Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5552/6F60F77C0BCC11EC8570CD1FC4F9AE02/BA41F6340BD011ECABE29B5EC4F9AE02.roa
File: BA41F6340BD011ECABE29B5EC4F9AE02.roa (raw, json)
Hash identifier: fjIP1ed4QArZJwxTwvexypiETTwzhH5NSi5U3NOnQnY=
Subject key identifier: A4:45:87:2D:C7:7D:8F:DA:FA:E4:2B:BC:4A:AC:59:33:C6:E9:6A:03
Certificate issuer: /CN=A91B5552/serialNumber=7829136F79B7F89B3CD47C536FC7496232B9E13A
Certificate serial: CC
Authority key identifier: 78:29:13:6F:79:B7:F8:9B:3C:D4:7C:53:6F:C7:49:62:32:B9:E1:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eCkTb3m3-Js81HxTb8dJYjK54To.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5552/6F60F77C0BCC11EC8570CD1FC4F9AE02/BA41F6340BD011ECABE29B5EC4F9AE02.roa
Signing time: Mon 13 Dec 2021 03:21:38 +0000
ROA not before: Mon 13 Dec 2021 03:21:38 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 131324
IP address blocks: 43.225.172.0/22 maxlen: 22
43.225.172.0/24 maxlen: 24
43.225.173.0/24 maxlen: 24
43.225.174.0/24 maxlen: 24
43.225.175.0/24 maxlen: 24
103.44.132.0/22 maxlen: 22
103.44.132.0/24 maxlen: 24
103.44.133.0/24 maxlen: 24
103.44.134.0/24 maxlen: 24
103.44.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204 (0xcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5552/serialNumber=7829136F79B7F89B3CD47C536FC7496232B9E13A
Validity
Not Before: Dec 13 03:21:38 2021 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=61b6bc41-ca40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f8:d4:7e:52:0e:34:45:c0:28:fb:4e:5d:84:
13:6a:3b:c4:1f:68:9b:c1:f9:42:90:8b:b8:ca:d2:
6c:96:aa:ae:41:0d:f8:1c:2c:88:b7:86:c5:58:72:
29:be:14:a5:4f:71:1b:b8:08:dd:5f:d0:95:d7:60:
c9:f9:3d:02:d6:dd:d1:bf:da:e0:4e:18:69:3c:fb:
2b:9a:c7:33:ad:7d:62:97:c3:a2:55:cc:e7:de:85:
2f:b7:fe:57:75:97:7f:12:e7:10:69:80:81:6b:51:
90:5d:8c:54:28:e0:41:8a:55:ad:73:87:86:43:ff:
66:65:7f:7f:97:21:54:8e:e3:b6:3e:1c:cf:a7:a6:
32:68:6e:68:20:b5:ff:9d:02:e2:2c:5f:4e:c5:af:
3e:32:23:ff:5e:6e:c3:65:31:d0:fa:63:f5:b9:f0:
24:82:d0:90:cc:40:6e:ad:c9:92:36:3a:0f:a2:52:
89:f5:62:1d:c3:e5:b0:e5:cb:f5:b2:32:da:26:97:
37:10:fe:36:53:8c:82:b1:2f:d0:7e:fd:72:04:a3:
b3:23:21:10:ef:79:39:47:1d:c7:0d:e7:34:2c:2b:
17:cc:57:ff:eb:47:45:64:e7:9d:99:1b:a0:b8:9f:
d2:5a:f7:33:0e:63:2f:aa:91:36:e6:f0:30:43:53:
b7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:45:87:2D:C7:7D:8F:DA:FA:E4:2B:BC:4A:AC:59:33:C6:E9:6A:03
X509v3 Authority Key Identifier:
keyid:78:29:13:6F:79:B7:F8:9B:3C:D4:7C:53:6F:C7:49:62:32:B9:E1:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5552/6F60F77C0BCC11EC8570CD1FC4F9AE02/eCkTb3m3-Js81HxTb8dJYjK54To.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eCkTb3m3-Js81HxTb8dJYjK54To.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5552/6F60F77C0BCC11EC8570CD1FC4F9AE02/BA41F6340BD011ECABE29B5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.172.0/22
