Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7A69/8AF3D5B2C60311EC8B0D5D3DC4F9AE02/A54CD7B6C60711ECA38AF363C4F9AE02.roa
File: A54CD7B6C60711ECA38AF363C4F9AE02.roa (raw, json)
Hash identifier: IALso9Sv9zVayj+iQihx7uwa0Y3KOFw/aiOdCwPHxv8=
Subject key identifier: A3:D9:7E:89:30:4C:74:AA:75:05:BB:B1:5E:71:21:75:24:94:DE:A4
Certificate issuer: /CN=A91C7A69/serialNumber=CB9D41A6DA96F76A4FF0586B5E8A889FC0235457
Certificate serial: 02
Authority key identifier: CB:9D:41:A6:DA:96:F7:6A:4F:F0:58:6B:5E:8A:88:9F:C0:23:54:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y51BptqW92pP8FhrXoqIn8AjVFc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7A69/8AF3D5B2C60311EC8B0D5D3DC4F9AE02/A54CD7B6C60711ECA38AF363C4F9AE02.roa
Signing time: Wed 27 Apr 2022 08:54:29 +0000
ROA not before: Wed 27 Apr 2022 08:54:29 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 132742
IP address blocks: 43.249.76.0/22 maxlen: 22
103.40.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7A69/serialNumber=CB9D41A6DA96F76A4FF0586B5E8A889FC0235457
Validity
Not Before: Apr 27 08:54:29 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=626904c4-54db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2f:6f:7d:47:6f:8f:e1:ba:d9:91:46:40:b6:
38:c3:ef:c3:c4:40:cc:24:f6:ab:a4:3c:49:f2:a3:
87:28:bc:34:a8:2e:dd:7e:02:9a:c3:de:e8:ad:b7:
35:57:f6:a4:6c:39:7e:aa:8d:2d:4a:92:d9:2e:37:
b5:54:ce:cb:95:f1:b2:bf:2d:11:b3:41:cc:df:a6:
c0:81:16:70:bf:8b:7c:d1:6e:97:2b:16:48:8c:1c:
a7:b2:4c:31:f5:24:b0:12:bc:34:1a:b7:95:0b:b5:
a7:1e:54:38:6b:82:db:71:17:a6:20:f5:53:0c:30:
5d:b7:af:f5:f5:fe:56:fb:07:f6:8b:6f:5a:3d:df:
b1:9c:fa:78:71:a4:72:ef:2e:5c:b9:ad:52:5e:f2:
f3:1b:99:25:a1:00:55:8a:de:4a:71:54:e2:b3:04:
2d:3b:d9:0a:6d:29:dc:ee:d7:1b:c4:42:82:7d:17:
75:f0:80:6e:9c:e4:40:b8:a4:9f:8a:fa:0f:64:29:
3a:2b:11:74:20:1b:0c:16:06:91:ea:81:d3:e3:a1:
58:5d:b5:46:da:f4:3f:7d:a7:f9:69:f5:a9:bc:a9:
ad:6f:15:42:e4:d5:2d:88:9c:d1:85:b5:de:dd:c3:
b4:d3:2d:a4:74:82:58:f4:24:f4:86:49:2b:b8:19:
bd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D9:7E:89:30:4C:74:AA:75:05:BB:B1:5E:71:21:75:24:94:DE:A4
X509v3 Authority Key Identifier:
keyid:CB:9D:41:A6:DA:96:F7:6A:4F:F0:58:6B:5E:8A:88:9F:C0:23:54:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7A69/8AF3D5B2C60311EC8B0D5D3DC4F9AE02/y51BptqW92pP8FhrXoqIn8AjVFc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y51BptqW92pP8FhrXoqIn8AjVFc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7A69/8AF3D5B2C60311EC8B0D5D3DC4F9AE02/A54CD7B6C60711ECA38AF363C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.76.0/22
