Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9978AF4E368D11EE9EA72323C4F9AE02.roa
File: 9978AF4E368D11EE9EA72323C4F9AE02.roa (raw, json)
Hash identifier: 6CoiRmSqybr2GcilARcvmKVN5/lmUFU/2Le51GQOl+U=
Subject key identifier: C9:CA:C0:83:59:72:97:7B:8F:AA:A0:9D:68:17:E9:61:63:D1:13:A3
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0464
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9978AF4E368D11EE9EA72323C4F9AE02.roa
Signing time: Wed 09 Aug 2023 08:20:29 +0000
ROA not before: Wed 09 Aug 2023 08:20:29 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 55154
IP address blocks: 43.255.120.0/24 maxlen: 24
103.24.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1124 (0x464)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Aug 9 08:20:29 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64d34c4d-b3d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:91:0a:ed:7c:97:56:7f:8d:78:e6:e2:c6:b5:
4a:8b:d4:cc:28:66:62:03:6c:cd:78:98:54:8a:a6:
8b:02:a3:b9:9b:5c:d0:c5:d7:44:07:0f:18:da:1c:
89:d8:ba:38:8c:f5:06:11:2b:e7:55:1d:69:93:e9:
14:64:d0:c3:31:4f:59:71:16:94:a7:6c:00:0b:3a:
ab:7f:38:4e:ec:f2:33:36:86:a5:67:e3:a7:9d:62:
87:f6:fa:29:6c:de:2c:cd:2e:c3:f1:3d:e3:81:f9:
25:b8:bc:f9:8a:1a:f4:f1:43:fb:a6:c5:1c:4b:9c:
f8:78:a1:c1:28:90:ee:35:43:e0:e3:47:dd:f4:74:
35:af:52:07:73:24:0f:13:9d:44:7c:6f:07:7b:c9:
e8:93:fd:92:77:e8:20:1d:fe:cd:b4:98:c9:59:32:
1f:69:90:fb:38:7f:21:41:6e:5e:33:e3:75:16:76:
4b:fb:4a:ec:51:38:a0:1c:00:a8:14:d6:1e:bb:8e:
d6:ff:0b:72:2e:b2:4f:8d:0d:51:1e:75:6f:f0:21:
c3:a7:cc:60:ad:52:5a:41:47:43:5c:c5:0b:b7:de:
14:5a:10:c4:2a:8c:53:e1:74:52:7d:fa:1b:69:e3:
7b:47:50:4a:75:36:f4:1d:1d:d7:e4:81:fb:dd:51:
0c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CA:C0:83:59:72:97:7B:8F:AA:A0:9D:68:17:E9:61:63:D1:13:A3
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9978AF4E368D11EE9EA72323C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.120.0/24
103.24.217.0/24
Signature Algorithm: sha256WithRSAEncryption
31:21:43:b9:6a:1c:ca:a7:65:20:64:0f:fc:a4:27:98:46:62:
06:32:92:d4:9d:9f:af:df:ec:5f:31:f8:4e:49:8c:a7:0a:5e:
d9:d5:91:9c:70:db:86:ae:09:c6:cd:43:d3:58:30:51:52:3f:
87:d4:1c:cf:d1:73:cc:9a:6c:60:a1:5b:0e:51:56:20:f9:ed:
b2:e4:2a:d2:7a:9f:e1:56:99:c0:6b:ce:12:3f:c9:f2:cc:dc:
a1:b0:73:69:07:e7:63:ef:a3:3c:16:c3:1e:e5:b9:76:0e:86:
eb:c7:c2:d1:4d:45:2b:8e:ba:5e:b5:1c:57:de:ca:fe:90:e2:
51:21:36:0d:bc:c2:c0:a9:4a:ae:5d:12:37:2e:dd:fa:f9:37:
68:1c:f1:b6:76:40:c9:f6:f8:35:65:e3:0c:cb:ab:19:22:5c:
a4:1b:1a:f3:d3:84:b7:d0:60:66:3a:be:ba:6d:38:d2:3c:28:
9a:c4:5a:0d:38:bb:74:36:67:b0:85:d1:57:56:f6:65:c6:13:
48:3d:17:90:0d:0b:f4:85:09:88:57:9a:f9:d4:b6:db:83:95:
38:a2:bc:6e:7f:b0:4c:79:ee:b1:e0:40:bc:68:07:26:56:36:
9c:e1:c8:1d:8d:c2:7d:66:f3:62:63:cb:30:64:0b:28:82:88:
45:1e:79:8e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBGQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODA5MDgyMDI5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQzNGM0ZC1iM2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApZEK7XyXVn+NeObixrVKi9TMKGZiA2zNeJhUiqaLAqO5m1zQxddEBw8Y2hyJ
2Lo4jPUGESvnVR1pk+kUZNDDMU9ZcRaUp2wACzqrfzhO7PIzNoalZ+OnnWKH9vop
bN4szS7D8T3jgfkluLz5ihr08UP7psUcS5z4eKHBKJDuNUPg40fd9HQ1r1IHcyQP
E51EfG8He8nok/2Sd+ggHf7NtJjJWTIfaZD7OH8hQW5eM+N1FnZL+0rsUTigHACo
FNYeu47W/wtyLrJPjQ1RHnVv8CHDp8xgrVJaQUdDXMULt94UWhDEKoxT4XRSffob
aeN7R1BKdTb0HR3X5IH73VEMaQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMnKwINZ
cpd7j6qgnWgX6WFj0ROjMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvOTk3OEFGNEUz
NjhEMTFFRTlFQTcyMzIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr/3gDBABnGNkwDQYJKoZIhvcNAQELBQADggEBADEhQ7lq
HMqnZSBkD/ykJ5hGYgYyktSdn6/f7F8x+E5JjKcKXtnVkZxw24auCcbNQ9NYMFFS
P4fUHM/Rc8yabGChWw5RViD57bLkKtJ6n+FWmcBrzhI/yfLM3KGwc2kH52PvozwW
wx7luXYOhuvHwtFNRSuOul61HFfeyv6Q4lEhNg28wsCpSq5dEjcu3fr5N2gc8bZ2
QMn2+DVl4wzLqxkiXKQbGvPThLfQYGY6vrptONI8KJrEWg04u3Q2Z7CF0VdW9mXG
E0g9F5ANC/SFCYhXmvnUttuDlTiivG5/sEx57rHgQLxoByZWNpzhyB2Nwn1m82Jj
yzBkCyiCiEUeeY4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org