Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/9937FF58E06C11ECA8E9E51DC4F9AE02.roa
File: 9937FF58E06C11ECA8E9E51DC4F9AE02.roa (raw, json)
Hash identifier: /JCSM3hCVYujcGxlnxJXs1rLvLk6pYeNOmBC235UwKI=
Subject key identifier: CF:B1:9F:66:0F:48:4E:27:E2:7A:A6:32:63:4D:71:45:5C:78:BB:6E
Certificate issuer: /CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Certificate serial: 04
Authority key identifier: 10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/9937FF58E06C11ECA8E9E51DC4F9AE02.roa
Signing time: Mon 30 May 2022 23:02:37 +0000
ROA not before: Mon 30 May 2022 23:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55933
IP address blocks: 43.243.192.0/22 maxlen: 23
103.24.0.0/22 maxlen: 23
103.229.116.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178AF2/serialNumber=1005CCD5E18230FBA9ADD3D27F85DA38F13E4172
Validity
Not Before: May 30 23:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62954d0d-73eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:57:a6:26:09:08:6f:14:ab:1f:02:85:76:3b:
b4:2e:f4:d8:8d:cc:93:d6:ac:b4:21:3b:80:ac:92:
4e:9d:ee:5f:53:2f:21:61:b2:f0:8a:b6:e2:8e:ea:
97:c6:91:bc:d7:6c:45:c2:9b:96:9b:12:c5:e3:ff:
eb:bc:3f:81:d2:b4:38:8a:61:7e:ff:8c:f0:d2:0a:
3e:4a:b8:20:fc:3f:3b:ec:85:4b:43:e2:26:71:b7:
b3:7a:bd:44:14:5d:33:3d:25:bd:d2:89:25:45:6d:
a9:0e:89:b8:cf:63:2c:cd:2c:96:69:5a:66:10:54:
d7:e4:6a:2d:9c:2d:e0:8b:d8:8a:30:06:05:72:ae:
4b:f7:0d:ea:e4:13:7a:a4:a4:a4:89:66:52:8a:11:
76:64:db:36:1d:2a:4e:5c:31:a4:0f:05:d1:52:9b:
15:7d:9d:a7:7f:76:3b:67:22:1f:18:4a:ea:f3:ea:
f1:f6:13:c1:4c:c2:c5:1c:99:e8:7f:d7:3f:f6:91:
80:c0:83:55:e4:2d:dc:cc:08:7f:13:19:aa:60:08:
2f:8c:5b:1a:ca:9c:39:0c:0f:1c:5c:ec:b4:6e:64:
b8:b6:85:63:68:1c:0b:58:29:c4:a5:c0:7b:12:c2:
ff:2f:44:9b:89:e6:8f:85:24:42:c9:8f:49:d8:b8:
bb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B1:9F:66:0F:48:4E:27:E2:7A:A6:32:63:4D:71:45:5C:78:BB:6E
X509v3 Authority Key Identifier:
keyid:10:05:CC:D5:E1:82:30:FB:A9:AD:D3:D2:7F:85:DA:38:F1:3E:41:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/EAXM1eGCMPuprdPSf4XaOPE-QXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EAXM1eGCMPuprdPSf4XaOPE-QXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178AF2/73C88792E06711ECB9D2FF81C4F9AE02/9937FF58E06C11ECA8E9E51DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.192.0/22
103.24.0.0/22
103.229.116.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:c4:41:d9:26:f6:e3:8f:71:83:a1:f8:59:54:6a:fb:30:ac:
