Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/3AA34496E72111EC927A5224C4F9AE02.roa
File: 3AA34496E72111EC927A5224C4F9AE02.roa (raw, json)
Hash identifier: vNAAGM9n9Qbdjm91m3rcm2fhVZtwlL7S+DNEOUFj9tg=
Subject key identifier: 4C:A9:52:FA:42:5A:12:EF:E1:7B:7A:DD:01:65:C0:B4:D4:C9:9A:73
Certificate issuer: /CN=A91EA958/serialNumber=FD1607186373E81F44D137B2A0E96957E62AB8A1
Certificate serial: 31CA
Authority key identifier: FD:16:07:18:63:73:E8:1F:44:D1:37:B2:A0:E9:69:57:E6:2A:B8:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_RYHGGNz6B9E0TeyoOlpV-YquKE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/3AA34496E72111EC927A5224C4F9AE02.roa
Signing time: Wed 08 Jun 2022 11:50:45 +0000
ROA not before: Wed 08 Jun 2022 11:50:45 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 13335
IP address blocks: 43.245.200.0/24 maxlen: 24
43.245.201.0/24 maxlen: 24
43.245.202.0/24 maxlen: 24
43.245.203.0/24 maxlen: 24
103.14.248.0/24 maxlen: 24
103.14.249.0/24 maxlen: 24
103.14.250.0/24 maxlen: 24
103.14.251.0/24 maxlen: 24
180.178.124.0/24 maxlen: 24
180.178.125.0/24 maxlen: 24
180.178.126.0/24 maxlen: 24
180.178.127.0/24 maxlen: 24
203.217.169.0/24 maxlen: 24
203.217.170.0/24 maxlen: 24
203.217.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12746 (0x31ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958/serialNumber=FD1607186373E81F44D137B2A0E96957E62AB8A1
Validity
Not Before: Jun 8 11:50:45 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=62a08d14-9473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:14:42:83:61:84:0f:fa:4f:2f:e2:43:ec:78:
00:d6:32:ff:2a:59:f9:f5:3c:56:0d:f4:b1:cf:ea:
65:8c:59:49:2a:67:09:91:b6:54:76:28:b1:24:f1:
67:be:ba:97:4b:26:b4:7f:ff:be:ef:35:dd:43:d4:
10:03:c3:69:c5:14:27:6d:ff:64:7b:0d:f3:d6:f8:
93:b2:a0:48:ec:09:97:b9:3c:1c:2f:0e:b0:d8:a8:
b2:a3:c8:00:52:a5:7f:16:70:65:33:8b:79:52:ff:
a1:c2:a1:84:18:e7:c2:a4:7c:91:5f:ba:73:7f:21:
ce:44:2d:59:88:a7:d7:97:7b:c2:fd:48:aa:04:98:
4e:b2:e7:2b:73:88:99:ae:ee:c7:4a:66:2e:08:a3:
c4:29:a6:67:a5:d0:97:23:a8:58:db:a5:d5:30:28:
f8:50:75:14:15:18:44:3e:29:62:da:3a:ed:7d:88:
3e:eb:fb:64:f3:5b:c0:fc:59:32:ca:16:35:36:41:
b0:71:04:d9:9e:74:77:2d:ae:12:40:62:73:0e:24:
07:b6:57:f3:70:6d:aa:53:2e:b6:0c:df:74:dd:17:
26:b7:26:2c:36:44:15:cb:f6:4b:e8:a7:b9:bb:30:
bb:10:87:e6:d4:d6:cc:50:93:36:29:e3:ab:46:a1:
db:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A9:52:FA:42:5A:12:EF:E1:7B:7A:DD:01:65:C0:B4:D4:C9:9A:73
X509v3 Authority Key Identifier:
keyid:FD:16:07:18:63:73:E8:1F:44:D1:37:B2:A0:E9:69:57:E6:2A:B8:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_RYHGGNz6B9E0TeyoOlpV-YquKE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/3AA34496E72111EC927A5224C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.200.0/22
