Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/610B6852D53C11EDB199211BC4F9AE02.roa
File: 610B6852D53C11EDB199211BC4F9AE02.roa (raw, json)
Hash identifier: w+HGkEiYtBatqYpzU9Qg70H+xUMgoHX/50rBPlNQQTg=
Subject key identifier: 05:4F:F8:1C:B3:62:0F:AB:B6:71:F1:5C:44:2D:DE:05:1F:73:C4:D4
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 0187
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/610B6852D53C11EDB199211BC4F9AE02.roa
Signing time: Fri 07 Apr 2023 12:04:43 +0000
ROA not before: Fri 07 Apr 2023 12:04:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51559
IP address blocks: 43.243.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391 (0x187)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2
Validity
Not Before: Apr 7 12:04:43 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=643006da-2a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8e:87:64:52:d0:d8:3d:0e:ee:ee:6d:ce:b2:
42:2e:e4:59:46:23:23:54:8c:07:d8:da:cf:84:c9:
3f:e2:0d:bf:b9:21:dd:02:62:11:4e:d5:bf:89:3f:
82:46:b1:35:3b:d7:de:09:64:ed:a3:41:de:f9:5a:
b1:82:a2:b1:06:6b:4d:3b:af:57:6a:6a:5a:07:b9:
ae:8e:4f:6e:47:40:a1:92:ac:8a:57:cb:05:a0:04:
ef:ea:bc:b5:69:f9:10:4f:ed:8d:00:87:0a:37:36:
37:cc:c5:3f:ba:18:c2:b5:86:05:fa:de:d6:a5:73:
c9:a3:aa:fd:5f:f7:83:4c:5a:38:1e:ec:67:f6:02:
bd:8d:a2:53:5d:d6:00:3a:46:8e:7c:48:42:f3:3e:
0e:b1:2b:da:f1:87:8f:48:07:fb:cf:10:2f:99:39:
a6:92:0d:30:eb:d1:66:5e:9d:78:f8:95:22:40:72:
9a:01:87:87:54:a7:00:c8:11:3c:7f:69:a7:d2:59:
22:e4:a7:c1:e9:46:8f:32:8a:2f:ed:9b:65:a8:af:
27:4c:9c:03:ba:05:ce:2a:b5:cd:e0:24:97:68:6c:
0d:8a:68:6e:d1:10:bf:b4:3e:61:3e:de:c0:b0:69:
a7:29:5d:55:1a:5d:0e:b3:50:fe:59:5c:a8:19:76:
06:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4F:F8:1C:B3:62:0F:AB:B6:71:F1:5C:44:2D:DE:05:1F:73:C4:D4
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/610B6852D53C11EDB199211BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.195.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:ce:96:17:8f:2c:e0:0e:65:03:5e:86:43:04:39:70:b6:b8:
f2:17:a3:28:a9:ae:09:7a:b2:02:b7:26:cc:9a:30:74:96:75:
b4:d1:27:60:29:4c:88:f3:5a:b0:db:04:0b:80:43:42:e3:4a:
31:52:20:8e:08:10:3a:2e:72:f9:e0:07:0a:0d:47:65:c6:67:
a0:9a:da:64:50:83:92:11:0a:68:81:3e:43:5f:30:9c:1b:4c:
c4:5d:05:76:31:8e:52:5f:b4:7e:e4:ce:13:1d:ef:70:98:92:
3d:24:33:9a:e2:cf:74:71:f6:29:1f:a4:33:89:5b:bf:fe:b5:
dd:4a:3d:99:f1:46:b7:82:f1:6a:77:8b:49:7b:9d:bb:3e:fc:
56:c0:80:77:18:93:2d:69:bd:60:68:80:28:f6:c5:a3:dc:df:
18:9f:41:ea:b8:f7:7e:19:5e:c0:f0:b1:2c:45:d1:00:2c:29:
e2:5b:d4:b5:06:fe:21:ee:6a:38:25:91:0c:7e:d1:47:85:b3:
7b:3b:13:6c:13:96:3e:2d:ee:ce:76:cc:f2:c7:1e:93:f9:bf:
d8:29:aa:ae:5f:c1:32:39:70:a3:f9:04:05:87:75:b5:f2:08:
35:77:63:ee:9c:81:3f:92:24:08:09:63:aa:af:7a:3f:4e:b4:
a1:cc:03:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhBRjIxMTAvBgNVBAUTKDEwMDVDQ0Q1RTE4MjMwRkJBOUFERDNEMjdGODVEQTM4
RjEzRTQxNzIwHhcNMjMwNDA3MTIwNDQzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDMwMDZkYS0yYTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvo6HZFLQ2D0O7u5tzrJCLuRZRiMjVIwH2NrPhMk/4g2/uSHdAmIRTtW/iT+C
RrE1O9feCWTto0He+VqxgqKxBmtNO69XampaB7mujk9uR0ChkqyKV8sFoATv6ry1
afkQT+2NAIcKNzY3zMU/uhjCtYYF+t7WpXPJo6r9X/eDTFo4Huxn9gK9jaJTXdYA
OkaOfEhC8z4OsSva8YePSAf7zxAvmTmmkg0w69FmXp14+JUiQHKaAYeHVKcAyBE8
f2mn0lki5KfB6UaPMoov7ZtlqK8nTJwDugXOKrXN4CSXaGwNimhu0RC/tD5hPt7A
sGmnKV1VGl0Os1D+WVyoGXYGSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAVP+Byz
Yg+rtnHxXEQt3gUfc8TUMB8GA1UdIwQYMBaAFBAFzNXhgjD7qa3T0n+F2jjxPkFy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEFGMi83M0M4ODc5MkUw
NjcxMUVDQjlEMkZGODFDNEY5QUUwMi9FQVhNMWVHQ01QdXByZFBTZjRYYU9QRS1R
WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFYSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhBRjIvNzNDODg3OTJFMDY3MTFFQ0I5RDJGRjgxQzRGOUFFMDIvNjEwQjY4NTJE
NTNDMTFFREIxOTkyMTFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr88MwDQYJKoZIhvcNAQELBQADggEBAMbOlhePLOAOZQNe
hkMEOXC2uPIXoyiprgl6sgK3JsyaMHSWdbTRJ2ApTIjzWrDbBAuAQ0LjSjFSII4I
EDoucvngBwoNR2XGZ6Ca2mRQg5IRCmiBPkNfMJwbTMRdBXYxjlJftH7kzhMd73CY
kj0kM5riz3Rx9ikfpDOJW7/+td1KPZnxRreC8Wp3i0l7nbs+/FbAgHcYky1pvWBo
gCj2xaPc3xifQeq4934ZXsDwsSxF0QAsKeJb1LUG/iHuajglkQx+0UeFs3s7E2wT
lj4t7s52zPLHHpP5v9gpqq5fwTI5cKP5BAWHdbXyCDV3Y+6cgT+SJAgJY6qvej9O
tKHMAxI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:18 2025 by rpki-client