Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122E09/01A5837A0F6411EB9FD53749C4F9AE02/F416C6AA0F6411EBA8467549C4F9AE02.roa
File: F416C6AA0F6411EBA8467549C4F9AE02.roa (raw, json)
Hash identifier: XlkQ6OcmmNjXsTuKwym9A4Ki9zzTnl3mW3wJdogWHF4=
Subject key identifier: 0B:D8:25:4B:51:D1:21:BC:70:1A:0A:5B:CD:18:0D:35:05:32:5B:3D
Certificate issuer: /CN=A9122E09/serialNumber=5F1D30E973B5C1C8A80F6047DC52977894044C3F
Certificate serial: 0612
Authority key identifier: 5F:1D:30:E9:73:B5:C1:C8:A8:0F:60:47:DC:52:97:78:94:04:4C:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xx0w6XO1wcioD2BH3FKXeJQETD8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122E09/01A5837A0F6411EB9FD53749C4F9AE02/F416C6AA0F6411EBA8467549C4F9AE02.roa
Signing time: Wed 31 May 2023 00:26:56 +0000
ROA not before: Wed 31 May 2023 00:26:56 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 55720
IP address blocks: 43.249.252.0/24 maxlen: 24
43.249.253.0/24 maxlen: 24
43.249.254.0/24 maxlen: 24
43.249.255.0/24 maxlen: 24
103.229.144.0/24 maxlen: 24
103.229.145.0/24 maxlen: 24
103.229.146.0/24 maxlen: 24
103.229.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1554 (0x612)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122E09
Validity
Not Before: May 31 00:26:56 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64769450-c673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:57:62:41:03:d4:1a:8d:b3:3a:76:89:ad:
e9:90:74:36:48:53:fc:c9:2c:5f:44:c2:ac:cf:be:
5c:28:b5:3d:20:6a:82:5a:50:54:9b:bf:90:c7:3b:
a9:92:4f:f8:ea:9c:61:ca:37:86:17:1e:04:f8:c6:
b9:e2:41:55:e0:73:86:b0:f6:98:b0:9e:0f:14:dc:
b8:ee:ee:72:74:17:8f:76:ec:3e:eb:9e:cf:38:b6:
22:e2:7c:68:eb:04:8a:14:a3:61:4d:68:6e:a2:df:
af:be:9a:cb:70:9d:b8:00:ea:3e:50:7b:74:a4:76:
33:97:32:9b:45:e9:a8:ea:77:20:25:b0:25:96:32:
ff:4d:89:8c:37:50:e6:69:15:ca:74:98:3a:c2:e8:
9f:c7:a1:ac:e5:1d:22:b6:1f:bd:29:ed:bb:66:2c:
62:a9:23:7d:71:f0:c3:94:2b:6e:b3:3b:d5:d4:de:
8a:8d:09:d3:c3:5c:ee:f1:4a:7c:8f:fb:de:4d:65:
f5:3d:36:f0:bc:b1:a7:33:d3:2f:b0:14:39:a0:f7:
1c:66:f4:64:a6:93:23:56:9d:a3:35:ca:c6:c8:7f:
c8:ed:a8:c5:9a:4c:20:a9:2d:49:6f:88:82:d7:c0:
c0:3a:3d:59:99:ff:56:c5:ee:3e:50:bc:a4:1d:d5:
b9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D8:25:4B:51:D1:21:BC:70:1A:0A:5B:CD:18:0D:35:05:32:5B:3D
X509v3 Authority Key Identifier:
keyid:5F:1D:30:E9:73:B5:C1:C8:A8:0F:60:47:DC:52:97:78:94:04:4C:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122E09/01A5837A0F6411EB9FD53749C4F9AE02/Xx0w6XO1wcioD2BH3FKXeJQETD8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xx0w6XO1wcioD2BH3FKXeJQETD8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122E09/01A5837A0F6411EB9FD53749C4F9AE02/F416C6AA0F6411EBA8467549C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.252.0/22
