Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/75C44B0CDCA311ECACAEC50BC4F9AE02.roa
File: 75C44B0CDCA311ECACAEC50BC4F9AE02.roa (raw, json)
Hash identifier: Iv6D20KVNwBS49/1dCL/8mnz7YcLot3PGqqL22p8qvA=
Subject key identifier: 6F:22:90:86:88:61:A4:41:E6:5E:1C:CB:EB:5B:3C:D9:CA:BF:B1:BE
Certificate issuer: /CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Certificate serial: 05E9
Authority key identifier: 9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/75C44B0CDCA311ECACAEC50BC4F9AE02.roa
Signing time: Wed 12 Oct 2022 23:49:52 +0000
ROA not before: Wed 12 Oct 2022 23:49:52 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 140224
IP address blocks: 43.249.8.0/24 maxlen: 24
43.249.9.0/24 maxlen: 24
103.40.100.0/24 maxlen: 24
103.40.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1513 (0x5e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Validity
Not Before: Oct 12 23:49:52 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=634752a0-cc24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:34:2a:87:d2:4d:1c:80:d4:67:2d:44:59:3e:
ea:a7:33:10:8a:2d:7e:40:c7:30:11:6c:3c:8d:f7:
84:20:e8:a2:2e:16:20:47:6a:e7:f5:d2:ff:0c:95:
e7:6d:26:ee:c9:42:ed:3d:d2:15:0c:f6:9e:aa:33:
03:c5:ef:44:fb:22:01:0a:3c:5a:ae:c2:de:74:3e:
c0:77:c9:e5:ea:4e:27:d6:0a:21:87:23:26:18:8d:
04:96:27:29:e5:4d:41:84:f2:af:6d:fd:8a:48:38:
fa:6c:a6:c2:55:d6:44:59:c1:88:0d:0e:b6:cb:59:
4c:a3:9f:a5:39:93:02:bc:e7:43:77:7b:01:3c:6e:
90:5e:70:0b:b8:ab:46:3b:bf:51:3d:0d:98:d6:ea:
d0:eb:66:bb:20:6c:95:57:ab:d0:f3:64:1a:25:ce:
a4:12:be:1e:3a:d0:da:04:21:51:c6:44:39:9f:f3:
2b:f2:da:d7:32:89:1a:96:45:d3:1b:58:f8:f2:5f:
93:65:30:ff:59:5a:66:79:3b:eb:d9:c5:3a:91:82:
be:92:d5:ab:cc:74:0b:b9:e7:8c:c0:ee:f4:8a:6d:
62:56:19:ac:44:68:a3:e7:cd:78:b3:32:d4:27:76:
bb:7d:05:19:96:55:01:73:1d:f0:f5:aa:f5:62:33:
da:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:22:90:86:88:61:A4:41:E6:5E:1C:CB:EB:5B:3C:D9:CA:BF:B1:BE
X509v3 Authority Key Identifier:
keyid:9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/nQdEbvmfPFfCnFgta3rKRzX05HA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/75C44B0CDCA311ECACAEC50BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.8.0/23
103.40.100.0/23
Signature Algorithm: sha256WithRSAEncryption
32:0b:78:7c:1b:8e:ea:e2:31:40:1d:02:2f:24:01:0f:13:6d:
cc:4c:be:48:7d:fa:aa:56:98:e8:bf:a0:45:65:6d:e2:56:69:
55:f2:06:81:42:f7:bb:ca:e8:bf:3a:43:a0:f4:8d:13:6c:2e:
75:a2:e5:52:ca:f9:c5:16:71:a3:a4:83:15:f9:32:17:32:95:
44:b4:c0:5a:a9:89:38:06:9c:e9:58:4c:31:40:c3:c1:1e:63:
b8:76:73:10:34:7c:b6:25:68:98:e9:68:e6:9a:3a:17:df:5a:
32:61:64:66:0b:72:52:fb:a8:76:2d:5a:c0:3c:ce:fa:0d:a3:
96:e8:11:5e:89:b4:0c:d6:8a:cc:36:3d:94:83:11:96:bd:cd:
dd:47:5b:34:e3:96:f1:12:b2:cc:56:7c:ef:d7:f1:7c:85:e5:
6e:35:e5:57:10:d3:64:8d:54:3b:fc:2c:56:4c:c7:55:69:2e:
cf:a9:fc:b4:b1:f4:5d:95:6a:07:d7:8d:b8:06:6a:3f:b8:d7:
81:5e:b2:80:7a:6a:2d:57:34:0b:9f:1c:c1:51:69:6b:49:a9:
94:61:a2:24:0f:6c:33:9d:1f:63:e4:22:b2:c0:d1:12:e8:89:
b2:b0:82:d4:dd:07:8f:2a:a2:11:5a:35:e4:93:72:d4:7b:87:
5a:60:9f:be
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE5MEYxMTAvBgNVBAUTKDlEMDc0NDZFRjk5RjNDNTdDMjlDNTgyRDZCN0FDQTQ3
MzVGNEU0NzAwHhcNMjIxMDEyMjM0OTUyWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ3NTJhMC1jYzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzQqh9JNHIDUZy1EWT7qpzMQii1+QMcwEWw8jfeEIOiiLhYgR2rn9dL/DJXn
bSbuyULtPdIVDPaeqjMDxe9E+yIBCjxarsLedD7Ad8nl6k4n1gohhyMmGI0Elicp
5U1BhPKvbf2KSDj6bKbCVdZEWcGIDQ62y1lMo5+lOZMCvOdDd3sBPG6QXnALuKtG
O79RPQ2Y1urQ62a7IGyVV6vQ82QaJc6kEr4eOtDaBCFRxkQ5n/Mr8trXMokalkXT
G1j48l+TZTD/WVpmeTvr2cU6kYK+ktWrzHQLueeMwO70im1iVhmsRGij5814szLU
J3a7fQUZllUBcx3w9ar1YjPaCwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG8ikIaI
YaRB5l4cy+tbPNnKv7G+MB8GA1UdIwQYMBaAFJ0HRG75nzxXwpxYLWt6ykc19ORw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkwRi9CM0NBNzZDMEZB
MzExMUVBQkQyNDlFN0FDNEY5QUUwMi9uUWRFYnZtZlBGZkNuRmd0YTNyS1J6WDA1
SEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25RZEVidm1mUEZmQ25GZ3RhM3JLUnpYMDVIQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE5MEYvQjNDQTc2QzBGQTMxMTFFQUJEMjQ5RTdBQzRGOUFFMDIvNzVDNDRCMENE
Q0EzMTFFQ0FDQUVDNTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEr+QgDBAFnKGQwDQYJKoZIhvcNAQELBQADggEBADILeHwb
juriMUAdAi8kAQ8TbcxMvkh9+qpWmOi/oEVlbeJWaVXyBoFC97vK6L86Q6D0jRNs
LnWi5VLK+cUWcaOkgxX5MhcylUS0wFqpiTgGnOlYTDFAw8EeY7h2cxA0fLYlaJjp
aOaaOhffWjJhZGYLclL7qHYtWsA8zvoNo5boEV6JtAzWisw2PZSDEZa9zd1HWzTj
lvESssxWfO/X8XyF5W415VcQ02SNVDv8LFZMx1VpLs+p/LSx9F2VagfXjbgGaj+4
14FesoB6ai1XNAufHMFRaWtJqZRhoiQPbDOdH2PkIrLA0RLoibKwgtTdB48qohFa
NeSTctR7h1pgn74=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org