Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/5FD66A5C5FF911EEA3C9CF4AC4F9AE02.roa
File: 5FD66A5C5FF911EEA3C9CF4AC4F9AE02.roa (raw, json)
Hash identifier: 4zVYMEqEw4DhiSRSIiDZ62UnAkaayKYM9cR726ToE0U=
Subject key identifier: E9:4A:F6:18:2F:80:8E:A5:58:AD:56:88:B9:AE:8D:A0:B0:AD:E4:58
Certificate issuer: /CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Certificate serial: 10E9
Authority key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/5FD66A5C5FF911EEA3C9CF4AC4F9AE02.roa
Signing time: Sun 01 Oct 2023 06:58:57 +0000
ROA not before: Sun 01 Oct 2023 06:58:57 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 63927
IP address blocks: 43.224.188.0/22 maxlen: 22
43.224.189.0/24 maxlen: 24
43.226.4.0/22 maxlen: 22
43.226.6.0/23 maxlen: 23
103.18.64.0/22 maxlen: 22
103.18.64.0/24 maxlen: 24
103.43.212.0/22 maxlen: 22
103.43.212.0/24 maxlen: 24
103.43.214.0/24 maxlen: 24
203.28.64.0/22 maxlen: 22
203.28.64.0/24 maxlen: 24
203.28.65.0/24 maxlen: 24
203.28.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4329 (0x10e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Validity
Not Before: Oct 1 06:58:57 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=651918b1-b985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b8:48:1c:e6:96:15:e6:fb:b0:eb:1a:bc:ea:
54:66:6f:7c:e8:83:4b:9f:43:bc:2a:35:ba:43:66:
d8:70:6d:b2:3e:33:dd:bf:c7:bf:d8:96:2a:eb:6d:
c0:eb:b2:36:f7:d4:5b:10:fd:0e:39:2d:b6:f5:d3:
dc:3b:71:a8:49:62:e4:06:2b:c1:a1:61:49:88:03:
9b:39:ef:91:ac:cb:30:91:f4:45:28:9b:f3:f1:9b:
0e:d1:fa:19:f9:c1:b2:de:a6:a6:e4:e9:e9:49:69:
ef:dd:b1:b4:fd:34:ce:3a:8e:7e:6a:2c:76:3e:22:
ff:1f:0e:1a:19:8e:2a:af:dc:b2:a8:1f:ea:fa:4e:
0a:83:af:3e:73:0b:22:ae:10:08:42:c4:84:cc:3a:
0d:4f:67:0c:e1:58:bd:eb:8c:ef:fe:19:ad:1a:05:
08:19:ec:bd:83:b9:a2:36:f8:66:92:cc:c2:74:9c:
b1:5e:14:a4:c0:d6:87:69:28:0f:24:2d:1a:32:49:
c9:41:70:5a:89:0e:2f:d8:50:f6:c9:aa:36:ab:89:
9b:d9:8d:80:a2:ec:89:8e:b5:c1:98:47:a2:6d:7c:
57:2a:4c:93:b1:98:04:4d:44:8f:c1:e0:0d:78:a4:
5d:1d:9c:e7:c0:53:2e:f7:c1:d8:28:1f:e0:a4:b6:
95:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:4A:F6:18:2F:80:8E:A5:58:AD:56:88:B9:AE:8D:A0:B0:AD:E4:58
X509v3 Authority Key Identifier:
keyid:BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/5FD66A5C5FF911EEA3C9CF4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.188.0/22
43.226.4.0/22
103.18.64.0/22
103.43.212.0/22
203.28.64.0/22
Signature Algorithm: sha256WithRSAEncryption
