Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/737A08FAAFBE11EABFE7940FC4F9AE02.roa
File: 737A08FAAFBE11EABFE7940FC4F9AE02.roa (raw, json)
Hash identifier: UmhezBr6gdbHUNE/zdTPpfqw+86NR7OsrxVV1c1gLr8=
Subject key identifier: CF:B7:AB:90:F8:07:B1:24:77:7A:E2:A9:22:4D:E6:EA:46:AB:27:5C
Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52
Certificate serial: 0756
Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/737A08FAAFBE11EABFE7940FC4F9AE02.roa
Signing time: Fri 14 Apr 2023 22:39:31 +0000
ROA not before: Fri 14 Apr 2023 22:39:31 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 26496
IP address blocks: 43.255.152.0/22 maxlen: 22
103.1.172.0/22 maxlen: 24
118.139.160.0/19 maxlen: 22
182.50.128.0/19 maxlen: 24
203.124.96.0/19 maxlen: 22
2407:1c00::/32 maxlen: 32
2407:1c00:6100::/40 maxlen: 48
2407:1c00:6400::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1878 (0x756)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52
Validity
Not Before: Apr 14 22:39:31 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6439d623-8ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:71:5c:58:da:4d:6a:35:f0:b1:96:54:03:2d:
7d:b8:53:c6:84:a1:b9:18:ba:e0:39:e1:b5:38:b7:
4a:c1:d1:af:b1:5f:cf:94:1c:3d:2a:b9:8e:85:6f:
8b:73:13:ca:02:bc:ff:25:fa:38:bb:e9:a4:0f:c5:
49:ce:09:ce:a0:00:f7:cd:6c:7f:46:bd:42:5b:02:
0e:f2:a7:2f:2e:e3:f9:b1:5a:4d:10:da:05:b5:db:
85:22:a2:99:48:92:f3:15:62:4b:b5:87:b3:5b:90:
5f:75:e9:8d:da:4f:dc:f2:14:29:db:72:ff:e5:af:
7d:2f:09:c6:dc:1b:43:c6:07:71:9d:47:93:e2:c8:
94:37:12:71:8c:97:b9:92:e4:a4:8d:2f:13:a5:25:
6e:77:ed:45:42:e6:d2:50:69:a1:38:80:90:35:c0:
39:f2:fb:1b:9f:b7:b1:e9:f2:cb:66:56:37:13:1e:
6c:b5:64:1e:10:62:85:34:11:1f:63:9c:2a:ee:3c:
2a:4c:8b:8a:29:f3:82:f2:00:6f:c7:0b:cc:63:c9:
9d:f1:9a:c3:9b:e9:19:55:34:4f:3d:25:d8:ef:41:
fc:f6:57:9c:1e:9b:a5:9c:10:82:47:8a:d8:9d:05:
4e:89:5a:e9:2c:cd:c2:8c:42:61:b7:16:c2:73:2f:
89:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B7:AB:90:F8:07:B1:24:77:7A:E2:A9:22:4D:E6:EA:46:AB:27:5C
X509v3 Authority Key Identifier:
keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/737A08FAAFBE11EABFE7940FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.152.0/22
103.1.172.0/22
118.139.160.0/19
182.50.128.0/19
203.124.96.0/19
IPv6:
2407:1c00::/32
Signature Algorithm: sha256WithRSAEncryption
52:81:13:48:16:13:83:91:1e:76:1f:49:2d:60:42:8c:28:bb:
4a:77:8e:61:a7:9c:ca:e8:37:5a:16:b4:6f:4b:4b:93:ea:ae:
f7:59:64:ce:5e:8b:9f:6a:55:39:05:3d:9e:d1:2b:7e:4a:de:
15:c8:2d:a9:2a:9b:90:c8:9d:b9:35:ed:65:43:d0:9e:55:40:
62:1b:81:ef:7a:4d:4f:47:6a:54:4a:5a:b5:2a:5c:69:9b:01:
28:85:78:3a:0c:d3:e8:9f:b6:7a:2a:90:f1:db:d1:9d:5e:8d:
a1:0d:11:53:28:7d:b4:e4:e7:13:6d:62:a7:a2:89:d7:43:ef:
b8:f8:e5:e3:40:d1:c3:a2:5c:82:7c:06:9f:65:bc:a0:fe:29:
c5:eb:61:64:01:42:f5:77:5a:0e:c7:20:0b:0d:75:3b:bf:5a:
24:15:a9:74:06:69:d3:96:b3:0f:ba:07:1f:2a:88:4c:32:a0:
7b:c4:cb:2e:5d:b3:4d:9e:a9:39:6a:82:b1:9f:e6:3c:a4:f6:
69:ae:a3:0c:fa:ac:ed:96:7c:65:f6:90:01:71:35:0f:84:51:
76:11:02:f6:7c:d3:a6:24:07:45:12:c3:db:0f:f0:92:96:09:
55:b3:71:5a:69:49:ae:5e:a1:82:0a:5d:0f:a6:1c:f6:a0:6b:
8e:6f:2e:41
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4
QjcyNDNDNTIwHhcNMjMwNDE0MjIzOTMxWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM5ZDYyMy04Y2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnFcWNpNajXwsZZUAy19uFPGhKG5GLrgOeG1OLdKwdGvsV/PlBw9KrmOhW+L
cxPKArz/Jfo4u+mkD8VJzgnOoAD3zWx/Rr1CWwIO8qcvLuP5sVpNENoFtduFIqKZ
SJLzFWJLtYezW5BfdemN2k/c8hQp23L/5a99LwnG3BtDxgdxnUeT4siUNxJxjJe5
kuSkjS8TpSVud+1FQubSUGmhOICQNcA58vsbn7ex6fLLZlY3Ex5stWQeEGKFNBEf
Y5wq7jwqTIuKKfOC8gBvxwvMY8md8ZrDm+kZVTRPPSXY70H89lecHpulnBCCR4rY
nQVOiVrpLM3CjEJhtxbCcy+JQQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFM+3q5D4
B7Ekd3riqSJN5upGqydcMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG
QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDgzRDAvMEExNjIwOEFBRkJDMTFFQUE5NjFDQjg2QzRGOUFFMDIvNzM3QTA4RkFB
RkJFMTFFQUJGRTc5NDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr/5gDBAJnAawDBAV2i6ADBAW2MoADBAXLfGAwDQQCAAIw
BwMFACQHHAAwDQYJKoZIhvcNAQELBQADggEBAFKBE0gWE4ORHnYfSS1gQowou0p3
jmGnnMroN1oWtG9LS5PqrvdZZM5ei59qVTkFPZ7RK35K3hXILakqm5DInbk17WVD
0J5VQGIbge96TU9HalRKWrUqXGmbASiFeDoM0+iftnoqkPHb0Z1ejaENEVMofbTk
5xNtYqeiiddD77j45eNA0cOiXIJ8Bp9lvKD+KcXrYWQBQvV3Wg7HIAsNdTu/WiQV
qXQGadOWsw+6Bx8qiEwyoHvEyy5ds02eqTlqgrGf5jyk9mmuowz6rO2WfGX2kAFx
NQ+EUXYRAvZ806YkB0USw9sP8JKWCVWzcVppSa5eoYIKXQ+mHPaga45vLkE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:42 2024 by rpki-client on console-fra.rpki-client.org