103.40.152.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:10:cf:61:e9:76:41:df:e5:9c:d1:cb:8b:88:d1:76:8b:11:
be:4e:da:79:63:9b:99:d8:32:ac:e7:09:83:c4:6c:4d:25:03:
d3:e9:f8:83:ee:e2:85:23:5d:8c:be:f6:ae:15:46:03:a3:8f:
d8:8c:ce:e0:1e:ce:ec:d9:a3:26:d8:d9:8a:85:9f:18:15:25:
ad:7f:79:1b:d2:33:8d:30:71:78:76:69:91:df:93:c4:67:89:
51:69:7a:02:8f:0e:b1:33:37:ae:60:fe:33:88:d1:ce:99:cf:
59:e1:c6:f5:80:52:be:50:1b:bc:3f:21:6b:20:62:c3:83:aa:
33:0e:0b:92:d1:99:66:80:5f:f5:ee:38:63:d4:20:63:e7:f3:
c6:67:82:9a:d9:fa:66:e9:03:48:ed:f9:04:c7:0c:b2:74:13:
a8:6a:6d:a3:eb:06:db:b6:ee:91:ae:3c:2f:0b:1f:19:c8:f2:
a4:c5:f9:e9:fe:26:29:18:6a:b9:0c:b8:01:d0:79:88:20:0e:
ef:44:67:f8:33:7b:21:bf:1a:d6:9f:92:b0:ab:e5:1f:db:40:
c2:28:fe:54:29:d5:bf:0e:da:a1:cd:c8:b8:18:58:07:0c:c5:
67:7f:31:61:9b:0f:69:6a:2f:07:f0:92:46:a1:fc:64:ed:95:
ab:17:44:27
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
N0E2OTExMC8GA1UEBRMoQ0I5RDQxQTZEQTk2Rjc2QTRGRjA1ODZCNUU4QTg4OUZD
MDIzNTQ1NzAeFw0yMjA0MjcwODU0MjlaFw0yMjEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjkwNGM0LTU0ZGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAL299R2+P4brZkUZAtjjD78PEQMwk9qukPEnyo4covDSoLt1+AprD3uittzVX
9qRsOX6qjS1KktkuN7VUzsuV8bK/LRGzQczfpsCBFnC/i3zRbpcrFkiMHKeyTDH1
JLASvDQat5ULtaceVDhrgttxF6Yg9VMMMF23r/X1/lb7B/aLb1o937Gc+nhxpHLv
Lly5rVJe8vMbmSWhAFWK3kpxVOKzBC072QptKdzu1xvEQoJ9F3XwgG6c5EC4pJ+K
+g9kKTorEXQgGwwWBpHqgdPjoVhdtUba9D99p/lp9am8qa1vFULk1S2InNGFtd7d
w7TTLaR0glj0JPSGSSu4Gb2ZAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUo9l+iTBM
dKp1BbuxXnEhdSSU3qQwHwYDVR0jBBgwFoAUy51BptqW92pP8FhrXoqIn8AjVFcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QTY5LzhBRjNENUIyQzYw
MzExRUM4QjBENUQzREM0RjlBRTAyL3k1MUJwdHFXOTJwUDhGaHJYb3FJbjhBalZG
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveTUxQnB0cVc5MnBQOEZoclhvcUluOEFqVkZjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
N0E2OS84QUYzRDVCMkM2MDMxMUVDOEIwRDVEM0RDNEY5QUUwMi9BNTRDRDdCNkM2
MDcxMUVDQTM4QUYzNjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAiv5TAMEAmcomDANBgkqhkiG9w0BAQsFAAOCAQEAahDPYel2
Qd/lnNHLi4jRdosRvk7aeWObmdgyrOcJg8RsTSUD0+n4g+7ihSNdjL72rhVGA6OP
2IzO4B7O7NmjJtjZioWfGBUlrX95G9IzjTBxeHZpkd+TxGeJUWl6Ao8OsTM3rmD+
M4jRzpnPWeHG9YBSvlAbvD8hayBiw4OqMw4LktGZZoBf9e44Y9QgY+fzxmeCmtn6
ZukDSO35BMcMsnQTqGpto+sG27buka48LwsfGcjypMX56f4mKRhquQy4AdB5iCAO
70Rn+DN7Ib8a1p+SsKvlH9tAwij+VCnVvw7aoc3IuBhYBwzFZ38xYZsPaWovB/CS
RqH8ZO2VqxdEJw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:05 2023 by rpki-client on console-ams.rpki-client.org