Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B1CD281CFED511EDB175A954C4F9AE02.roa
File: B1CD281CFED511EDB175A954C4F9AE02.roa (raw, json)
Hash identifier: BIYWKCCQLkitajdTCaOIO7B0RWp01mNpsay6Gq1Cl4g=
Subject key identifier: B1:E2:D2:73:D1:94:3E:88:71:56:CE:25:A0:A3:F0:BC:B9:E7:1F:39
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 03E3
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B1CD281CFED511EDB175A954C4F9AE02.roa
Signing time: Tue 30 May 2023 10:35:29 +0000
ROA not before: Tue 30 May 2023 10:35:28 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 211585
IP address blocks: 43.255.158.0/24 maxlen: 24
43.255.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 995 (0x3e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: May 30 10:35:28 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6475d170-823b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:01:f7:b3:7d:0e:da:2b:e5:79:15:7c:68:03:
05:90:4a:0f:11:ff:c5:c0:92:4a:71:40:01:3c:4d:
7b:24:2f:72:a7:01:94:f0:01:6b:ca:92:46:91:d7:
ac:65:c0:44:2e:27:7a:61:cb:77:37:f4:fd:fa:65:
78:ee:b9:ab:bf:5c:72:cd:cb:4a:0d:20:48:8a:58:
42:39:a3:0b:7c:5b:9a:5e:8c:69:77:ff:7e:60:db:
0a:66:70:82:cc:8e:3e:b6:77:cf:ac:12:e2:5d:98:
8c:5a:a9:53:37:7c:bb:46:20:d0:e4:3e:02:bb:30:
97:9f:ea:b9:4c:39:f1:05:70:a2:e1:60:ed:d2:e8:
61:fb:23:aa:79:0e:6b:b8:3b:cd:e0:a7:94:42:1c:
f3:a7:b8:0c:66:d4:a7:7d:32:ab:9d:6f:2e:76:f0:
d4:d1:f0:a8:94:9b:e9:80:cd:8e:25:42:57:df:7e:
f1:38:f1:27:09:05:34:2a:24:b3:f7:55:c7:01:29:
24:c1:52:02:39:9d:57:da:1c:ec:52:14:48:36:b6:
a1:6a:62:e0:fa:f9:70:4c:b0:a3:2d:19:03:99:29:
f5:e8:37:7c:41:5c:cd:d4:3c:5d:37:c1:02:b5:ca:
9d:16:9d:a4:a4:e5:4f:89:e4:d8:9f:51:45:f9:04:
ee:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E2:D2:73:D1:94:3E:88:71:56:CE:25:A0:A3:F0:BC:B9:E7:1F:39
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/B1CD281CFED511EDB175A954C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.158.0/23
Signature Algorithm: sha256WithRSAEncryption
01:d8:29:12:f3:45:b8:0d:48:ab:5f:71:03:af:8a:ee:0f:d5:
d2:bd:19:07:f5:2d:b6:3a:c1:40:bb:9f:d0:7a:ef:5a:51:4e:
cb:5b:dc:fa:27:d9:5f:8d:4c:2a:4c:37:c8:18:9c:83:cb:76:
f0:02:60:f7:2b:7d:af:6f:0d:72:69:ba:17:f2:8e:fc:e3:d3:
1a:34:93:35:6d:09:a0:0b:a2:bd:90:35:97:dc:4f:d3:1d:00:
dd:76:2f:f0:6a:74:3e:ee:58:2e:ba:4e:ef:69:af:92:76:6a:
95:e8:83:2d:9e:19:06:5e:9b:09:e9:6c:60:ae:c6:a9:b6:3a:
d7:fc:8b:6d:18:ab:d0:2d:0a:39:1a:d4:ac:bd:f1:64:9d:df:
93:ca:91:1a:c8:43:20:93:ef:4b:1a:cf:1d:06:10:d2:ff:ea:
a6:3e:b4:e4:34:fd:3b:10:c7:d3:33:52:b0:6a:15:a0:05:51:
52:df:79:fe:6a:a0:6d:72:e8:03:f3:10:23:8e:95:d1:c6:19:
b9:f3:e4:01:61:74:aa:9e:f1:0b:89:c5:82:31:f9:f1:b0:ed:
19:e9:a7:77:52:54:0d:40:d6:ef:73:0d:8c:de:4a:d9:ea:49:
6d:d1:bd:68:94:c7:94:4a:10:08:78:5f:e0:f8:ac:eb:e0:4c:
df:27:4a:ef
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNTMwMTAzNTI4WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc1ZDE3MC04MjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2AH3s30O2ivleRV8aAMFkEoPEf/FwJJKcUABPE17JC9ypwGU8AFrypJGkdes
ZcBELid6Yct3N/T9+mV47rmrv1xyzctKDSBIilhCOaMLfFuaXoxpd/9+YNsKZnCC
zI4+tnfPrBLiXZiMWqlTN3y7RiDQ5D4CuzCXn+q5TDnxBXCi4WDt0uhh+yOqeQ5r
uDvN4KeUQhzzp7gMZtSnfTKrnW8udvDU0fColJvpgM2OJUJX337xOPEnCQU0KiSz
91XHASkkwVICOZ1X2hzsUhRINrahamLg+vlwTLCjLRkDmSn16Dd8QVzN1DxdN8EC
tcqdFp2kpOVPieTYn1FF+QTuBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLHi0nPR
lD6IcVbOJaCj8Ly55x85MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvQjFDRDI4MUNG
RUQ1MTFFREIxNzVBOTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr/54wDQYJKoZIhvcNAQELBQADggEBAAHYKRLzRbgNSKtf
cQOviu4P1dK9GQf1LbY6wUC7n9B671pRTstb3Pon2V+NTCpMN8gYnIPLdvACYPcr
fa9vDXJpuhfyjvzj0xo0kzVtCaALor2QNZfcT9MdAN12L/BqdD7uWC66Tu9pr5J2
apXogy2eGQZemwnpbGCuxqm2Otf8i20Yq9AtCjka1Ky98WSd35PKkRrIQyCT70sa
zx0GENL/6qY+tOQ0/TsQx9MzUrBqFaAFUVLfef5qoG1y6APzECOOldHGGbnz5AFh
dKqe8QuJxYIx+fGw7Rnpp3dSVA1A1u9zDYzeStnqSW3RvWiUx5RKEAh4X+D4rOvg
TN8nSu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org