Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/6255E0DC0D7A11EDBAD90C57C4F9AE02.roa
File: 6255E0DC0D7A11EDBAD90C57C4F9AE02.roa (raw, json)
Hash identifier: QbmbgYljGTy8ruD4O4Aei+EVgXAKq/e38vnmgUJx9kg=
Subject key identifier: 42:19:6C:69:E1:A6:64:72:62:3C:C8:00:DE:97:8D:7E:89:FF:F6:28
Certificate issuer: /CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Certificate serial: 10EB
Authority key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/6255E0DC0D7A11EDBAD90C57C4F9AE02.roa
Signing time: Sun 01 Oct 2023 07:03:34 +0000
ROA not before: Sun 01 Oct 2023 07:03:34 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 137074
IP address blocks: 43.224.188.0/23 maxlen: 23
43.224.190.0/23 maxlen: 23
43.226.4.0/24 maxlen: 24
43.226.5.0/24 maxlen: 24
43.226.6.0/24 maxlen: 24
43.226.7.0/24 maxlen: 24
103.18.64.0/23 maxlen: 23
103.18.66.0/23 maxlen: 23
103.43.212.0/23 maxlen: 23
103.43.214.0/23 maxlen: 23
103.104.16.0/22 maxlen: 24
116.89.246.0/23 maxlen: 24
203.28.64.0/23 maxlen: 23
203.28.66.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4331 (0x10eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Validity
Not Before: Oct 1 07:03:34 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=651919c6-f1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e1:1f:2d:d6:98:53:af:16:f5:94:0a:ab:5c:
62:40:2e:31:84:6c:4b:1b:82:3a:84:b6:3a:30:d4:
57:41:d8:00:d1:e3:b5:b9:6a:84:68:32:28:ad:75:
d9:aa:8e:9c:b0:95:c9:17:5d:22:bc:c8:c7:e1:ea:
3a:5f:3a:1f:df:bb:1b:60:06:69:fa:b2:ed:5f:c5:
3b:0e:08:70:7f:65:bf:f0:1c:f5:02:4c:61:49:7e:
34:b2:58:fd:4b:3a:a0:47:c6:96:89:93:14:e2:cf:
04:fd:e5:38:d7:80:ff:a8:67:ca:2a:72:cc:ed:2f:
64:38:24:3c:fd:a2:5f:87:d1:b1:6c:c8:bb:6a:37:
9d:34:91:5d:30:b0:61:62:7e:23:ef:f3:ca:e9:fa:
00:da:c2:6c:08:0c:78:30:34:f2:ed:59:a8:d6:ab:
a2:9f:b2:54:95:55:83:b0:cd:b3:f9:d3:42:1b:ae:
ba:2e:b6:3f:d6:21:a6:9e:78:36:ba:38:32:a8:66:
76:1e:1c:57:65:e9:cb:4e:65:26:00:7e:f6:1d:26:
62:45:40:54:03:b7:33:14:9e:d3:f6:a4:5b:02:e1:
61:56:08:61:ae:6e:25:22:e8:8c:7f:f7:0b:74:e8:
7d:ea:2e:ad:7d:ae:39:1d:9b:34:b1:4c:6e:62:82:
98:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:19:6C:69:E1:A6:64:72:62:3C:C8:00:DE:97:8D:7E:89:FF:F6:28
X509v3 Authority Key Identifier:
keyid:BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/6255E0DC0D7A11EDBAD90C57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.188.0/22
43.226.4.0/22
103.18.64.0/22
103.43.212.0/22
103.104.16.0/22
116.89.246.0/23
203.28.64.0/22
