Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/B67E1F4A605211EE83CD1D3CC4F9AE02.roa
File: B67E1F4A605211EE83CD1D3CC4F9AE02.roa (raw, json)
Hash identifier: o9W6caNiTu8bE/wIOIubsdM0bUySR7IbbjAQSzMYWFA=
Subject key identifier: 29:FE:EF:8B:02:A6:60:3F:BE:EB:7F:F6:1F:30:45:1A:CB:AE:5A:61
Certificate issuer: /CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Certificate serial: 1101
Authority key identifier: BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/B67E1F4A605211EE83CD1D3CC4F9AE02.roa
Signing time: Sun 01 Oct 2023 12:04:46 +0000
ROA not before: Sun 01 Oct 2023 12:04:46 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 137074
IP address blocks: 43.224.188.0/22 maxlen: 22
43.224.188.0/23 maxlen: 23
43.224.190.0/23 maxlen: 23
43.226.4.0/22 maxlen: 22
43.226.4.0/24 maxlen: 24
43.226.5.0/24 maxlen: 24
43.226.6.0/24 maxlen: 24
43.226.7.0/24 maxlen: 24
103.18.64.0/22 maxlen: 22
103.18.64.0/23 maxlen: 23
103.18.66.0/23 maxlen: 23
103.43.212.0/22 maxlen: 22
103.43.212.0/23 maxlen: 23
103.43.214.0/23 maxlen: 23
103.104.16.0/22 maxlen: 24
116.89.246.0/23 maxlen: 24
203.28.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4353 (0x1101)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9164860/serialNumber=BC536C00F85F59041D9C4C2961F72242BF60D51E
Validity
Not Before: Oct 1 12:04:46 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=6519605e-5b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6c:8f:9e:e3:f3:42:bb:b1:77:3b:25:d9:29:
c1:05:1e:d0:83:a3:d0:60:36:67:6b:1d:64:c4:e6:
ee:32:c9:d7:67:a5:1b:fa:ee:1e:22:e2:e0:27:99:
09:f9:2b:dd:b6:9a:fb:cd:af:9e:33:31:67:7a:7b:
6c:bc:9f:31:09:bf:66:b9:b9:55:f6:4c:88:ee:ce:
82:b8:44:10:42:f6:cb:83:db:2c:7c:b1:8b:66:f4:
ac:1f:d6:4f:1d:7b:a2:a1:1f:28:da:bf:1b:bc:02:
99:6f:f5:f9:58:b4:67:bd:b2:2d:f9:e3:a7:bf:14:
83:b9:0d:68:ee:9a:d7:b5:26:eb:92:50:d4:73:af:
eb:12:48:c0:e9:81:9c:1e:1d:2c:80:94:30:e9:81:
49:09:1f:f4:cc:e9:0b:1e:99:fa:a8:85:22:ea:f1:
ab:d1:50:3a:4f:37:99:08:ee:81:8d:74:0f:de:1c:
59:05:54:4a:a6:bc:ea:9b:9f:4e:75:ff:bb:97:cb:
22:2b:49:13:f4:6e:50:5a:c4:30:87:d8:c0:67:6c:
37:bb:ac:91:26:ce:f8:6c:2c:bd:44:89:bd:72:91:
6f:5b:98:0a:48:c8:bd:80:29:b4:fc:28:17:59:fd:
dc:b5:be:5f:20:f9:f5:d8:31:ed:09:9c:f4:80:4d:
7a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FE:EF:8B:02:A6:60:3F:BE:EB:7F:F6:1F:30:45:1A:CB:AE:5A:61
X509v3 Authority Key Identifier:
keyid:BC:53:6C:00:F8:5F:59:04:1D:9C:4C:29:61:F7:22:42:BF:60:D5:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/vFNsAPhfWQQdnEwpYfciQr9g1R4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vFNsAPhfWQQdnEwpYfciQr9g1R4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9164860/B401C982E97011E8B0359359C4F9AE02/B67E1F4A605211EE83CD1D3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.188.0/22
