Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/D8CAFC02A0AA11EDAA2EB11BC4F9AE02.roa
File: D8CAFC02A0AA11EDAA2EB11BC4F9AE02.roa (raw, json)
Hash identifier: aluBX/ZjRScs3F+l9OdRrsANgi3PoVtrly3IvBTS1Gw=
Subject key identifier: 47:9B:BD:64:8F:76:18:B8:05:6E:62:89:12:43:9A:E3:B0:23:6A:98
Certificate issuer: /CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF
Certificate serial: 0497
Authority key identifier: 23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/D8CAFC02A0AA11EDAA2EB11BC4F9AE02.roa
Signing time: Tue 04 Apr 2023 03:02:26 +0000
ROA not before: Tue 04 Apr 2023 03:02:26 +0000
ROA not after: Sun 30 Jul 2023 00:00:00 +0000
asID: 137872
IP address blocks: 43.252.52.0/22 maxlen: 24
58.82.192.0/23 maxlen: 24
58.82.194.0/23 maxlen: 24
58.82.196.0/22 maxlen: 24
58.82.200.0/21 maxlen: 24
58.82.208.0/20 maxlen: 24
58.82.224.0/19 maxlen: 24
103.15.84.0/22 maxlen: 24
123.136.0.0/20 maxlen: 24
161.81.0.0/16 maxlen: 24
182.239.64.0/21 maxlen: 24
182.239.96.0/21 maxlen: 24
223.122.0.0/18 maxlen: 24
223.122.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1175 (0x497)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132B4D/serialNumber=23F5D93A82E7D7840679B1C64DA37C37CFFE77EF
Validity
Not Before: Apr 4 03:02:26 2023 GMT
Not After : Jul 30 00:00:00 2023 GMT
Subject: CN=642b9342-83d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6b:35:4d:7c:e2:81:77:a4:5d:c0:ac:89:1f:
a2:bd:54:74:b5:ef:0a:ad:97:cc:20:e1:37:fa:e0:
50:40:51:37:eb:4c:3e:7a:fe:16:de:74:2c:62:9c:
2a:27:4c:fe:27:c1:a1:46:40:59:03:e7:f0:dc:14:
88:a1:61:21:e7:cf:c9:99:f6:b2:ed:16:ab:fb:6d:
00:65:66:d7:56:9b:f6:1a:11:0c:4a:e1:6f:b4:b7:
b3:07:e7:10:30:f9:f0:f7:0c:e3:69:ce:a0:a1:64:
6e:d6:c5:37:bc:a2:09:80:72:b7:72:d5:32:cc:ea:
01:e0:eb:9b:10:50:58:d5:75:5f:1b:a1:2c:a0:30:
57:64:42:c4:44:e8:58:54:8c:1f:ac:d7:4b:2f:64:
14:0e:8c:a6:ff:cc:c9:f4:1b:12:fc:e6:50:15:f9:
b4:ad:c4:5d:28:4c:b2:18:43:61:f5:04:c5:94:58:
09:73:c3:b3:9a:a3:61:31:e7:23:d7:d3:39:3c:f2:
b9:a3:12:14:8c:c9:24:e7:5e:04:49:f5:02:94:e7:
68:ce:48:81:fa:d5:5a:0e:8a:15:9b:53:df:98:82:
a8:29:4a:96:00:ef:45:f0:ed:7b:0d:a0:e7:82:7c:
a5:13:22:6d:f1:a2:f5:48:1a:e0:59:cf:86:6c:e1:
7a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9B:BD:64:8F:76:18:B8:05:6E:62:89:12:43:9A:E3:B0:23:6A:98
X509v3 Authority Key Identifier:
keyid:23:F5:D9:3A:82:E7:D7:84:06:79:B1:C6:4D:A3:7C:37:CF:FE:77:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/I_XZOoLn14QGebHGTaN8N8_-d-8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I_XZOoLn14QGebHGTaN8N8_-d-8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B4D/C199E006B20511EBAEAE9F10C4F9AE02/D8CAFC02A0AA11EDAA2EB11BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.52.0/22