Signature Algorithm: sha256WithRSAEncryption
63:81:a0:09:b3:1e:c6:d2:bd:c1:5c:e6:b8:59:08:e9:f7:bf:
1d:0c:7e:bf:c0:72:19:27:13:36:43:38:43:8a:f3:53:f6:f2:
fb:11:8c:04:d8:f0:3d:f0:41:31:4a:aa:8f:24:be:f4:69:68:
61:97:03:07:e1:65:b9:91:3b:a6:18:73:73:49:bc:66:e7:37:
ea:e0:af:45:35:16:f0:8f:9c:37:91:2d:4b:ae:d0:a6:fa:c9:
9e:98:6c:13:2c:66:a9:e7:b8:88:e1:b3:e5:ca:a2:d1:40:6e:
1e:b2:55:48:b8:80:e4:1c:12:2b:86:0e:17:ba:32:34:bf:d4:
c1:de:f9:1a:cf:75:91:e4:5a:53:fa:ba:fc:64:2a:e7:82:55:
ae:52:27:ef:27:c9:07:60:d6:5a:34:20:9d:6b:69:9e:61:cb:
27:77:93:62:3e:03:5e:33:dc:74:64:35:fe:9a:93:13:66:93:
a7:f4:96:82:8c:cb:0f:ca:54:ac:d5:49:00:28:f5:90:f3:12:
08:e7:34:9e:e6:ed:44:bd:6a:c5:62:61:62:f6:a2:94:f2:b2:
0a:f0:f6:76:5f:46:4a:07:91:58:7a:2b:ca:9f:6f:b9:29:1d:
3f:fc:42:f9:55:65:4f:da:a3:94:ad:9c:7c:9d:82:83:ec:12:
32:b6:7e:c1
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICEOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMyOTYxRjcyMjQy
QkY2MEQ1MUUwHhcNMjMxMDAxMDcwMzM0WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE5MTljNi1mMWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvOEfLdaYU68W9ZQKq1xiQC4xhGxLG4I6hLY6MNRXQdgA0eO1uWqEaDIorXXZ
qo6csJXJF10ivMjH4eo6Xzof37sbYAZp+rLtX8U7Dghwf2W/8Bz1AkxhSX40slj9
SzqgR8aWiZMU4s8E/eU414D/qGfKKnLM7S9kOCQ8/aJfh9GxbMi7ajedNJFdMLBh
Yn4j7/PK6foA2sJsCAx4MDTy7Vmo1quin7JUlVWDsM2z+dNCG666LrY/1iGmnng2
ujgyqGZ2HhxXZenLTmUmAH72HSZiRUBUA7czFJ7T9qRbAuFhVghhrm4lIuiMf/cL
dOh96i6tfa45HZs0sUxuYoKYbwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFEIZbGnh
pmRyYjzIAN6XjX6J//YoMB8GA1UdIwQYMBaAFLxTbAD4X1kEHZxMKWH3IkK/YNUe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDg2MC9CNDAxQzk4MkU5
NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBoZldRUWRuRXdwWWZjaVFyOWcx
UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZGTnNBUGhmV1FRZG5Fd3BZZmNpUXI5ZzFSNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQ4NjAvQjQwMUM5ODJFOTcwMTFFOEIwMzU5MzU5QzRGOUFFMDIvNjI1NUUwREMw
RDdBMTFFREJBRDkwQzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAIr4LwDBAIr4gQDBAJnEkADBAJnK9QDBAJnaBADBAF0WfYD
BALLHEAwDQYJKoZIhvcNAQELBQADggEBAGOBoAmzHsbSvcFc5rhZCOn3vx0Mfr/A
chknEzZDOEOK81P28vsRjATY8D3wQTFKqo8kvvRpaGGXAwfhZbmRO6YYc3NJvGbn
N+rgr0U1FvCPnDeRLUuu0Kb6yZ6YbBMsZqnnuIjhs+XKotFAbh6yVUi4gOQcEiuG
Dhe6MjS/1MHe+RrPdZHkWlP6uvxkKueCVa5SJ+8nyQdg1lo0IJ1raZ5hyyd3k2I+
A14z3HRkNf6akxNmk6f0loKMyw/KVKzVSQAo9ZDzEgjnNJ7m7US9asViYWL2opTy
sgrw9nZfRkoHkVh6K8qfb7kpHT/8QvlVZU/ao5StnHydgoPsEjK2fsE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org