Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/DCA57EC6D43D11EDAC838C15C4F9AE02.roa
File: DCA57EC6D43D11EDAC838C15C4F9AE02.roa (raw, json)
Hash identifier: Ax3pJjgPnoTFORpEtIUA4URsuj6UAqYIyjtMDRKMAvI=
Subject key identifier: 66:DA:EF:C2:15:BF:82:11:8F:11:9C:54:F5:93:B2:95:F1:16:F4:A6
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 04E2
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/DCA57EC6D43D11EDAC838C15C4F9AE02.roa
Signing time: Sat 09 Sep 2023 13:44:32 +0000
ROA not before: Sat 09 Sep 2023 13:44:32 +0000
ROA not after: Sat 30 Dec 2023 00:00:00 +0000
asID: 40065
IP address blocks: 43.229.154.0/24 maxlen: 24
103.20.222.0/24 maxlen: 24
103.20.223.0/24 maxlen: 24
103.48.169.0/24 maxlen: 24
103.225.199.0/24 maxlen: 24
150.129.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1250 (0x4e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Sep 9 13:44:32 2023 GMT
Not After : Dec 30 00:00:00 2023 GMT
Subject: CN=64fc76c0-8deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:59:20:45:fe:a9:d7:b0:c5:98:25:14:90:89:
32:1c:04:74:3a:85:48:c3:e6:97:b0:41:d4:27:ac:
2f:cf:e1:3e:aa:b0:01:e3:c1:bd:3c:03:f6:3b:fa:
27:fb:17:e1:d5:0a:40:a3:4a:15:27:56:b3:55:ee:
ce:d5:07:76:d8:0b:57:b2:8c:74:db:a1:95:62:b2:
71:93:46:27:10:d4:ad:cc:15:ea:a4:ee:3b:d4:d9:
cb:74:71:a1:01:ee:6f:04:5e:2f:bb:b5:cc:a8:01:
16:c9:c2:5c:d4:e4:44:e6:4b:ce:3e:5d:df:09:ed:
4d:63:8e:b7:2d:71:81:1f:1d:7a:af:7c:32:9c:78:
fc:25:ba:8f:7d:e2:41:39:ab:6d:7c:a3:d6:30:19:
c7:f8:7b:2f:c1:3c:dd:c2:71:8a:3d:eb:6f:c9:09:
5f:fd:36:b9:2f:f2:4e:45:4c:f7:2f:57:8e:a2:f7:
3d:9a:6e:82:c7:48:66:26:fb:22:37:50:48:2e:a8:
8a:ba:6f:ff:1a:ad:d9:d6:a9:64:26:8b:f1:21:45:
fe:99:f0:14:92:2c:21:7e:99:65:e9:4f:50:08:1c:
4f:f5:d7:e9:1f:88:3d:d6:63:53:d3:58:39:d5:d8:
ec:f4:12:1b:e1:1d:92:79:f1:02:2f:d9:d0:ed:dc:
11:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DA:EF:C2:15:BF:82:11:8F:11:9C:54:F5:93:B2:95:F1:16:F4:A6
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/DCA57EC6D43D11EDAC838C15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.154.0/24
103.20.222.0/23
103.48.169.0/24
103.225.199.0/24
150.129.41.0/24
Signature Algorithm: sha256WithRSAEncryption
64:56:87:1e:a9:82:f7:26:86:98:06:95:39:84:41:2c:93:c8:
67:c3:1a:e1:d4:29:84:d5:85:f2:ba:40:05:cb:38:b4:4e:87:
fb:8d:28:74:b0:b3:9f:63:d3:fa:f7:d0:33:65:84:34:ed:8d:
32:71:5a:3f:29:be:45:26:69:42:92:09:0b:8a:e6:05:c0:82:
a8:c4:76:9a:57:f7:b3:4b:d6:73:76:56:b5:75:67:a5:a4:07:
87:fa:5d:ad:66:4c:09:18:12:39:2e:04:02:e3:51:4e:36:23:
33:e1:c1:7a:ea:5e:85:89:38:eb:ca:1f:02:65:c1:97:08:70:
c1:be:12:13:f0:23:dd:2a:01:d0:b1:cc:a2:26:23:52:df:ed:
18:2e:23:54:96:e9:2a:65:cd:f6:7e:88:d4:91:7d:98:bd:03:
93:c2:ba:54:fa:37:53:1a:de:32:7a:c3:81:35:cb:02:f9:17:
8a:3c:71:5d:37:09:28:4d:8f:de:64:76:30:d1:dc:9b:c2:c1:
2f:db:76:27:a3:09:4e:69:9f:c6:a0:fc:32:3a:6f:01:f7:e6:
74:58:4a:94:da:d1:2c:fd:49:9b:c2:1d:03:78:67:85:bc:98:
f1:63:c2:42:8c:ae:d9:99:a2:40:c0:43:10:66:58:13:16:5e:
6e:98:e3:ff
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjMwOTA5MTM0NDMyWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZjNzZjMC04ZGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyFkgRf6p17DFmCUUkIkyHAR0OoVIw+aXsEHUJ6wvz+E+qrAB48G9PAP2O/on
+xfh1QpAo0oVJ1azVe7O1Qd22AtXsox026GVYrJxk0YnENStzBXqpO471NnLdHGh
Ae5vBF4vu7XMqAEWycJc1ORE5kvOPl3fCe1NY463LXGBHx16r3wynHj8JbqPfeJB
OattfKPWMBnH+HsvwTzdwnGKPetvyQlf/Ta5L/JORUz3L1eOovc9mm6Cx0hmJvsi
N1BILqiKum//Gq3Z1qlkJovxIUX+mfAUkiwhfpll6U9QCBxP9dfpH4g91mNT01g5
1djs9BIb4R2SefECL9nQ7dwRSwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGba78IV
v4IRjxGcVPWTspXxFvSmMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvRENBNTdFQzZE
NDNEMTFFREFDODM4QzE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAr5ZoDBAFnFN4DBABnMKkDBABn4ccDBACWgSkwDQYJKoZI
hvcNAQELBQADggEBAGRWhx6pgvcmhpgGlTmEQSyTyGfDGuHUKYTVhfK6QAXLOLRO
h/uNKHSws59j0/r30DNlhDTtjTJxWj8pvkUmaUKSCQuK5gXAgqjEdppX97NL1nN2
VrV1Z6WkB4f6Xa1mTAkYEjkuBALjUU42IzPhwXrqXoWJOOvKHwJlwZcIcMG+EhPw
I90qAdCxzKImI1Lf7RguI1SW6SplzfZ+iNSRfZi9A5PCulT6N1Ma3jJ6w4E1ywL5
F4o8cV03CShNj95kdjDR3JvCwS/bdiejCU5pn8ag/DI6bwH35nRYSpTa0Sz9SZvC
HQN4Z4W8mPFjwkKMrtmZokDAQxBmWBMWXm6Y4/8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org