:2f:9e:2c:6c:a5:7c:ec:56:7b:5d:
9b:93:a4:e0:9c:8e:08:01:13:d8:c9:4f:e6:29:2f:
dd:e7:06:db:e5:d0:f5:f9:00:22:54:a7:1f:3e:91:
5c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E7:4D:91:3C:29:35:DB:15:14:FC:FA:37:77:39:AF:E9:0B:92:9D
X509v3 Authority Key Identifier:
keyid:A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/EB356D926E7611EE83E03017C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.200.0/22
IPv6:
2402:76c0::/32
Signature Algorithm: sha256WithRSAEncryption
38:f3:01:ae:bd:16:ee:23:66:32:b4:45:0b:a8:8c:0e:5d:88:
bf:3c:b1:50:d4:2a:28:27:95:30:e5:ba:9c:55:6d:6c:ff:03:
1f:ad:0f:45:2a:aa:bc:ae:10:14:93:71:f6:45:81:50:e3:73:
c1:a0:12:7d:ec:93:bf:08:df:f7:d7:d5:17:e0:ad:29:3c:29:
8b:b8:fb:53:db:04:06:b8:68:cb:f8:23:00:b3:7f:17:fb:3e:
26:37:df:49:29:e8:d2:bf:92:c8:ee:6f:f4:f9:5e:2a:4f:13:
54:86:60:8a:d9:f2:a3:ed:7a:b9:89:44:ed:39:b1:97:5f:2e:
c2:f5:83:23:48:0b:f6:ed:e4:a6:d8:57:ff:82:8b:e8:7e:e4:
18:1f:25:79:b6:3a:35:09:48:6e:eb:a1:86:65:3f:62:0a:d8:
d1:de:50:b1:d1:8a:6d:90:7c:2a:ba:03:fc:72:38:96:2f:7c:
71:bd:cb:6a:5a:b6:9b:39:36:16:0a:73:c2:e6:dc:8a:ed:1f:
10:2b:ee:51:6d:1b:aa:3a:4d:4e:b1:fe:81:db:51:e4:08:44:
50:ac:b9:44:a7:97:65:57:fe:17:c8:85:05:8b:60:01:c8:cc:
16:e2:e5:69:53:ff:6d:03:d9:bf:68:0c:ac:7b:6c:c4:84:a4:
e2:66:45:8a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg4NDcxMTAvBgNVBAUTKEE2RUYwNkI2ODk1ODE4MjFDNzhDODgyOTFCQkRGNUM1
MTJBMzNGNDEwHhcNMjMxMDE5MTE1OTEyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMxMWExMC1jYjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx7Wwmc8YrO3OEX6qeHIAYYvPfK2U3lFzq1WSOmmBrlnpzfwp9ZncjdSqB5uW
vhmWvJ4VML/xiVYd1cqYRXnZAl5pNlukIc/eVp4HZXT6F2OLQtIoRL548rULqWeB
h/XwioKrVkp0kpTHAVprF2CrAkeoLrIFNC3gzRp1y5B6OOqu0bDK/oeK5qIc317D
afFHXNOftjw1wcwR2ArMNb6a0skptcD8W3PYQBMmb5F6/AfItQj9YAmah0Bbvtm7
chhCQFK+ppMUU+hFnJcnd4ASMylFDi1DQi+eLGylfOxWe12bk6TgnI4IARPYyU/m
KS/d5wbb5dD1+QAiVKcfPpFcoQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFN/nTZE8
KTXbFRT8+jd3Oa/pC5KdMB8GA1UdIwQYMBaAFKbvBraJWBghx4yIKRu99cUSoz9B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg0Ny9EREZCQjBCOEQ3
ODExMUU5QjQyM0FDNEJDNEY5QUUwMi9wdThHdG9sWUdDSEhqSWdwRzczMXhSS2pQ
MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B1OEd0b2xZR0NISGpJZ3BHNzMxeFJLalAwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg4NDcvRERGQkIwQjhENzgxMTFFOUI0MjNBQzRCQzRGOUFFMDIvRUIzNTZEOTI2
RTc2MTFFRTgzRTAzMDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAIr9sgwDQQCAAIwBwMFACQCdsAwDQYJKoZIhvcNAQELBQAD
ggEBADjzAa69Fu4jZjK0RQuojA5diL88sVDUKignlTDlupxVbWz/Ax+tD0Uqqryu
EBSTcfZFgVDjc8GgEn3sk78I3/fX1RfgrSk8KYu4+1PbBAa4aMv4IwCzfxf7PiY3
30kp6NK/ksjub/T5XipPE1SGYIrZ8qPtermJRO05sZdfLsL1gyNIC/bt5KbYV/+C
i+h+5BgfJXm2OjUJSG7roYZlP2IK2NHeULHRim2QfCq6A/xyOJYvfHG9y2patps5
NhYKc8Lm3IrtHxAr7lFtG6o6TU6x/oHbUeQIRFCsuUSnl2VX/hfIhQWLYAHIzBbi
5WlT/20D2b9oDKx7bMSEpOJmRYo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org