Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/9CA3573E5B1C11EDB9CCFC68C4F9AE02.roa
File: 9CA3573E5B1C11EDB9CCFC68C4F9AE02.roa (raw, json)
Hash identifier: p7rS5b265WYmz7nr8sf6dbZLfZ/MZoAhbWUCvznJ36g=
Subject key identifier: 73:0C:8F:91:0F:52:F3:4F:F7:32:54:3F:72:EB:4E:E7:10:8A:49:5E
Certificate issuer: /CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Certificate serial: 05F8
Authority key identifier: 9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/9CA3573E5B1C11EDB9CCFC68C4F9AE02.roa
Signing time: Thu 03 Nov 2022 02:09:56 +0000
ROA not before: Thu 03 Nov 2022 02:09:56 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 142032
IP address blocks: 43.249.8.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1528 (0x5f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917190F/serialNumber=9D07446EF99F3C57C29C582D6B7ACA4735F4E470
Validity
Not Before: Nov 3 02:09:56 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=636322f4-569f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c6:74:5a:bd:92:58:ff:92:ea:33:f1:61:fc:
14:f9:0c:93:4c:d6:5d:f3:b0:09:14:50:0f:66:f8:
82:71:c2:56:48:93:a7:5d:46:38:b1:45:fa:5d:98:
d6:dd:bc:14:ca:6b:00:63:7e:3d:16:98:ac:42:79:
40:64:ea:ff:d5:8a:7b:24:ad:f8:5e:87:cb:66:4b:
f6:23:e1:95:b2:e8:eb:fc:d7:a8:83:30:94:76:7c:
c6:4a:16:9e:da:28:5c:aa:bc:b7:8d:64:6b:83:8d:
09:e2:4a:36:4b:45:05:df:19:f3:4e:4a:23:f4:d6:
42:91:e1:68:92:4f:69:4b:b4:9f:f8:07:3f:05:63:
62:a9:d6:a6:63:83:2a:01:ec:14:43:34:2f:97:34:
7a:89:b4:23:84:10:25:4a:1d:8d:91:c6:0b:d1:9d:
38:5d:30:43:f6:c5:7f:3a:97:02:be:49:75:4e:e2:
cc:44:20:6c:b1:d0:25:08:ae:86:41:a2:42:14:b4:
9f:71:51:31:12:21:23:44:be:b2:84:3d:2e:9c:c4:
93:ef:03:f6:90:d0:c1:d4:b9:a8:0b:66:dd:e6:37:
fe:26:79:4a:2a:41:0e:3d:d8:9d:ef:aa:03:d0:d8:
86:24:92:3d:c7:16:bd:a1:28:d0:8f:dc:63:ea:da:
dc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0C:8F:91:0F:52:F3:4F:F7:32:54:3F:72:EB:4E:E7:10:8A:49:5E
X509v3 Authority Key Identifier:
keyid:9D:07:44:6E:F9:9F:3C:57:C2:9C:58:2D:6B:7A:CA:47:35:F4:E4:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/nQdEbvmfPFfCnFgta3rKRzX05HA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nQdEbvmfPFfCnFgta3rKRzX05HA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917190F/B3CA76C0FA3111EABD249E7AC4F9AE02/9CA3573E5B1C11EDB9CCFC68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.8.0/23
Signature Algorithm: sha256WithRSAEncryption
02:38:e8:63:de:14:f3:48:37:e8:85:f8:f3:51:ef:d6:d0:27:
50:5b:15:a3:3a:ed:b1:66:a3:a4:bf:77:0d:a2:28:72:88:f3:
c0:02:4c:59:05:4a:40:02:37:4d:2b:cd:ce:4d:3e:f0:6a:9a:
98:c8:3d:6a:e8:8c:fa:df:a2:b3:1f:14:a4:86:cd:bd:ce:51:
4b:87:e5:71:83:d2:5d:de:5c:f9:99:6e:73:74:14:4f:1c:17:
84:89:52:b6:19:31:80:39:65:a2:cf:9f:0c:17:77:36:be:fa:
5a:17:d3:23:0f:d9:fa:dd:a0:4c:47:04:e1:a8:1b:30:98:81:
40:13:62:bc:5f:b2:74:d4:1a:77:37:fe:16:56:fb:54:9b:db:
49:7d:cd:53:06:bb:e2:21:74:57:ab:41:e2:ba:b0:8e:3d:b3:
f4:1e:a6:ec:db:68:fc:66:b5:a1:48:28:5c:96:28:f2:d8:1f:
f4:4d:c7:4f:85:1b:8d:8b:5c:87:ff:0d:b7:1d:8a:ff:79:ba:
d6:db:fa:d8:51:99:22:06:e5:b9:41:1a:bf:6e:36:37:72:af:
41:2a:4e:b7:f5:e0:49:9d:58:0e:37:6e:ae:fb:90:72:03:c9:
d4:ca:27:e3:f9:37:55:7b:06:6a:32:89:0c:18:2c:27:f8:be:
e8:54:72:c7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE5MEYxMTAvBgNVBAUTKDlEMDc0NDZFRjk5RjNDNTdDMjlDNTgyRDZCN0FDQTQ3
MzVGNEU0NzAwHhcNMjIxMTAzMDIwOTU2WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzYzMjJmNC01NjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0sZ0Wr2SWP+S6jPxYfwU+QyTTNZd87AJFFAPZviCccJWSJOnXUY4sUX6XZjW
3bwUymsAY349FpisQnlAZOr/1Yp7JK34XofLZkv2I+GVsujr/NeogzCUdnzGShae
2ihcqry3jWRrg40J4ko2S0UF3xnzTkoj9NZCkeFokk9pS7Sf+Ac/BWNiqdamY4Mq
AewUQzQvlzR6ibQjhBAlSh2NkcYL0Z04XTBD9sV/OpcCvkl1TuLMRCBssdAlCK6G
QaJCFLSfcVExEiEjRL6yhD0unMST7wP2kNDB1LmoC2bd5jf+JnlKKkEOPdid76oD
0NiGJJI9xxa9oSjQj9xj6trcrwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHMMj5EP
UvNP9zJUP3LrTucQikleMB8GA1UdIwQYMBaAFJ0HRG75nzxXwpxYLWt6ykc19ORw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkwRi9CM0NBNzZDMEZB
MzExMUVBQkQyNDlFN0FDNEY5QUUwMi9uUWRFYnZtZlBGZkNuRmd0YTNyS1J6WDA1
SEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25RZEVidm1mUEZmQ25GZ3RhM3JLUnpYMDVIQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE5MEYvQjNDQTc2QzBGQTMxMTFFQUJEMjQ5RTdBQzRGOUFFMDIvOUNBMzU3M0U1
QjFDMTFFREI5Q0NGQzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEr+QgwDQYJKoZIhvcNAQELBQADggEBAAI46GPeFPNIN+iF
+PNR79bQJ1BbFaM67bFmo6S/dw2iKHKI88ACTFkFSkACN00rzc5NPvBqmpjIPWro
jPrforMfFKSGzb3OUUuH5XGD0l3eXPmZbnN0FE8cF4SJUrYZMYA5ZaLPnwwXdza+
+loX0yMP2frdoExHBOGoGzCYgUATYrxfsnTUGnc3/hZW+1Sb20l9zVMGu+IhdFer
QeK6sI49s/QepuzbaPxmtaFIKFyWKPLYH/RNx0+FG42LXIf/Dbcdiv95utbb+thR
mSIG5blBGr9uNjdyr0EqTrf14EmdWA43bq77kHIDydTKJ+P5N1V7BmoyiQwYLCf4
vuhUcsc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org