Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91400CC/B4A7CCE8C60211ECBEB9BF3AC4F9AE02/FD15ACBEC60411ECA41C213BC4F9AE02.roa
File: FD15ACBEC60411ECA41C213BC4F9AE02.roa (raw, json)
Hash identifier: pMVxqbDaUa/GHfhCAyOS/HT585rCADNKKtzRLbmCKMI=
Subject key identifier: E3:10:2B:BE:2A:2A:CD:B9:35:3C:4B:9F:23:E4:D3:EA:B1:A3:2F:3F
Certificate issuer: /CN=A91400CC/serialNumber=2758C6CF8B528966D43713BB1BCE8E03DCA61B1C
Certificate serial: 02
Authority key identifier: 27:58:C6:CF:8B:52:89:66:D4:37:13:BB:1B:CE:8E:03:DC:A6:1B:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J1jGz4tSiWbUNxO7G86OA9ymGxw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91400CC/B4A7CCE8C60211ECBEB9BF3AC4F9AE02/FD15ACBEC60411ECA41C213BC4F9AE02.roa
Signing time: Wed 27 Apr 2022 08:35:27 +0000
ROA not before: Wed 27 Apr 2022 08:35:27 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 132742
IP address blocks: 43.248.60.0/24 maxlen: 24
43.248.61.0/24 maxlen: 24
43.248.62.0/24 maxlen: 24
43.248.63.0/24 maxlen: 24
103.39.148.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91400CC/serialNumber=2758C6CF8B528966D43713BB1BCE8E03DCA61B1C
Validity
Not Before: Apr 27 08:35:27 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=6269004f-5510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:80:7f:6c:b9:c8:35:d4:b9:7b:87:2b:79:c4:
ec:69:e7:0d:dd:37:b7:0b:cb:5f:3d:c3:8f:35:bd:
42:28:ee:27:78:9f:07:f6:44:db:2f:d2:62:45:e8:
c5:7c:40:02:c7:ab:b8:f0:8e:2f:14:94:51:c7:6e:
a7:60:15:45:9c:0e:26:08:a7:9c:b0:5d:2d:ea:2e:
5e:3b:45:ea:df:36:b3:0d:0b:a2:b7:5c:60:82:16:
3f:24:03:60:1e:c7:ae:46:d1:85:9a:9d:80:fd:ed:
25:70:b6:c4:e7:b1:f2:ed:d3:a5:6d:a5:68:14:6a:
c5:73:91:fc:12:5e:ee:f3:d6:76:69:30:28:d1:1b:
6e:4a:76:9e:ac:1c:66:b4:5a:4b:e1:98:01:7b:6e:
92:95:39:e2:d6:80:02:4d:c9:ac:13:34:bc:49:41:
fd:d5:20:1e:08:ad:20:92:3c:9c:3b:1b:e7:24:46:
57:33:e5:86:5e:c4:34:21:a4:38:81:77:dc:11:ed:
84:3f:6c:06:8b:4b:9b:64:eb:2a:33:d8:a4:65:cd:
a7:86:30:17:c0:3d:ab:df:3d:15:83:07:61:bb:94:
22:4f:21:dc:46:30:93:96:c5:a0:1b:ec:ea:33:51:
3e:4b:35:be:cb:d8:9d:11:a5:f4:4d:ee:1d:f7:4d:
98:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:10:2B:BE:2A:2A:CD:B9:35:3C:4B:9F:23:E4:D3:EA:B1:A3:2F:3F
X509v3 Authority Key Identifier:
keyid:27:58:C6:CF:8B:52:89:66:D4:37:13:BB:1B:CE:8E:03:DC:A6:1B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91400CC/B4A7CCE8C60211ECBEB9BF3AC4F9AE02/J1jGz4tSiWbUNxO7G86OA9ymGxw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J1jGz4tSiWbUNxO7G86OA9ymGxw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91400CC/B4A7CCE8C60211ECBEB9BF3AC4F9AE02/FD15ACBEC60411ECA41C213BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.60.0/22
