Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/9644DCE8894011EE87ED7F84C4F9AE02.roa
File: 9644DCE8894011EE87ED7F84C4F9AE02.roa (raw, json)
Hash identifier: uWyFwmWBjvBzHwepnGbMUIqmFsEfH//zLdOK2Qi/w+o=
Subject key identifier: CC:AA:CE:F0:04:27:F5:9E:57:44:8C:34:7C:25:B3:50:62:1C:07:55
Certificate issuer: /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
Certificate serial: 0B39
Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/9644DCE8894011EE87ED7F84C4F9AE02.roa
Signing time: Wed 22 Nov 2023 14:08:19 +0000
ROA not before: Wed 22 Nov 2023 14:08:19 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 135881
IP address blocks: 43.230.210.0/23 maxlen: 23
43.230.210.0/24 maxlen: 24
103.78.224.0/22 maxlen: 24
2407:ff80::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2873 (0xb39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
Validity
Not Before: Nov 22 14:08:19 2023 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=655e0b52-6a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d3:63:09:59:e9:9c:f1:d4:19:57:69:db:79:
de:84:d8:6c:e6:b2:ed:f9:39:70:b9:8d:a7:ff:60:
70:0c:36:71:fd:30:22:04:b1:7d:c9:27:0d:f2:e1:
8e:85:2e:03:96:c7:6c:6c:73:30:49:79:f6:34:80:
27:ff:3b:d4:d7:24:b5:a2:c7:67:6c:e1:a8:75:fb:
5f:b8:a9:7a:bc:47:3e:fa:ac:5f:eb:cb:a3:16:36:
58:62:36:c1:c4:28:55:fc:16:c6:95:c8:1e:f4:00:
7c:19:3d:96:fa:cc:b9:a3:40:3e:63:42:dd:10:f8:
bc:61:da:03:39:64:78:9b:1e:a9:8f:19:e9:b1:a0:
34:12:70:2b:6c:00:62:b7:0d:9c:21:92:69:03:3d:
11:97:4f:d7:18:1f:4f:75:44:13:1c:32:73:b1:ba:
fe:b9:2e:a3:10:52:7c:ed:b6:1b:c1:cf:e7:6f:c8:
da:ff:91:d0:70:33:6f:9f:74:d8:96:fc:09:62:c0:
dc:6d:aa:62:65:36:4d:b2:3a:31:10:a2:c8:e2:b6:
6a:b9:39:52:00:17:77:e0:c3:90:1c:ca:05:5c:85:
f3:81:9b:72:36:ca:d9:bd:6b:dd:69:70:31:ce:ab:
c0:18:1f:c1:e7:cb:ab:6a:16:6e:f6:ad:0c:d1:c4:
36:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AA:CE:F0:04:27:F5:9E:57:44:8C:34:7C:25:B3:50:62:1C:07:55
X509v3 Authority Key Identifier:
keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/9644DCE8894011EE87ED7F84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.210.0/23
103.78.224.0/22
IPv6:
2407:ff80::/32
Signature Algorithm: sha256WithRSAEncryption
a7:65:ad:51:42:bf:be:c7:67:a3:70:3e:de:5e:eb:b5:f8:b4:
ba:92:48:e3:0b:3f:fa:18:5e:83:43:dd:67:81:73:83:21:ec:
d9:35:2a:3c:09:35:b3:1b:1e:a8:46:af:1d:39:7c:b6:3d:1f:
49:6c:ee:5a:6c:bc:0c:f7:c6:d0:c3:30:f2:d7:2b:a1:f8:4d:
40:41:87:bb:97:c9:42:37:b0:e7:1a:29:7a:d8:6c:5e:c0:6d:
2a:40:eb:76:6a:60:1e:0a:8f:91:b3:e7:19:2b:a1:0b:fe:32:
cc:96:b5:7d:5b:84:9f:cc:55:2f:b3:6f:38:8c:f5:b5:aa:1d:
21:92:20:6a:1a:7e:b8:51:3c:54:e7:9f:41:72:db:e0:5b:89:
66:18:21:af:a6:48:5a:b1:81:52:33:09:b9:33:88:b3:7d:7e:
e9:3a:30:5e:e1:c9:5c:cb:d4:d0:f0:78:69:94:4c:08:5f:29:
05:2f:36:7b:fa:58:4b:dc:a9:eb:e2:e8:db:64:47:e1:57:29:
b0:10:46:41:37:36:4e:73:a9:10:1a:80:69:52:29:05:b7:7e:
37:0a:33:38:6f:9d:9d:d2:bb:25:45:eb:08:50:0c:16:ba:2b:
12:5c:18:2a:85:bd:06:fc:53:e1:43:17:c0:d8:ca:08:49:12:
02:86:11:66
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCzkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB
RDRFNzNCQ0EwHhcNMjMxMTIyMTQwODE5WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlMGI1Mi02YTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqdNjCVnpnPHUGVdp23nehNhs5rLt+TlwuY2n/2BwDDZx/TAiBLF9yScN8uGO
hS4DlsdsbHMwSXn2NIAn/zvU1yS1osdnbOGodftfuKl6vEc++qxf68ujFjZYYjbB
xChV/BbGlcge9AB8GT2W+sy5o0A+Y0LdEPi8YdoDOWR4mx6pjxnpsaA0EnArbABi
tw2cIZJpAz0Rl0/XGB9PdUQTHDJzsbr+uS6jEFJ87bYbwc/nb8ja/5HQcDNvn3TY
lvwJYsDcbapiZTZNsjoxEKLI4rZquTlSABd34MOQHMoFXIXzgZtyNsrZvWvdaXAx
zqvAGB/B58urahZu9q0M0cQ2wwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMyqzvAE
J/WeV0SMNHwls1BiHAdVMB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz
QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI1RjIvRUY5MENENEUwM0IwMTFFQTg1RjAyOTM0QzRGOUFFMDIvOTY0NERDRTg4
OTQwMTFFRTg3RUQ3Rjg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAEr5tIDBAJnTuAwDQQCAAIwBwMFACQH/4AwDQYJKoZIhvcN
AQELBQADggEBAKdlrVFCv77HZ6NwPt5e67X4tLqSSOMLP/oYXoND3WeBc4Mh7Nk1
KjwJNbMbHqhGrx05fLY9H0ls7lpsvAz3xtDDMPLXK6H4TUBBh7uXyUI3sOcaKXrY
bF7AbSpA63ZqYB4Kj5Gz5xkroQv+MsyWtX1bhJ/MVS+zbziM9bWqHSGSIGoafrhR
PFTnn0Fy2+BbiWYYIa+mSFqxgVIzCbkziLN9fuk6MF7hyVzL1NDweGmUTAhfKQUv
Nnv6WEvcqevi6NtkR+FXKbAQRkE3Nk5zqRAagGlSKQW3fjcKMzhvnZ3SuyVF6whQ
DBa6KxJcGCqFvQb8U+FDF8DYyghJEgKGEWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org