Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/EB906812FA3011E6B79CD113C4F9AE02.roa
File: EB906812FA3011E6B79CD113C4F9AE02.roa (raw, json)
Hash identifier: QZGqgKk+osya8Jr6N+SbjAmmz0x39Xk+8xNRhJMyrVY=
Subject key identifier: F4:F0:CB:E8:8A:0B:BF:C0:F2:6C:E8:1B:48:BA:46:1F:4C:46:D6:D7
Certificate issuer: /CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4
Certificate serial: 1FCE
Authority key identifier: 3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/EB906812FA3011E6B79CD113C4F9AE02.roa
Signing time: Sat 01 Oct 2022 16:33:00 +0000
ROA not before: Sat 01 Oct 2022 16:33:00 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 8100
IP address blocks: 43.230.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8142 (0x1fce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F0EBF/serialNumber=3ACCB69539AC9F4288BCD0F0A54250D592F540D4
Validity
Not Before: Oct 1 16:33:00 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63386bbc-9d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:61:c5:a6:c6:5e:53:79:6d:75:10:96:05:02:
d8:9f:66:58:96:83:12:4a:29:99:c9:7f:87:7a:1b:
fa:9a:37:e8:03:9e:de:29:47:ca:d7:c1:6a:4e:8d:
f6:66:60:7b:5a:ab:b3:40:d6:5f:0c:a7:3e:7a:8e:
82:1e:ea:e9:92:22:28:56:e6:b5:01:61:21:a1:3b:
58:14:f2:b7:c4:ae:52:ee:da:91:84:eb:b5:56:4f:
8c:bc:7a:42:cc:ad:d5:70:5b:d8:14:b4:91:34:05:
5b:d6:20:ef:27:8e:9f:2c:bf:03:3a:6a:2c:e7:f5:
6c:e7:24:04:a4:c7:1d:ff:51:97:62:22:df:4e:55:
cb:e2:89:fa:bc:58:e7:fd:fc:58:62:7e:a3:69:d5:
8c:f5:59:9c:3c:6e:1b:5d:be:be:99:27:5d:c0:7e:
d8:3a:c5:b0:6d:08:10:9c:54:95:03:4f:52:39:22:
09:e6:47:bf:d9:4a:2e:1a:13:98:cc:02:51:1c:57:
c2:82:58:ea:d8:9a:bd:bf:8b:65:81:38:41:e3:9a:
4d:53:c2:35:c0:77:0f:02:af:20:ab:7a:75:c3:47:
f6:cc:de:25:9d:5c:df:b3:ca:52:ba:b1:6c:65:e3:
fa:fe:45:b8:28:00:1f:8c:4e:2e:a5:1b:fb:76:5a:
4f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F0:CB:E8:8A:0B:BF:C0:F2:6C:E8:1B:48:BA:46:1F:4C:46:D6:D7
X509v3 Authority Key Identifier:
keyid:3A:CC:B6:95:39:AC:9F:42:88:BC:D0:F0:A5:42:50:D5:92:F5:40:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Osy2lTmsn0KIvNDwpUJQ1ZL1QNQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0EBF/5F84D7D8DB8011E59AB7ED1EC4F9AE02/EB906812FA3011E6B79CD113C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.26.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:78:7b:7d:07:ac:e4:3e:b6:b3:67:da:7b:c5:0c:2c:2c:30:
