Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/89DBFCD8D3A711ED960DD917C4F9AE02.roa
File: 89DBFCD8D3A711ED960DD917C4F9AE02.roa (raw, json)
Hash identifier: suNwBP/CkvVXtsiRKgF7wV4McnXRnqjOYsVawOD250c=
Subject key identifier: 04:62:C0:0A:77:F2:A4:DF:0E:89:24:2B:49:AE:CF:84:BD:78:68:7E
Certificate issuer: /CN=A91DA389/serialNumber=48F50E16B8305AA2C756D21C8F0FD509338A5C29
Certificate serial: 02
Authority key identifier: 48:F5:0E:16:B8:30:5A:A2:C7:56:D2:1C:8F:0F:D5:09:33:8A:5C:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPUOFrgwWqLHVtIcjw_VCTOKXCk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/89DBFCD8D3A711ED960DD917C4F9AE02.roa
Signing time: Wed 05 Apr 2023 11:46:45 +0000
ROA not before: Wed 05 Apr 2023 11:46:45 +0000
ROA not after: Sat 30 Sep 2023 00:00:00 +0000
asID: 45352
IP address blocks: 43.228.244.0/22 maxlen: 22
43.228.244.0/24 maxlen: 24
43.228.245.0/24 maxlen: 24
43.228.246.0/24 maxlen: 24
43.228.247.0/24 maxlen: 24
103.67.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA389/serialNumber=48F50E16B8305AA2C756D21C8F0FD509338A5C29
Validity
Not Before: Apr 5 11:46:45 2023 GMT
Not After : Sep 30 00:00:00 2023 GMT
Subject: CN=642d5fa4-45b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ee:26:00:f8:db:6c:26:5a:2e:dd:6b:3e:3f:
4a:aa:e0:1a:0a:b5:08:86:cb:6a:3c:e7:d4:67:27:
8d:aa:0b:65:57:91:67:ed:d8:88:6e:a2:57:cc:36:
4f:2b:ce:d2:2f:ad:d7:a2:89:02:4d:6e:59:9a:a2:
81:1c:80:13:e9:10:31:35:50:7f:a3:80:9c:b9:8b:
7c:6d:66:d1:46:d5:6f:4a:39:2d:92:16:45:f7:ed:
85:93:cf:59:4c:a9:bf:5c:4e:83:1a:6c:de:da:e4:
81:57:7a:97:c5:52:0d:5a:26:1a:72:af:d2:09:1e:
df:1d:ef:af:66:3f:58:82:03:18:ae:f2:bb:a5:66:
aa:fb:7f:77:93:70:8b:d0:ec:9d:ec:ab:3d:20:53:
fa:1b:1f:3f:5e:0b:19:65:0d:2e:3d:ba:5d:59:03:
f7:a3:17:07:c9:ae:eb:ff:4e:bd:6c:19:6a:cb:9a:
0f:73:27:f0:72:2b:5f:ac:15:20:52:4c:15:12:38:
ae:00:1e:31:69:2b:e2:d9:29:a6:28:78:04:54:dd:
94:b0:2e:9d:e8:46:5a:99:f7:00:ca:3d:fc:fc:d2:
9c:09:eb:8b:25:df:11:46:68:36:6a:2f:4f:ac:c5:
60:c0:f2:14:14:08:eb:b2:79:1f:2e:ca:02:db:28:
03:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:62:C0:0A:77:F2:A4:DF:0E:89:24:2B:49:AE:CF:84:BD:78:68:7E
X509v3 Authority Key Identifier:
keyid:48:F5:0E:16:B8:30:5A:A2:C7:56:D2:1C:8F:0F:D5:09:33:8A:5C:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/SPUOFrgwWqLHVtIcjw_VCTOKXCk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPUOFrgwWqLHVtIcjw_VCTOKXCk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA389/B2170B74D3A311ED8806AC11C4F9AE02/89DBFCD8D3A711ED960DD917C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.244.0/22
