Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C0B0AE86C94111EDB0F3A06AC4F9AE02.roa
File: C0B0AE86C94111EDB0F3A06AC4F9AE02.roa (raw, json)
Hash identifier: RDVdRzkybpSYo1+bGEFrnZwnkqdf/u/wlFZM+fepIpA=
Subject key identifier: 24:22:FF:83:48:0A:F4:1C:62:6A:1F:5D:DE:05:5D:6B:08:C5:5D:3C
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0467
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C0B0AE86C94111EDB0F3A06AC4F9AE02.roa
Signing time: Thu 13 Apr 2023 15:23:27 +0000
ROA not before: Thu 13 Apr 2023 15:23:27 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 64021
IP address blocks: 43.229.152.0/24 maxlen: 24
103.48.168.0/24 maxlen: 24
103.48.169.0/24 maxlen: 24
103.48.170.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1127 (0x467)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Apr 13 15:23:27 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64381e6f-f5ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:49:a5:13:bc:8c:22:c7:d4:2c:b8:2e:25:a9:
f0:12:f2:e9:10:b8:af:06:b0:b3:d1:55:87:fb:cc:
63:c0:3a:64:b2:e6:09:9e:7b:15:b5:00:90:cb:24:
d4:64:d4:5a:bb:17:53:ac:19:1a:82:07:a7:a2:ef:
1f:1f:3a:c8:c7:6a:79:31:9d:da:f6:41:ea:b0:c8:
51:40:c1:62:3b:f1:0a:0d:12:12:1c:16:86:85:3f:
95:cb:4c:02:60:d6:df:65:ab:a5:05:c7:30:b9:c9:
80:ae:de:87:64:1c:e6:7d:14:57:4a:26:a1:1f:c1:
39:7c:26:1f:b2:15:87:74:7a:48:7e:52:42:b8:f6:
34:06:74:d4:a4:9e:44:1d:1d:d7:7a:b4:12:aa:39:
1d:af:b4:4e:89:54:d6:35:cd:ab:6b:68:6c:64:12:
ee:77:f4:2b:55:91:34:30:83:b0:17:26:ea:49:96:
20:b0:15:3d:d0:a6:c3:b1:f6:34:1a:bc:a7:66:77:
26:8b:dd:0b:84:3b:e9:ef:57:b2:b0:7c:db:59:28:
56:87:27:9a:4e:42:36:48:5a:66:3d:31:b2:fa:e4:
88:60:f5:50:bc:44:63:cf:7e:a0:2f:33:f6:92:92:
0c:e8:e9:d1:76:d3:82:99:24:a9:6a:7a:64:e2:73:
69:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:22:FF:83:48:0A:F4:1C:62:6A:1F:5D:DE:05:5D:6B:08:C5:5D:3C
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/C0B0AE86C94111EDB0F3A06AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.152.0/24
103.48.168.0-103.48.170.255
103.228.64.0/24
103.234.55.0/24
Signature Algorithm: sha256WithRSAEncryption
08:77:f3:20:d8:28:9b:ad:76:6d:52:b2:92:21:0b:d3:a3:e9:
67:7c:78:6b:59:0c:28:69:2e:29:c6:11:c7:1e:51:14:b7:dc:
68:d8:c7:f7:17:37:ee:d0:44:be:37:9b:a7:b1:11:17:f2:ce:
5b:00:9c:11:39:8f:2e:44:11:c4:67:b3:8c:56:08:d8:e0:85:
c4:fb:94:c2:ac:38:e4:af:32:3d:92:e4:11:5d:8d:98:97:00:
de:5c:a3:1e:fb:6f:a9:1d:8f:db:a0:58:32:5e:87:06:82:6b:
67:b0:81:df:3f:65:0e:4e:43:82:c4:d2:47:be:65:04:bb:f5:
26:bc:78:6a:4a:8a:7c:4b:70:2e:91:6b:a0:0c:ed:e5:9e:53:
ce:15:19:a5:f6:0a:9d:c5:97:30:60:1a:f3:32:76:e0:94:a3:
bc:aa:af:49:c9:6a:a1:5b:08:8d:15:e6:6a:a2:6a:b1:fe:68:
50:0c:93:a8:7a:53:7b:3e:04:97:8f:80:42:33:45:9f:f8:0c:
c7:ca:cf:71:f5:ee:d9:99:25:be:c3:44:1d:14:5f:ba:12:92:
0d:d7:d0:03:74:ff:68:48:09:a2:39:af:12:e3:c6:d3:c5:31:
ba:38:7e:f7:b9:8f:c9:47:48:c8:51:6a:cb:44:2e:e0:da:bc:
bf:c4:25:89
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICBGcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMwNDEzMTUyMzI3WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM4MWU2Zi1mNWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7kmlE7yMIsfULLguJanwEvLpELivBrCz0VWH+8xjwDpksuYJnnsVtQCQyyTU
ZNRauxdTrBkaggenou8fHzrIx2p5MZ3a9kHqsMhRQMFiO/EKDRISHBaGhT+Vy0wC
YNbfZaulBccwucmArt6HZBzmfRRXSiahH8E5fCYfshWHdHpIflJCuPY0BnTUpJ5E
HR3XerQSqjkdr7ROiVTWNc2ra2hsZBLud/QrVZE0MIOwFybqSZYgsBU90KbDsfY0
GrynZncmi90LhDvp71eysHzbWShWhyeaTkI2SFpmPTGy+uSIYPVQvERjz36gLzP2
kpIM6OnRdtOCmSSpanpk4nNpgwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFCQi/4NI
CvQcYmofXd4FXWsIxV08MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvQzBCMEFFODZD
OTQxMTFFREIwRjNBMDZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAAr5ZgwDAMEA2cwqAMEAGcwqgMEAGfkQAMEAGfqNzANBgkq
hkiG9w0BAQsFAAOCAQEACHfzINgom612bVKykiEL06PpZ3x4a1kMKGkuKcYRxx5R
FLfcaNjH9xc37tBEvjebp7ERF/LOWwCcETmPLkQRxGezjFYI2OCFxPuUwqw45K8y
PZLkEV2NmJcA3lyjHvtvqR2P26BYMl6HBoJrZ7CB3z9lDk5DgsTSR75lBLv1Jrx4
akqKfEtwLpFroAzt5Z5TzhUZpfYKncWXMGAa8zJ24JSjvKqvSclqoVsIjRXmaqJq
sf5oUAyTqHpTez4El4+AQjNFn/gMx8rPcfXu2ZklvsNEHRRfuhKSDdfQA3T/aEgJ
ojmvEuPG08Uxujh+97mPyUdIyFFqy0Qu4Nq8v8QliQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org