Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913AE13/8936357826FB11ECA7135D73C4F9AE02/84FA4CD0270811EC8E7E427CC4F9AE02.roa
File: 84FA4CD0270811EC8E7E427CC4F9AE02.roa (raw, json)
Hash identifier: AOw43aSeK0c/m9TBmoD09Av1aMQSA39sOgIU4REo414=
Subject key identifier: 1D:B2:EB:94:2F:FC:72:85:37:24:69:0B:23:2E:AD:E1:27:E3:A3:00
Certificate issuer: /CN=A913AE13/serialNumber=87D3BD7D0ADE06509EB85AC6BA59489D95401F7F
Certificate serial: 0305
Authority key identifier: 87:D3:BD:7D:0A:DE:06:50:9E:B8:5A:C6:BA:59:48:9D:95:40:1F:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h9O9fQreBlCeuFrGullInZVAH38.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913AE13/8936357826FB11ECA7135D73C4F9AE02/84FA4CD0270811EC8E7E427CC4F9AE02.roa
Signing time: Fri 23 Dec 2022 03:22:30 +0000
ROA not before: Fri 23 Dec 2022 03:22:30 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 133898
IP address blocks: 43.227.108.0/22 maxlen: 22
203.23.68.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 773 (0x305)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913AE13/serialNumber=87D3BD7D0ADE06509EB85AC6BA59489D95401F7F
Validity
Not Before: Dec 23 03:22:30 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63a51ef6-9c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cc:4f:ab:ad:34:7f:92:a4:b5:bf:3a:d9:6f:
84:c4:8f:9f:62:f3:b5:40:b7:33:09:f0:d4:3e:97:
d9:fd:f4:d2:25:23:90:a6:2c:bd:38:ba:f7:e3:d8:
b9:e9:0c:3e:85:d3:2d:ca:6b:f2:66:76:13:d8:03:
f4:a6:06:26:14:f1:e2:26:88:42:40:64:e9:a9:c7:
14:85:c5:d6:6c:71:f2:77:75:a4:92:82:9e:b4:03:
3d:2e:21:08:4a:f0:cc:33:c2:ba:f9:37:6d:6a:89:
c1:e7:d7:82:71:3c:81:af:f1:20:1f:d8:9f:3b:92:
2c:82:91:24:a5:1f:5b:c3:18:e1:68:f6:34:a7:d6:
f6:9c:47:20:1d:80:a8:e6:ef:d0:91:8c:d7:3d:75:
f3:3f:08:5c:ef:af:ea:65:22:1d:2d:2b:5e:0c:e9:
98:a5:b2:3e:e4:27:db:47:a1:df:12:1d:62:4a:3c:
d5:3c:e3:40:f1:52:a8:15:f0:58:c6:22:34:28:25:
17:cf:48:02:7d:f7:df:67:ae:b1:a6:68:8b:52:b6:
eb:53:de:78:03:5d:0b:b7:49:07:e6:19:02:58:3c:
a5:10:bc:90:3c:e7:a2:36:a7:ec:ce:ee:16:3e:da:
66:56:cc:38:00:35:30:e9:18:68:93:d1:bb:4a:c1:
ab:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B2:EB:94:2F:FC:72:85:37:24:69:0B:23:2E:AD:E1:27:E3:A3:00
X509v3 Authority Key Identifier:
keyid:87:D3:BD:7D:0A:DE:06:50:9E:B8:5A:C6:BA:59:48:9D:95:40:1F:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913AE13/8936357826FB11ECA7135D73C4F9AE02/h9O9fQreBlCeuFrGullInZVAH38.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h9O9fQreBlCeuFrGullInZVAH38.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913AE13/8936357826FB11ECA7135D73C4F9AE02/84FA4CD0270811EC8E7E427CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.108.0/22
