Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E9C9EB6A3D9A11EA9606E13AC4F9AE02.roa
File: E9C9EB6A3D9A11EA9606E13AC4F9AE02.roa (raw, json)
Hash identifier: Ll3CMBRJUpIwpgVunXzNLq2JW/pDNxf5Jr/+lEhAA84=
Subject key identifier: E2:89:CB:DE:5A:A4:B3:F8:77:A5:AE:EF:29:A8:82:B2:C7:C1:FE:7A
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 07A4
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E9C9EB6A3D9A11EA9606E13AC4F9AE02.roa
Signing time: Tue 01 Mar 2022 09:47:15 +0000
ROA not before: Tue 01 Mar 2022 09:47:15 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 9311
IP address blocks: 43.231.189.0/24 maxlen: 24
43.231.191.0/24 maxlen: 24
43.246.128.0/24 maxlen: 24
43.246.130.0/24 maxlen: 24
43.246.196.0/24 maxlen: 24
43.246.198.0/24 maxlen: 24
43.251.185.0/24 maxlen: 24
43.251.187.0/24 maxlen: 24
45.115.33.0/24 maxlen: 24
45.115.35.0/24 maxlen: 24
45.124.60.0/24 maxlen: 24
45.124.61.0/24 maxlen: 24
45.124.62.0/24 maxlen: 24
45.124.63.0/24 maxlen: 24
103.8.85.0/24 maxlen: 24
103.8.87.0/24 maxlen: 24
103.12.53.0/24 maxlen: 24
103.12.55.0/24 maxlen: 24
103.13.17.0/24 maxlen: 24
103.13.19.0/24 maxlen: 24
103.15.32.0/24 maxlen: 24
103.15.34.0/24 maxlen: 24
103.15.77.0/24 maxlen: 24
103.15.79.0/24 maxlen: 24
103.21.105.0/24 maxlen: 24
103.21.107.0/24 maxlen: 24
103.24.160.0/24 maxlen: 24
103.24.161.0/24 maxlen: 24
103.24.162.0/24 maxlen: 24
103.24.163.0/24 maxlen: 24
103.244.208.0/24 maxlen: 24
103.244.209.0/24 maxlen: 24
103.244.210.0/24 maxlen: 24
103.244.211.0/24 maxlen: 24
103.248.148.0/24 maxlen: 24
103.248.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1956 (0x7a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Mar 1 09:47:15 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=621deba3-5dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8b:06:1b:ac:81:1a:6f:71:db:e9:a8:82:64:
ba:aa:dc:7d:a6:a4:82:d3:4b:81:6a:31:33:3e:b9:
66:c3:94:32:1f:b2:c4:cd:7e:d2:2a:4b:5b:8b:f6:
ea:09:f3:b5:6f:56:81:8f:cd:82:d0:17:c6:20:22:
3c:05:65:f3:6b:43:a7:75:e4:6e:df:f2:41:2c:7d:
45:84:38:ca:29:43:f8:10:a9:3b:14:e8:aa:28:c0:
ab:30:a4:46:1b:3d:b6:58:e2:8f:77:a0:5e:fe:79:
54:5a:ab:3e:f8:37:4c:e8:b0:9d:01:e3:25:08:3b:
7d:24:00:38:39:7d:8d:38:38:8b:46:9e:ed:94:b8:
57:c5:50:07:3c:7d:00:aa:b7:8f:f4:9d:f3:b4:b1:
72:e7:54:3a:43:da:fc:a4:1b:75:f2:e7:67:ef:76:
cc:51:a2:3b:b4:8a:ef:1b:18:c2:f5:6f:ea:d1:5b:
1d:6c:fc:63:cd:ae:e6:a1:9c:d8:2a:01:28:38:1a:
78:34:c8:db:df:4e:7c:73:ce:ed:e1:56:e4:34:8b:
04:af:a8:72:a9:f8:30:6a:71:af:75:86:ba:b2:36:
88:9b:1f:68:51:79:7f:bd:b4:fd:ce:37:8c:97:a8:
7d:93:fb:b3:08:e4:9d:a1:89:c7:f6:8e:0d:43:c8:
d4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:89:CB:DE:5A:A4:B3:F8:77:A5:AE:EF:29:A8:82:B2:C7:C1:FE:7A
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E9C9EB6A3D9A11EA9606E13AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.189.0/24