19:00:18:59:3d:97:90:51:97:54:be:b5:db:fb:fd:1f:6a:f8:
6f:8d:5d:91:70:4f:ce:53:50:7d:e4:61:8d:91:57:b5:6f:77:
da:ab:c7:2d:25:56:1b:99:6e:19:3d:6c:3a:08:9c:80:ab:be:
be:43:c8:d5:79:c4:5c:05:9c:7c:c4:c1:4a:07:3a:09:c8:19:
28:b2:64:bb:03:68:bd:c9:d3:4a:b0:41:e3:db:a8:24:fc:4e:
24:e4:fe:7a:af:7c:cb:07:f9:68:c3:00:db:1e:c1:60:23:f6:
47:19:ad:be:95:cd:67:45:be:a3:8a:86:d6:4d:94:90:64:9e:
e6:73:6f:43:ce:fc:76:6c:59:49:07:68:7c:37:44:4d:89:85:
63:53:f8:c6:f9:88:86:4e:d4:7d:9d:87:a5:4e:92:28:7a:22:
ff:9e:fc:89:52:a0:13:9c:3c:46:64:62:44:8c:41:50:6f:b1:
e8:06:39:3c:b9:96:5d:92:8c:a6:d1:2a:c5:0f:87:66:63:40:
0b:9a:8a:8f:72:dc:4e:f6:c0:4f:4e:b4:c8:e0:b7:13:67:03:
61:ea:2d:a3:c2:00:1c:e5:9b:dd:5c:38:df:69:7d:07:59:c6:
53:8a:92:80:b7:de:a6:55:fe:3d:64:40:52:12:cd:bf:11:b8:
2e:32:8f:82
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICEOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMyOTYxRjcyMjQy
QkY2MEQ1MUUwHhcNMjMxMDAxMDY1ODU3WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE5MThiMS1iOTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3bhIHOaWFeb7sOsavOpUZm986INLn0O8KjW6Q2bYcG2yPjPdv8e/2JYq623A
67I299RbEP0OOS229dPcO3GoSWLkBivBoWFJiAObOe+RrMswkfRFKJvz8ZsO0foZ
+cGy3qam5OnpSWnv3bG0/TTOOo5+aix2PiL/Hw4aGY4qr9yyqB/q+k4Kg68+cwsi
rhAIQsSEzDoNT2cM4Vi964zv/hmtGgUIGey9g7miNvhmkszCdJyxXhSkwNaHaSgP
JC0aMknJQXBaiQ4v2FD2yao2q4mb2Y2AouyJjrXBmEeibXxXKkyTsZgETUSPweAN
eKRdHZznwFMu98HYKB/gpLaVGwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOlK9hgv
gI6lWK1WiLmujaCwreRYMB8GA1UdIwQYMBaAFLxTbAD4X1kEHZxMKWH3IkK/YNUe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDg2MC9CNDAxQzk4MkU5
NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBoZldRUWRuRXdwWWZjaVFyOWcx
UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZGTnNBUGhmV1FRZG5Fd3BZZmNpUXI5ZzFSNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQ4NjAvQjQwMUM5ODJFOTcwMTFFOEIwMzU5MzU5QzRGOUFFMDIvNUZENjZBNUM1
RkY5MTFFRUEzQzlDRjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAIr4LwDBAIr4gQDBAJnEkADBAJnK9QDBALLHEAwDQYJKoZI
hvcNAQELBQADggEBABkAGFk9l5BRl1S+tdv7/R9q+G+NXZFwT85TUH3kYY2RV7Vv
d9qrxy0lVhuZbhk9bDoInICrvr5DyNV5xFwFnHzEwUoHOgnIGSiyZLsDaL3J00qw
QePbqCT8TiTk/nqvfMsH+WjDANsewWAj9kcZrb6VzWdFvqOKhtZNlJBknuZzb0PO
/HZsWUkHaHw3RE2JhWNT+Mb5iIZO1H2dh6VOkih6Iv+e/IlSoBOcPEZkYkSMQVBv
segGOTy5ll2SjKbRKsUPh2ZjQAuaio9y3E72wE9OtMjgtxNnA2HqLaPCABzlm91c
ON9pfQdZxlOKkoC33qZV/j1kQFISzb8RuC4yj4I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org