Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/E4D921222D2C11EEB9B49038C4F9AE02.roa
File: E4D921222D2C11EEB9B49038C4F9AE02.roa (raw, json)
Hash identifier: PSDSDtfoZce8ohB3yFmR4+b4WwSP9jbLbvqa467xJUI=
Subject key identifier: A4:C0:04:6F:1B:B3:D5:5C:42:E4:F9:B0:53:25:4C:70:9D:5C:95:8A
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 0429
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/E4D921222D2C11EEB9B49038C4F9AE02.roa
Signing time: Fri 28 Jul 2023 09:55:34 +0000
ROA not before: Fri 28 Jul 2023 09:55:34 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 44547
IP address blocks: 43.255.122.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1065 (0x429)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Jul 28 09:55:34 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64c39095-dc82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:52:36:a0:b8:17:a8:bf:18:85:b6:d5:bf:0b:
7f:54:5a:ad:b1:7d:65:6e:33:94:1d:ce:bd:25:a8:
d0:f9:d8:6f:10:6a:f9:5d:35:7b:7f:14:04:5b:46:
da:cb:67:4f:6d:cd:b4:6d:2f:94:77:d6:a6:87:81:
c8:27:c5:1a:ff:13:cf:0d:56:f4:e1:e1:1f:34:c4:
04:8b:fc:ec:f0:dd:be:f3:f3:ad:14:d6:38:a1:66:
39:cd:40:bd:e3:f6:c6:60:9e:90:d2:c7:de:4f:a5:
b3:3a:1c:25:94:68:5a:e1:5d:0f:b6:37:4f:29:73:
e8:f2:c0:9c:d0:90:e5:94:0a:ee:48:68:c6:ce:d4:
1b:d1:28:f1:ba:13:e5:b6:59:59:95:04:a6:6e:c3:
f0:ed:37:9f:23:f4:2a:ef:1d:e9:81:bc:ad:fc:77:
f0:7b:dd:27:2c:8f:d0:6f:f1:8e:bf:ea:7c:02:7c:
2e:64:e6:e2:d0:b0:1f:03:66:da:7b:b1:8a:91:25:
e5:4a:d3:07:86:bc:f2:dd:83:a0:ef:c4:49:0c:95:
57:61:85:c2:9e:40:33:3c:6a:5b:7b:99:83:16:12:
01:ec:bb:a6:1f:f0:4f:46:5c:07:74:55:6e:6e:c5:
31:53:f8:5a:22:26:70:d2:80:4b:c8:f7:d9:68:26:
9e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C0:04:6F:1B:B3:D5:5C:42:E4:F9:B0:53:25:4C:70:9D:5C:95:8A
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/E4D921222D2C11EEB9B49038C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.122.0/23
Signature Algorithm: sha256WithRSAEncryption
12:ee:ba:c1:1d:b7:41:e8:40:07:d6:82:33:bc:f0:0a:ca:a1:
aa:1d:8f:e3:7d:83:c3:8c:60:70:0e:6f:15:7a:59:df:19:8d:
c6:58:1b:f1:80:b4:3f:83:b9:9a:4c:d9:42:c9:f2:17:6c:7a:
7f:a6:0d:84:77:24:a2:bf:45:41:ea:eb:29:e1:ec:fd:26:84:
56:04:90:e4:3a:e1:c4:0f:33:1b:c3:8c:6c:e1:3b:53:4e:ba:
47:97:2f:80:ab:45:a5:9a:19:06:ad:c6:95:91:ee:1f:f9:e5:
5b:d1:36:20:5e:ea:dd:e5:b3:50:7c:22:07:9e:9f:8d:62:54:
92:9a:56:8c:92:e9:fe:53:52:f7:44:02:1d:8f:10:9c:4d:20:
ae:63:a5:7c:53:5b:74:25:39:2c:74:6b:63:33:bd:20:98:9a:
24:69:19:42:30:35:78:b4:31:1c:d8:25:ca:2e:5d:b0:2b:33:
c1:e8:ea:c8:53:8f:89:31:9f:21:ec:8c:26:a2:2d:c4:bb:d6:
39:d4:2f:8b:49:4a:66:4f:90:50:a7:95:fe:4f:a5:6b:0d:11:
b0:61:a1:4b:5a:cf:81:b4:12:0c:79:2e:e6:fb:7e:ae:6a:17:
ed:96:12:2d:0c:b3:1f:ca:97:64:c2:9a:0d:2f:bb:46:8d:c6:
0f:25:bd:92
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBCkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNzI4MDk1NTM0WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGMzOTA5NS1kYzgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAllI2oLgXqL8YhbbVvwt/VFqtsX1lbjOUHc69JajQ+dhvEGr5XTV7fxQEW0ba
y2dPbc20bS+Ud9amh4HIJ8Ua/xPPDVb04eEfNMQEi/zs8N2+8/OtFNY4oWY5zUC9
4/bGYJ6Q0sfeT6WzOhwllGha4V0PtjdPKXPo8sCc0JDllAruSGjGztQb0SjxuhPl
tllZlQSmbsPw7TefI/Qq7x3pgbyt/Hfwe90nLI/Qb/GOv+p8AnwuZObi0LAfA2ba
e7GKkSXlStMHhrzy3YOg78RJDJVXYYXCnkAzPGpbe5mDFhIB7LumH/BPRlwHdFVu
bsUxU/haIiZw0oBLyPfZaCae0QIDAQABo4IClTCCApEwHQYDVR0OBBYEFKTABG8b
s9VcQuT5sFMlTHCdXJWKMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRTREOTIxMjIy
RDJDMTFFRUI5QjQ5MDM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr/3owDQYJKoZIhvcNAQELBQADggEBABLuusEdt0HoQAfW
gjO88ArKoaodj+N9g8OMYHAObxV6Wd8ZjcZYG/GAtD+DuZpM2ULJ8hdsen+mDYR3
JKK/RUHq6ynh7P0mhFYEkOQ64cQPMxvDjGzhO1NOukeXL4CrRaWaGQatxpWR7h/5
5VvRNiBe6t3ls1B8Igeen41iVJKaVoyS6f5TUvdEAh2PEJxNIK5jpXxTW3QlOSx0
a2MzvSCYmiRpGUIwNXi0MRzYJcouXbArM8Ho6shTj4kxnyHsjCaiLcS71jnUL4tJ
SmZPkFCnlf5PpWsNEbBhoUtaz4G0Egx5Lub7fq5qF+2WEi0Msx/Kl2TCmg0vu0aN
xg8lvZI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org