Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/611527DCF87011ED9F0E3266C4F9AE02.roa
File: 611527DCF87011ED9F0E3266C4F9AE02.roa (raw, json)
Hash identifier: sDZhcZcJt+7k5suNWUouGCZkz/ffaM/oJWc91x5BqL8=
Subject key identifier: 2F:E6:A2:C2:F8:82:7C:58:35:6C:77:AB:A6:2F:19:59:59:81:EF:68
Certificate issuer: /CN=A9148BFA/serialNumber=157B0BDE0E3CADB294839BC9815655644DB26E91
Certificate serial: 03BA
Authority key identifier: 15:7B:0B:DE:0E:3C:AD:B2:94:83:9B:C9:81:56:55:64:4D:B2:6E:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FXsL3g48rbKUg5vJgVZVZE2ybpE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/611527DCF87011ED9F0E3266C4F9AE02.roa
Signing time: Wed 02 Aug 2023 07:59:24 +0000
ROA not before: Wed 02 Aug 2023 07:59:24 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 9009
IP address blocks: 43.226.230.0/24 maxlen: 24
103.46.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 954 (0x3ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148BFA/serialNumber=157B0BDE0E3CADB294839BC9815655644DB26E91
Validity
Not Before: Aug 2 07:59:24 2023 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=64ca0cdc-b4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:85:f2:32:e6:19:81:72:fa:8e:ca:ff:e6:d1:
ec:f8:4b:c3:c8:55:ba:3a:f6:b2:27:8a:c7:0e:a7:
f6:b1:83:1b:d2:dd:27:a3:6c:4e:f6:19:84:7a:48:
35:4a:35:88:b4:c9:d7:f7:c9:b9:dc:a6:c2:b9:f5:
bf:ad:dd:8d:4a:50:6e:0b:c0:19:8f:fb:21:8f:0c:
ae:f4:bc:b1:ac:8f:0a:91:cc:f0:91:95:06:f7:06:
1e:a7:c2:75:64:39:be:d8:db:13:0b:54:bd:31:5f:
85:f9:8d:82:3f:53:29:1e:f8:96:9e:ae:c2:6a:5c:
ab:81:a5:1f:8c:54:76:18:0e:13:ac:50:0a:d8:06:
a7:25:8f:40:f0:85:62:21:91:11:80:e9:8a:f2:da:
fd:37:05:c4:92:3a:15:ba:20:18:e6:ea:6e:a7:9d:
54:48:47:ae:dc:7e:2c:dd:bd:11:21:6d:da:7b:a9:
69:f7:dc:c1:2c:03:11:16:4b:61:4a:b2:e3:9c:cb:
ce:17:29:5b:0f:56:40:2b:0e:a3:67:e1:c5:57:45:
ef:d3:e2:0c:02:d4:dc:0f:2e:5e:64:44:21:d1:2b:
9a:7b:53:d3:37:c4:01:a7:5f:c1:3d:dc:66:d9:0f:
02:a1:bd:4e:8c:50:b2:12:1a:ec:37:db:1d:b8:54:
c1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E6:A2:C2:F8:82:7C:58:35:6C:77:AB:A6:2F:19:59:59:81:EF:68
X509v3 Authority Key Identifier:
keyid:15:7B:0B:DE:0E:3C:AD:B2:94:83:9B:C9:81:56:55:64:4D:B2:6E:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/FXsL3g48rbKUg5vJgVZVZE2ybpE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FXsL3g48rbKUg5vJgVZVZE2ybpE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148BFA/04A24C34114311EC97369F73C4F9AE02/611527DCF87011ED9F0E3266C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.230.0/24