203.23.68.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:37:bf:d2:7f:b3:21:48:4c:d8:1a:c7:73:46:7b:1f:31:67:
b0:c9:c1:f9:41:a6:40:5f:db:42:b0:c9:0f:2d:28:8e:db:e0:
67:ea:c5:aa:b1:e0:c5:15:a8:7b:27:91:4c:5d:9a:59:e2:28:
e5:ef:c1:51:b1:6e:2e:f3:5c:a3:31:80:c0:2e:10:41:78:86:
90:bc:33:6a:80:9c:71:a3:74:16:43:80:80:a8:88:cc:dc:e9:
31:9a:b4:c3:b1:5a:3f:9e:18:72:86:d5:59:52:29:6b:e0:fc:
b8:0d:56:0e:34:ab:f8:25:7f:96:b9:fc:8d:05:cb:c1:05:f3:
ae:ce:0a:ba:d6:42:20:0d:df:83:e3:a9:75:2c:c1:79:51:45:
51:ab:f8:57:05:90:03:cb:75:a3:32:d8:ec:0c:28:4b:66:87:
ee:0f:f0:33:ee:4d:9f:83:22:9a:b8:d9:a8:7c:d0:bd:c0:de:
a3:b1:ba:14:8d:5e:dc:32:88:08:47:d6:53:de:1f:9c:b5:43:
7f:88:fa:b3:98:8e:29:22:b7:54:be:b1:ff:1c:9e:00:12:2f:
eb:d3:d5:e8:90:8e:41:97:78:f6:f3:13:17:a8:e0:3a:ff:1a:
29:0a:6a:fd:99:8f:7c:91:1e:e6:c0:12:d3:77:ce:b6:e0:77:
8c:b3:c0:01
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0FFMTMxMTAvBgNVBAUTKDg3RDNCRDdEMEFERTA2NTA5RUI4NUFDNkJBNTk0ODlE
OTU0MDFGN0YwHhcNMjIxMjIzMDMyMjMwWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E1MWVmNi05Yzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA28xPq600f5Kktb862W+ExI+fYvO1QLczCfDUPpfZ/fTSJSOQpiy9OLr349i5
6Qw+hdMtymvyZnYT2AP0pgYmFPHiJohCQGTpqccUhcXWbHHyd3WkkoKetAM9LiEI
SvDMM8K6+TdtaonB59eCcTyBr/EgH9ifO5IsgpEkpR9bwxjhaPY0p9b2nEcgHYCo
5u/QkYzXPXXzPwhc76/qZSIdLSteDOmYpbI+5CfbR6HfEh1iSjzVPONA8VKoFfBY
xiI0KCUXz0gCffffZ66xpmiLUrbrU954A10Lt0kH5hkCWDylELyQPOeiNqfszu4W
PtpmVsw4ADUw6Rhok9G7SsGrKwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFB2y65Qv
/HKFNyRpCyMureEn46MAMB8GA1UdIwQYMBaAFIfTvX0K3gZQnrhaxrpZSJ2VQB9/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUUxMy84OTM2MzU3ODI2
RkIxMUVDQTcxMzVENzNDNEY5QUUwMi9oOU85ZlFyZUJsQ2V1RnJHdWxsSW5aVkFI
MzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g5TzlmUXJlQmxDZXVGckd1bGxJblpWQUgzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0FFMTMvODkzNjM1NzgyNkZCMTFFQ0E3MTM1RDczQzRGOUFFMDIvODRGQTRDRDAy
NzA4MTFFQzhFN0U0MjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr42wDBAHLF0QwDQYJKoZIhvcNAQELBQADggEBALM3v9J/
syFITNgax3NGex8xZ7DJwflBpkBf20KwyQ8tKI7b4Gfqxaqx4MUVqHsnkUxdmlni
KOXvwVGxbi7zXKMxgMAuEEF4hpC8M2qAnHGjdBZDgICoiMzc6TGatMOxWj+eGHKG
1VlSKWvg/LgNVg40q/glf5a5/I0Fy8EF867OCrrWQiAN34PjqXUswXlRRVGr+FcF
kAPLdaMy2OwMKEtmh+4P8DPuTZ+DIpq42ah80L3A3qOxuhSNXtwyiAhH1lPeH5y1
Q3+I+rOYjikit1S+sf8cngASL+vT1eiQjkGXePbzExeo4Dr/GikKav2Zj3yRHubA
EtN3zrbgd4yzwAE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org