58.82.192.0/18
103.15.84.0/22
123.136.0.0/20
161.81.0.0/16
182.239.64.0/21
182.239.96.0/21
223.122.0.0/17
Signature Algorithm: sha256WithRSAEncryption
96:1c:cb:81:ca:b7:31:91:75:ff:04:9f:c6:f7:b4:f5:13:68:
d4:f7:56:c8:56:35:a0:ac:b2:80:97:1e:37:6f:d6:40:92:81:
c9:82:46:e7:73:2a:9c:71:a7:92:75:1b:7f:87:d4:a9:41:68:
6f:ad:63:04:07:23:8c:09:b9:8a:76:39:2f:af:66:06:c7:8d:
cd:fb:96:71:dc:c2:a6:d3:7f:e6:e7:32:08:47:8a:bf:ea:bc:
9d:07:45:5a:4a:21:ab:2e:e4:01:37:ff:aa:55:ff:c3:07:94:
7e:8f:82:2b:30:63:c5:d4:06:a7:00:dd:f9:71:d4:58:40:48:
e0:50:e8:1e:17:9c:09:b3:ba:f8:6b:ab:01:2d:33:16:a9:ce:
c1:38:0c:36:fb:8c:da:67:df:03:70:5b:f3:06:15:c2:ca:d5:
ef:e0:07:be:1c:b5:b6:bf:6c:3c:67:cb:6a:45:1c:38:af:fd:
c8:46:77:b4:8a:de:67:14:ef:d2:10:fc:95:4a:78:9f:ca:7b:
62:50:c3:07:ab:20:6a:70:31:ef:33:7a:30:ca:84:d4:45:95:
19:74:7d:e4:a8:c4:dc:a6:ed:a2:68:bf:82:d6:e9:9c:af:27:
c3:b8:1a:b9:cf:fd:7d:af:10:05:cd:f5:c6:fe:35:65:51:89:
77:66:ac:d0
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICBJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJCNEQxMTAvBgNVBAUTKDIzRjVEOTNBODJFN0Q3ODQwNjc5QjFDNjREQTM3QzM3
Q0ZGRTc3RUYwHhcNMjMwNDA0MDMwMjI2WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJiOTM0Mi04M2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA42s1TXzigXekXcCsiR+ivVR0te8KrZfMIOE3+uBQQFE360w+ev4W3nQsYpwq
J0z+J8GhRkBZA+fw3BSIoWEh58/Jmfay7Rar+20AZWbXVpv2GhEMSuFvtLezB+cQ
MPnw9wzjac6goWRu1sU3vKIJgHK3ctUyzOoB4OubEFBY1XVfG6EsoDBXZELEROhY
VIwfrNdLL2QUDoym/8zJ9BsS/OZQFfm0rcRdKEyyGENh9QTFlFgJc8OzmqNhMecj
19M5PPK5oxIUjMkk514ESfUClOdozkiB+tVaDooVm1PfmIKoKUqWAO9F8O17DaDn
gnylEyJt8aL1SBrgWc+GbOF64wIDAQABo4ICvjCCArowHQYDVR0OBBYEFEebvWSP
dhi4BW5iiRJDmuOwI2qYMB8GA1UdIwQYMBaAFCP12TqC59eEBnmxxk2jfDfP/nfv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkI0RC9DMTk5RTAwNkIy
MDUxMUVCQUVBRTlGMTBDNEY5QUUwMi9JX1haT29MbjE0UUdlYkhHVGFOOE44Xy1k
LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lfWFpPb0xuMTRRR2ViSEdUYU44TjhfLWQtOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJCNEQvQzE5OUUwMDZCMjA1MTFFQkFFQUU5RjEwQzRGOUFFMDIvRDhDQUZDMDJB
MEFBMTFFREFBMkVCMTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MDUEAgABMC8DBAIr/DQDBAY6UsADBAJnD1QDBAR7iAADAwChUQMEA7bvQAME
A7bvYAMEB996ADANBgkqhkiG9w0BAQsFAAOCAQEAlhzLgcq3MZF1/wSfxve09RNo
1PdWyFY1oKyygJceN2/WQJKByYJG53MqnHGnknUbf4fUqUFob61jBAcjjAm5inY5
L69mBseNzfuWcdzCptN/5ucyCEeKv+q8nQdFWkohqy7kATf/qlX/wweUfo+CKzBj
xdQGpwDd+XHUWEBI4FDoHhecCbO6+GurAS0zFqnOwTgMNvuM2mffA3Bb8wYVwsrV
7+AHvhy1tr9sPGfLakUcOK/9yEZ3tIreZxTv0hD8lUp4n8p7YlDDB6sganAx7zN6
MMqE1EWVGXR95KjE3Kbtomi/gtbpnK8nw7gauc/9fa8QBc31xv41ZVGJd2as0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:53 2024 by rpki-client on console-ams.rpki-client.org