103.46.143.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f1:a4:b3:92:96:cf:8d:40:02:75:a6:1c:04:4c:e4:47:92:
d0:6f:b1:6a:dd:1d:de:c0:8c:e4:b4:5e:db:6a:5d:05:80:91:
ac:f4:c3:b4:b8:cb:98:9b:6a:71:a6:88:87:e1:88:6b:be:8d:
fa:15:e4:bc:56:70:6a:f5:a2:21:ae:b0:1d:d3:cf:93:ea:be:
d5:b5:df:f7:bc:76:ba:bb:02:36:ff:77:40:15:83:dc:f8:8a:
65:01:b8:3a:24:c7:28:b2:5b:2a:76:81:97:6a:23:c4:c6:a6:
ec:22:d9:f4:26:88:88:9c:cc:06:f1:21:f2:fb:06:e8:f5:01:
75:c7:9a:2d:35:f6:45:8a:93:c5:19:ae:d9:86:48:dd:17:b8:
90:0e:bb:18:62:93:bd:47:be:db:2c:77:57:4d:16:4a:30:24:
3f:7f:fc:26:6d:78:6d:14:ea:14:b7:21:82:69:25:83:97:10:
bd:84:5c:fb:f0:2e:5a:7b:42:a7:96:c8:47:d6:1c:a4:e3:87:
24:9e:70:9c:31:68:e0:63:62:23:51:59:b2:38:46:b2:db:88:
4f:e6:03:42:ae:b2:39:ca:b0:08:d7:7e:8c:4d:44:ae:2b:43:
f0:5e:61:b7:44:51:9b:15:1f:30:e1:31:b2:57:09:82:0f:1d:
c5:22:6a:fc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA7owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhCRkExMTAvBgNVBAUTKDE1N0IwQkRFMEUzQ0FEQjI5NDgzOUJDOTgxNTY1NTY0
NERCMjZFOTEwHhcNMjMwODAyMDc1OTI0WhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhMGNkYy1iNGJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyYXyMuYZgXL6jsr/5tHs+EvDyFW6OvayJ4rHDqf2sYMb0t0no2xO9hmEekg1
SjWItMnX98m53KbCufW/rd2NSlBuC8AZj/shjwyu9LyxrI8KkczwkZUG9wYep8J1
ZDm+2NsTC1S9MV+F+Y2CP1MpHviWnq7CalyrgaUfjFR2GA4TrFAK2AanJY9A8IVi
IZERgOmK8tr9NwXEkjoVuiAY5upup51USEeu3H4s3b0RIW3ae6lp99zBLAMRFkth
SrLjnMvOFylbD1ZAKw6jZ+HFV0Xv0+IMAtTcDy5eZEQh0Suae1PTN8QBp1/BPdxm
2Q8Cob1OjFCyEhrsN9sduFTBzQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC/mosL4
gnxYNWx3q6YvGVlZge9oMB8GA1UdIwQYMBaAFBV7C94OPK2ylIObyYFWVWRNsm6R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEJGQS8wNEEyNEMzNDEx
NDMxMUVDOTczNjlGNzNDNEY5QUUwMi9GWHNMM2c0OHJiS1VnNXZKZ1ZaVlpFMnli
cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZYc0wzZzQ4cmJLVWc1dkpnVlpWWkUyeWJwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhCRkEvMDRBMjRDMzQxMTQzMTFFQzk3MzY5RjczQzRGOUFFMDIvNjExNTI3RENG
ODcwMTFFRDlGMEUzMjY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr4uYDBABnLo8wDQYJKoZIhvcNAQELBQADggEBAArxpLOS
ls+NQAJ1phwETORHktBvsWrdHd7AjOS0XttqXQWAkaz0w7S4y5ibanGmiIfhiGu+
jfoV5LxWcGr1oiGusB3Tz5PqvtW13/e8drq7Ajb/d0AVg9z4imUBuDokxyiyWyp2
gZdqI8TGpuwi2fQmiIiczAbxIfL7Buj1AXXHmi019kWKk8UZrtmGSN0XuJAOuxhi
k71Hvtssd1dNFkowJD9//CZteG0U6hS3IYJpJYOXEL2EXPvwLlp7QqeWyEfWHKTj
hySecJwxaOBjYiNRWbI4RrLbiE/mA0KusjnKsAjXfoxNRK4rQ/BeYbdEUZsVHzDh
MbJXCYIPHcUiavw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org