Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/7C7EEFAEBA7E11EA82F8A115C4F9AE02.roa
File: 7C7EEFAEBA7E11EA82F8A115C4F9AE02.roa (raw, json)
Hash identifier: Y+41j9Q0VCrX51/iv0ouX8ANIPj/Ym+cr3fc6ditugs=
Subject key identifier: 59:B0:73:60:95:51:EA:4D:A7:10:65:77:CE:21:73:59:B4:FD:B5:64
Certificate issuer: /CN=A911E509/serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8
Certificate serial: 05F4
Authority key identifier: AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/7C7EEFAEBA7E11EA82F8A115C4F9AE02.roa
Signing time: Thu 05 May 2022 10:50:15 +0000
ROA not before: Thu 05 May 2022 10:50:15 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 135391
IP address blocks: 43.230.88.0/22 maxlen: 24
61.29.240.0/24 maxlen: 24
61.29.251.0/24 maxlen: 24
103.49.132.0/22 maxlen: 24
103.216.100.0/22 maxlen: 24
157.119.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1524 (0x5f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E509/serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8
Validity
Not Before: May 5 10:50:15 2022 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=6273abe7-43ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1c:ff:94:55:d8:d6:37:eb:16:4f:8a:46:fa:
ee:d1:03:9d:6b:2d:5f:ce:8e:48:66:6e:5c:03:22:
e2:15:fd:43:ad:b7:43:2e:0e:5f:f2:06:51:2d:1f:
0f:0e:96:81:35:59:e2:6c:81:83:83:06:6e:82:28:
a7:ad:d8:6e:27:97:fe:cf:20:2b:27:82:ef:b0:6e:
55:11:e5:21:89:87:6e:bf:ec:74:df:f2:2f:bc:4d:
02:85:da:9d:13:b4:d7:f9:97:b6:c2:04:13:67:4c:
b9:ff:43:94:30:29:34:bd:5e:64:2b:8a:36:2b:80:
e3:d3:05:79:e9:50:10:2a:2b:c3:fd:03:20:b1:cb:
c0:0f:c3:a4:1d:44:84:4c:1c:36:ca:5b:cd:03:7a:
30:cc:7a:d1:4d:51:d8:02:9e:4d:79:e5:af:6c:6d:
c5:69:ac:8c:9b:9f:96:a6:5f:bc:60:28:3b:c0:15:
cd:ac:d8:26:8d:90:e1:5e:a8:a5:18:65:16:f8:b6:
6b:f5:72:23:2b:75:0e:17:a9:26:07:c5:a6:ee:98:
a5:ed:df:be:0a:43:3b:80:13:00:ee:24:8e:11:42:
74:f7:b1:14:50:84:ed:d2:19:80:73:b4:93:e8:3c:
c3:72:cb:cd:df:63:5d:59:a2:de:18:81:1e:b3:e0:
b0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B0:73:60:95:51:EA:4D:A7:10:65:77:CE:21:73:59:B4:FD:B5:64
X509v3 Authority Key Identifier:
keyid:AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/7C7EEFAEBA7E11EA82F8A115C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.88.0/22
61.29.240.0/24
61.29.251.0/24
103.49.132.0/22
103.216.100.0/22
157.119.232.0/22
Signature Algorithm: sha256WithRSAEncryption
38:4a:2c:49:3d:89:9f:83:d1:95:8b:b7:cd:a2:13:9b:00:31:
