Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9F974F98675C11EE81835581C4F9AE02.roa
File: 9F974F98675C11EE81835581C4F9AE02.roa (raw, json)
Hash identifier: 40UqcHv5LWjh1UhVcLSgwlKxm2h5cqtjjZ/Q9lqi23c=
Subject key identifier: BE:35:F7:21:5C:38:3D:25:FB:20:B0:7F:F0:C7:AA:5A:55:A9:39:68
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0518
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9F974F98675C11EE81835581C4F9AE02.roa
Signing time: Tue 10 Oct 2023 11:10:34 +0000
ROA not before: Tue 10 Oct 2023 11:10:34 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 40065
IP address blocks: 43.229.154.0/24 maxlen: 24
103.20.222.0/24 maxlen: 24
103.20.223.0/24 maxlen: 24
103.48.169.0/24 maxlen: 24
103.225.199.0/24 maxlen: 24
150.129.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1304 (0x518)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Oct 10 11:10:34 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=65253129-c870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0b:f3:32:c6:5a:49:7f:fd:ea:e5:5f:4a:f4:
0a:5b:19:40:b2:c3:21:4c:b2:86:a6:33:a9:a3:a3:
cc:fd:4e:70:6e:37:40:d6:bd:d3:52:fc:b5:9b:bd:
3f:e3:f2:0c:0b:42:28:77:ae:0d:6e:7c:b1:b4:e9:
c2:50:b2:fb:ef:01:1b:32:8c:cb:f1:4e:39:59:fc:
b4:94:d6:b1:f9:3b:e5:da:a3:d4:d1:b4:a5:ec:7d:
e0:3b:73:db:8f:83:12:f9:5c:50:cf:9c:4f:10:27:
64:de:9c:07:31:2b:84:a1:2b:f9:23:73:5e:6a:ad:
53:7e:c6:cd:b9:ae:36:76:61:0a:34:40:a7:0c:a5:
c7:65:0d:62:b4:41:1c:2e:36:59:7c:19:3f:c1:ce:
14:36:79:a1:6e:5c:f1:c4:2b:62:4d:e7:87:cf:b5:
62:05:e6:cf:a5:34:f4:df:d0:7d:18:d4:ea:9c:38:
2b:4f:42:88:05:d3:ef:2b:c7:65:56:55:dd:71:90:
55:a9:a7:f3:2a:19:80:78:84:59:d3:b4:e5:a5:84:
ed:09:60:f0:42:21:c3:94:47:52:2d:2b:9c:f0:e4:
4f:81:c8:99:f8:10:6c:10:84:83:eb:86:4e:bf:3a:
69:0e:63:1b:b5:e8:11:cb:60:d6:e3:3e:3c:7f:29:
b6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:35:F7:21:5C:38:3D:25:FB:20:B0:7F:F0:C7:AA:5A:55:A9:39:68
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/9F974F98675C11EE81835581C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.154.0/24
103.20.222.0/23
103.48.169.0/24
103.225.199.0/24
150.129.41.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f0:27:87:b8:fb:38:28:94:db:29:73:fe:6d:6f:79:40:5c:
86:13:68:bb:7d:07:3c:6e:bc:d2:9a:1d:44:6f:92:d5:18:03:
98:b7:6c:76:f2:ca:af:79:2f:78:ce:14:d2:5d:e8:28:1f:5d:
b6:c0:8c:9b:46:29:75:46:cc:ce:ec:04:12:39:55:96:e0:01:
15:87:c6:67:14:0f:b0:c5:35:6d:da:b3:00:11:a9:90:5f:23:
cf:f9:fb:22:c0:22:8e:aa:e3:89:ae:6e:96:a5:b1:0b:d7:02:
6b:5e:4f:63:b0:93:e5:28:89:1c:9b:38:00:10:9f:7f:f3:4c:
b8:a9:e4:42:8a:e9:06:d8:67:4e:e9:d3:29:a6:8f:a7:07:2b:
48:0a:6d:01:3f:e5:e1:f1:f6:50:3f:9d:8e:06:65:e8:af:99:
43:58:53:43:a0:4b:a3:73:cf:05:13:16:68:7d:28:a5:4e:92:
d8:10:22:76:3f:f2:84:19:3d:7e:68:74:af:42:cb:38:e0:8d:
76:4b:03:35:b0:98:d9:9e:df:2f:b7:f1:d8:2c:bc:9b:51:cb:
f7:18:89:12:c7:42:7d:2a:ab:63:a7:1c:6e:86:37:02:1d:b4:
0a:f0:25:1e:64:c9:36:e7:b5:85:7c:7a:3d:6b:57:3e:af:16:
0c:63:25:1d
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBRgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMxMDEwMTExMDM0WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI1MzEyOS1jODcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyAvzMsZaSX/96uVfSvQKWxlAssMhTLKGpjOpo6PM/U5wbjdA1r3TUvy1m70/
4/IMC0Iod64NbnyxtOnCULL77wEbMozL8U45Wfy0lNax+Tvl2qPU0bSl7H3gO3Pb
j4MS+VxQz5xPECdk3pwHMSuEoSv5I3Neaq1TfsbNua42dmEKNECnDKXHZQ1itEEc
LjZZfBk/wc4UNnmhblzxxCtiTeeHz7ViBebPpTT039B9GNTqnDgrT0KIBdPvK8dl
VlXdcZBVqafzKhmAeIRZ07TlpYTtCWDwQiHDlEdSLSuc8ORPgciZ+BBsEISD64ZO
vzppDmMbtegRy2DW4z48fym2xwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFL419yFc
OD0l+yCwf/DHqlpVqTloMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvOUY5NzRGOTg2
NzVDMTFFRTgxODM1NTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAr5ZoDBAFnFN4DBABnMKkDBABn4ccDBACWgSkwDQYJKoZI
hvcNAQELBQADggEBADfwJ4e4+zgolNspc/5tb3lAXIYTaLt9BzxuvNKaHURvktUY
A5i3bHbyyq95L3jOFNJd6CgfXbbAjJtGKXVGzM7sBBI5VZbgARWHxmcUD7DFNW3a
swARqZBfI8/5+yLAIo6q44mubpalsQvXAmteT2Owk+UoiRybOAAQn3/zTLip5EKK
6QbYZ07p0ymmj6cHK0gKbQE/5eHx9lA/nY4GZeivmUNYU0OgS6NzzwUTFmh9KKVO
ktgQInY/8oQZPX5odK9CyzjgjXZLAzWwmNme3y+38dgsvJtRy/cYiRLHQn0qq2On
HG6GNwIdtArwJR5kyTbntYV8ej1rVz6vFgxjJR0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:46 2024 by rpki-client on console-ams.rpki-client.org