Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/8E02BCB443AE11ECB9D6C054C4F9AE02.roa
File: 8E02BCB443AE11ECB9D6C054C4F9AE02.roa (raw, json)
Hash identifier: wZbArG9uNDZJuPM4Pi+FBjqgDuhfHlJsRXoMrRouhso=
Subject key identifier: 87:00:9D:F9:0B:94:16:EE:CB:E9:0E:E0:4E:E5:5A:EC:A9:EF:2A:38
Certificate issuer: /CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Certificate serial: 05E8
Authority key identifier: 9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/8E02BCB443AE11ECB9D6C054C4F9AE02.roa
Signing time: Wed 12 Oct 2022 23:49:51 +0000
ROA not before: Wed 12 Oct 2022 23:49:51 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 134176
IP address blocks: 43.249.8.0/24 maxlen: 24
43.249.9.0/24 maxlen: 24
103.40.100.0/24 maxlen: 24
103.40.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1512 (0x5e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Validity
Not Before: Oct 12 23:49:51 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=6347529e-edfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:93:30:47:0c:c5:ab:e1:10:07:78:bd:90:d2:
db:34:a4:7d:bb:9f:80:a1:38:25:f9:bb:33:2c:92:
04:06:3c:25:52:0e:dd:f2:a8:53:51:53:50:89:e0:
86:4e:f3:25:3a:da:73:37:49:4e:b6:6a:76:56:9e:
79:b8:17:30:65:74:18:28:f4:bd:b6:1a:c2:15:19:
78:1a:38:2e:84:93:ce:1d:6f:a8:bb:87:55:6c:45:
2d:99:eb:f0:ed:93:3b:bd:f0:2c:f5:13:ef:34:46:
ec:74:f7:d4:6a:4e:5f:a9:1c:83:df:fd:ba:21:b3:
89:84:3e:df:e2:d2:80:4c:79:57:ea:90:ec:9b:5c:
a6:e7:e3:87:2a:c1:56:90:82:e3:10:6a:05:3f:b2:
3d:da:6c:15:7b:55:21:68:55:78:8b:c2:e3:da:81:
b3:c3:42:e9:ee:0c:d0:9b:fe:3b:91:a4:e3:a1:98:
92:6d:c2:99:7c:89:55:60:ad:f5:36:22:01:4b:c5:
ae:52:62:53:0f:c8:c8:bb:69:3d:ca:82:ec:97:e5:
da:48:16:15:79:5f:99:90:0d:61:75:dc:9f:4b:11:
69:43:39:55:b5:0f:9e:f3:99:f1:ed:34:d8:a9:6f:
1b:2c:82:4f:e6:10:d2:28:61:08:39:44:f3:7a:ce:
03:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:00:9D:F9:0B:94:16:EE:CB:E9:0E:E0:4E:E5:5A:EC:A9:EF:2A:38
X509v3 Authority Key Identifier:
keyid:9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/nQdEbvmfPFfCnFgta3rKRzX05HA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/8E02BCB443AE11ECB9D6C054C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.8.0/23
103.40.100.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:26:60:f5:43:b6:72:b2:52:04:d4:70:78:bb:da:c5:be:5b:
56:da:ad:73:22:e5:d1:91:f0:a3:56:42:63:43:02:b4:e8:e7:
bc:5f:6e:86:6b:41:6c:c0:76:c0:ee:3a:b1:8c:47:af:93:f0:
81:38:78:6f:5b:56:fc:b2:78:6b:15:c8:79:47:83:6b:83:b1:
58:c0:64:3e:8c:1c:5b:80:1e:05:8f:1c:e0:d7:5e:ca:9a:e6:
d4:da:6b:14:00:9f:c2:5c:ab:2a:fa:ff:db:bb:94:a9:29:42:
09:21:83:a3:d9:93:ef:a5:54:e8:b3:53:77:ae:cf:ae:7f:d4:
b7:b8:57:8e:34:ce:8c:91:32:59:3d:24:48:54:0e:ce:83:e2:
f8:05:6e:16:00:7c:ae:6d:8f:26:64:2b:f9:73:7f:e5:0e:12:
8e:2a:82:3d:f4:59:25:e7:6b:7a:cb:0b:92:15:97:52:4b:c1:
c0:4e:23:a3:eb:76:a7:f1:e8:b6:43:6f:c4:bd:70:52:dd:39:
90:3b:8a:6d:ce:66:95:d3:f0:de:ba:35:9e:ae:16:cf:c1:ff:
68:c3:19:46:ec:2d:01:eb:13:99:58:08:85:4b:10:a6:f1:23:
dd:e3:95:0a:52:21:aa:9d:d1:73:97:45:28:e7:9b:33:7d:ab:
c6:9d:26:0a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE5MEYxMTAvBgNVBAUTKDlEMDc0NDZFRjk5RjNDNTdDMjlDNTgyRDZCN0FDQTQ3
MzVGNEU0NzAwHhcNMjIxMDEyMjM0OTUxWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ3NTI5ZS1lZGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA15MwRwzFq+EQB3i9kNLbNKR9u5+AoTgl+bszLJIEBjwlUg7d8qhTUVNQieCG
TvMlOtpzN0lOtmp2Vp55uBcwZXQYKPS9thrCFRl4GjguhJPOHW+ou4dVbEUtmevw
7ZM7vfAs9RPvNEbsdPfUak5fqRyD3/26IbOJhD7f4tKATHlX6pDsm1ym5+OHKsFW
kILjEGoFP7I92mwVe1UhaFV4i8Lj2oGzw0Lp7gzQm/47kaTjoZiSbcKZfIlVYK31
NiIBS8WuUmJTD8jIu2k9yoLsl+XaSBYVeV+ZkA1hddyfSxFpQzlVtQ+e85nx7TTY
qW8bLIJP5hDSKGEIOUTzes4DrwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIcAnfkL
lBbuy+kO4E7lWuyp7yo4MB8GA1UdIwQYMBaAFJ0HRG75nzxXwpxYLWt6ykc19ORw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkwRi9CM0NBNzZDMEZB
MzExMUVBQkQyNDlFN0FDNEY5QUUwMi9uUWRFYnZtZlBGZkNuRmd0YTNyS1J6WDA1
SEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25RZEVidm1mUEZmQ25GZ3RhM3JLUnpYMDVIQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE5MEYvQjNDQTc2QzBGQTMxMTFFQUJEMjQ5RTdBQzRGOUFFMDIvOEUwMkJDQjQ0
M0FFMTFFQ0I5RDZDMDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAEr+QgDBAFnKGQwDQYJKoZIhvcNAQELBQADggEBAA0mYPVD
tnKyUgTUcHi72sW+W1barXMi5dGR8KNWQmNDArTo57xfboZrQWzAdsDuOrGMR6+T
8IE4eG9bVvyyeGsVyHlHg2uDsVjAZD6MHFuAHgWPHODXXsqa5tTaaxQAn8Jcqyr6
/9u7lKkpQgkhg6PZk++lVOizU3euz65/1Le4V440zoyRMlk9JEhUDs6D4vgFbhYA
fK5tjyZkK/lzf+UOEo4qgj30WSXna3rLC5IVl1JLwcBOI6Prdqfx6LZDb8S9cFLd
OZA7im3OZpXT8N66NZ6uFs/B/2jDGUbsLQHrE5lYCIVLEKbxI93jlQpSIaqd0XOX
RSjnmzN9q8adJgo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org