Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/8F4BCAFEE0AF11EC975F2553C4F9AE02.roa
File: 8F4BCAFEE0AF11EC975F2553C4F9AE02.roa (raw, json)
Hash identifier: +kj8aYIN1OW3w0n+94g8jajwzNrQmA51Sd3Sp5UyPD8=
Subject key identifier: 0E:54:CE:F6:00:30:EE:4A:4B:50:F5:BA:B7:BB:C9:5A:17:7A:40:89
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 06
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/8F4BCAFEE0AF11EC975F2553C4F9AE02.roa
Signing time: Tue 31 May 2022 07:01:57 +0000
ROA not before: Tue 31 May 2022 07:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55933
IP address blocks: 43.243.192.0/22 maxlen: 24
103.24.0.0/22 maxlen: 24
103.229.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Validity
Not Before: May 31 07:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6295bd65-2805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fc:52:d2:66:26:5d:cf:f7:7b:d0:69:af:d2:
d5:bc:fb:10:08:fd:98:c7:61:8a:30:e9:2d:8c:ba:
a3:1b:a3:bf:28:dd:0e:96:d3:3e:71:94:68:3a:00:
8c:a7:19:ea:eb:08:f8:ff:84:f6:26:5e:b9:5d:85:
4f:a1:74:da:45:81:68:1d:e6:71:42:dd:cc:1e:a0:
80:2f:82:4d:0f:7e:f2:ba:3c:44:6a:61:2c:0c:74:
06:9f:24:9a:60:80:f5:02:2d:d6:c1:52:50:f5:fd:
bc:31:d1:5b:91:cf:93:28:a8:b9:99:eb:cb:49:09:
e0:4c:b9:f3:58:3c:d6:d1:56:f4:e2:58:91:6b:e1:
7f:13:8f:4e:f5:53:a6:86:ba:68:b3:49:b6:4a:6f:
14:3d:3a:ed:ec:07:af:13:ac:8b:e6:4e:e2:0e:4f:
bb:01:f8:36:0d:b1:35:01:6c:38:1f:f2:ca:89:e5:
ed:5a:37:7f:9e:0b:38:ff:75:ff:d2:34:23:0a:9f:
ca:12:c6:2d:66:a4:e7:f4:57:d2:cc:cd:d7:92:08:
be:8e:d1:8d:27:e3:c7:08:6e:34:91:55:94:db:ec:
e2:c6:c6:c0:a2:0f:37:4e:93:0b:26:79:12:26:74:
e5:e5:19:4d:b8:9c:b0:91:cc:e3:de:a2:c6:9b:6d:
4e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:54:CE:F6:00:30:EE:4A:4B:50:F5:BA:B7:BB:C9:5A:17:7A:40:89
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/8F4BCAFEE0AF11EC975F2553C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.192.0/22
103.24.0.0/22
103.229.116.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:64:9d:c4:fa:42:c3:f8:df:f8:cc:e9:ec:e0:8f:03:09:2c:
61:29:c3:d7:18:ba:7c:d1:52:0f:7c:82:f5:26:37:ea:a5:10:
96:30:89:3a:b4:1c:4f:d0:8d:71:7b:65:ee:c3:9d:8d:47:1b:
09:1b:16:f4:fb:22:29:e7:9d:8e:10:7e:c7:c8:c3:a9:5c:0a:
f3:09:b6:71:32:bb:20:a6:d6:e7:28:88:41:02:e7:0e:ab:8a:
1d:4d:c2:0d:c7:9f:6c:29:32:af:22:60:fc:be:1a:9d:72:b4:
bf:90:32:ef:44:67:7a:10:b8:94:26:8c:bd:c3:86:76:43:f2:
99:05:b7:23:f6:7d:1b:59:b6:42:ae:73:29:4b:b8:f1:32:9e:
ae:75:3f:a4:49:26:b7:ed:94:fa:38:2c:7a:7b:18:ea:9b:dc:
b8:43:9a:bd:81:06:32:93:2b:8c:42:7e:f4:b3:46:93:f5:2b:
5c:37:eb:fb:f4:8d:1f:5a:17:08:8b:66:fa:95:fd:fb:4b:fb:
03:79:cf:9c:68:32:78:c9:9b:24:13:00:fd:c7:be:46:26:6a:
a4:67:5f:17:9d:0a:8b:34:8d:25:60:54:e0:29:d2:e9:f2:3e:
3e:88:88:b6:69:38:35:fa:70:99:b1:5d:e5:ea:91:bc:43:3b:
d2:0e:b8:73
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OEFGMjExMC8GA1UEBRMoMTAwNUNDRDVFMTgyMzBGQkE5QUREM0QyN0Y4NURBMzhG
MTNFNDE3MjAeFw0yMjA1MzEwNzAxNTdaFw0yMzA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyOTViZDY1LTI4MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDT/FLSZiZdz/d70Gmv0tW8+xAI/ZjHYYow6S2MuqMbo78o3Q6W0z5xlGg6AIyn
GerrCPj/hPYmXrldhU+hdNpFgWgd5nFC3cweoIAvgk0PfvK6PERqYSwMdAafJJpg
gPUCLdbBUlD1/bwx0VuRz5MoqLmZ68tJCeBMufNYPNbRVvTiWJFr4X8Tj071U6aG
umizSbZKbxQ9Ou3sB68TrIvmTuIOT7sB+DYNsTUBbDgf8sqJ5e1aN3+eCzj/df/S
NCMKn8oSxi1mpOf0V9LMzdeSCL6O0Y0n48cIbjSRVZTb7OLGxsCiDzdOkwsmeRIm
dOXlGU24nLCRzOPeosabbU7LAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUDlTO9gAw
7kpLUPW6t7vJWhd6QIkwHwYDVR0jBBgwFoAUEAXM1eGCMPuprdPSf4XaOPE+QXIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc4QUYyLzczQzg4NzkyRTA2
NzExRUNCOUQyRkY4MUM0RjlBRTAyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFY
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRUFYTTFlR0NNUHVwcmRQU2Y0WGFPUEUtUVhJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OEFGMi83M0M4ODc5MkUwNjcxMUVDQjlEMkZGODFDNEY5QUUwMi84RjRCQ0FGRUUw
QUYxMUVDOTc1RjI1NTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAivzwAMEAmcYAAMEAmfldDANBgkqhkiG9w0BAQsFAAOCAQEA
1GSdxPpCw/jf+Mzp7OCPAwksYSnD1xi6fNFSD3yC9SY36qUQljCJOrQcT9CNcXtl
7sOdjUcbCRsW9PsiKeedjhB+x8jDqVwK8wm2cTK7IKbW5yiIQQLnDquKHU3CDcef
bCkyryJg/L4anXK0v5Ay70RnehC4lCaMvcOGdkPymQW3I/Z9G1m2Qq5zKUu48TKe
rnU/pEkmt+2U+jgsensY6pvcuEOavYEGMpMrjEJ+9LNGk/UrXDfr+/SNH1oXCItm
+pX9+0v7A3nPnGgyeMmbJBMA/ce+RiZqpGdfF50KizSNJWBU4CnS6fI+PoiItmk4
NfpwmbFd5eqRvEM70g64cw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:44 2023 by rpki-client on console-ams.rpki-client.org