Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150E55/7D32A74EC60011EC87005C7DC4F9AE02/ECFCA4CCC60411ECA41C213BC4F9AE02.roa
File: ECFCA4CCC60411ECA41C213BC4F9AE02.roa (raw, json)
Hash identifier: 8N9kT+JUZK7s2FSalmlzlph3H+NdcH/psFipu5PodSg=
Subject key identifier: 9E:64:B9:A5:DF:33:A3:D2:8E:F9:F3:F8:33:91:CF:BC:F0:30:90:EA
Certificate issuer: /CN=A9150E55/serialNumber=A01A0F06E310B38130131D7882970BF162DD0D66
Certificate serial: 02
Authority key identifier: A0:1A:0F:06:E3:10:B3:81:30:13:1D:78:82:97:0B:F1:62:DD:0D:66
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oBoPBuMQs4EwEx14gpcL8WLdDWY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150E55/7D32A74EC60011EC87005C7DC4F9AE02/ECFCA4CCC60411ECA41C213BC4F9AE02.roa
Signing time: Wed 27 Apr 2022 08:35:00 +0000
ROA not before: Wed 27 Apr 2022 08:35:00 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 132742
IP address blocks: 43.243.64.0/22 maxlen: 22
103.38.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150E55/serialNumber=A01A0F06E310B38130131D7882970BF162DD0D66
Validity
Not Before: Apr 27 08:35:00 2022 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=62690034-8f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:93:7e:ea:2b:a0:d2:d7:62:5e:b4:39:86:a1:
00:75:a2:df:fb:44:1b:31:a9:3a:e5:00:77:c8:6c:
5d:c4:09:83:eb:d1:38:e2:ea:8e:88:95:7f:04:31:
5b:ee:87:68:3c:a4:4b:89:7e:2b:91:98:bc:93:a1:
5e:da:c9:51:b7:1c:11:f6:54:c2:b5:1e:dd:b6:1d:
df:11:dc:be:c5:e8:3e:b7:28:a0:1a:07:4c:3c:f2:
b6:38:e8:dc:8f:59:38:8b:a5:fc:01:a0:26:e7:a7:
e2:99:97:72:fc:b9:76:bc:fe:ea:93:de:b0:52:cf:
1b:b7:55:65:22:ca:dc:9d:5f:03:b8:c5:d5:b1:f8:
7a:86:cb:61:53:6a:25:62:71:67:55:76:39:13:1d:
3c:88:9a:0e:61:fd:6e:fc:99:85:54:ba:90:08:97:
a8:67:ab:20:61:d8:6d:16:c6:87:4f:ef:8b:69:96:
92:f1:52:3a:2f:4f:23:f6:60:e5:5c:63:9b:0f:e6:
0c:88:2e:cb:fd:9f:82:be:50:10:03:cb:42:21:70:
ed:0a:f1:5e:a6:6a:f7:67:12:f9:d3:3b:60:01:58:
24:37:84:a4:67:3c:d4:6d:ad:3b:9f:d7:0a:73:ce:
20:ab:9a:9e:81:7b:89:f8:1f:c4:d4:53:6a:13:6b:
79:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:64:B9:A5:DF:33:A3:D2:8E:F9:F3:F8:33:91:CF:BC:F0:30:90:EA
X509v3 Authority Key Identifier:
keyid:A0:1A:0F:06:E3:10:B3:81:30:13:1D:78:82:97:0B:F1:62:DD:0D:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150E55/7D32A74EC60011EC87005C7DC4F9AE02/oBoPBuMQs4EwEx14gpcL8WLdDWY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oBoPBuMQs4EwEx14gpcL8WLdDWY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150E55/7D32A74EC60011EC87005C7DC4F9AE02/ECFCA4CCC60411ECA41C213BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.64.0/22
