Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/509CE08E22E211EDA545A835C4F9AE02.roa
File: 509CE08E22E211EDA545A835C4F9AE02.roa (raw, json)
Hash identifier: uIJvSCIOnPAfiiim65P31oq7R8AxQLtxAHDjTnKO2MQ=
Subject key identifier: 59:4B:1A:02:27:C9:6B:FE:B7:A2:A3:A6:44:85:22:AF:DF:15:54:1C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5BDC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/509CE08E22E211EDA545A835C4F9AE02.roa
Signing time: Tue 23 Aug 2022 12:51:33 +0000
ROA not before: Tue 23 Aug 2022 12:51:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132779
IP address blocks: 43.254.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23516 (0x5bdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 23 12:51:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6304cd55-4ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0d:39:30:1b:20:3a:e1:b1:ca:9f:2d:7b:6d:
bc:d1:75:29:f7:ab:65:5d:01:50:39:f7:82:7f:7e:
ac:0b:e1:66:ce:b6:db:12:28:e5:3a:f9:aa:50:18:
43:77:e6:36:89:67:a5:57:12:79:30:00:27:af:44:
b7:79:97:33:ee:0f:db:e6:1a:32:cc:42:4c:79:cd:
87:08:46:09:ff:d7:f8:15:52:ff:8a:7f:4f:83:5b:
07:31:e3:62:c4:16:41:4c:e5:3b:ce:4a:cc:b8:df:
15:d3:1d:e2:dc:de:e5:de:c9:81:de:ef:fe:75:30:
a7:55:a6:e3:3f:3e:33:a9:71:da:4f:81:59:1d:4e:
24:5d:71:36:d8:80:a8:73:cd:f6:c6:2d:5a:a9:17:
c4:55:19:1a:2a:9f:35:99:f0:71:39:5f:fd:b5:79:
3d:81:62:25:32:2b:97:49:e7:5f:5f:b8:82:6a:33:
62:6c:89:47:ae:ed:d0:67:0c:4e:15:ed:a4:a1:c7:
a2:0f:8a:48:fc:49:c1:fd:79:ee:13:80:96:43:90:
2f:ce:8d:11:28:69:48:39:53:22:5d:26:42:61:c3:
2c:b8:9a:84:70:f5:52:51:42:9c:63:6f:03:8f:f6:
51:89:79:e4:f5:fb:62:19:a1:45:8a:8a:77:d1:af:
48:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4B:1A:02:27:C9:6B:FE:B7:A2:A3:A6:44:85:22:AF:DF:15:54:1C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/509CE08E22E211EDA545A835C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.28.0/22
Signature Algorithm: sha256WithRSAEncryption
86:3f:f3:6c:66:1b:37:d9:00:c2:7e:c8:af:48:53:8e:dd:ab:
97:3d:cf:2f:47:52:1e:ee:d2:54:a6:b1:41:33:86:84:9b:d9:
ef:f1:82:e9:4f:25:51:f1:a6:f4:f5:17:cd:2b:8d:a2:ca:80:
07:b3:aa:44:ff:c3:b4:c3:a2:c2:23:9b:90:a1:b9:16:5f:fc:
21:3b:af:2b:51:9e:74:9c:8d:f2:ab:c2:78:c5:7a:97:60:d4:
fb:44:76:b5:92:0c:11:a9:b3:99:82:ba:b0:57:7a:96:50:53:
1f:eb:ba:b0:78:85:27:47:16:4b:dd:c5:ea:64:b3:fc:d3:5c:
fc:7d:3d:fc:4a:74:a0:69:27:79:73:b8:79:33:60:32:3d:f8:
cd:b7:1f:38:c3:7c:c3:10:0b:42:d5:28:55:e8:61:b2:c6:b9:
53:97:c6:26:b0:32:17:96:10:e6:57:80:c9:91:ce:05:ac:2e:
c7:a6:bd:74:d2:0f:9b:24:f1:d0:8f:70:6a:89:fa:94:e0:4b:
f7:3d:d2:e6:29:a6:63:a7:c9:bc:fb:e3:42:b1:80:54:0d:53:
17:b6:55:23:27:8e:d1:e8:15:0b:4d:6a:01:23:4c:64:10:e0:
c6:03:10:8f:6c:6f:48:54:d7:cd:f4:ab:5c:02:8b:b4:f3:f8:
1e:bd:f4:9c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICW9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODIzMTI1MTMzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA0Y2Q1NS00ZmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2A05MBsgOuGxyp8te2280XUp96tlXQFQOfeCf36sC+FmzrbbEijlOvmqUBhD
d+Y2iWelVxJ5MAAnr0S3eZcz7g/b5hoyzEJMec2HCEYJ/9f4FVL/in9Pg1sHMeNi
xBZBTOU7zkrMuN8V0x3i3N7l3smB3u/+dTCnVabjPz4zqXHaT4FZHU4kXXE22ICo
c832xi1aqRfEVRkaKp81mfBxOV/9tXk9gWIlMiuXSedfX7iCajNibIlHru3QZwxO
Fe2koceiD4pI/EnB/XnuE4CWQ5Avzo0RKGlIOVMiXSZCYcMsuJqEcPVSUUKcY28D
j/ZRiXnk9ftiGaFFiop30a9IEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFlLGgIn
yWv+t6KjpkSFIq/fFVQcMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTA5Q0UwOEUy
MkUyMTFFREE1NDVBODM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr/hwwDQYJKoZIhvcNAQELBQADggEBAIY/82xmGzfZAMJ+
yK9IU47dq5c9zy9HUh7u0lSmsUEzhoSb2e/xgulPJVHxpvT1F80rjaLKgAezqkT/
w7TDosIjm5ChuRZf/CE7rytRnnScjfKrwnjFepdg1PtEdrWSDBGps5mCurBXepZQ
Ux/rurB4hSdHFkvdxepks/zTXPx9PfxKdKBpJ3lzuHkzYDI9+M23HzjDfMMQC0LV
KFXoYbLGuVOXxiawMheWEOZXgMmRzgWsLsemvXTSD5sk8dCPcGqJ+pTgS/c90uYp
pmOnybz740KxgFQNUxe2VSMnjtHoFQtNagEjTGQQ4MYDEI9sb0hU1830q1wCi7Tz
+B699Jw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org