Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9170758C2FBE11EEBA108610C4F9AE02.roa
File: 9170758C2FBE11EEBA108610C4F9AE02.roa (raw, json)
Hash identifier: +Z4a9L76+Af8XyoSR+Hay3HA7LudT5P6/OKGFI3t3Gs=
Subject key identifier: A0:3D:A3:91:87:9A:87:6D:AF:31:7C:E2:FA:77:AC:D7:8B:39:F6:A1
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0431
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9170758C2FBE11EEBA108610C4F9AE02.roa
Signing time: Mon 31 Jul 2023 16:23:23 +0000
ROA not before: Mon 31 Jul 2023 16:23:23 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 63993
IP address blocks: 43.254.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1073 (0x431)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Jul 31 16:23:23 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64c7dffa-d2e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:cb:2c:15:11:ae:2c:7c:80:81:f9:c1:9b:
60:33:b0:e1:95:7a:8b:52:61:06:70:a2:f5:73:1c:
a4:84:5f:02:91:1d:f3:10:ec:a1:0f:18:26:ad:bd:
a2:95:d7:df:0f:42:65:31:10:bd:06:06:9b:df:6e:
3f:82:03:b5:63:bb:6c:94:a4:c0:00:1e:7c:da:9e:
15:84:2f:01:73:6e:d4:7c:ab:e5:ea:6d:17:54:79:
d8:2f:b6:74:7d:94:eb:c0:91:28:ca:2f:fc:46:28:
b7:f0:50:4d:76:f3:4c:79:69:1b:69:46:d6:90:a0:
43:da:49:c8:0c:be:24:59:18:1b:ca:cc:56:d4:80:
92:86:a5:b6:05:d1:53:c4:f5:0b:cc:a8:d1:72:12:
09:9f:1d:55:9e:2d:e9:99:c0:b0:ed:b3:5d:b1:f9:
ef:aa:a2:1c:11:9f:f9:e1:2a:8e:ea:7d:57:2c:f3:
6a:6c:0a:7b:c6:22:39:a0:61:aa:29:2d:cc:f1:80:
af:76:21:23:1c:c5:07:45:35:e9:ee:07:05:da:a1:
c2:8f:00:07:fb:ed:7c:4e:fa:8b:9f:08:1d:d7:44:
5c:e4:7a:95:c0:b5:d3:76:ea:4f:2f:04:96:cc:ca:
6b:9f:70:d2:67:07:e7:5c:eb:2c:3a:6a:31:85:ee:
ce:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3D:A3:91:87:9A:87:6D:AF:31:7C:E2:FA:77:AC:D7:8B:39:F6:A1
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9170758C2FBE11EEBA108610C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.167.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ba:ce:07:70:ec:da:41:11:af:8f:17:29:e0:d2:78:75:8b:
c8:a1:ee:b1:42:7d:02:fd:44:e5:32:eb:ac:f9:e0:cc:44:10:
36:d9:fc:eb:91:4c:28:5a:ef:32:86:9b:82:6a:67:da:35:99:
c1:28:62:59:f6:e3:5a:a7:10:f9:d0:4e:44:a7:aa:43:88:2b:
23:3f:ff:09:7f:55:18:51:2e:1b:f0:01:90:80:8f:c7:9a:41:
6d:ed:bc:56:a0:81:57:48:9a:8d:98:34:45:1e:18:08:46:9f:
a7:c9:f1:01:6c:b9:62:bc:c3:f7:18:22:58:16:1a:3d:65:88:
b9:dc:57:ee:79:66:02:f6:0d:90:a9:07:2c:e7:4f:7b:cc:30:
37:2c:76:5e:ee:9a:cf:53:d4:ec:4d:5b:1e:99:f6:b2:23:a4:
5e:d0:b8:69:c3:be:5f:22:92:8a:e8:74:be:d5:b3:cc:22:e4:
55:a1:46:bb:d8:1c:f4:59:43:93:07:5f:fe:9b:a7:da:79:b4:
8a:a1:ab:10:03:c0:19:10:38:59:ae:6a:af:a1:dd:19:b9:89:
40:40:4a:4c:56:03:78:a9:92:bb:cd:27:d9:6d:a6:d6:9f:e6:
cd:6c:90:c1:32:2d:a4:3d:75:1f:f0:02:33:25:58:f8:e4:a5:
ec:04:f5:8b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNzMxMTYyMzIzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM3ZGZmYS1kMmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtC7LLBURrix8gIH5wZtgM7DhlXqLUmEGcKL1cxykhF8CkR3zEOyhDxgmrb2i
ldffD0JlMRC9Bgab324/ggO1Y7tslKTAAB582p4VhC8Bc27UfKvl6m0XVHnYL7Z0
fZTrwJEoyi/8Rii38FBNdvNMeWkbaUbWkKBD2knIDL4kWRgbysxW1ICShqW2BdFT
xPULzKjRchIJnx1Vni3pmcCw7bNdsfnvqqIcEZ/54SqO6n1XLPNqbAp7xiI5oGGq
KS3M8YCvdiEjHMUHRTXp7gcF2qHCjwAH++18TvqLnwgd10Rc5HqVwLXTdupPLwSW
zMprn3DSZwfnXOssOmoxhe7OSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKA9o5GH
modtrzF84vp3rNeLOfahMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvOTE3MDc1OEMy
RkJFMTFFRUJBMTA4NjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/qcwDQYJKoZIhvcNAQELBQADggEBAIG6zgdw7NpBEa+P
Fyng0nh1i8ih7rFCfQL9ROUy66z54MxEEDbZ/OuRTCha7zKGm4JqZ9o1mcEoYln2
41qnEPnQTkSnqkOIKyM//wl/VRhRLhvwAZCAj8eaQW3tvFaggVdImo2YNEUeGAhG
n6fJ8QFsuWK8w/cYIlgWGj1liLncV+55ZgL2DZCpByznT3vMMDcsdl7ums9T1OxN
Wx6Z9rIjpF7QuGnDvl8ikorodL7Vs8wi5FWhRrvYHPRZQ5MHX/6bp9p5tIqhqxAD
wBkQOFmuaq+h3Rm5iUBASkxWA3ipkrvNJ9ltptaf5s1skMEyLaQ9dR/wAjMlWPjk
pewE9Ys=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org