Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/C301E680D0F111EC9BCD0679C4F9AE02.roa
File: C301E680D0F111EC9BCD0679C4F9AE02.roa (raw, json)
Hash identifier: 9FyZsK9ZWv1joqyAvHF3dXIFmbH2hQ2ygagsxjvZLiQ=
Subject key identifier: D1:BC:E5:C8:91:85:F8:B8:94:E6:16:7C:D4:3B:47:0E:23:8A:77:E4
Certificate issuer: /CN=A918BDA2/serialNumber=DF677D8693477B92A1E9FE7C20422696CEA8609D
Certificate serial: 02
Authority key identifier: DF:67:7D:86:93:47:7B:92:A1:E9:FE:7C:20:42:26:96:CE:A8:60:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/C301E680D0F111EC9BCD0679C4F9AE02.roa
Signing time: Wed 11 May 2022 06:15:32 +0000
ROA not before: Wed 11 May 2022 06:15:32 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 59322
IP address blocks: 43.247.16.0/22 maxlen: 24
103.225.36.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BDA2/serialNumber=DF677D8693477B92A1E9FE7C20422696CEA8609D
Validity
Not Before: May 11 06:15:32 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=627b5484-708c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:62:9c:2f:33:8b:f8:32:bb:09:10:b3:92:
ff:6f:e7:ec:5b:3b:ea:df:9d:3c:9a:de:46:22:94:
1b:d3:fd:48:3c:59:88:74:94:f2:fa:98:55:b6:07:
00:4e:59:4d:5a:b1:6b:44:33:59:7d:d4:ba:f7:80:
04:e3:85:65:ce:18:3e:ea:b8:d5:fb:46:2a:73:bc:
fd:fe:10:98:48:ac:df:7d:b4:c5:d9:0a:70:23:4c:
55:73:7a:e1:e2:6c:9d:d7:ea:07:eb:20:e5:07:f5:
e2:28:6e:1a:04:47:2c:13:8a:64:cc:6a:9d:a2:74:
a1:7c:aa:02:ca:3d:bf:a1:f9:b8:8b:fc:ba:ba:f0:
45:f9:ab:6b:c5:e9:b8:8e:2b:44:8d:1e:87:7c:d3:
3d:37:8a:48:de:03:78:b2:1d:09:c7:39:78:3c:1f:
f4:d9:63:31:3f:44:8c:27:1a:75:06:60:58:78:ab:
3f:c3:1a:bf:94:fa:2f:4e:b6:aa:4a:b2:7b:c8:b8:
57:d1:5b:98:73:be:6d:98:f1:bc:76:47:64:74:92:
33:67:fa:92:1d:46:70:f9:cd:50:3d:6b:f2:4a:4e:
24:0f:fc:91:75:b2:9e:8f:57:07:2b:d3:71:e7:aa:
30:ec:54:cd:2b:e0:2b:58:b3:ef:3f:62:fb:85:f2:
36:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BC:E5:C8:91:85:F8:B8:94:E6:16:7C:D4:3B:47:0E:23:8A:77:E4
X509v3 Authority Key Identifier:
keyid:DF:67:7D:86:93:47:7B:92:A1:E9:FE:7C:20:42:26:96:CE:A8:60:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/32d9hpNHe5Kh6f58IEImls6oYJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/32d9hpNHe5Kh6f58IEImls6oYJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BDA2/70E69C18D0EE11ECBC5C4973C4F9AE02/C301E680D0F111EC9BCD0679C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.16.0/22
103.225.36.0/22
Signature Algorithm: sha256WithRSAEncryption
