Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E897B8763D9A11EA9606E13AC4F9AE02.roa
File: E897B8763D9A11EA9606E13AC4F9AE02.roa (raw, json)
Hash identifier: d4BMhyTFrfDV51PEszIHvpGta0xFDn5SOtywsM3oNIc=
Subject key identifier: F4:AE:2C:02:17:1E:87:50:FF:3E:B8:D5:46:15:AE:CF:EB:F4:17:74
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0780
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E897B8763D9A11EA9606E13AC4F9AE02.roa
Signing time: Thu 17 Feb 2022 09:47:12 +0000
ROA not before: Thu 17 Feb 2022 09:47:12 +0000
ROA not after: Sat 28 May 2022 00:00:00 +0000
asID: 17408
IP address blocks: 43.230.52.0/24 maxlen: 24
43.230.53.0/24 maxlen: 24
43.230.54.0/24 maxlen: 24
43.230.55.0/24 maxlen: 24
43.246.129.0/24 maxlen: 24
43.246.131.0/24 maxlen: 24
43.246.197.0/24 maxlen: 24
43.246.199.0/24 maxlen: 24
103.7.116.0/22 maxlen: 22
103.15.33.0/24 maxlen: 24
103.15.35.0/24 maxlen: 24
103.15.76.0/24 maxlen: 24
103.15.78.0/24 maxlen: 24
103.248.149.0/24 maxlen: 24
103.248.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1920 (0x780)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Feb 17 09:47:12 2022 GMT
Not After : May 28 00:00:00 2022 GMT
Subject: CN=620e199f-a824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a9:31:06:db:95:a8:1c:f1:94:39:5e:5b:7c:
d6:79:a9:85:d9:f2:65:4f:d5:20:09:68:8a:6f:e5:
3b:64:46:5d:8f:41:6e:1b:46:5c:71:73:55:55:01:
fc:e8:59:4f:3a:e0:c0:b6:54:71:23:3e:22:b6:dd:
11:17:c5:e0:66:b8:e4:7e:20:80:79:4a:45:1f:1d:
ac:38:3b:93:d6:9f:98:cd:a6:73:fb:da:43:c4:7d:
07:e4:ce:fe:a8:07:98:67:51:73:ee:cc:87:71:3c:
cb:5c:8f:f5:da:71:ba:45:cf:85:e2:7e:19:a9:bf:
ad:47:e2:c3:e0:96:e2:49:be:16:a4:7f:eb:d6:45:
7a:ed:2f:b4:f2:ef:10:79:4b:26:7c:ab:43:40:e4:
df:59:bd:8c:77:47:0c:aa:89:da:b5:73:3b:2a:3a:
54:56:bd:a4:de:3f:f6:3c:bb:23:4b:e8:fc:3f:e2:
c4:55:e8:c7:2d:da:18:f0:e4:3b:b4:b8:07:f7:71:
f0:26:f7:94:b8:fc:2a:12:5f:8e:1e:f2:93:94:1e:
f2:11:be:58:d8:cc:61:25:95:93:76:9d:c7:24:84:
de:2a:93:04:28:9e:be:89:74:3e:69:c2:bb:2b:cf:
8c:a6:5c:06:d2:05:e5:dc:12:79:5e:70:95:5b:3b:
92:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AE:2C:02:17:1E:87:50:FF:3E:B8:D5:46:15:AE:CF:EB:F4:17:74
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E897B8763D9A11EA9606E13AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.52.0/22
43.246.129.0/24
43.246.131.0/24
43.246.197.0/24
43.246.199.0/24
103.7.116.0/22
103.15.33.0/24
103.15.35.0/24
103.15.76.0/24
103.15.78.0/24
103.248.149.0/24
103.248.151.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:84:95:af:3c:a8:92:ab:ec:b6:8a:4b:da:82:08:d2:7f:2c:
c4:c6:c3:60:ee:02:ad:ff:a6:cb:b1:14:2b:dd:5c:75:df:f4:
74:db:cd:38:18:db:f3:95:ff:0c:11:73:f4:25:22:dd:9f:66:
43:27:25:62:bd:b6:0d:fc:ab:69:f1:1a:5f:73:17:1d:33:3c:
fe:e5:72:94:fc:38:23:c3:e1:df:4a:a6:c5:80:1e:bb:66:f2:
33:2a:a1:a0:15:f3:13:ef:5a:bc:5e:5a:64:c3:f7:01:35:50:
8a:f8:3c:21:5d:4b:76:e6:c4:91:c5:c2:66:2a:0c:04:cc:69:
bf:c7:8b:19:73:d3:a3:62:50:20:b6:f5:57:e3:49:bf:ed:52:
1c:3b:1a:37:67:42:0f:11:47:f6:6c:61:9c:4f:b5:28:48:dd:
b7:e5:dd:22:da:b7:e2:35:f2:b6:6f:6b:dc:45:da:cf:2f:04:
96:66:d4:a2:3f:fe:49:a6:52:59:d0:4d:7b:be:9f:b4:28:51:
cd:89:01:94:6f:0d:06:1c:e1:37:35:f0:1d:1a:bc:de:38:e2:
a1:a1:70:2e:a4:36:50:b7:fd:5b:d9:e0:d8:e0:7f:97:df:69:
bd:25:7c:97:05:bd:53:68:d0:8b:00:be:ea:28:71:2a:8f:58:
46:3b:cb:27
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICB4AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjIwMjE3MDk0NzEyWhcNMjIwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBlMTk5Zi1hODI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyakxBtuVqBzxlDleW3zWeamF2fJlT9UgCWiKb+U7ZEZdj0FuG0ZccXNVVQH8
6FlPOuDAtlRxIz4itt0RF8XgZrjkfiCAeUpFHx2sODuT1p+YzaZz+9pDxH0H5M7+
qAeYZ1Fz7syHcTzLXI/12nG6Rc+F4n4Zqb+tR+LD4JbiSb4WpH/r1kV67S+08u8Q
eUsmfKtDQOTfWb2Md0cMqonatXM7KjpUVr2k3j/2PLsjS+j8P+LEVejHLdoY8OQ7
tLgH93HwJveUuPwqEl+OHvKTlB7yEb5Y2MxhJZWTdp3HJITeKpMEKJ6+iXQ+acK7
K8+MplwG0gXl3BJ5XnCVWzuSxwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFPSuLAIX
HodQ/z641UYVrs/r9Bd0MB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvRTg5N0I4NzYz
RDlBMTFFQTk2MDZFMTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQME4EAgABMEgDBAIr5jQDBAAr9oEDBAAr9oMDBAAr9sUDBAAr9scDBAJnB3QD
BABnDyEDBABnDyMDBABnD0wDBABnD04DBABn+JUDBABn+JcwDQYJKoZIhvcNAQEL
BQADggEBADyEla88qJKr7LaKS9qCCNJ/LMTGw2DuAq3/psuxFCvdXHXf9HTbzTgY
2/OV/wwRc/QlIt2fZkMnJWK9tg38q2nxGl9zFx0zPP7lcpT8OCPD4d9KpsWAHrtm
8jMqoaAV8xPvWrxeWmTD9wE1UIr4PCFdS3bmxJHFwmYqDATMab/Hixlz06NiUCC2
9VfjSb/tUhw7GjdnQg8RR/ZsYZxPtShI3bfl3SLat+I18rZva9xF2s8vBJZm1KI/
/kmmUlnQTXu+n7QoUc2JAZRvDQYc4Tc18B0avN444qGhcC6kNlC3/VvZ4Njgf5ff
ab0lfJcFvVNo0IsAvuoocSqPWEY7yyc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org