Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1981E66CF30C11ED94750772C4F9AE02.roa
File: 1981E66CF30C11ED94750772C4F9AE02.roa (raw, json)
Hash identifier: WHj7f7dzx78SMnE73m2Q1tD5AvpsV1Odu2Ju8CvWsl0=
Subject key identifier: 20:6F:DA:8C:EF:A1:34:98:8C:9A:1B:A1:30:79:D8:34:E6:29:65:B3
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0489
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1981E66CF30C11ED94750772C4F9AE02.roa
Signing time: Mon 15 May 2023 10:34:42 +0000
ROA not before: Mon 15 May 2023 10:34:42 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 137451
IP address blocks: 43.229.152.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1161 (0x489)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: May 15 10:34:42 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64620ac1-f74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:db:79:98:63:1b:3a:34:1d:de:5a:bb:1d:6d:
4d:fc:40:9c:ed:53:e5:8c:d7:fb:c2:29:d8:32:93:
d6:8e:df:aa:19:42:b5:28:4c:bf:cd:4a:4c:81:a8:
eb:2d:d7:13:3c:0a:0c:a6:2f:74:f1:31:00:46:d6:
52:bc:dc:b0:6b:ab:83:53:df:f3:2a:dd:c6:b7:05:
1a:9b:e1:6e:fe:c2:c1:1f:af:ed:c3:64:f0:b3:70:
28:6d:4f:14:0d:78:69:9b:53:b2:9b:4a:89:77:67:
39:d3:d1:c9:04:3d:76:f9:b9:3c:28:03:7a:60:99:
5c:c5:3c:ab:b0:bd:62:9d:cb:57:a6:80:e3:ab:d1:
86:b1:89:e4:44:cd:d8:3f:c5:38:32:1c:17:5a:71:
74:67:6e:73:17:69:f7:7c:30:3c:7d:9a:81:f6:4c:
6b:f7:51:4c:da:3c:76:1d:5c:1d:da:9c:ec:2c:bc:
f7:7a:3e:2a:ee:97:7c:30:c1:5c:80:85:01:e1:6f:
bd:12:8f:63:2d:3b:a8:da:59:72:08:01:a8:60:24:
a6:4c:ef:46:2d:01:49:92:e7:d8:b1:19:6d:10:60:
c9:ea:2c:03:a8:c6:e8:2c:76:5d:13:c0:d2:01:27:
01:4e:e1:d7:e0:9f:9a:65:2d:7c:b5:af:24:94:9c:
0d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:6F:DA:8C:EF:A1:34:98:8C:9A:1B:A1:30:79:D8:34:E6:29:65:B3
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1981E66CF30C11ED94750772C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.152.0/24
103.228.64.0/24
Signature Algorithm: sha256WithRSAEncryption
02:36:c4:06:c3:e7:a6:09:e7:4f:e4:d5:eb:36:6b:9f:29:38:
0d:cf:f5:96:09:58:e8:ee:69:e5:5e:80:83:94:4a:d0:76:46:
2a:35:60:f3:26:64:40:78:a6:21:5c:74:1d:78:0d:6d:03:7a:
5f:d4:3b:8c:98:e0:17:31:f1:b3:79:84:6a:8a:da:47:57:dd:
b0:ac:ff:fa:78:54:67:aa:78:89:86:c7:f7:48:32:2c:67:17:
06:31:0e:15:91:18:5e:f7:b5:43:9f:9f:22:40:9e:93:71:57:
a9:31:a3:4f:2e:75:47:27:5f:c5:08:33:05:01:30:83:b8:de:
a4:8a:f8:0d:69:93:d3:e3:51:02:bb:48:6e:db:a3:16:72:d5:
9e:2d:fe:66:b8:fe:6f:ea:43:94:1d:f7:d7:61:f2:71:13:36:
29:6e:35:ee:6d:2a:d5:8d:34:ea:59:5d:bb:7d:aa:2a:ba:04:
32:04:7e:f7:e7:79:43:4d:94:1f:bd:bb:45:e5:9f:ed:20:ea:
03:db:49:ee:3e:f9:17:41:3d:43:dc:92:e5:2f:52:7b:c5:de:
9a:b5:94:c7:af:ad:80:5d:29:9f:9e:dc:c5:ed:56:17:f1:51:
d8:4a:6c:78:b2:e3:a5:61:c7:23:da:80:94:78:6e:fe:df:b0:
8f:c6:51:a7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMwNTE1MTAzNDQyWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYyMGFjMS1mNzRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA39t5mGMbOjQd3lq7HW1N/ECc7VPljNf7winYMpPWjt+qGUK1KEy/zUpMgajr
LdcTPAoMpi908TEARtZSvNywa6uDU9/zKt3GtwUam+Fu/sLBH6/tw2Tws3AobU8U
DXhpm1Oym0qJd2c509HJBD12+bk8KAN6YJlcxTyrsL1inctXpoDjq9GGsYnkRM3Y
P8U4MhwXWnF0Z25zF2n3fDA8fZqB9kxr91FM2jx2HVwd2pzsLLz3ej4q7pd8MMFc
gIUB4W+9Eo9jLTuo2llyCAGoYCSmTO9GLQFJkufYsRltEGDJ6iwDqMboLHZdE8DS
AScBTuHX4J+aZS18ta8klJwN1wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCBv2ozv
oTSYjJoboTB52DTmKWWzMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMTk4MUU2NkNG
MzBDMTFFRDk0NzUwNzcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr5ZgDBABn5EAwDQYJKoZIhvcNAQELBQADggEBAAI2xAbD
56YJ50/k1es2a58pOA3P9ZYJWOjuaeVegIOUStB2Rio1YPMmZEB4piFcdB14DW0D
el/UO4yY4Bcx8bN5hGqK2kdX3bCs//p4VGeqeImGx/dIMixnFwYxDhWRGF73tUOf
nyJAnpNxV6kxo08udUcnX8UIMwUBMIO43qSK+A1pk9PjUQK7SG7boxZy1Z4t/ma4
/m/qQ5Qd99dh8nETNiluNe5tKtWNNOpZXbt9qiq6BDIEfvfneUNNlB+9u0Xln+0g
6gPbSe4++RdBPUPckuUvUnvF3pq1lMevrYBdKZ+e3MXtVhfxUdhKbHiy46VhxyPa
gJR4bv7fsI/GUac=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org