Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/F8C88B2CC60411ECA41C213BC4F9AE02.roa
File: F8C88B2CC60411ECA41C213BC4F9AE02.roa (raw, json)
Hash identifier: ZrSmbuWxAWqSEWXtLQfBrXv7duZZiyx7vVCBWTzfz8Y=
Subject key identifier: AF:20:E2:93:AE:36:93:9B:3E:E1:18:A2:37:52:00:85:91:75:84:34
Certificate issuer: /CN=A91CD00C/serialNumber=DB2CCCA83D853288C500CDFC3AE1E2FEA049F514
Certificate serial: 02
Authority key identifier: DB:2C:CC:A8:3D:85:32:88:C5:00:CD:FC:3A:E1:E2:FE:A0:49:F5:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2yzMqD2FMojFAM38OuHi_qBJ9RQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/F8C88B2CC60411ECA41C213BC4F9AE02.roa
Signing time: Wed 27 Apr 2022 08:35:20 +0000
ROA not before: Wed 27 Apr 2022 08:35:20 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 132742
IP address blocks: 43.248.64.0/22 maxlen: 22
103.39.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD00C/serialNumber=DB2CCCA83D853288C500CDFC3AE1E2FEA049F514
Validity
Not Before: Apr 27 08:35:20 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62690048-8a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a8:80:12:08:ad:8b:d2:82:21:a5:ca:f8:ee:
cd:fb:4a:a3:99:c3:75:75:6d:2f:3f:61:70:56:26:
bb:01:09:2f:3d:b8:cf:6e:ea:8e:52:b3:82:86:0a:
3d:07:1f:2e:08:27:4f:61:5f:0b:cd:39:d9:97:b5:
9b:51:06:aa:33:70:57:1a:1e:4a:7e:30:3a:8f:d5:
7a:1d:9b:f8:55:47:4f:b0:4f:01:5d:29:96:8c:85:
bd:a3:4b:0e:06:df:de:88:85:84:aa:f9:fb:9f:76:
1a:f3:1f:37:e4:7b:5e:a3:22:90:37:9d:cb:97:aa:
99:bb:ae:45:50:3d:64:33:5d:b1:e3:4a:a5:b4:16:
9c:38:58:09:ef:7c:02:db:2e:a8:b1:da:ab:bf:54:
5d:a2:e0:ed:f1:7c:03:ba:58:fa:ae:19:17:7d:7e:
82:80:61:0a:8f:4a:71:fe:80:83:9b:f3:8f:e3:97:
2a:c1:40:4d:f7:01:97:26:8d:6b:51:26:f0:86:cd:
4f:25:97:6b:8c:43:31:d5:2e:5e:0a:96:08:77:27:
85:fe:be:35:94:ea:ae:de:e4:48:41:f3:f1:10:e6:
fa:2a:11:d2:bc:7f:64:90:00:fe:e7:6d:9a:0d:b2:
9a:2f:e8:f7:7c:55:39:1e:5b:d3:78:f1:79:ac:bf:
0b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:20:E2:93:AE:36:93:9B:3E:E1:18:A2:37:52:00:85:91:75:84:34
X509v3 Authority Key Identifier:
keyid:DB:2C:CC:A8:3D:85:32:88:C5:00:CD:FC:3A:E1:E2:FE:A0:49:F5:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/2yzMqD2FMojFAM38OuHi_qBJ9RQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2yzMqD2FMojFAM38OuHi_qBJ9RQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD00C/CAA8861EC60111EC95FF1E11C4F9AE02/F8C88B2CC60411ECA41C213BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.64.0/22
103.39.152.0/22
