Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/769BAD68351C11EE8F66DF3CC4F9AE02.roa
File: 769BAD68351C11EE8F66DF3CC4F9AE02.roa (raw, json)
Hash identifier: J/eFRRoexbcWMWnfqFYPBX90OkXbLxnX5VXJp7a5b2A=
Subject key identifier: 53:C3:71:C9:1F:32:36:AE:28:50:F1:2A:21:D0:DA:49:E2:D0:89:9D
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 045E
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/769BAD68351C11EE8F66DF3CC4F9AE02.roa
Signing time: Wed 09 Aug 2023 08:17:51 +0000
ROA not before: Wed 09 Aug 2023 08:17:51 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 47813
IP address blocks: 43.254.165.0/24 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1118 (0x45e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Aug 9 08:17:51 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64d34baf-2cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c9:be:7f:d1:cb:dd:0f:0d:07:83:c9:37:ae:
d1:dd:33:21:5c:cc:3c:f7:21:f7:3a:ce:62:6f:33:
4b:33:3d:6d:d9:36:85:6f:f9:eb:92:08:d9:8a:36:
80:eb:10:88:ac:d9:7d:6d:95:d2:44:31:53:55:cb:
76:f6:fc:96:26:dd:b9:cb:ab:ba:82:c1:12:79:77:
3e:5c:df:ea:c9:36:52:a0:47:c0:1c:d3:a0:b3:87:
0e:88:21:a1:85:a9:51:bd:77:4f:9b:b7:46:0e:2c:
98:d0:e2:fc:5e:d4:c2:52:93:00:d3:bc:e5:6b:f2:
b3:9d:bf:93:0d:01:e4:5a:d7:30:42:9d:2d:1e:85:
8e:36:46:d9:8a:98:8c:bd:0a:6f:f0:56:48:a1:39:
5b:2d:e7:af:f1:c5:e6:81:e8:2a:c2:27:20:df:c0:
39:49:ba:8a:2f:bb:41:84:dc:93:2a:0f:91:fd:24:
83:af:58:bb:2a:d4:d2:c2:2f:25:34:e2:0c:dc:83:
63:3c:a3:45:79:26:df:11:56:37:3e:1f:db:76:3c:
e3:c9:19:bb:89:2a:ab:7b:20:e8:88:dd:19:e6:d3:
dc:29:c6:3b:48:98:f3:a2:b4:93:f2:ca:c1:6a:60:
2b:f1:b6:e2:86:9b:fb:d5:b4:d1:f9:82:83:9a:a6:
31:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C3:71:C9:1F:32:36:AE:28:50:F1:2A:21:D0:DA:49:E2:D0:89:9D
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/769BAD68351C11EE8F66DF3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.165.0/24
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
73:92:b7:ff:3d:9b:ce:48:48:97:1d:26:1d:e4:c4:96:1d:27:
3b:b3:91:a7:87:7a:a6:e8:79:65:a3:9b:70:ed:ac:c6:17:9b:
fb:99:98:a0:e7:5c:1f:b1:c4:8a:84:5c:d3:b3:4c:ad:cc:c0:
e0:ab:04:35:e5:19:75:15:ad:f3:9b:0e:64:37:17:c6:73:99:
2d:88:44:bd:e3:57:52:3f:0c:03:1f:af:1d:a2:21:5c:81:c2:
58:cd:ee:92:75:9d:e1:db:37:0f:17:04:af:de:50:30:80:12:
55:54:2a:1b:49:a9:a4:b9:f3:ea:ac:9c:d9:7c:e7:ef:3b:4f:
80:8e:c8:92:14:dd:3b:3d:2a:06:cd:c1:f2:58:e7:9b:14:ae:
5f:95:f7:01:86:38:c1:8d:73:3b:ac:db:50:c2:c0:93:79:84:
c6:7f:30:7d:90:72:3e:18:02:90:fb:a1:3a:a1:25:81:c9:b6:
fa:25:b2:4c:36:7c:1f:7c:c8:2a:cd:6f:4f:db:ed:ba:74:87:
c2:e4:e9:bc:1d:b9:ce:f9:58:37:3a:b1:09:f6:58:b1:cd:8b:
77:b0:63:86:e5:96:b1:21:e4:05:10:58:9a:3a:e7:a8:b8:2c:
74:75:9b:63:31:6f:e9:4d:72:ff:5e:51:bb:da:92:36:03:a7:
45:79:fd:14
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBF4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODA5MDgxNzUxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQzNGJhZi0yY2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAucm+f9HL3Q8NB4PJN67R3TMhXMw89yH3Os5ibzNLMz1t2TaFb/nrkgjZijaA
6xCIrNl9bZXSRDFTVct29vyWJt25y6u6gsESeXc+XN/qyTZSoEfAHNOgs4cOiCGh
halRvXdPm7dGDiyY0OL8XtTCUpMA07zla/Kznb+TDQHkWtcwQp0tHoWONkbZipiM
vQpv8FZIoTlbLeev8cXmgegqwicg38A5SbqKL7tBhNyTKg+R/SSDr1i7KtTSwi8l
NOIM3INjPKNFeSbfEVY3Ph/bdjzjyRm7iSqreyDoiN0Z5tPcKcY7SJjzorST8srB
amAr8bbihpv71bTR+YKDmqYxGwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFPDcckf
MjauKFDxKiHQ2kni0ImdMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNzY5QkFENjgz
NTFDMTFFRThGNjZERjNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr/qUDBABn8MYwDQYJKoZIhvcNAQELBQADggEBAHOSt/89
m85ISJcdJh3kxJYdJzuzkaeHeqboeWWjm3DtrMYXm/uZmKDnXB+xxIqEXNOzTK3M
wOCrBDXlGXUVrfObDmQ3F8ZzmS2IRL3jV1I/DAMfrx2iIVyBwljN7pJ1neHbNw8X
BK/eUDCAElVUKhtJqaS58+qsnNl85+87T4COyJIU3Ts9KgbNwfJY55sUrl+V9wGG
OMGNczus21DCwJN5hMZ/MH2Qcj4YApD7oTqhJYHJtvolskw2fB98yCrNb0/b7bp0
h8Lk6bwduc75WDc6sQn2WLHNi3ewY4bllrEh5AUQWJo656i4LHR1m2Mxb+lNcv9e
UbvakjYDp0V5/RQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org