Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/09F120902D2D11EE80D2D138C4F9AE02.roa
File: 09F120902D2D11EE80D2D138C4F9AE02.roa (raw, json)
Hash identifier: ZzQPemFFTMTOqxcgNAkg9QnluqKmCMzOaA0sgA1xOCc=
Subject key identifier: 1D:87:C4:5A:98:CA:44:F7:BB:7F:B6:6E:DE:A0:60:21:AA:5F:F8:12
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 042B
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/09F120902D2D11EE80D2D138C4F9AE02.roa
Signing time: Fri 28 Jul 2023 09:56:36 +0000
ROA not before: Fri 28 Jul 2023 09:56:36 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 197644
IP address blocks: 43.254.165.0/24 maxlen: 24
43.254.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1067 (0x42b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Jul 28 09:56:36 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64c390d4-bc2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:bf:1e:8a:d5:99:fa:3d:9f:ed:b9:07:1a:
49:4e:d4:7a:b0:09:52:9f:80:cc:00:29:c6:95:c1:
6c:08:50:17:5d:66:36:8c:c1:4f:cd:3c:80:25:c3:
07:e3:ab:2b:29:ad:0b:ec:d3:f2:d9:29:42:33:75:
e7:99:a7:1a:ac:4b:14:69:9c:93:7f:7f:86:a8:dd:
65:db:e9:5f:52:94:ca:2f:4a:aa:24:e7:01:52:11:
e4:f8:73:ff:22:22:0c:d6:d1:2a:5e:86:eb:ed:76:
98:63:d4:ca:8b:1d:80:e8:7c:02:b3:b8:89:66:42:
78:3c:26:3c:65:e0:89:41:5d:67:16:09:95:34:1e:
db:2f:c8:28:d9:e2:e4:43:9e:7e:0d:0f:18:ca:00:
32:a0:29:17:3c:aa:af:6f:76:ce:91:a3:9e:81:ff:
e1:bd:45:71:4b:69:60:9f:45:a5:fa:0b:5d:1f:94:
6b:ac:ac:d8:9e:09:6c:9e:87:b1:18:5d:0c:f6:63:
0f:a5:e4:d0:28:8b:3a:f2:66:54:4e:55:98:98:2f:
8f:a8:28:53:c8:d4:6b:d8:44:6a:51:07:fe:77:e2:
af:3c:5d:56:09:06:0a:fe:b2:21:3c:a1:68:59:b3:
bb:99:c7:a5:d5:cf:ad:8a:b5:80:86:60:75:96:84:
44:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:87:C4:5A:98:CA:44:F7:BB:7F:B6:6E:DE:A0:60:21:AA:5F:F8:12
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/09F120902D2D11EE80D2D138C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.165.0-43.254.166.255
Signature Algorithm: sha256WithRSAEncryption
26:09:37:d7:23:6e:89:5d:95:7c:77:8d:05:28:f7:79:03:4b:
ae:5a:db:4e:6b:8e:70:ab:4d:04:05:1b:a7:14:ad:d8:11:2a:
1c:17:28:59:29:cc:e1:d4:9b:2a:b1:66:2c:39:f8:13:cc:14:
6c:45:a8:08:97:80:f3:52:fc:2f:14:2f:1c:74:1d:9d:7a:92:
d5:92:07:33:5f:6f:c8:bc:53:fd:a5:94:f7:4b:b7:c9:02:cb:
49:4a:a6:ea:d5:45:12:47:9e:a6:83:fa:ee:5d:87:fc:13:cd:
d7:c0:d9:c7:18:52:de:3b:8c:fc:3d:fe:c4:9f:b0:84:69:89:
86:54:9a:e8:1b:70:ad:06:58:c5:3f:46:3d:7f:cd:54:31:a4:
78:a4:2d:82:0c:a9:21:6b:71:77:94:8b:ae:de:aa:1e:6d:d3:
3f:0b:f4:fd:6b:3b:c4:bb:ee:e3:de:c6:97:10:8a:de:9d:8b:
98:8d:f5:a5:dd:e8:53:ca:b7:dc:b5:b2:85:2b:41:a0:bc:ff:
89:3a:53:b9:21:9c:31:50:a7:5d:c8:47:9a:54:b5:45:70:e8:
d1:39:cc:23:8b:ae:08:46:37:e7:d6:4d:11:09:24:39:aa:4b:
90:7e:3e:52:8a:f7:0c:2f:55:d3:1c:66:ae:5c:fd:c9:b0:0f:
dd:16:51:90
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBCswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNzI4MDk1NjM2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGMzOTBkNC1iYzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtDu/HorVmfo9n+25BxpJTtR6sAlSn4DMACnGlcFsCFAXXWY2jMFPzTyAJcMH
46srKa0L7NPy2SlCM3XnmacarEsUaZyTf3+GqN1l2+lfUpTKL0qqJOcBUhHk+HP/
IiIM1tEqXobr7XaYY9TKix2A6HwCs7iJZkJ4PCY8ZeCJQV1nFgmVNB7bL8go2eLk
Q55+DQ8YygAyoCkXPKqvb3bOkaOegf/hvUVxS2lgn0Wl+gtdH5RrrKzYnglsnoex
GF0M9mMPpeTQKIs68mZUTlWYmC+PqChTyNRr2ERqUQf+d+KvPF1WCQYK/rIhPKFo
WbO7mcel1c+tirWAhmB1loREcwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFB2HxFqY
ykT3u3+2bt6gYCGqX/gSMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvMDlGMTIwOTAy
RDJEMTFFRTgwRDJEMTM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEACv+pQMEACv+pjANBgkqhkiG9w0BAQsFAAOCAQEAJgk3
1yNuiV2VfHeNBSj3eQNLrlrbTmuOcKtNBAUbpxSt2BEqHBcoWSnM4dSbKrFmLDn4
E8wUbEWoCJeA81L8LxQvHHQdnXqS1ZIHM19vyLxT/aWU90u3yQLLSUqm6tVFEkee
poP67l2H/BPN18DZxxhS3juM/D3+xJ+whGmJhlSa6BtwrQZYxT9GPX/NVDGkeKQt
ggypIWtxd5SLrt6qHm3TPwv0/Ws7xLvu497GlxCK3p2LmI31pd3oU8q33LWyhStB
oLz/iTpTuSGcMVCnXchHmlS1RXDo0TnMI4uuCEY359ZNEQkkOapLkH4+Uor3DC9V
0xxmrlz9ybAP3RZRkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org