Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/0A7109CE630D11EABEEF003BC4F9AE02.roa
File: 0A7109CE630D11EABEEF003BC4F9AE02.roa (raw, json)
Hash identifier: AnQFYkKrFFrYLoliERRsArU4L889N15THX1ym3Nq5pI=
Subject key identifier: 25:EB:82:05:69:06:D6:C8:FD:8F:C5:CB:82:64:85:3D:FA:16:E5:53
Certificate issuer: /CN=A91B2492/serialNumber=73B561DF3A58976F7FAD997A9BA8DE5F676DCFB2
Certificate serial: 08BD
Authority key identifier: 73:B5:61:DF:3A:58:97:6F:7F:AD:99:7A:9B:A8:DE:5F:67:6D:CF:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c7Vh3zpYl29_rZl6m6jeX2dtz7I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/0A7109CE630D11EABEEF003BC4F9AE02.roa
Signing time: Mon 01 Aug 2022 21:06:53 +0000
ROA not before: Mon 01 Aug 2022 21:06:53 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 6507
IP address blocks: 43.229.64.0/22 maxlen: 24
103.240.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2237 (0x8bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B2492/serialNumber=73B561DF3A58976F7FAD997A9BA8DE5F676DCFB2
Validity
Not Before: Aug 1 21:06:53 2022 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=62e8406d-6a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e2:ee:59:7d:0c:5a:8e:ff:a7:f9:84:df:54:
ae:5c:d7:23:70:98:f1:b6:ff:be:d7:c6:ba:35:2a:
33:f9:ac:79:d9:83:3b:06:d4:b9:4a:73:6a:51:12:
0f:13:e5:c2:3d:dd:40:e2:c8:c6:7a:e1:e6:5f:a5:
7c:a6:1d:41:56:2e:51:7f:91:16:68:c7:6f:7b:ad:
09:e4:c3:08:0e:e5:c7:1d:5a:ab:63:e8:2d:8e:a8:
71:3a:32:7f:c3:5a:53:4c:b2:7d:e2:b1:c1:bc:99:
ac:6f:9a:f9:c5:11:27:ea:9a:64:cb:25:77:ad:08:
df:20:ae:aa:c6:65:32:f9:f2:58:6a:b0:69:f0:c0:
7c:88:17:71:43:8e:9c:c8:0e:72:99:a6:5a:e0:cc:
90:33:94:12:92:d3:c8:30:1e:47:7a:97:ba:11:0d:
c2:d0:92:75:20:05:a7:40:d6:71:0e:b5:4a:e5:77:
7d:ff:86:c1:d4:73:44:f6:f0:57:fb:80:87:43:d2:
30:4a:c1:10:a2:1e:f2:f6:71:a6:88:92:27:6c:ee:
e4:8a:5c:28:db:10:49:6d:7e:8b:3f:20:24:b5:0a:
a1:39:d3:9e:d0:31:9c:44:46:ac:32:ca:a8:37:23:
8a:2d:3b:d2:7d:e3:eb:a1:47:4d:2f:77:76:a3:29:
ce:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EB:82:05:69:06:D6:C8:FD:8F:C5:CB:82:64:85:3D:FA:16:E5:53
X509v3 Authority Key Identifier:
keyid:73:B5:61:DF:3A:58:97:6F:7F:AD:99:7A:9B:A8:DE:5F:67:6D:CF:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/c7Vh3zpYl29_rZl6m6jeX2dtz7I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c7Vh3zpYl29_rZl6m6jeX2dtz7I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2492/DAD510D43CB511EAB82CCC6CC4F9AE02/0A7109CE630D11EABEEF003BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.64.0/22
