Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F51F7ECAE69E11ED841AC682C4F9AE02.roa
File: F51F7ECAE69E11ED841AC682C4F9AE02.roa (raw, json)
Hash identifier: rRopJ0nlAoP7aoEDqi80KUmmXPvtYTlxsBGnXhDbpHM=
Subject key identifier: DF:5B:19:B2:35:0C:6E:1C:68:82:E2:50:A4:37:9D:F7:21:86:73:6D
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 03C7
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F51F7ECAE69E11ED841AC682C4F9AE02.roa
Signing time: Sat 29 Apr 2023 15:03:11 +0000
ROA not before: Sat 29 Apr 2023 15:03:11 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 149013
IP address blocks: 43.255.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 967 (0x3c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Apr 29 15:03:11 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=644d31af-3ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:46:12:7c:9d:9f:e3:2e:7f:61:87:13:d0:11:
ff:c2:31:33:63:31:31:30:f2:d0:f7:a7:a5:33:02:
50:30:4c:95:7c:05:92:ac:9a:dd:99:d2:77:91:4c:
23:39:bd:e0:35:b1:c9:b9:ef:88:e2:89:50:9c:13:
22:57:b4:d9:85:4f:46:15:f0:b5:db:fd:5f:e5:30:
2c:70:8e:42:20:b3:41:a9:1b:30:23:17:84:96:79:
4d:13:c1:9f:ea:d3:18:f0:1d:1f:23:7e:2d:0e:9a:
4a:39:96:9f:25:64:d4:4d:29:b1:f0:71:48:f3:93:
b6:99:02:2c:40:4d:2d:92:bf:b9:eb:40:e5:da:5e:
ab:10:79:16:bf:c4:44:01:11:8f:9a:fe:9b:40:74:
bf:c8:f6:d6:ea:e8:5e:a0:e3:15:ea:0f:93:93:55:
82:d6:b4:34:5f:3e:2c:42:2a:92:f7:fb:ae:ad:cf:
64:0b:d8:e2:db:74:3f:b6:53:59:bf:82:93:fd:10:
66:fe:f2:a0:1a:69:63:90:ca:27:4b:bf:27:71:3c:
6e:36:3d:5b:a3:fa:5f:1d:85:09:7a:0d:a8:9d:eb:
d5:16:79:c9:e1:cf:33:ca:38:07:28:31:53:55:76:
ec:f0:89:d1:db:fa:80:ea:68:b9:03:11:c5:e9:46:
01:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5B:19:B2:35:0C:6E:1C:68:82:E2:50:A4:37:9D:F7:21:86:73:6D
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F51F7ECAE69E11ED841AC682C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.157.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:a7:36:02:b2:ad:45:5a:84:b9:d7:57:8d:6f:15:17:0f:66:
0a:d5:ba:fc:0a:ae:50:49:29:80:22:ea:83:2f:e0:40:91:08:
90:11:58:8b:3c:15:ef:e7:d6:a6:d2:27:c6:18:73:4e:3e:1d:
a3:d4:a8:fe:36:49:60:d8:e0:5c:18:dc:a5:1e:a5:37:c3:b1:
f2:41:61:0f:07:fe:cc:25:3f:dc:0e:53:2f:b7:a5:10:99:18:
24:8a:d4:45:4f:a4:3c:70:c4:ea:0a:64:35:b0:eb:64:60:28:
11:95:fe:64:9e:d9:ad:0f:99:44:48:3d:44:19:3c:75:59:49:
92:56:3e:9d:87:c6:4c:ef:dc:5c:4b:e4:b0:c8:83:95:a5:14:
3f:8c:30:59:99:9e:d0:d2:63:65:d4:83:8b:a7:95:5a:6c:c4:
03:a8:33:68:09:d1:1e:b3:1e:c3:55:e1:fe:bc:5a:b4:00:5f:
ec:89:4e:28:a2:68:42:69:09:b1:48:1c:74:04:c7:04:7c:78:
22:79:b6:3d:e9:5b:15:c3:c6:6e:93:c0:4d:e5:82:ab:1f:69:
fc:85:63:9a:b8:e2:49:2b:16:51:f3:b9:0a:71:07:38:db:19:
38:57:7e:27:e5:80:ad:01:74:f3:ae:c5:e5:82:d1:a2:40:ff:
d1:b5:1c:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA8cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwNDI5MTUwMzExWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDRkMzFhZi0zYWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvEYSfJ2f4y5/YYcT0BH/wjEzYzExMPLQ96elMwJQMEyVfAWSrJrdmdJ3kUwj
Ob3gNbHJue+I4olQnBMiV7TZhU9GFfC12/1f5TAscI5CILNBqRswIxeElnlNE8Gf
6tMY8B0fI34tDppKOZafJWTUTSmx8HFI85O2mQIsQE0tkr+560Dl2l6rEHkWv8RE
ARGPmv6bQHS/yPbW6uheoOMV6g+Tk1WC1rQ0Xz4sQiqS9/uurc9kC9ji23Q/tlNZ
v4KT/RBm/vKgGmljkMonS78ncTxuNj1bo/pfHYUJeg2onevVFnnJ4c8zyjgHKDFT
VXbs8InR2/qA6mi5AxHF6UYBiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFN9bGbI1
DG4caILiUKQ3nfchhnNtMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRjUxRjdFQ0FF
NjlFMTFFRDg0MUFDNjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/50wDQYJKoZIhvcNAQELBQADggEBAKWnNgKyrUVahLnX
V41vFRcPZgrVuvwKrlBJKYAi6oMv4ECRCJARWIs8Fe/n1qbSJ8YYc04+HaPUqP42
SWDY4FwY3KUepTfDsfJBYQ8H/swlP9wOUy+3pRCZGCSK1EVPpDxwxOoKZDWw62Rg
KBGV/mSe2a0PmURIPUQZPHVZSZJWPp2Hxkzv3FxL5LDIg5WlFD+MMFmZntDSY2XU
g4unlVpsxAOoM2gJ0R6zHsNV4f68WrQAX+yJTiiiaEJpCbFIHHQExwR8eCJ5tj3p
WxXDxm6TwE3lgqsfafyFY5q44kkrFlHzuQpxBzjbGThXfiflgK0BdPOuxeWC0aJA
/9G1HLo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org