43.231.191.0/24
43.246.128.0/24
43.246.130.0/24
43.246.196.0/24
43.246.198.0/24
43.251.185.0/24
43.251.187.0/24
45.115.33.0/24
45.115.35.0/24
45.124.60.0/22
103.8.85.0/24
103.8.87.0/24
103.12.53.0/24
103.12.55.0/24
103.13.17.0/24
103.13.19.0/24
103.15.32.0/24
103.15.34.0/24
103.15.77.0/24
103.15.79.0/24
103.21.105.0/24
103.21.107.0/24
103.24.160.0/22
103.244.208.0/22
103.248.148.0/24
103.248.150.0/24
Signature Algorithm: sha256WithRSAEncryption
55:77:23:02:c5:00:a1:1d:6e:48:84:3c:cb:19:28:4f:1c:d6:
9f:6a:ce:e0:c9:ba:9d:16:c1:fd:b2:be:bb:ee:b5:7c:33:4b:
33:62:e2:fd:c3:6d:2c:45:e9:04:f0:87:a0:49:01:c1:d7:2a:
ca:43:37:fb:23:8e:12:98:f3:e3:83:7a:9d:0d:50:8a:ee:31:
ee:52:54:dd:d4:5d:c1:c9:e8:73:c0:ac:fb:b7:c8:5e:48:37:
a3:91:30:45:36:9a:9b:69:a3:56:93:05:41:1c:8c:66:b4:9d:
91:e1:32:c4:73:a2:6a:2a:ca:d4:d8:31:2c:e6:6a:08:f7:4e:
a4:dd:13:24:bd:51:fa:9b:de:86:44:b4:0a:5d:63:7f:28:04:
71:f3:d5:81:fd:65:3f:0d:bb:9f:40:40:5c:d1:39:4e:88:3e:
aa:47:1d:a3:22:de:d8:ba:09:70:2c:14:08:8d:7b:09:09:6a:
84:4e:6d:a6:aa:43:c0:88:b8:b4:c3:60:12:91:d9:7a:c0:45:
02:22:de:1d:f9:06:bd:7b:5e:f9:d3:fe:48:cb:f6:69:f4:6f:
77:58:27:f8:c9:75:71:cb:69:74:c3:5d:b8:72:a1:37:c0:e5:
fd:16:ed:c1:f0:b2:05:2a:99:b1:72:fb:a8:7e:ae:62:9f:71:
90:f3:2d:e6
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgICB6QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjIwMzAxMDk0NzE1WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFkZWJhMy01ZGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApYsGG6yBGm9x2+mogmS6qtx9pqSC00uBajEzPrlmw5QyH7LEzX7SKktbi/bq
CfO1b1aBj82C0BfGICI8BWXza0OndeRu3/JBLH1FhDjKKUP4EKk7FOiqKMCrMKRG
Gz22WOKPd6Be/nlUWqs++DdM6LCdAeMlCDt9JAA4OX2NODiLRp7tlLhXxVAHPH0A
qreP9J3ztLFy51Q6Q9r8pBt18udn73bMUaI7tIrvGxjC9W/q0VsdbPxjza7moZzY
KgEoOBp4NMjb3058c87t4VbkNIsEr6hyqfgwanGvdYa6sjaImx9oUXl/vbT9zjeM
l6h9k/uzCOSdoYnH9o4NQ8jUNwIDAQABo4IDNjCCAzIwHQYDVR0OBBYEFOKJy95a
pLP4d6Wu7ymogrLHwf56MB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvRTlDOUVCNkEz
RDlBMTFFQTk2MDZFMTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb8GCCsGAQUFBwEHAQH/
BIGvMIGsMIGpBAIAATCBogMEACvnvQMEACvnvwMEACv2gAMEACv2ggMEACv2xAME
ACv2xgMEACv7uQMEACv7uwMEAC1zIQMEAC1zIwMEAi18PAMEAGcIVQMEAGcIVwME
AGcMNQMEAGcMNwMEAGcNEQMEAGcNEwMEAGcPIAMEAGcPIgMEAGcPTQMEAGcPTwME
AGcVaQMEAGcVawMEAmcYoAMEAmf00AMEAGf4lAMEAGf4ljANBgkqhkiG9w0BAQsF
AAOCAQEAVXcjAsUAoR1uSIQ8yxkoTxzWn2rO4Mm6nRbB/bK+u+61fDNLM2Li/cNt
LEXpBPCHoEkBwdcqykM3+yOOEpjz44N6nQ1Qiu4x7lJU3dRdwcnoc8Cs+7fIXkg3
o5EwRTaam2mjVpMFQRyMZrSdkeEyxHOiairK1NgxLOZqCPdOpN0TJL1R+pvehkS0
Cl1jfygEcfPVgf1lPw27n0BAXNE5Tog+qkcdoyLe2LoJcCwUCI17CQlqhE5tpqpD
wIi4tMNgEpHZesBFAiLeHfkGvXte+dP+SMv2afRvd1gn+Ml1cctpdMNduHKhN8Dl
/RbtwfCyBSqZsXL7qH6uYp9xkPMt5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org