103.14.248.0/22
180.178.124.0/22
203.217.169.0-203.217.171.255
Signature Algorithm: sha256WithRSAEncryption
9c:ea:db:f9:96:39:53:bb:82:21:e7:c0:2d:57:bf:a3:78:8d:
1e:e5:b6:67:0e:ab:d3:8d:22:e7:1a:6a:e0:dd:95:4c:17:e9:
a2:0d:ba:00:24:5a:c9:01:ff:87:4e:3c:2b:d6:f8:81:d1:65:
27:0a:40:df:01:5a:8e:84:ac:0f:d0:0c:9c:21:f1:83:dc:81:
7b:1d:3b:50:1a:08:ef:e1:68:3e:74:c6:0d:79:2a:11:58:38:
2d:a2:44:8a:7d:87:21:9a:ca:d6:1a:0b:a2:36:56:69:15:f4:
28:94:e0:a8:05:fa:15:25:86:2b:a2:ee:34:b0:7d:df:19:6a:
8c:fd:bc:79:c7:b8:30:08:93:77:ab:c2:43:e6:21:db:12:6f:
fa:2f:0f:d6:f8:c3:90:85:a8:b4:a0:bd:db:b9:47:4c:29:f5:
57:58:0f:e6:41:8b:6b:29:6a:11:be:bb:29:84:b7:81:09:1c:
fd:d1:22:e8:8c:5f:1b:d1:ea:a7:a2:0a:61:f9:71:b9:bb:16:
fa:4d:79:60:fa:ae:77:11:e6:42:a4:2d:b6:d9:ad:50:20:c8:
14:73:bc:9b:86:23:9a:6b:3d:59:d4:a9:55:35:c5:e7:ac:06:
db:e4:d7:0b:40:0d:31:e5:8a:66:d6:a4:63:6d:8e:d1:02:2a:
80:83:8a:69
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICMcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKEZEMTYwNzE4NjM3M0U4MUY0NEQxMzdCMkEwRTk2OTU3
RTYyQUI4QTEwHhcNMjIwNjA4MTE1MDQ1WhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmEwOGQxNC05NDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvhRCg2GED/pPL+JD7HgA1jL/Kln59TxWDfSxz+pljFlJKmcJkbZUdiixJPFn
vrqXSya0f/++7zXdQ9QQA8NpxRQnbf9kew3z1viTsqBI7AmXuTwcLw6w2Kiyo8gA
UqV/FnBlM4t5Uv+hwqGEGOfCpHyRX7pzfyHORC1ZiKfXl3vC/UiqBJhOsucrc4iZ
ru7HSmYuCKPEKaZnpdCXI6hY26XVMCj4UHUUFRhEPili2jrtfYg+6/tk81vA/Fky
yhY1NkGwcQTZnnR3La4SQGJzDiQHtlfzcG2qUy62DN903RcmtyYsNkQVy/ZL6Ke5
uzC7EIfm1NbMUJM2KeOrRqHbTwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFEypUvpC
WhLv4Xt63QFlwLTUyZpzMB8GA1UdIwQYMBaAFP0WBxhjc+gfRNE3sqDpaVfmKrih
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC81QUUxOTdGNDFE
OUYxMUUyQkNCRkY3OEYwOEIwMkNEMi9fUllIR0dOejZCOUUwVGV5b09scFYtWXF1
S0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19SWUhHR056NkI5RTBUZXlvT2xwVi1ZcXVLRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvNUFFMTk3RjQxRDlGMTFFMkJDQkZGNzhGMDhCMDJDRDIvM0FBMzQ0OTZF
NzIxMTFFQzkyN0E1MjI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAIr9cgDBAJnDvgDBAK0snwwDAMEAMvZqQMEAsvZqDANBgkq
hkiG9w0BAQsFAAOCAQEAnOrb+ZY5U7uCIefALVe/o3iNHuW2Zw6r040i5xpq4N2V
TBfpog26ACRayQH/h048K9b4gdFlJwpA3wFajoSsD9AMnCHxg9yBex07UBoI7+Fo
PnTGDXkqEVg4LaJEin2HIZrK1hoLojZWaRX0KJTgqAX6FSWGK6LuNLB93xlqjP28
ece4MAiTd6vCQ+Yh2xJv+i8P1vjDkIWotKC927lHTCn1V1gP5kGLaylqEb67KYS3
gQkc/dEi6IxfG9Hqp6IKYflxubsW+k15YPqudxHmQqQtttmtUCDIFHO8m4Yjmms9
WdSpVTXF56wG2+TXC0ANMeWKZtakY22O0QIqgIOKaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org