e7:89:6f:78:a8:db:b6:9e:ee:01:20:73:f9:26:e5:ea:95:a2:
ff:a6:cc:be:dd:9b:3c:a5:e4:fd:2c:9b:83:fd:2c:a2:e3:b9:
22:ec:8a:6a:a6:e0:c1:e3:f2:ce:88:8c:f8:a8:ed:8b:38:c9:
d7:af:cf:b1:dd:7f:12:66:ee:d4:aa:6a:0c:36:83:46:fd:1a:
fc:a1:aa:ed:69:33:1a:c4:e3:60:cc:a4:43:fd:e7:92:ad:95:
dc:5c:cd:2e:eb:4b:32:ed:7d:a4:cc:ed:fc:bf:71:80:c2:1e:
35:2d:9f:d3:0c:b0:b5:b0:b4:1a:b8:b9:b0:b7:ab:cb:ec:85:
d6:65:1f:0b:7e:fd:5a:5e:b6:4a:f0:67:a3:91:38:43:96:38:
05:ce:2e:32:d1:0e:da:7f:00:ed:50:7d:ca:46:1c:e3:6a:f6:
6a:70:e6:30:69:25:d0:ce:86:e5:a3:7d:a1:c3:67:98:50:00:
2d:0f:7c:8a:37:57:ee:ab:c7:67:4a:a6:7a:f2:2c:53:ad:f9:
dd:66:32:ce:48:32:c9:39:b2:58:fe:74:c3:1e:4c:ce:46:bc:
d2:ec:15:67:56:ac:38:98:9d:71:58:b9:b4:2c:d4:4e:e2:b5:
00:ba:10:8f
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OEFGMjExMC8GA1UEBRMoMTAwNUNDRDVFMTgyMzBGQkE5QUREM0QyN0Y4NURBMzhG
MTNFNDE3MjAeFw0yMjA1MzAyMzAyMzdaFw0yMzA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyOTU0ZDBkLTczZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIV6YmCQhvFKsfAoV2O7Qu9NiNzJPWrLQhO4Cskk6d7l9TLyFhsvCKtuKO6pfG
kbzXbEXCm5abEsXj/+u8P4HStDiKYX7/jPDSCj5KuCD8PzvshUtD4iZxt7N6vUQU
XTM9Jb3SiSVFbakOibjPYyzNLJZpWmYQVNfkai2cLeCL2IowBgVyrkv3DerkE3qk
pKSJZlKKEXZk2zYdKk5cMaQPBdFSmxV9nad/djtnIh8YSurz6vH2E8FMwsUcmeh/
1z/2kYDAg1XkLdzMCH8TGapgCC+MWxrKnDkMDxxc7LRuZLi2hWNoHAtYKcSlwHsS
wv8vRJuJ5o+FJELJj0nYuLtrAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUz7GfZg9I
TifieqYyY01xRVx4u24wHwYDVR0jBBgwFoAUEAXM1eGCMPuprdPSf4XaOPE+QXIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc4QUYyLzczQzg4NzkyRTA2
NzExRUNCOUQyRkY4MUM0RjlBRTAyL0VBWE0xZUdDTVB1cHJkUFNmNFhhT1BFLVFY
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRUFYTTFlR0NNUHVwcmRQU2Y0WGFPUEUtUVhJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OEFGMi83M0M4ODc5MkUwNjcxMUVDQjlEMkZGODFDNEY5QUUwMi85OTM3RkY1OEUw
NkMxMUVDQThFOUU1MURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAivzwAMEAmcYAAMEAmfldDANBgkqhkiG9w0BAQsFAAOCAQEA
L8RB2Sb2449xg6H4WVRq+zCs54lveKjbtp7uASBz+Sbl6pWi/6bMvt2bPKXk/Syb
g/0souO5IuyKaqbgwePyzoiM+KjtizjJ16/Psd1/Embu1KpqDDaDRv0a/KGq7Wkz
GsTjYMykQ/3nkq2V3FzNLutLMu19pMzt/L9xgMIeNS2f0wywtbC0Gri5sLery+yF
1mUfC379Wl62SvBno5E4Q5Y4Bc4uMtEO2n8A7VB9ykYc42r2anDmMGkl0M6G5aN9
ocNnmFAALQ98ijdX7qvHZ0qmevIsU6353WYyzkgyyTmyWP50wx5Mzka80uwVZ1as
OJidcVi5tCzUTuK1ALoQjw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:47 2023 by rpki-client on console-fra.rpki-client.org