14:35:1a:9b:91:63:1e:95:c4:89:30:ba:13:d8:33:f8:f1:3c:
22:bc:cd:fc:b2:a9:6a:2a:50:1b:3f:ce:1e:5e:e1:29:4e:f3:
78:f4:64:6f:7b:43:07:2e:32:ba:3d:64:a7:ed:c5:32:30:64:
cf:5c:a7:74:30:7a:ef:ce:86:75:28:b1:c9:ea:44:2f:8e:e8:
b8:06:01:51:b1:79:08:da:04:58:a1:26:17:1b:4f:8f:07:23:
89:6a:a6:98:68:26:75:78:57:c1:6f:cd:35:32:ff:ce:ad:25:
f8:4a:d5:1f:3d:48:30:8d:cd:41:27:40:6f:1d:8a:84:7a:65:
96:b2:7b:56:ce:1d:0c:52:15:c0:30:c0:7c:7e:24:05:30:4c:
2a:1d:05:9b:95:e2:44:29:5c:31:34:5e:76:db:9e:24:ae:d5:
37:68:d2:ee:15:90:58:62:64:da:e8:a0:89:d2:3f:4c:3f:56:
99:b3:8a:87:14:86:a8:b8:56:b5:7b:64:80:39:c6:cd:72:6b:
6b:36:85:ff:74:65:59:60:8f:3c:cc:da:cc:c4:c6:c3:43:dc:
b5:3c:b9:1b:dc:d0:83:79:13:f2:9d:eb:ee:c7:69:5b:16:41:
4a:1b:6e:28:ca:ca:b0:2c:85:f4:95:a5:c3:15:4b:52:67:10:
4c:ac:e0:f5
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QkRBMjExMC8GA1UEBRMoREY2NzdEODY5MzQ3N0I5MkExRTlGRTdDMjA0MjI2OTZD
RUE4NjA5RDAeFw0yMjA1MTEwNjE1MzJaFw0yMzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyN2I1NDg0LTcwOGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOJmKcLzOL+DK7CRCzkv9v5+xbO+rfnTya3kYilBvT/Ug8WYh0lPL6mFW2BwBO
WU1asWtEM1l91Lr3gATjhWXOGD7quNX7RipzvP3+EJhIrN99tMXZCnAjTFVzeuHi
bJ3X6gfrIOUH9eIobhoERywTimTMap2idKF8qgLKPb+h+biL/Lq68EX5q2vF6biO
K0SNHod80z03ikjeA3iyHQnHOXg8H/TZYzE/RIwnGnUGYFh4qz/DGr+U+i9OtqpK
snvIuFfRW5hzvm2Y8bx2R2R0kjNn+pIdRnD5zVA9a/JKTiQP/JF1sp6PVwcr03Hn
qjDsVM0r4CtYs+8/YvuF8jZlAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU0bzlyJGF
+LiU5hZ81DtHDiOKd+QwHwYDVR0jBBgwFoAU32d9hpNHe5Kh6f58IEImls6oYJ0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThCREEyLzcwRTY5QzE4RDBF
RTExRUNCQzVDNDk3M0M0RjlBRTAyLzMyZDlocE5IZTVLaDZmNThJRUltbHM2b1lK
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMzJkOWhwTkhlNUtoNmY1OElFSW1sczZvWUowLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QkRBMi83MEU2OUMxOEQwRUUxMUVDQkM1QzQ5NzNDNEY5QUUwMi9DMzAxRTY4MEQw
RjExMUVDOUJDRDA2NzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAiv3EAMEAmfhJDANBgkqhkiG9w0BAQsFAAOCAQEAFDUam5Fj
HpXEiTC6E9gz+PE8IrzN/LKpaipQGz/OHl7hKU7zePRkb3tDBy4yuj1kp+3FMjBk
z1yndDB6786GdSixyepEL47ouAYBUbF5CNoEWKEmFxtPjwcjiWqmmGgmdXhXwW/N
NTL/zq0l+ErVHz1IMI3NQSdAbx2KhHpllrJ7Vs4dDFIVwDDAfH4kBTBMKh0Fm5Xi
RClcMTRedtueJK7VN2jS7hWQWGJk2uigidI/TD9WmbOKhxSGqLhWtXtkgDnGzXJr
azaF/3RlWWCPPMzazMTGw0PctTy5G9zQg3kT8p3r7sdpWxZBShtuKMrKsCyF9JWl
wxVLUmcQTKzg9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org