Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
File: F69DF92242E011EEBBFC663FC4F9AE02.roa (raw, json)
Hash identifier: zsT+2QW5XkAYNEuQHubAN4MQNtURdRAEPB3M8p/85Gw=
Subject key identifier: 39:05:9F:95:5A:4F:06:00:42:1E:7E:C1:30:80:5E:A3:37:FD:1B:EF
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 048F
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
Signing time: Fri 25 Aug 2023 00:47:52 +0000
ROA not before: Fri 25 Aug 2023 00:47:52 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 47813
IP address blocks: 43.254.165.0/24 maxlen: 24
43.255.158.0/23 maxlen: 24
103.240.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1167 (0x48f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Aug 25 00:47:52 2023 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=64e7fa38-b40c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d1:07:78:ef:5c:5d:98:05:e9:c6:4a:d1:3b:
b0:03:d0:29:03:d5:64:ef:e3:9a:29:fd:5f:3f:bb:
ef:50:3c:62:41:ee:6c:7c:59:f5:50:34:03:21:d1:
ce:29:ec:66:e3:d0:54:9f:4b:d6:74:dd:f1:88:38:
cd:45:ea:8e:69:5f:e6:52:f1:a6:91:d7:2f:0f:f4:
b5:05:ef:37:93:3f:41:1f:e4:39:c0:ec:69:ee:41:
01:e4:51:b9:0e:90:8a:7d:62:d5:c3:36:eb:01:5c:
31:e8:09:aa:e9:18:55:28:ea:52:7a:f6:78:4b:44:
95:ff:b1:85:16:37:83:e1:35:1f:85:3d:f3:d9:1a:
23:40:ed:03:73:b7:99:5e:34:da:0d:e9:f6:1e:1a:
58:7a:e3:b9:74:57:d4:34:71:be:89:4f:bc:56:2b:
ea:54:08:16:09:78:b6:d4:8b:4f:25:de:c5:cf:ad:
26:42:18:d1:67:1a:e4:95:f1:a2:69:a5:07:02:7e:
21:d7:ae:87:55:57:3d:81:14:8c:26:09:95:ef:e2:
8a:63:2c:e9:38:c7:9e:f3:52:3c:20:88:16:44:80:
6d:2f:04:56:0e:16:55:13:8f:2f:3b:9e:be:e5:d6:
d8:d6:fe:b6:50:d4:c3:c5:93:4f:7b:88:c7:58:c2:
b3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:05:9F:95:5A:4F:06:00:42:1E:7E:C1:30:80:5E:A3:37:FD:1B:EF
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/F69DF92242E011EEBBFC663FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.165.0/24
43.255.158.0/23
103.240.198.0/24
Signature Algorithm: sha256WithRSAEncryption
17:75:6d:99:60:ca:9a:40:4a:c7:2e:0c:25:f9:d7:61:00:85:
17:12:1a:55:0a:92:46:91:ad:3e:e5:f5:78:4c:69:fe:40:bf:
ab:3b:b4:0d:68:b2:b5:5a:38:8a:c5:e7:4e:76:95:47:f2:33:
de:c7:88:46:e6:62:49:c8:dd:29:e8:fc:6b:b1:ac:f5:15:b0:
fe:f7:4e:ca:11:ea:58:3b:26:f6:17:93:a6:4c:83:1a:9a:66:
f8:55:58:f9:b5:07:ab:d6:c0:6f:18:9f:b4:47:b0:02:2f:94:
ba:23:57:44:cb:4a:09:7d:91:19:30:eb:18:7b:9c:e9:f0:f6:
c9:70:b7:29:24:57:60:1d:7c:5c:04:1b:04:af:97:30:53:5c:
3b:05:75:7d:3a:86:23:60:a9:c2:dc:c6:aa:85:8d:fa:71:9c:
16:e9:f7:da:47:70:59:40:df:af:8a:49:1a:3c:f7:09:a5:e2:
41:fe:7b:70:be:7f:98:af:90:dd:82:49:86:b2:78:36:b4:4b:
e1:00:b1:1c:56:3d:4f:f7:99:0c:b7:93:d5:8c:c2:43:4a:a7:
91:00:4e:8a:4c:fd:4f:53:c6:61:6b:7e:25:12:9f:73:26:c4:
f0:c6:1f:2b:57:27:82:b7:b8:e6:96:34:e4:6e:79:76:c7:1b:
c3:29:4c:0e
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwODI1MDA0NzUyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU3ZmEzOC1iNDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxdEHeO9cXZgF6cZK0TuwA9ApA9Vk7+OaKf1fP7vvUDxiQe5sfFn1UDQDIdHO
Kexm49BUn0vWdN3xiDjNReqOaV/mUvGmkdcvD/S1Be83kz9BH+Q5wOxp7kEB5FG5
DpCKfWLVwzbrAVwx6Amq6RhVKOpSevZ4S0SV/7GFFjeD4TUfhT3z2RojQO0Dc7eZ
XjTaDen2HhpYeuO5dFfUNHG+iU+8VivqVAgWCXi21ItPJd7Fz60mQhjRZxrklfGi
aaUHAn4h166HVVc9gRSMJgmV7+KKYyzpOMee81I8IIgWRIBtLwRWDhZVE48vO56+
5dbY1v62UNTDxZNPe4jHWMKz6wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDkFn5Va
TwYAQh5+wTCAXqM3/RvvMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvRjY5REY5MjI0
MkUwMTFFRUJCRkM2NjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr/qUDBAEr/54DBABn8MYwDQYJKoZIhvcNAQELBQADggEB
ABd1bZlgyppASscuDCX512EAhRcSGlUKkkaRrT7l9XhMaf5Av6s7tA1osrVaOIrF
5052lUfyM97HiEbmYknI3Sno/GuxrPUVsP73TsoR6lg7JvYXk6ZMgxqaZvhVWPm1
B6vWwG8Yn7RHsAIvlLojV0TLSgl9kRkw6xh7nOnw9slwtykkV2AdfFwEGwSvlzBT
XDsFdX06hiNgqcLcxqqFjfpxnBbp99pHcFlA36+KSRo89wml4kH+e3C+f5ivkN2C
SYayeDa0S+EAsRxWPU/3mQy3k9WMwkNKp5EATopM/U9TxmFrfiUSn3MmxPDGHytX
J4K3uOaWNORueXbHG8MpTA4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org