Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/018F4F62604011EE83519936C4F9AE02.roa
File: 018F4F62604011EE83519936C4F9AE02.roa (raw, json)
Hash identifier: CBYkMxb7+GZScRwnalOyWDqnyAL9mGIjjWUUobkDOzk=
Subject key identifier: B6:65:8C:BC:9C:EE:59:87:2C:64:C0:A9:2E:AD:BB:8E:AA:92:5F:B7
Certificate issuer: /CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Certificate serial: 10F1
Authority key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/018F4F62604011EE83519936C4F9AE02.roa
Signing time: Sun 01 Oct 2023 09:50:52 +0000
ROA not before: Sun 01 Oct 2023 09:50:52 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 63927
IP address blocks: 43.224.188.0/22 maxlen: 22
43.224.189.0/24 maxlen: 24
43.226.4.0/22 maxlen: 22
43.226.6.0/23 maxlen: 23
103.18.64.0/22 maxlen: 22
103.18.64.0/24 maxlen: 24
103.43.212.0/22 maxlen: 22
103.43.212.0/24 maxlen: 24
103.43.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4337 (0x10f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Validity
Not Before: Oct 1 09:50:52 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=651940fb-8bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9d:13:63:6e:c3:24:84:99:73:86:4c:a9:28:
8e:17:13:79:dc:ed:1d:de:6e:95:15:91:d8:ab:6b:
6d:d2:6d:d6:9b:cd:e1:2e:8c:6c:3b:06:fe:74:5d:
33:da:48:eb:2b:e5:62:d0:9d:0c:a3:a3:1c:43:3c:
40:f2:30:67:9a:49:69:39:af:5e:ad:53:74:99:e0:
81:cf:d0:e8:71:af:c9:23:e6:f3:71:81:16:8c:ed:
6c:75:2e:11:da:74:f4:18:d7:c0:dc:36:f4:3f:09:
e3:6b:a4:b7:2d:cf:2f:0e:49:12:77:a3:1f:fa:82:
44:6b:b0:bd:71:b0:43:09:e5:e8:7c:17:f7:50:42:
e4:3b:c6:97:8f:1e:a0:11:f7:a3:bf:c6:8d:cd:df:
d2:a3:7f:a2:99:14:90:60:fa:c0:21:3b:8c:0b:ea:
e4:de:91:d6:8b:a6:2e:71:3f:e6:d0:e2:be:31:62:
55:df:c1:d2:d7:86:7e:0c:0f:65:64:92:82:25:18:
26:4b:72:01:5c:fa:45:1c:ed:24:08:84:fc:b3:5a:
87:05:30:0b:1a:c2:55:36:3f:6f:37:5d:a1:1c:64:
6d:48:f9:90:83:4f:96:a3:16:86:5b:35:ac:e0:9f:
95:be:83:c0:90:73:ac:a6:4c:9f:54:ca:ab:67:74:
c9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:65:8C:BC:9C:EE:59:87:2C:64:C0:A9:2E:AD:BB:8E:AA:92:5F:B7
X509v3 Authority Key Identifier:
keyid:BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/018F4F62604011EE83519936C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.188.0/22
43.226.4.0/22
103.18.64.0/22
103.43.212.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:51:d5:c5:f6:29:f7:d2:e8:6f:91:48:bd:3d:4c:23:60:f9:
f2:54:73:a2:dc:ce:27:b8:9a:9d:e8:80:a1:99:3e:a0:ab:ec:
c6:e6:2f:6f:15:a7:2a:ee:b6:7b:0e:be:e2:95:ca:4f:45:bb:
0b:5a:04:2b:fe:40:58:b5:c9:8b:ce:ca:95:51:f1:c6:c0:b9:
4c:62:17:c5:4c:c2:29:37:13:55:b3:67:fb:05:50:6f:67:bb:
e5:4e:47:64:98:5d:1a:43:70:bb:b1:f3:f7:13:0e:2a:d4:27:
31:e0:d3:99:fc:09:ab:89:a3:6c:33:7b:d0:57:df:64:8c:6b:
8b:10:f6:c6:e3:8b:e4:78:12:61:62:f0:61:18:43:ab:a8:17:
58:cb:23:1a:d3:83:78:f7:00:00:c8:38:74:e5:36:71:ff:d5:
1c:3e:ad:87:79:63:f6:f5:11:e7:10:bf:b6:9f:71:33:da:1c:
ec:78:2d:ee:74:26:6e:18:da:27:16:e7:2c:77:0e:96:28:dc:
11:3f:c4:5f:0f:e9:a6:81:3d:77:1d:a7:5b:60:a0:43:4c:c0:
5e:51:e8:8f:e7:8c:9d:34:46:fb:f3:f6:fe:41:08:80:43:99:
bf:f1:65:7e:14:7f:07:a8:77:88:a5:5b:6f:25:7e:68:96:99:
f3:c5:a2:97
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMyOTYxRjcyMjQy
QkY2MEQ1MUUwHhcNMjMxMDAxMDk1MDUyWhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE5NDBmYi04YmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA250TY27DJISZc4ZMqSiOFxN53O0d3m6VFZHYq2tt0m3Wm83hLoxsOwb+dF0z
2kjrK+Vi0J0Mo6McQzxA8jBnmklpOa9erVN0meCBz9Doca/JI+bzcYEWjO1sdS4R
2nT0GNfA3Db0Pwnja6S3Lc8vDkkSd6Mf+oJEa7C9cbBDCeXofBf3UELkO8aXjx6g
Efejv8aNzd/So3+imRSQYPrAITuMC+rk3pHWi6YucT/m0OK+MWJV38HS14Z+DA9l
ZJKCJRgmS3IBXPpFHO0kCIT8s1qHBTALGsJVNj9vN12hHGRtSPmQg0+WoxaGWzWs
4J+VvoPAkHOspkyfVMqrZ3TJeQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFLZljLyc
7lmHLGTAqS6tu46qkl+3MB8GA1UdIwQYMBaAFLxTbAD4X1kEHZxMKWH3IkK/YNUe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDg2MC9CNDAxQzk4MkU5
NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBoZldRUWRuRXdwWWZjaVFyOWcx
UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZGTnNBUGhmV1FRZG5Fd3BZZmNpUXI5ZzFSNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQ4NjAvQjQwMUM5ODJFOTcwMTFFOEIwMzU5MzU5QzRGOUFFMDIvMDE4RjRGNjI2
MDQwMTFFRTgzNTE5OTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAIr4LwDBAIr4gQDBAJnEkADBAJnK9QwDQYJKoZIhvcNAQEL
BQADggEBAD1R1cX2KffS6G+RSL09TCNg+fJUc6Lczie4mp3ogKGZPqCr7MbmL28V
pyrutnsOvuKVyk9FuwtaBCv+QFi1yYvOypVR8cbAuUxiF8VMwik3E1WzZ/sFUG9n
u+VOR2SYXRpDcLux8/cTDirUJzHg05n8CauJo2wze9BX32SMa4sQ9sbji+R4EmFi
8GEYQ6uoF1jLIxrTg3j3AADIOHTlNnH/1Rw+rYd5Y/b1EecQv7afcTPaHOx4Le50
Jm4Y2icW5yx3DpYo3BE/xF8P6aaBPXcdp1tgoENMwF5R6I/njJ00Rvvz9v5BCIBD
mb/xZX4Ufweod4ilW28lfmiWmfPFopc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-ams.rpki-client.org