43.226.4.0/22
103.18.64.0/22
103.43.212.0/22
103.104.16.0/22
116.89.246.0/23
203.28.64.0/22
Signature Algorithm: sha256WithRSAEncryption
56:6b:7e:8c:26:e2:37:55:20:6f:30:3f:a7:be:b7:5d:81:be:
8a:1b:6a:c3:9f:00:cb:f5:cd:81:08:6e:74:d7:18:93:ba:13:
ba:3e:6d:5a:ef:4a:17:05:76:d8:08:c1:c8:64:0c:9f:11:3e:
1d:24:ed:bc:80:6d:f0:df:8e:90:cc:08:51:30:ab:e1:2b:79:
34:b7:4a:a5:1e:9a:5e:90:8c:5a:12:51:8c:2e:d5:b1:89:7f:
54:91:89:0c:47:e5:a1:61:3d:6c:99:34:b7:2f:de:3c:8c:04:
52:91:16:b8:3d:60:d7:4b:bd:51:3a:80:e8:39:9d:aa:53:b7:
dc:4f:e0:46:7d:5a:61:f2:b1:ee:17:a1:34:fd:8e:9d:d8:ad:
94:89:52:72:61:b2:ad:58:88:e5:f0:b7:c2:2b:2b:d3:16:4a:
2a:7d:f1:76:51:ee:f7:3e:fb:bd:ff:4e:ea:67:cb:e7:e4:bd:
95:55:70:59:4b:60:48:a7:0d:0b:16:c7:14:da:ad:92:51:fc:
20:85:11:ba:22:46:33:10:c6:a0:bd:d4:36:f5:8e:54:80:8c:
78:4c:5b:37:5e:03:09:a7:3a:7b:80:6f:8c:14:3e:fd:e3:f9:
1c:e3:02:db:c0:51:fd:c9:9f:29:c1:b2:10:f0:4b:90:f3:db:
3d:f6:69:bd
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICEQEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQ4NjAxMTAvBgNVBAUTKEJDNTM2QzAwRjg1RjU5MDQxRDlDNEMyOTYxRjcyMjQy
QkY2MEQ1MUUwHhcNMjMxMDAxMTIwNDQ2WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE5NjA1ZS01YjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoGyPnuPzQruxdzsl2SnBBR7Qg6PQYDZnax1kxObuMsnXZ6Ub+u4eIuLgJ5kJ
+Svdtpr7za+eMzFnentsvJ8xCb9mublV9kyI7s6CuEQQQvbLg9ssfLGLZvSsH9ZP
HXuioR8o2r8bvAKZb/X5WLRnvbIt+eOnvxSDuQ1o7prXtSbrklDUc6/rEkjA6YGc
Hh0sgJQw6YFJCR/0zOkLHpn6qIUi6vGr0VA6TzeZCO6BjXQP3hxZBVRKprzqm59O
df+7l8siK0kT9G5QWsQwh9jAZ2w3u6yRJs74bCy9RIm9cpFvW5gKSMi9gCm0/CgX
Wf3ctb5fIPn12DHtCZz0gE16MwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFCn+74sC
pmA/vut/9h8wRRrLrlphMB8GA1UdIwQYMBaAFLxTbAD4X1kEHZxMKWH3IkK/YNUe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDg2MC9CNDAxQzk4MkU5
NzAxMUU4QjAzNTkzNTlDNEY5QUUwMi92Rk5zQVBoZldRUWRuRXdwWWZjaVFyOWcx
UjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZGTnNBUGhmV1FRZG5Fd3BZZmNpUXI5ZzFSNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQ4NjAvQjQwMUM5ODJFOTcwMTFFOEIwMzU5MzU5QzRGOUFFMDIvQjY3RTFGNEE2
MDUyMTFFRTgzQ0QxRDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCoDBAIr4LwDBAIr4gQDBAJnEkADBAJnK9QDBAJnaBADBAF0WfYD
BALLHEAwDQYJKoZIhvcNAQELBQADggEBAFZrfowm4jdVIG8wP6e+t12BvoobasOf
AMv1zYEIbnTXGJO6E7o+bVrvShcFdtgIwchkDJ8RPh0k7byAbfDfjpDMCFEwq+Er
eTS3SqUeml6QjFoSUYwu1bGJf1SRiQxH5aFhPWyZNLcv3jyMBFKRFrg9YNdLvVE6
gOg5napTt9xP4EZ9WmHyse4XoTT9jp3YrZSJUnJhsq1YiOXwt8IrK9MWSip98XZR
7vc++73/Tupny+fkvZVVcFlLYEinDQsWxxTarZJR/CCFEboiRjMQxqC91Db1jlSA
jHhMWzdeAwmnOnuAb4wUPv3j+RzjAtvAUf3JnynBshDwS5Dz2z32ab0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-ams.rpki-client.org