103.39.148.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:c1:af:7c:63:b1:1e:5e:53:4f:4e:bf:f1:de:95:8a:70:c0:
d6:4c:6c:c0:1a:8e:04:90:e1:95:36:48:1e:34:93:b9:a2:1a:
c8:39:39:f9:0f:0c:a5:12:d0:24:c7:f2:86:80:ef:6f:5e:c1:
21:12:52:5a:ac:9e:d2:74:ca:52:db:24:80:d2:d5:a2:78:9d:
6b:9a:3a:b1:ae:e5:39:97:35:c3:14:a4:ba:2a:a5:09:ad:6a:
33:84:46:b8:0c:c7:63:3d:52:2f:35:d8:7a:6a:1d:a9:16:e7:
19:11:90:68:7b:c1:7d:60:d5:0a:9a:07:43:e9:ff:fa:1a:55:
93:c1:f0:41:7d:9b:b0:b5:f1:03:42:aa:e8:3c:f2:f9:7d:37:
90:5a:da:37:97:01:21:f6:3a:2b:f7:0d:e5:2b:98:fa:56:ba:
e4:8c:cd:db:05:60:23:dc:8d:49:92:05:90:d5:9b:a7:8a:95:
56:b7:53:62:07:e5:cb:d7:f4:1d:58:37:02:de:1f:93:52:aa:
b6:e2:33:51:e9:fc:d3:ca:52:f9:1f:6f:4f:99:5b:7b:c0:61:
db:71:ad:60:98:2f:1f:ec:9e:14:1d:4e:ce:49:70:ee:8e:a8:
e4:3e:73:d2:99:0f:ed:32:7e:8c:10:bc:e3:ea:e6:f2:4a:42:
6e:b5:4d:fc
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MDBDQzExMC8GA1UEBRMoMjc1OEM2Q0Y4QjUyODk2NkQ0MzcxM0JCMUJDRThFMDNE
Q0E2MUIxQzAeFw0yMjA0MjcwODM1MjdaFw0yMjEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjkwMDRmLTU1MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmgH9sucg11Ll7hyt5xOxp5w3dN7cLy189w481vUIo7id4nwf2RNsv0mJF6MV8
QALHq7jwji8UlFHHbqdgFUWcDiYIp5ywXS3qLl47RerfNrMNC6K3XGCCFj8kA2Ae
x65G0YWanYD97SVwtsTnsfLt06VtpWgUasVzkfwSXu7z1nZpMCjRG25Kdp6sHGa0
WkvhmAF7bpKVOeLWgAJNyawTNLxJQf3VIB4IrSCSPJw7G+ckRlcz5YZexDQhpDiB
d9wR7YQ/bAaLS5tk6yoz2KRlzaeGMBfAPavfPRWDB2G7lCJPIdxGMJOWxaAb7Ooz
UT5LNb7L2J0RpfRN7h33TZj3AgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU4xArvioq
zbk1PEufI+TT6rGjLz8wHwYDVR0jBBgwFoAUJ1jGz4tSiWbUNxO7G86OA9ymGxww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQwMENDL0I0QTdDQ0U4QzYw
MjExRUNCRUI5QkYzQUM0RjlBRTAyL0oxakd6NHRTaVdiVU54TzdHODZPQTl5bUd4
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSjFqR3o0dFNpV2JVTnhPN0c4Nk9BOXltR3h3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MDBDQy9CNEE3Q0NFOEM2MDIxMUVDQkVCOUJGM0FDNEY5QUUwMi9GRDE1QUNCRUM2
MDQxMUVDQTQxQzIxM0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAiv4PAMEAmcnlDANBgkqhkiG9w0BAQsFAAOCAQEATcGvfGOx
Hl5TT06/8d6VinDA1kxswBqOBJDhlTZIHjSTuaIayDk5+Q8MpRLQJMfyhoDvb17B
IRJSWqye0nTKUtskgNLVonida5o6sa7lOZc1wxSkuiqlCa1qM4RGuAzHYz1SLzXY
emodqRbnGRGQaHvBfWDVCpoHQ+n/+hpVk8HwQX2bsLXxA0Kq6Dzy+X03kFraN5cB
IfY6K/cN5SuY+la65IzN2wVgI9yNSZIFkNWbp4qVVrdTYgfly9f0HVg3At4fk1Kq
tuIzUen808pS+R9vT5lbe8Bh23GtYJgvH+yeFB1Ozklw7o6o5D5z0pkP7TJ+jBC8
4+rm8kpCbrVN/A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:39 2023 by rpki-client on console-fra.rpki-client.org