103.38.168.0/22
Signature Algorithm: sha256WithRSAEncryption
16:8d:6a:01:2a:b9:05:f6:e1:63:1a:04:62:d1:c7:68:74:16:
fa:eb:6d:3f:2d:74:a8:df:e1:16:24:3b:c4:3f:60:6b:44:bb:
3d:b4:aa:97:15:18:8f:0a:69:2e:36:53:fb:29:7f:00:2a:eb:
2d:ff:5e:e9:90:0c:2b:f5:db:4f:f1:94:ce:fa:29:69:41:a6:
05:4c:72:8a:20:21:a7:eb:af:53:eb:0b:12:6b:ad:67:a2:ae:
80:3b:cf:e5:e1:88:9e:3b:65:08:58:88:bf:78:06:49:3f:01:
60:9a:d4:f6:d8:04:af:49:d6:58:05:40:0b:61:71:f7:42:db:
2a:9c:c8:4a:7b:9b:1e:44:66:99:8a:5f:f0:50:d1:f0:5e:2b:
8c:98:6d:c9:03:9b:de:a0:77:b5:8c:07:2f:b2:18:01:20:91:
7e:39:8a:fb:29:2d:fc:41:c9:56:fa:39:99:a0:f6:8f:d1:de:
32:90:c2:ff:af:fc:71:40:3e:d3:ad:4b:e3:b5:3d:0b:b2:50:
2f:13:09:03:3c:71:58:29:e4:82:82:c1:98:9d:46:b5:48:6b:
89:74:12:76:13:70:73:95:ef:45:08:64:b1:9b:c8:8f:02:1c:
f3:e9:5d:cf:c5:f6:ad:54:0c:ae:00:d6:16:24:ca:31:d5:4a:
26:42:3d:16
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
MEU1NTExMC8GA1UEBRMoQTAxQTBGMDZFMzEwQjM4MTMwMTMxRDc4ODI5NzBCRjE2
MkREMEQ2NjAeFw0yMjA0MjcwODM1MDBaFw0yMjEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjkwMDM0LThmMmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDVk37qK6DS12JetDmGoQB1ot/7RBsxqTrlAHfIbF3ECYPr0Tji6o6IlX8EMVvu
h2g8pEuJfiuRmLyToV7ayVG3HBH2VMK1Ht22Hd8R3L7F6D63KKAaB0w88rY46NyP
WTiLpfwBoCbnp+KZl3L8uXa8/uqT3rBSzxu3VWUiytydXwO4xdWx+HqGy2FTaiVi
cWdVdjkTHTyImg5h/W78mYVUupAIl6hnqyBh2G0WxodP74tplpLxUjovTyP2YOVc
Y5sP5gyILsv9n4K+UBADy0IhcO0K8V6mavdnEvnTO2ABWCQ3hKRnPNRtrTuf1wpz
ziCrmp6Be4n4H8TUU2oTa3mHAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUnmS5pd8z
o9KO+fP4M5HPvPAwkOowHwYDVR0jBBgwFoAUoBoPBuMQs4EwEx14gpcL8WLdDWYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUwRTU1LzdEMzJBNzRFQzYw
MDExRUM4NzAwNUM3REM0RjlBRTAyL29Cb1BCdU1RczRFd0V4MTRncGNMOFdMZERX
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb0JvUEJ1TVFzNEV3RXgxNGdwY0w4V0xkRFdZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MEU1NS83RDMyQTc0RUM2MDAxMUVDODcwMDVDN0RDNEY5QUUwMi9FQ0ZDQTRDQ0M2
MDQxMUVDQTQxQzIxM0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAivzQAMEAmcmqDANBgkqhkiG9w0BAQsFAAOCAQEAFo1qASq5
BfbhYxoEYtHHaHQW+uttPy10qN/hFiQ7xD9ga0S7PbSqlxUYjwppLjZT+yl/ACrr
Lf9e6ZAMK/XbT/GUzvopaUGmBUxyiiAhp+uvU+sLEmutZ6KugDvP5eGInjtlCFiI
v3gGST8BYJrU9tgEr0nWWAVAC2Fx90LbKpzISnubHkRmmYpf8FDR8F4rjJhtyQOb
3qB3tYwHL7IYASCRfjmK+ykt/EHJVvo5maD2j9HeMpDC/6/8cUA+061L47U9C7JQ
LxMJAzxxWCnkgoLBmJ1GtUhriXQSdhNwc5XvRQhksZvIjwIc8+ldz8X2rVQMrgDW
FiTKMdVKJkI9Fg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:41 2023 by rpki-client on console-fra.rpki-client.org