60:70:2b:10:c7:78:11:b5:f1:f6:2d:b8:a4:30:ef:0f:fd:2d:
2d:42:28:3d:4c:1d:25:91:31:6e:eb:f1:51:9b:e8:e2:6f:dd:
68:e8:5c:75:3e:4a:d6:55:fa:51:a0:3d:ba:79:bd:fe:b2:38:
84:51:dd:0e:cb:19:8b:c1:2a:74:2b:cf:4b:e4:e2:c1:c8:d5:
4e:fb:e4:1e:18:71:5f:96:a5:81:5e:cc:d5:ab:0c:a5:1e:e1:
21:11:a5:55:a4:89:d1:08:f8:41:e7:b7:10:28:da:d0:22:e7:
a9:a5:d9:a0:e0:ce:92:2e:c0:1d:c1:53:00:ef:8b:34:c1:9f:
ac:69:dd:c2:ae:0e:79:e6:36:17:aa:f0:62:49:e5:1f:e6:a8:
e5:b2:af:97:da:31:18:29:3d:3b:ea:ae:cb:5e:0a:c1:9c:c1:
91:ab:16:0a:8c:26:50:9d:9f:87:bd:47:01:c2:12:f6:42:61:
69:9f:a4:ab:bd:fd:25:0d:0c:76:77:c1:81:f5:52:16:ad:d6:
48:41:3a:b5:ef:26:77:21:f2:cd:db:74:a8:77:4d:43:a4:ca:
84:42:9b:75:5b:a3:79:35:88:90:a8:05:b6:f3:45:14:20:c3:
b6:c6:35:0e
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBfQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUU1MDkxMTAvBgNVBAUTKEFBOEUxQkUzNjI0MjQwREMzMzAyMDQ3RkI0MUE3RDRF
NDc4MDhFRjgwHhcNMjIwNTA1MTA1MDE1WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjczYWJlNy00M2VjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuBz/lFXY1jfrFk+KRvru0QOday1fzo5IZm5cAyLiFf1DrbdDLg5f8gZRLR8P
DpaBNVnibIGDgwZugiinrdhuJ5f+zyArJ4LvsG5VEeUhiYduv+x03/IvvE0Chdqd
E7TX+Ze2wgQTZ0y5/0OUMCk0vV5kK4o2K4Dj0wV56VAQKivD/QMgscvAD8OkHUSE
TBw2ylvNA3owzHrRTVHYAp5NeeWvbG3FaayMm5+Wpl+8YCg7wBXNrNgmjZDhXqil
GGUW+LZr9XIjK3UOF6kmB8Wm7pil7d++CkM7gBMA7iSOEUJ097EUUITt0hmAc7ST
6DzDcsvN32NdWaLeGIEes+Cw7wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFmwc2CV
UepNpxBld84hc1m0/bVkMB8GA1UdIwQYMBaAFKqOG+NiQkDcMwIEf7QafU5HgI74
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTUwOS83OUVBNTkxRUE3
QkQxMUVBQUFBNjI5NDhDNEY5QUUwMi9xbzRiNDJKQ1FOd3pBZ1JfdEJwOVRrZUFq
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FvNGI0MkpDUU53ekFnUl90QnA5VGtlQWp2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUU1MDkvNzlFQTU5MUVBN0JEMTFFQUFBQTYyOTQ4QzRGOUFFMDIvN0M3RUVGQUVC
QTdFMTFFQTgyRjhBMTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAIr5lgDBAA9HfADBAA9HfsDBAJnMYQDBAJn2GQDBAKdd+gw
DQYJKoZIhvcNAQELBQADggEBADhKLEk9iZ+D0ZWLt82iE5sAMWBwKxDHeBG18fYt
uKQw7w/9LS1CKD1MHSWRMW7r8VGb6OJv3WjoXHU+StZV+lGgPbp5vf6yOIRR3Q7L
GYvBKnQrz0vk4sHI1U775B4YcV+WpYFezNWrDKUe4SERpVWkidEI+EHntxAo2tAi
56ml2aDgzpIuwB3BUwDvizTBn6xp3cKuDnnmNheq8GJJ5R/mqOWyr5faMRgpPTvq
rsteCsGcwZGrFgqMJlCdn4e9RwHCEvZCYWmfpKu9/SUNDHZ3wYH1Uhat1khBOrXv
Jnch8s3bdKh3TUOkyoRCm3Vbo3k1iJCoBbbzRRQgw7bGNQ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org