Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4FF8AFC2337211EE9B07310DC4F9AE02.roa
File: 4FF8AFC2337211EE9B07310DC4F9AE02.roa (raw, json)
Hash identifier: gRQRDh8zwP2SsyOg4Y6GjLODHGEYeSmEL91dtSn5eqA=
Subject key identifier: F2:19:B0:C3:C8:AB:44:B9:19:35:9A:4C:12:59:D4:0D:9C:28:FC:98
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 044E
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4FF8AFC2337211EE9B07310DC4F9AE02.roa
Signing time: Sat 05 Aug 2023 09:29:47 +0000
ROA not before: Sat 05 Aug 2023 09:29:47 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 834
IP address blocks: 43.247.135.0/24 maxlen: 24
43.254.166.0/24 maxlen: 24
43.255.120.0/24 maxlen: 24
43.255.156.0/24 maxlen: 24
43.255.158.0/23 maxlen: 24
103.24.216.0/23 maxlen: 24
103.231.58.0/23 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1102 (0x44e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Aug 5 09:29:47 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64ce168a-3b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:89:d9:f6:42:0f:1d:cc:7b:27:ab:43:68:
da:82:73:a2:be:61:35:f7:8c:3b:51:f0:89:43:1b:
33:45:af:5e:22:f1:ea:ba:f6:59:73:3c:e6:bf:83:
aa:47:ba:1d:44:d7:64:45:e0:5b:b3:ab:ca:a3:09:
1e:ce:21:7a:96:8e:5d:4e:fd:d7:e6:08:c4:9f:02:
6e:8e:5f:75:49:93:ee:90:e9:e6:d2:38:14:47:d8:
f8:fd:da:5f:78:97:6b:55:21:07:29:4c:8b:53:56:
c2:73:a8:65:08:5a:05:1a:ac:d5:1f:86:1c:43:e8:
f5:5f:6b:1c:79:ec:dc:8a:70:8d:8d:fe:30:95:80:
31:eb:39:1e:4a:e7:ea:7f:e6:9d:57:10:83:40:56:
c7:27:90:7a:0b:65:9b:21:4a:3b:19:4a:3c:d4:d6:
7e:ef:7b:ee:ab:19:76:05:8f:3c:15:28:f0:b2:14:
a7:b9:d9:1b:d5:f6:83:60:87:55:49:c6:2a:30:b7:
94:29:da:b9:64:3e:17:23:3e:c3:ca:4b:90:a3:3a:
07:89:9b:e6:da:bb:11:61:33:18:0d:5e:4d:ba:b0:
2d:03:ed:85:b6:9d:76:fd:95:42:6d:5f:94:a0:31:
92:f1:83:dc:67:eb:7a:22:eb:04:c2:37:55:58:95:
f0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:19:B0:C3:C8:AB:44:B9:19:35:9A:4C:12:59:D4:0D:9C:28:FC:98
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/4FF8AFC2337211EE9B07310DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.135.0/24
43.254.166.0/24
43.255.120.0/24
43.255.156.0/24
43.255.158.0/23
103.24.216.0/23
103.231.58.0/23
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:f4:28:e4:a2:e1:b1:a6:b1:e1:56:5e:5a:03:ae:9d:46:84:
ec:ef:bf:60:3c:04:84:67:57:ec:b7:1f:c5:62:87:79:6a:74:
b7:90:74:14:15:1f:d9:3a:f8:75:4e:26:43:b8:73:82:93:f6:
87:e5:51:d4:64:be:e3:c7:a2:0b:32:86:5f:0f:e3:5a:cc:a0:
fd:01:2f:46:92:92:88:c2:bd:d4:35:2e:dd:57:81:34:f3:b4:
74:bf:3c:72:c6:9a:ac:57:4a:ed:01:f7:de:d3:38:92:cd:93:
e1:ae:06:57:a2:16:fe:3e:85:b0:fb:ad:1b:11:e7:43:fa:de:
54:22:19:81:81:04:de:bd:bf:cd:5c:ac:b9:42:74:a1:d4:1a:
b3:9a:dd:83:68:ac:26:66:1d:a3:42:f4:18:b5:e0:11:e5:c8:
cc:41:e9:88:7d:fc:37:80:bf:03:5f:a3:73:7e:e0:40:fc:9a:
fa:19:12:ca:e6:1c:be:28:32:ac:b9:60:88:90:97:2b:03:2a:
2f:5d:88:fe:40:5d:44:fb:74:51:d4:18:10:ec:3b:47:f6:a2:
91:7e:19:1a:24:04:2f:6c:73:f1:c5:24:86:ae:23:dd:3e:17:
f9:13:b2:b5:b3:22:12:28:ba:cf:97:30:c4:f8:ab:fa:2b:08:
4e:44:85:a1
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODA1MDkyOTQ3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNlMTY4YS0zYjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp0KJ2fZCDx3MeyerQ2jagnOivmE194w7UfCJQxszRa9eIvHquvZZczzmv4Oq
R7odRNdkReBbs6vKowkeziF6lo5dTv3X5gjEnwJujl91SZPukOnm0jgUR9j4/dpf
eJdrVSEHKUyLU1bCc6hlCFoFGqzVH4YcQ+j1X2sceezcinCNjf4wlYAx6zkeSufq
f+adVxCDQFbHJ5B6C2WbIUo7GUo81NZ+73vuqxl2BY88FSjwshSnudkb1faDYIdV
ScYqMLeUKdq5ZD4XIz7DykuQozoHiZvm2rsRYTMYDV5NurAtA+2Ftp12/ZVCbV+U
oDGS8YPcZ+t6IusEwjdVWJXwOwIDAQABo4ICvzCCArswHQYDVR0OBBYEFPIZsMPI
q0S5GTWaTBJZ1A2cKPyYMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNEZGOEFGQzIz
MzcyMTFFRTlCMDczMTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBAAr94cDBAAr/qYDBAAr/3gDBAAr/5wDBAEr/54DBAFnGNgD
BAFn5zoDBABn8MYwDQYJKoZIhvcNAQELBQADggEBAI/0KOSi4bGmseFWXloDrp1G
hOzvv2A8BIRnV+y3H8Vih3lqdLeQdBQVH9k6+HVOJkO4c4KT9oflUdRkvuPHogsy
hl8P41rMoP0BL0aSkojCvdQ1Lt1XgTTztHS/PHLGmqxXSu0B997TOJLNk+GuBlei
Fv4+hbD7rRsR50P63lQiGYGBBN69v81crLlCdKHUGrOa3YNorCZmHaNC9Bi14BHl
yMxB6Yh9/DeAvwNfo3N+4ED8mvoZEsrmHL4oMqy5YIiQlysDKi9diP5AXUT7dFHU
GBDsO0f2opF+GRokBC9sc/HFJIauI90+F/kTsrWzIhIous+XMMT4q/orCE5EhaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org