Signature Algorithm: sha256WithRSAEncryption
84:96:ce:17:95:c3:da:01:89:c1:a9:b6:8e:70:6a:a7:4d:fb:
4b:e1:f2:2e:8c:1f:51:0b:98:08:27:fe:df:5b:35:fd:49:ed:
84:5e:2a:a6:01:0f:d0:8b:e9:fa:85:81:73:a3:e0:d7:03:4e:
71:78:1f:89:73:c0:99:12:81:72:d4:84:f3:4d:88:da:55:af:
51:67:81:0f:bf:b1:ac:be:2f:0a:71:99:99:33:a9:73:66:a6:
79:df:14:91:06:7d:67:6c:13:89:6f:7b:0c:7f:7c:bf:69:7a:
c6:69:e7:81:48:bc:fa:85:52:72:00:30:fe:26:c3:c6:2a:b7:
02:da:07:dc:dd:e6:5f:0c:b4:37:88:15:0a:b6:b3:cb:93:c9:
b1:a9:aa:7f:4d:81:ca:42:e6:f1:33:49:18:c0:8f:d2:a4:dc:
bb:e4:78:f5:99:a7:9c:bf:fa:6c:a9:28:47:b9:3b:d7:67:b6:
14:c5:87:39:df:ef:e4:24:4c:c4:4b:c8:6a:99:dd:c7:36:3f:
39:35:35:3e:78:ba:2b:ff:b4:c2:34:87:a2:ec:65:51:79:e1:
f7:63:b9:31:a2:6e:32:b3:43:9e:21:f6:c6:c0:a3:86:ee:c9:
f2:15:16:e4:0e:2e:04:9f:eb:d1:7b:90:7a:e3:1d:50:26:1a:
cd:30:ec:d2
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RDAwQzExMC8GA1UEBRMoREIyQ0NDQTgzRDg1MzI4OEM1MDBDREZDM0FFMUUyRkVB
MDQ5RjUxNDAeFw0yMjA0MjcwODM1MjBaFw0yMjEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjkwMDQ4LThhN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUqIASCK2L0oIhpcr47s37SqOZw3V1bS8/YXBWJrsBCS89uM9u6o5Ss4KGCj0H
Hy4IJ09hXwvNOdmXtZtRBqozcFcaHkp+MDqP1Xodm/hVR0+wTwFdKZaMhb2jSw4G
396IhYSq+fufdhrzHzfke16jIpA3ncuXqpm7rkVQPWQzXbHjSqW0Fpw4WAnvfALb
Lqix2qu/VF2i4O3xfAO6WPquGRd9foKAYQqPSnH+gIOb84/jlyrBQE33AZcmjWtR
JvCGzU8ll2uMQzHVLl4Klgh3J4X+vjWU6q7e5EhB8/EQ5voqEdK8f2SQAP7nbZoN
spov6Pd8VTkeW9N48XmsvwuDAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUryDik642
k5s+4RiiN1IAhZF1hDQwHwYDVR0jBBgwFoAU2yzMqD2FMojFAM38OuHi/qBJ9RQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMDBDL0NBQTg4NjFFQzYw
MTExRUM5NUZGMUUxMUM0RjlBRTAyLzJ5ek1xRDJGTW9qRkFNMzhPdUhpX3FCSjlS
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMnl6TXFEMkZNb2pGQU0zOE91SGlfcUJKOVJRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RDAwQy9DQUE4ODYxRUM2MDExMUVDOTVGRjFFMTFDNEY5QUUwMi9GOEM4OEIyQ0M2
MDQxMUVDQTQxQzIxM0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAiv4QAMEAmcnmDANBgkqhkiG9w0BAQsFAAOCAQEAhJbOF5XD
2gGJwam2jnBqp037S+HyLowfUQuYCCf+31s1/UnthF4qpgEP0Ivp+oWBc6Pg1wNO
cXgfiXPAmRKBctSE802I2lWvUWeBD7+xrL4vCnGZmTOpc2amed8UkQZ9Z2wTiW97
DH98v2l6xmnngUi8+oVScgAw/ibDxiq3AtoH3N3mXwy0N4gVCrazy5PJsamqf02B
ykLm8TNJGMCP0qTcu+R49ZmnnL/6bKkoR7k712e2FMWHOd/v5CRMxEvIapndxzY/
OTU1Pni6K/+0wjSHouxlUXnh92O5MaJuMrNDniH2xsCjhu7J8hUW5A4uBJ/r0XuQ
euMdUCYazTDs0g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:06 2023 by rpki-client on console-ams.rpki-client.org