Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/76FEB44ABE5111EDB5387574C4F9AE02.roa
File: 76FEB44ABE5111EDB5387574C4F9AE02.roa (raw, json)
Hash identifier: CYx3/lhdHWAe9uGTUivJQmYsTsP2izvQaO0poI0olHo=
Subject key identifier: C0:58:DD:CE:46:F3:A1:75:3B:FE:4D:2C:0B:CB:1C:EE:87:3F:93:00
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 09B5
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/76FEB44ABE5111EDB5387574C4F9AE02.roa
Signing time: Thu 09 Mar 2023 08:07:42 +0000
ROA not before: Thu 09 Mar 2023 08:07:42 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 9311
IP address blocks: 43.246.128.0/24 maxlen: 24
43.246.130.0/24 maxlen: 24
43.246.196.0/24 maxlen: 24
43.246.198.0/24 maxlen: 24
103.8.85.0/24 maxlen: 24
103.8.87.0/24 maxlen: 24
103.15.32.0/24 maxlen: 24
103.15.77.0/24 maxlen: 24
103.15.79.0/24 maxlen: 24
103.24.160.0/24 maxlen: 24
103.24.161.0/24 maxlen: 24
103.24.162.0/24 maxlen: 24
103.24.163.0/24 maxlen: 24
103.244.208.0/24 maxlen: 24
103.244.209.0/24 maxlen: 24
103.244.210.0/24 maxlen: 24
103.244.211.0/24 maxlen: 24
103.248.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2485 (0x9b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Mar 9 08:07:42 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=640993cd-6258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:07:7e:25:f4:3e:4f:d8:74:4c:5f:b5:c2:99:
cd:e5:4d:8c:af:5d:7e:50:90:8e:d2:66:b2:1a:ec:
84:87:17:79:c7:0e:d4:5d:65:31:e5:53:68:11:69:
a1:e9:93:b0:79:30:8f:76:5f:3b:ca:81:4e:4f:0b:
4b:8f:07:2c:ad:bc:5b:27:16:10:72:32:cf:ba:4d:
e2:b9:3a:46:a4:6d:bb:67:87:ba:02:e5:11:71:70:
80:5e:bb:48:98:74:fa:23:da:22:73:7c:c3:c1:77:
38:e6:c9:1a:07:89:e4:73:ec:88:a3:ff:f5:83:90:
84:30:97:b0:49:4f:c3:0a:db:4d:39:4d:b5:13:6f:
3f:53:25:7d:24:02:2b:c9:ba:aa:23:5d:7f:7f:06:
c9:e2:f1:57:44:ae:d3:35:72:12:7c:94:02:85:d0:
44:a8:f6:6e:94:ea:6f:17:e7:e9:41:aa:e8:db:29:
2d:e2:4e:01:25:44:ee:23:87:c0:4c:1d:b1:2f:70:
66:b7:38:63:71:d5:8c:be:27:27:0d:b1:fe:da:bf:
22:8a:34:8d:97:6f:be:2d:c5:11:8e:67:b4:7e:d1:
5c:0a:2c:46:ed:e9:00:d2:15:49:04:65:44:ab:1c:
ec:6e:85:ee:24:86:2a:84:85:ef:d1:cc:ca:ee:57:
a7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:58:DD:CE:46:F3:A1:75:3B:FE:4D:2C:0B:CB:1C:EE:87:3F:93:00
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/76FEB44ABE5111EDB5387574C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.128.0/24
43.246.130.0/24
43.246.196.0/24
43.246.198.0/24
103.8.85.0/24
103.8.87.0/24
103.15.32.0/24
103.15.77.0/24
103.15.79.0/24
103.24.160.0/22
103.244.208.0/22
103.248.150.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:9f:e3:81:a7:0c:5e:e3:f1:62:e0:25:43:69:1e:40:2b:6c:
bc:8a:ae:52:99:b6:53:f3:42:7b:ae:d0:b1:7f:be:cb:98:64:
68:d2:c8:ea:36:d6:ec:b5:18:12:a0:14:bf:d7:d1:70:71:94:
e1:a5:10:76:3a:f7:be:a1:28:e7:ab:f0:c0:59:a0:93:b0:79:
e9:13:b2:26:7b:45:21:65:93:35:4f:82:88:aa:36:7c:f0:f8:
70:05:ab:18:86:49:97:e0:7c:00:b3:1d:9c:56:c6:80:51:8d:
b2:93:74:44:8d:7f:09:ea:7d:07:d6:8a:16:75:b2:2f:dd:8a:
26:0f:ac:dc:e8:93:51:4b:c4:1a:28:e9:71:d7:90:4a:b9:d7:
c9:b7:40:be:e0:67:34:53:2f:fd:6e:bc:a3:55:fb:93:57:5a:
16:6c:28:9c:c3:e5:b9:76:a5:10:b1:ea:f4:56:a7:58:34:4e:
e6:24:a2:81:45:be:03:a8:d8:61:cb:ee:7a:a2:ad:96:5b:96:
70:fc:f1:7a:32:b6:9a:fa:bf:c9:f4:43:a3:9e:8a:ab:c4:95:
96:f6:8c:b0:69:e0:11:23:39:43:33:70:12:06:23:2c:7b:d3:
3a:f9:d7:a4:54:86:e7:41:7b:07:3b:f8:bc:5a:48:d1:73:b1:
6e:65:34:11
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICCbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjMwMzA5MDgwNzQyWhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDA5OTNjZC02MjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsgd+JfQ+T9h0TF+1wpnN5U2Mr11+UJCO0mayGuyEhxd5xw7UXWUx5VNoEWmh
6ZOweTCPdl87yoFOTwtLjwcsrbxbJxYQcjLPuk3iuTpGpG27Z4e6AuURcXCAXrtI
mHT6I9oic3zDwXc45skaB4nkc+yIo//1g5CEMJewSU/DCttNOU21E28/UyV9JAIr
ybqqI11/fwbJ4vFXRK7TNXISfJQChdBEqPZulOpvF+fpQaro2ykt4k4BJUTuI4fA
TB2xL3BmtzhjcdWMvicnDbH+2r8iijSNl2++LcURjme0ftFcCixG7ekA0hVJBGVE
qxzsboXuJIYqhIXv0czK7lenowIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFMBY3c5G
86F1O/5NLAvLHO6HP5MAMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvNzZGRUI0NEFC
RTUxMTFFREI1Mzg3NTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQME4EAgABMEgDBAAr9oADBAAr9oIDBAAr9sQDBAAr9sYDBABnCFUDBABnCFcD
BABnDyADBABnD00DBABnD08DBAJnGKADBAJn9NADBABn+JYwDQYJKoZIhvcNAQEL
BQADggEBAJyf44GnDF7j8WLgJUNpHkArbLyKrlKZtlPzQnuu0LF/vsuYZGjSyOo2
1uy1GBKgFL/X0XBxlOGlEHY6976hKOer8MBZoJOweekTsiZ7RSFlkzVPgoiqNnzw
+HAFqxiGSZfgfACzHZxWxoBRjbKTdESNfwnqfQfWihZ1si/diiYPrNzok1FLxBoo
6XHXkEq518m3QL7gZzRTL/1uvKNV+5NXWhZsKJzD5bl2pRCx6vRWp1g0TuYkooFF
vgOo2GHL7nqirZZblnD88Xoytpr6v8n0Q6OeiqvElZb2jLBp4BEjOUMzcBIGIyx7
0zr516RUhudBewc7+LxaSNFzsW5lNBE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org