103.67.36.0/22
Signature Algorithm: sha256WithRSAEncryption
74:fc:a2:a6:6c:57:c2:84:87:ca:9a:e1:5e:95:cd:8a:15:0e:
a7:c0:03:28:13:65:2b:fc:f6:d5:10:c2:ce:cf:8b:f8:12:5e:
8b:d6:ad:8b:a7:bb:90:28:37:cd:76:ee:91:e7:f5:36:42:c0:
e4:d7:63:a6:3c:2c:6d:8b:47:dc:b2:f0:1d:c2:b6:f6:d5:6b:
d7:29:32:b6:ca:a0:c6:e7:30:15:32:b5:4f:43:b8:29:cd:ee:
d5:45:d4:ef:38:15:73:45:97:20:4c:73:da:5c:cc:26:8b:22:
ee:b9:df:8a:e8:aa:53:de:39:45:94:b5:2c:87:a0:93:7a:03:
f7:ac:e0:49:50:a7:1a:16:96:6c:87:2c:4b:fa:67:6d:90:3e:
f2:74:1e:14:fb:73:5b:80:37:db:99:5b:ad:b0:2d:77:b1:91:
10:c8:24:ab:8e:eb:9f:85:e7:dd:13:18:23:8b:f5:e2:60:eb:
5c:34:74:8d:9a:e8:ea:97:94:97:e6:aa:27:52:7b:53:d3:77:
eb:21:44:df:40:71:b6:08:e5:81:71:84:de:24:bc:66:68:96:
b7:73:dd:56:32:c2:62:99:36:ca:64:4f:bb:2e:a1:fd:05:cd:
8e:dd:e9:e4:8b:79:b9:ec:97:e5:59:47:92:68:dd:77:51:5b:
a9:57:04:9c
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
QTM4OTExMC8GA1UEBRMoNDhGNTBFMTZCODMwNUFBMkM3NTZEMjFDOEYwRkQ1MDkz
MzhBNUMyOTAeFw0yMzA0MDUxMTQ2NDVaFw0yMzA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MmQ1ZmE0LTQ1YjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQ7iYA+NtsJlou3Ws+P0qq4BoKtQiGy2o859RnJ42qC2VXkWft2IhuolfMNk8r
ztIvrdeiiQJNblmaooEcgBPpEDE1UH+jgJy5i3xtZtFG1W9KOS2SFkX37YWTz1lM
qb9cToMabN7a5IFXepfFUg1aJhpyr9IJHt8d769mP1iCAxiu8rulZqr7f3eTcIvQ
7J3sqz0gU/obHz9eCxllDS49ul1ZA/ejFwfJruv/Tr1sGWrLmg9zJ/ByK1+sFSBS
TBUSOK4AHjFpK+LZKaYoeARU3ZSwLp3oRlqZ9wDKPfz80pwJ64sl3xFGaDZqL0+s
xWDA8hQUCOuyeR8uygLbKAMnAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUBGLACnfy
pN8OiSQrSa7PhL14aH4wHwYDVR0jBBgwFoAUSPUOFrgwWqLHVtIcjw/VCTOKXCkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURBMzg5L0IyMTcwQjc0RDNB
MzExRUQ4ODA2QUMxMUM0RjlBRTAyL1NQVU9Gcmd3V3FMSFZ0SWNqd19WQ1RPS1hD
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU1BVT0ZyZ3dXcUxIVnRJY2p3X1ZDVE9LWENrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QTM4OS9CMjE3MEI3NEQzQTMxMUVEODgwNkFDMTFDNEY5QUUwMi84OURCRkNEOEQz
QTcxMUVEOTYwREQ5MTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAivk9AMEAmdDJDANBgkqhkiG9w0BAQsFAAOCAQEAdPyipmxX
woSHyprhXpXNihUOp8ADKBNlK/z21RDCzs+L+BJei9ati6e7kCg3zXbukef1NkLA
5NdjpjwsbYtH3LLwHcK29tVr1ykytsqgxucwFTK1T0O4Kc3u1UXU7zgVc0WXIExz
2lzMJosi7rnfiuiqU945RZS1LIegk3oD96zgSVCnGhaWbIcsS/pnbZA+8nQeFPtz
W4A325lbrbAtd7GREMgkq47rn4Xn3RMYI4v14mDrXDR0jZro6peUl+aqJ1J7U9N3
6yFE30BxtgjlgXGE3iS8ZmiWt3PdVjLCYpk2ymRPuy6h/QXNjt3p5It5ueyX5VlH
kmjdd1FbqVcEnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:30 2024 by rpki-client on console-ams.rpki-client.org