f3:45:a0:7c:74:c1:b3:bc:89:83:27:9d:6d:64:09:7b:da:e1:
a9:c5:31:4f:fe:8a:b1:b4:48:23:e5:73:01:50:c3:73:51:9b:
d8:3b:5d:65:8b:a4:0f:cd:27:f6:21:33:1b:34:f7:97:b0:59:
e8:ae:7f:1c:28:b8:e4:87:a8:42:52:ea:1d:dd:8c:1b:fa:92:
b6:29:21:50:06:84:36:82:15:f2:c7:cd:bb:4d:8d:78:ee:ea:
00:c4:2e:00:0b:47:bb:1a:d0:dc:40:61:aa:46:2b:2b:74:b2:
30:eb:d8:4e:61:c5:8e:bd:8d:42:79:95:ce:6d:6d:5f:89:b1:
e3:b3:f8:a7:a5:72:cf:c9:6f:c1:ba:d1:6c:a2:da:e3:ac:e8:
53:8d:a7:04:fe:1b:63:5f:de:ce:17:7f:d3:9e:f2:19:02:4c:
15:60:1b:5e:04:34:5d:3d:0d:a0:8a:08:31:ef:82:bd:18:07:
16:c4:9a:b5:67:ad:d9:eb:e0:2b:64:2b:e9:78:6d:41:7c:bc:
dc:dc:cd:d3:49:d0:a4:ea:d0:99:06:f2:2c:61:57:4a:54:0c:
82:85:49:04:d5:95:18:1d:b9:e3:6f:f1:91:33:d8:fe:21:17:
d1:5a:35:cb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICH84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjBFQkYxMTAvBgNVBAUTKDNBQ0NCNjk1MzlBQzlGNDI4OEJDRDBGMEE1NDI1MEQ1
OTJGNTQwRDQwHhcNMjIxMDAxMTYzMzAwWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM4NmJiYy05ZDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA42HFpsZeU3ltdRCWBQLYn2ZYloMSSimZyX+Hehv6mjfoA57eKUfK18FqTo32
ZmB7WquzQNZfDKc+eo6CHurpkiIoVua1AWEhoTtYFPK3xK5S7tqRhOu1Vk+MvHpC
zK3VcFvYFLSRNAVb1iDvJ46fLL8DOmos5/Vs5yQEpMcd/1GXYiLfTlXL4on6vFjn
/fxYYn6jadWM9VmcPG4bXb6+mSddwH7YOsWwbQgQnFSVA09SOSIJ5ke/2UouGhOY
zAJRHFfCgljq2Jq9v4tlgThB45pNU8I1wHcPAq8gq3p1w0f2zN4lnVzfs8pSurFs
ZeP6/kW4KAAfjE4upRv7dlpPswIDAQABo4IClTCCApEwHQYDVR0OBBYEFPTwy+iK
C7/A8mzoG0i6Rh9MRtbXMB8GA1UdIwQYMBaAFDrMtpU5rJ9CiLzQ8KVCUNWS9UDU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEVCRi81Rjg0RDdEOERC
ODAxMUU1OUFCN0VEMUVDNEY5QUUwMi9Pc3kybFRtc24wS0l2TkR3cFVKUTFaTDFR
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09zeTJsVG1zbjBLSXZORHdwVUpRMVpMMVFOUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjBFQkYvNUY4NEQ3RDhEQjgwMTFFNTlBQjdFRDFFQzRGOUFFMDIvRUI5MDY4MTJG
QTMwMTFFNkI3OUNEMTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr5howDQYJKoZIhvcNAQELBQADggEBAGt4e30HrOQ+trNn
2nvFDCwsMPNFoHx0wbO8iYMnnW1kCXva4anFMU/+irG0SCPlcwFQw3NRm9g7XWWL
pA/NJ/YhMxs095ewWeiufxwouOSHqEJS6h3djBv6krYpIVAGhDaCFfLHzbtNjXju
6gDELgALR7sa0NxAYapGKyt0sjDr2E5hxY69jUJ5lc5tbV+JseOz+Kelcs/Jb8G6
0Wyi2uOs6FONpwT+G2Nf3s4Xf9Oe8hkCTBVgG14ENF09DaCKCDHvgr0YBxbEmrVn
rdnr4CtkK+l4bUF8vNzczdNJ0KTq0JkG8ixhV0pUDIKFSQTVlRgdueNv8ZEz2P4h
F9FaNcs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org