103.240.224.0/22
Signature Algorithm: sha256WithRSAEncryption
52:2a:a0:d9:c7:d3:00:7d:ff:2d:6c:4f:42:73:f8:5a:35:bf:
50:5c:7a:14:cb:30:d7:7b:dc:62:a8:35:bb:cc:bc:8f:0c:b4:
fe:18:a2:29:ab:5b:28:45:22:ba:67:d1:63:70:5b:20:23:0c:
5d:73:91:19:55:bb:29:70:29:6d:d2:60:25:a5:79:f1:82:f7:
f4:43:cc:d2:ae:0c:92:6b:25:7d:71:45:4a:cb:8b:f7:4e:c9:
42:29:cc:f3:56:ab:c1:f9:ce:bc:6a:0c:18:63:fd:cc:45:58:
5b:b8:12:de:46:fc:a7:36:8a:2d:61:3d:cb:ed:03:4e:00:7d:
55:df:1d:5b:00:ad:11:2f:a1:43:ba:eb:7b:00:33:87:1a:3b:
79:cf:17:93:91:84:a7:d4:d4:58:af:ea:b7:0d:e7:f0:df:38:
75:12:19:83:1c:29:2e:8d:a8:17:f3:a5:71:3e:2c:89:c7:87:
02:21:43:81:d8:37:3d:6d:66:30:08:f2:8e:35:a3:8a:73:f8:
d5:c9:e8:eb:6a:95:dc:97:f7:d0:4a:90:34:c6:e6:49:c4:18:
f7:fd:f5:3f:14:00:5e:b0:b4:b2:a5:b0:52:3f:1f:bd:23:f8:
8d:13:b9:78:45:22:2e:ce:1b:05:a1:27:e1:09:9f:c3:09:43:
dd:99:73:f2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI0OTIxMTAvBgNVBAUTKDczQjU2MURGM0E1ODk3NkY3RkFEOTk3QTlCQThERTVG
Njc2RENGQjIwHhcNMjIwODAxMjEwNjUzWhcNMjMwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmU4NDA2ZC02YTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvOLuWX0MWo7/p/mE31SuXNcjcJjxtv++18a6NSoz+ax52YM7BtS5SnNqURIP
E+XCPd1A4sjGeuHmX6V8ph1BVi5Rf5EWaMdve60J5MMIDuXHHVqrY+gtjqhxOjJ/
w1pTTLJ94rHBvJmsb5r5xREn6ppkyyV3rQjfIK6qxmUy+fJYarBp8MB8iBdxQ46c
yA5ymaZa4MyQM5QSktPIMB5Hepe6EQ3C0JJ1IAWnQNZxDrVK5Xd9/4bB1HNE9vBX
+4CHQ9IwSsEQoh7y9nGmiJInbO7kilwo2xBJbX6LPyAktQqhOdOe0DGcREasMsqo
NyOKLTvSfeProUdNL3d2oynOAQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCXrggVp
BtbI/Y/Fy4JkhT36FuVTMB8GA1UdIwQYMBaAFHO1Yd86WJdvf62Zepuo3l9nbc+y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjQ5Mi9EQUQ1MTBENDND
QjUxMUVBQjgyQ0NDNkNDNEY5QUUwMi9jN1ZoM3pwWWwyOV9yWmw2bTZqZVgyZHR6
N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2M3VmgzenBZbDI5X3JabDZtNmplWDJkdHo3SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI0OTIvREFENTEwRDQzQ0I1MTFFQUI4MkNDQzZDQzRGOUFFMDIvMEE3MTA5Q0U2
MzBEMTFFQUJFRUYwMDNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr5UADBAJn8OAwDQYJKoZIhvcNAQELBQADggEBAFIqoNnH
0wB9/y1sT0Jz+Fo1v1BcehTLMNd73GKoNbvMvI8MtP4YoimrWyhFIrpn0WNwWyAj
DF1zkRlVuylwKW3SYCWlefGC9/RDzNKuDJJrJX1xRUrLi/dOyUIpzPNWq8H5zrxq
DBhj/cxFWFu4Et5G/Kc2ii1hPcvtA04AfVXfHVsArREvoUO663sAM4caO3nPF5OR
hKfU1Fiv6rcN5/DfOHUSGYMcKS6NqBfzpXE+LInHhwIhQ4HYNz1tZjAI8o41o4pz
+NXJ6OtqldyX99BKkDTG5knEGPf99T8UAF6wtLKlsFI/H70j+I0TuXhFIi7OGwWh
J+EJn8MJQ92Zc/I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org