103.44.132.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:39:64:56:2c:03:1c:75:6f:6e:3a:2f:ff:82:c0:99:4d:23:
cb:00:64:77:39:9b:6a:e5:b3:71:1d:93:9d:b1:fb:9d:24:92:
35:22:c8:a6:bd:79:08:fc:1b:f0:d0:d3:ac:db:38:62:d8:ae:
40:16:e8:ab:b6:6a:9f:b6:29:30:6d:28:e6:b0:f3:75:4f:c0:
03:90:f9:6a:95:92:05:1b:e8:db:a5:f4:60:6e:45:df:cd:21:
07:d6:07:1b:e8:ed:b6:46:9b:70:c8:12:a7:b8:9a:54:83:0d:
09:2e:d0:31:25:4f:cd:a2:ed:c7:46:5b:db:e3:33:75:df:41:
85:09:fe:d3:19:51:29:0d:04:f7:57:68:ef:3a:0e:c2:28:f4:
ad:32:ba:fa:63:b3:37:aa:45:a6:26:d0:d1:81:43:fb:82:c6:
aa:7b:99:3d:1b:47:bf:16:9c:a1:29:50:16:31:a3:99:62:9b:
b2:b3:fa:77:87:57:fd:a8:25:3b:80:d1:9d:61:c5:d1:37:cd:
e6:0c:9f:a4:d8:a7:95:8a:fd:21:35:8d:34:f8:ff:f0:de:02:
54:a4:27:e7:8a:8e:c0:b6:ee:5d:bc:46:f3:a5:2f:6b:0b:1c:
df:b6:9d:7c:90:5a:81:ca:94:4d:0c:13:f2:6b:a4:39:ca:92:
c2:b9:eb:b5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU1NTIxMTAvBgNVBAUTKDc4MjkxMzZGNzlCN0Y4OUIzQ0Q0N0M1MzZGQzc0OTYy
MzJCOUUxM0EwHhcNMjExMjEzMDMyMTM4WhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWI2YmM0MS1jYTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwvjUflIONEXAKPtOXYQTajvEH2ibwflCkIu4ytJslqquQQ34HCyIt4bFWHIp
vhSlT3EbuAjdX9CV12DJ+T0C1t3Rv9rgThhpPPsrmsczrX1il8OiVczn3oUvt/5X
dZd/EucQaYCBa1GQXYxUKOBBilWtc4eGQ/9mZX9/lyFUjuO2PhzPp6YyaG5oILX/
nQLiLF9Oxa8+MiP/Xm7DZTHQ+mP1ufAkgtCQzEBurcmSNjoPolKJ9WIdw+Ww5cv1
sjLaJpc3EP42U4yCsS/Qfv1yBKOzIyEQ73k5Rx3HDec0LCsXzFf/60dFZOedmRug
uJ/SWvczDmMvqpE25vAwQ1O3FQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFKRFhy3H
fY/a+uQrvEqsWTPG6WoDMB8GA1UdIwQYMBaAFHgpE295t/ibPNR8U2/HSWIyueE6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTU1Mi82RjYwRjc3QzBC
Q0MxMUVDODU3MENEMUZDNEY5QUUwMi9lQ2tUYjNtMy1KczgxSHhUYjhkSllqSzU0
VG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VDa1RiM20zLUpzODFIeFRiOGRKWWpLNTRUby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU1NTIvNkY2MEY3N0MwQkNDMTFFQzg1NzBDRDFGQzRGOUFFMDIvQkE0MUY2MzQw
QkQwMTFFQ0FCRTI5QjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr4awDBAJnLIQwDQYJKoZIhvcNAQELBQADggEBAKU5ZFYs
Axx1b246L/+CwJlNI8sAZHc5m2rls3Edk52x+50kkjUiyKa9eQj8G/DQ06zbOGLY
rkAW6Ku2ap+2KTBtKOaw83VPwAOQ+WqVkgUb6Nul9GBuRd/NIQfWBxvo7bZGm3DI
Eqe4mlSDDQku0DElT82i7cdGW9vjM3XfQYUJ/tMZUSkNBPdXaO86DsIo9K0yuvpj
szeqRaYm0NGBQ/uCxqp7mT0bR78WnKEpUBYxo5lim7Kz+neHV/2oJTuA0Z1hxdE3
zeYMn6TYp5WK/SE1jTT4//DeAlSkJ+eKjsC27l28RvOlL2sLHN+2nXyQWoHKlE0M
E/JrpDnKksK567U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-ams.rpki-client.org