103.229.144.0/22
Signature Algorithm: sha256WithRSAEncryption
31:c0:e4:70:13:13:59:ca:d3:23:85:1e:d3:00:ec:73:cd:5f:
fb:78:0e:47:cf:81:85:96:15:c7:22:7c:0b:bf:4c:6e:8d:39:
55:93:de:77:0c:18:a5:05:12:25:a3:d2:61:20:90:fe:5c:04:
80:89:b9:94:8d:0d:c0:c6:d3:2f:8b:21:c4:96:7d:34:3b:bc:
72:b9:ae:dc:6d:43:a4:41:7f:9b:52:96:1a:c4:07:24:6e:35:
65:18:3e:bf:4f:e1:0a:e2:18:71:d3:6c:12:a5:78:af:5e:a2:
f2:45:f7:8a:14:82:d7:c6:5d:ee:7e:cd:45:18:d7:b9:9a:0d:
b4:2c:43:65:e7:ad:84:a8:a8:ff:86:ee:ec:cd:03:6f:0d:a6:
11:51:f4:be:96:78:86:9f:e5:3f:18:be:d8:58:03:7d:36:c7:
46:d4:31:68:e4:45:22:0c:94:9a:5f:fa:62:e4:60:66:aa:72:
49:aa:d3:fc:35:ff:8c:3b:fc:bb:f3:14:fa:47:14:02:f9:fd:
d1:5e:a3:0b:92:be:82:5e:f4:90:d0:51:40:c2:1f:ae:9a:5b:
6e:8c:af:72:07:60:44:21:da:6a:dd:39:0c:a6:3a:cc:0f:b6:
c1:2e:f9:11:c5:16:4f:cd:6f:bf:02:8c:e0:73:0c:2a:70:69:
ad:dd:4d:6d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBhIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjJFMDkxMTAvBgNVBAUTKDVGMUQzMEU5NzNCNUMxQzhBODBGNjA0N0RDNTI5Nzc4
OTQwNDRDM0YwHhcNMjMwNTMxMDAyNjU2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc2OTQ1MC1jNjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuLtXYkED1BqNszp2ia3pkHQ2SFP8ySxfRMKsz75cKLU9IGqCWlBUm7+Qxzup
kk/46pxhyjeGFx4E+Ma54kFV4HOGsPaYsJ4PFNy47u5ydBePduw+657POLYi4nxo
6wSKFKNhTWhuot+vvprLcJ24AOo+UHt0pHYzlzKbRemo6ncgJbAlljL/TYmMN1Dm
aRXKdJg6wuifx6Gs5R0ith+9Ke27ZixiqSN9cfDDlCtuszvV1N6KjQnTw1zu8Up8
j/veTWX1PTbwvLGnM9MvsBQ5oPccZvRkppMjVp2jNcrGyH/I7ajFmkwgqS1Jb4iC
18DAOj1Zmf9Wxe4+ULykHdW58wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAvYJUtR
0SG8cBoKW80YDTUFMls9MB8GA1UdIwQYMBaAFF8dMOlztcHIqA9gR9xSl3iUBEw/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkUwOS8wMUE1ODM3QTBG
NjQxMUVCOUZENTM3NDlDNEY5QUUwMi9YeDB3NlhPMXdjaW9EMkJIM0ZLWGVKUUVU
RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h4MHc2WE8xd2Npb0QyQkgzRktYZUpRRVREOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjJFMDkvMDFBNTgzN0EwRjY0MTFFQjlGRDUzNzQ5QzRGOUFFMDIvRjQxNkM2QUEw
RjY0MTFFQkE4NDY3NTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr+fwDBAJn5ZAwDQYJKoZIhvcNAQELBQADggEBADHA5HAT
E1nK0yOFHtMA7HPNX/t4DkfPgYWWFccifAu/TG6NOVWT3ncMGKUFEiWj0mEgkP5c
BICJuZSNDcDG0y+LIcSWfTQ7vHK5rtxtQ6RBf5tSlhrEByRuNWUYPr9P4QriGHHT
bBKleK9eovJF94oUgtfGXe5+zUUY17maDbQsQ2XnrYSoqP+G7uzNA28NphFR9L6W
eIaf5T8YvthYA302x0bUMWjkRSIMlJpf+mLkYGaqckmq0/w1/4w7/LvzFPpHFAL5
/dFeowuSvoJe9JDQUUDCH66aW26Mr3IHYEQh2mrdOQymOswPtsEu+RHFFk/Nb78C
jOBzDCpwaa3dTW0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:05 2025 by rpki-client