Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9A56CD74368D11EE9EA72323C4F9AE02.roa
File: 9A56CD74368D11EE9EA72323C4F9AE02.roa (raw, json)
Hash identifier: XNQXcXA733LRFUNel+f0FK3cYCKTLYTXY2ud0NxuQfw=
Subject key identifier: 55:FE:E8:D7:7B:EC:61:F6:37:A4:31:C0:F3:AC:D0:01:A3:C7:2C:F7
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0468
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9A56CD74368D11EE9EA72323C4F9AE02.roa
Signing time: Fri 11 Aug 2023 18:09:07 +0000
ROA not before: Fri 11 Aug 2023 18:09:07 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 834
IP address blocks: 43.254.166.0/24 maxlen: 24
43.255.156.0/24 maxlen: 24
43.255.158.0/23 maxlen: 24
103.24.216.0/23 maxlen: 24
103.231.56.0/24 maxlen: 24
103.231.58.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128 (0x468)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Aug 11 18:09:07 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64d67943-a467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:ff:5a:f5:c3:60:03:62:40:ea:01:d4:3f:
43:46:93:69:4a:26:35:11:61:ab:d4:88:1a:c4:d6:
74:2a:c7:f4:17:c3:47:55:e3:7a:64:1b:3f:7d:73:
48:8d:29:62:02:93:60:d0:c1:ae:32:ba:01:9c:ba:
f9:26:0a:db:9c:71:df:79:d5:cc:69:fe:7c:2c:73:
1b:4c:85:8f:ed:e4:3c:b1:a6:22:e0:9c:4f:1b:07:
df:96:65:61:5c:a3:c2:6b:a3:35:bc:b1:d0:11:ea:
ff:2f:31:44:8b:e4:e9:5e:8a:bf:82:2f:32:ad:46:
1b:ce:f0:61:db:2a:29:89:57:0b:67:3d:d0:81:a0:
9f:7e:3d:e8:3d:02:90:be:84:d4:94:01:53:7b:ef:
bb:12:0b:4a:21:dc:14:5e:c3:d0:3e:c2:75:bc:d9:
90:56:ec:84:89:c2:9a:06:91:67:f4:aa:c3:3d:65:
97:de:b0:3c:ec:89:7c:b4:fe:f3:9e:c0:7a:d3:59:
ca:f0:4d:49:6f:00:65:89:3b:0b:6c:a2:93:cd:35:
4e:67:74:c2:9d:b0:8d:bd:c9:b9:ec:4f:ad:71:a3:
c4:fe:b1:36:49:a1:47:b5:c3:5a:45:ec:4d:5b:54:
4f:97:c5:7c:36:0d:7e:42:34:f5:31:5b:bb:6b:a8:
bc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FE:E8:D7:7B:EC:61:F6:37:A4:31:C0:F3:AC:D0:01:A3:C7:2C:F7
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/9A56CD74368D11EE9EA72323C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.166.0/24
43.255.156.0/24
43.255.158.0/23
103.24.216.0/23
103.231.56.0/24
103.231.58.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:ad:d8:d5:39:32:6c:82:12:38:ac:61:b0:f9:86:9b:5f:26:
10:9b:c5:47:b6:66:ca:75:c5:24:a5:aa:b3:e2:00:82:2a:e4:
8c:8d:72:0a:92:08:31:c5:1a:42:b4:b9:fe:c0:2d:b7:9c:be:
35:aa:9c:24:94:28:45:ce:5d:0d:7a:35:61:9a:c0:05:28:7b:
1c:05:4d:a5:c1:cd:8e:11:46:f2:84:2b:9c:bf:17:4a:de:af:
0f:fa:62:0e:39:0c:f2:83:fa:35:ff:f8:a0:ae:98:8b:53:45:
b6:ac:a1:35:69:dd:0b:cc:0a:cc:43:f3:76:3f:c9:01:c8:67:
60:7b:6d:72:47:d5:50:5b:34:0c:dd:10:79:f9:9a:dc:a6:ea:
c5:da:c0:ee:7d:9b:a5:bf:c5:30:c4:db:ba:02:17:8f:31:71:
e2:03:e4:1f:00:8c:bd:57:0b:98:d3:36:89:56:30:3f:0c:11:
27:d5:cf:e5:ea:fc:e9:85:51:ff:23:6a:74:b4:88:38:65:61:
78:30:87:ed:ff:0f:29:1a:f2:c3:51:d8:1f:ef:72:52:cb:58:
1f:a0:18:c6:60:7b:83:99:80:e7:0e:3d:2d:34:5b:97:da:35:
fa:98:90:87:26:4f:21:e8:f7:35:48:13:a5:0a:98:db:d5:57:
85:cd:0e:af
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODExMTgwOTA3WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ2Nzk0My1hNDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqoX/WvXDYANiQOoB1D9DRpNpSiY1EWGr1IgaxNZ0Ksf0F8NHVeN6ZBs/fXNI
jSliApNg0MGuMroBnLr5JgrbnHHfedXMaf58LHMbTIWP7eQ8saYi4JxPGwfflmVh
XKPCa6M1vLHQEer/LzFEi+TpXoq/gi8yrUYbzvBh2yopiVcLZz3QgaCffj3oPQKQ
voTUlAFTe++7EgtKIdwUXsPQPsJ1vNmQVuyEicKaBpFn9KrDPWWX3rA87Il8tP7z
nsB601nK8E1JbwBliTsLbKKTzTVOZ3TCnbCNvcm57E+tcaPE/rE2SaFHtcNaRexN
W1RPl8V8Ng1+QjT1MVu7a6i8VwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFX+6Nd7
7GH2N6QxwPOs0AGjxyz3MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvOUE1NkNENzQz
NjhEMTFFRTlFQTcyMzIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAAr/qYDBAAr/5wDBAEr/54DBAFnGNgDBABn5zgDBAFn5zow
DQYJKoZIhvcNAQELBQADggEBAJ2t2NU5MmyCEjisYbD5hptfJhCbxUe2Zsp1xSSl
qrPiAIIq5IyNcgqSCDHFGkK0uf7ALbecvjWqnCSUKEXOXQ16NWGawAUoexwFTaXB
zY4RRvKEK5y/F0rerw/6Yg45DPKD+jX/+KCumItTRbasoTVp3QvMCsxD83Y/yQHI
Z2B7bXJH1VBbNAzdEHn5mtym6sXawO59m6W/xTDE27oCF48xceID5B8AjL1XC5jT
NolWMD8MESfVz+Xq/OmFUf8janS0iDhlYXgwh+3/Dyka8sNR2B/vclLLWB+gGMZg
e4OZgOcOPS00W5faNfqYkIcmTyHo9zVIE6UKmNvVV4XNDq8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org