Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/4429D42EE0C011ECBAAA411DC4F9AE02.roa
File: 4429D42EE0C011ECBAAA411DC4F9AE02.roa (raw, json)
Hash identifier: /vx+0oPCMfxT8v7qB8HnypJ2/5haZgh9FCmOR6fGlhQ=
Subject key identifier: B9:B4:AB:44:23:AD:2E:E2:49:4E:A0:AE:A4:F9:1D:F7:3C:C2:E8:69
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: EA
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/4429D42EE0C011ECBAAA411DC4F9AE02.roa
Signing time: Thu 15 Sep 2022 08:04:29 +0000
ROA not before: Thu 15 Sep 2022 08:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55933
IP address blocks: 43.243.194.0/23 maxlen: 24
45.113.81.0/24 maxlen: 24
45.113.83.0/24 maxlen: 24
103.24.0.0/22 maxlen: 24
103.229.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234 (0xea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Validity
Not Before: Sep 15 08:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6322dc8c-4bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d1:ac:28:37:a5:ea:4f:a6:aa:b0:91:43:8e:
c4:5a:1a:bf:b2:43:0e:dc:b5:98:88:f6:2e:09:c3:
85:3c:4f:1b:e0:43:fa:b7:25:6a:b2:a8:2c:57:9e:
4a:22:ed:5e:21:58:95:07:7b:d0:18:ec:21:1a:46:
a6:c3:6a:11:f8:b0:e6:49:48:fe:42:a6:34:51:6f:
af:26:4b:e3:f8:6e:8a:1f:ae:81:fe:fc:98:91:5e:
56:a3:54:ba:ac:c4:bb:ca:6f:85:31:76:e8:25:9a:
d5:57:90:e0:41:41:2f:17:4f:84:11:ae:44:08:e5:
8e:e2:46:1f:cf:71:93:67:b6:64:76:4c:cb:03:9c:
e4:78:55:7c:8b:64:44:9f:bb:b3:65:e2:82:34:ac:
46:b5:78:7d:9c:76:ec:8f:45:ea:2c:8e:3d:a0:49:
30:94:f0:3d:2e:39:d6:f2:c1:82:d5:af:6b:26:d0:
2a:cc:ee:31:8b:8b:d5:31:3e:f4:1c:31:d6:3d:d0:
00:47:c2:52:dc:f9:9d:2a:34:fe:0f:fa:50:5d:aa:
de:7c:bd:0c:20:a0:e0:91:84:b4:48:0e:9c:0d:97:
c9:ec:70:24:c6:a7:55:14:f8:b8:0d:b0:67:fd:41:
1c:19:46:8a:03:b8:61:dc:fa:5b:97:50:67:e7:fc:
f8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B4:AB:44:23:AD:2E:E2:49:4E:A0:AE:A4:F9:1D:F7:3C:C2:E8:69
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/4429D42EE0C011ECBAAA411DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.194.0/23
45.113.81.0/24
45.113.83.0/24
103.24.0.0/22
103.229.116.0/22
Signature Algorithm: sha256WithRSAEncryption
18:58:23:38:43:ee:23:7a:7b:4d:73:78:c9:71:22:0d:31:fe:
8d:49:4a:96:2c:7e:8c:2a:86:55:df:14:c1:64:c0:7c:71:27:
a5:6a:40:9e:43:73:64:b4:a0:e5:88:c0:f8:18:3f:85:b2:01:
55:d1:c7:74:8a:b1:9e:e1:33:d2:53:2b:fb:67:7d:a7:a6:4d:
55:08:62:b8:40:2b:50:2f:c4:fa:36:9a:94:b1:3e:67:29:d6:
b1:30:76:29:46:24:39:10:c6:29:a8:87:c7:a2:b1:e0:c9:bf:
d7:62:ce:49:91:75:9c:f3:38:39:91:49:ee:cd:1d:1e:ad:d7:
c8:7c:1b:27:46:bb:d2:a6:50:cb:31:ad:25:8f:f1:a1:d7:85:
73:c9:e6:7b:f6:1b:54:ff:0c:3e:c3:bd:7f:24:f9:23:35:8a:
e2:aa:58:a5:23:03:82:95:16:3d:49:3e:66:57:69:c5:0e:ae:
1c:30:0f:46:6e:f5:5b:35:85:19:e1:cd:e1:b9:e5:68:b3:2a:
eb:60:5b:c6:57:bb:79:f9:0f:5f:10:f5:f5:21:4c:1c:5a:ae:
02:9f:13:ff:6b:e8:52:99:de:3f:d4:56:af:e4:a4:8e:aa:02:
c8:d6:41:08:dc:8e:e5:c3:35:02:f7:36:80:7e:48:47:c1:e4:
d2:8c:d3:5d
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjIwOTE1MDgwNDI4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIyZGM4Yy00YmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzdGsKDel6k+mqrCRQ47EWhq/skMO3LWYiPYuCcOFPE8b4EP6tyVqsqgsV55K
Iu1eIViVB3vQGOwhGkamw2oR+LDmSUj+QqY0UW+vJkvj+G6KH66B/vyYkV5Wo1S6
rMS7ym+FMXboJZrVV5DgQUEvF0+EEa5ECOWO4kYfz3GTZ7ZkdkzLA5zkeFV8i2RE
n7uzZeKCNKxGtXh9nHbsj0XqLI49oEkwlPA9LjnW8sGC1a9rJtAqzO4xi4vVMT70
HDHWPdAAR8JS3PmdKjT+D/pQXarefL0MIKDgkYS0SA6cDZfJ7HAkxqdVFPi4DbBn
/UEcGUaKA7hh3Ppbl1Bn5/z4oQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFLm0q0Qj
rS7iSU6grqT5Hfc8wuhpMB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvNDQyOUQ0MkVF
MEMwMTFFQ0JBQUE0MTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAEr88IDBAAtcVEDBAAtcVMDBAJnGAADBAJn5XQwDQYJKoZI
hvcNAQELBQADggEBABhYIzhD7iN6e01zeMlxIg0x/o1JSpYsfowqhlXfFMFkwHxx
J6VqQJ5Dc2S0oOWIwPgYP4WyAVXRx3SKsZ7hM9JTK/tnfaemTVUIYrhAK1AvxPo2
mpSxPmcp1rEwdilGJDkQximoh8eiseDJv9dizkmRdZzzODmRSe7NHR6t18h8GydG
u9KmUMsxrSWP8aHXhXPJ5nv2G1T/DD7DvX8k+SM1iuKqWKUjA4KVFj1JPmZXacUO
rhwwD0Zu9Vs1hRnhzeG55WizKutgW8ZXu3n5D18Q9fUhTBxargKfE/9r6FKZ3j/U
Vq/kpI6qAsjWQQjcjuXDNQL3NoB+SEfB5NKM010=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:44 2023 by rpki-client on console-ams.rpki-client.org